[tor-bugs] #18080 [Tor Browser]: Do not strip the Access-Control-Allow-Origin header
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 19 20:41:27 UTC 2016
#18080: Do not strip the Access-Control-Allow-Origin header
-------------------------+-----------------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: needs_information
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+-----------------------------------
Comment (by cypherpunks):
Replying to [comment:3 bugzilla]:
> Oops, algorithm in comment:2 is not so plain: first request is the
second actually (first was in step 1)
If the Firefox Developer Tools window isn't open at step 1, the Network
tab doesn't show any requests when you first open it. With the first
request i meant the first one in the request list in the Network tab after
the refresh at step 4. There should be only one request in this list
because the page i linked has no other resources it needs to load.
Furthermore, the list of requests gets cleared after each refresh (which
is the default unless the setting has been changed).
> it always misses header on alpha
Does loading node information on [https://globe.torproject.org/] work for
you on alpha when the header is missing?
> except exitnode was changed by timeout
Did the exit node change alter the responses you got?
> how can it reappear if algorithm states to update only when header is
not missing?
This could happen when you continue to refresh after you found that the
header is missing. The steps are only to reproduce the missing header
case.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18080#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list