[tbb-bugs] #32255 [Applications/Tor Browser]: Missing ORIGIN header breaks CORS in Tor Browser 9.0

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Oct 31 20:08:12 UTC 2019


#32255: Missing ORIGIN header breaks CORS in Tor Browser 9.0
-------------------------------------------------+-------------------------
 Reporter:  complexparadox                       |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-9.0-issues, tbb-9.0.1-can, tbb-  |  Actual Points:
  regression, TorBrowserTeam201910               |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by acat):

 It seems this is now controlled by `network.http.referer.hideOnionSource`
 (changed in https://bugzilla.mozilla.org/show_bug.cgi?id=1503736). Was
 this pref supposed to affect all requests or just hiding the referer when
 navigating from an onion website to a non-onion one?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32255#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list