[tor-bugs] #2669 [Torbutton]: Apply same-origin policy to window.name?
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Mar 7 02:59:28 UTC 2011
#2669: Apply same-origin policy to window.name?
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Torbutton | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Description changed by mikeperry:
Old description:
> We might want to consider applying the same-origin policy to window.name,
> to reduce tracking between website visits.
>
> However, like the refer spoofing code, this makes me nervous, as it feels
> like it will lead to an unknown and almost unknowable number of websites
> that may break.
>
> We may want to just close this as invalid at some point. I think that
> once #523 is implemented, we'll be much happier with leaving window.name
> and even the referer header alone.
New description:
We might want to consider applying the same-origin policy to window.name,
to reduce tracking between successive website visits in the same tab.
However, like the refer spoofing code, this makes me nervous, as it feels
like it will lead to an unknown and almost unknowable number of websites
that may break.
We may want to just close this as invalid at some point. I think that once
#523 is implemented, we'll be much happier with leaving window.name and
even the referer header alone.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2669#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list