[tor-bugs] #6975 [EFF-HTTPS Everywhere]: Disable on Chromium all the rulesets where mixed content breaks things (!)
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Sep 26 00:09:22 UTC 2012
#6975: Disable on Chromium all the rulesets where mixed content breaks things (!)
----------------------------------+-----------------------------------------
Reporter: pde | Owner: pde
Type: defect | Status: new
Priority: critical | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Recent versions of Chromium and Chrome have implemented an automatic
mechanism to block the loading of insecure HTTP scripts from HTTPS
origins. At first there was a loud popup message whenever that happened,
but now the only indication in the UI is a small shield in the address
bar, which the user can click on to force the insecure scripts to load.
Google has replied "won't fix" to any UX or extension API requests we made
about this: https://code.google.com/p/chromium/issues/detail?id=144637
As a result, we are going to need a major push to identify rulesets that
break sites in Chrome because of this mechanism, and disable them on that
platform. This ticket will track that task.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6975>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list