[tor-bugs] #2669 [Torbutton]: Apply same-origin policy to window.name?
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Mar 7 02:58:52 UTC 2011
#2669: Apply same-origin policy to window.name?
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Torbutton | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
We might want to consider applying the same-origin policy to window.name,
to reduce tracking between website visits.
However, like the refer spoofing code, this makes me nervous, as it feels
like it will lead to an unknown and almost unknowable number of websites
that may break.
We may want to just close this as invalid at some point. I think that once
#523 is implemented, we'll be much happier with leaving window.name and
even the referer header alone.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2669>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list