[tor-bugs] #2669 [Torbutton]: Apply same-origin policy to window.name?
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Mar 24 20:31:51 UTC 2011
#2669: Apply same-origin policy to window.name?
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Torbutton | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by mwenge):
See http://www.thomasfrank.se/sessvarsTestPage1.html for a good example of
window.name in action.
For me the sheer quantity of data you can store in window.name (2MB) and
the fact that it can survive across multiple changes of origin puts it in
a different category from referrer spoofing.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2669#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list