[tor-bugs] #22362 [Applications/Tor Browser]: Tor Browser freezes when loading https://www.facebook.com/tr/ on a website
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 10 13:17:40 UTC 2017
#22362: Tor Browser freezes when loading https://www.facebook.com/tr/ on a website
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: defect | Status:
| needs_revision
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: noscript, GeorgKoppen201707, | Actual Points:
TorBrowserTeam201707 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):
* keywords: noscript, GeorgKoppen201707, TorBrowserTeam201707R =>
noscript, GeorgKoppen201707, TorBrowserTeam201707
* status: reopened => needs_revision
Comment:
Replying to [comment:25 ma1]:
> Of course disabling the XSS filter is an undesirable work-around.
>
> Turns out that this bug was due to the JSON-stripping optimization being
completely turned off by a regression.
>
> Should be fixed in [https://noscript.net/getit#devel latest development
build] 5.0.6rc5, please check thanks.
Testing with 5.0.6 seems to indicate that there is still something not
working as expected:
{{{
[07-10 13:12:00] Torbutton INFO: tor SOCKS: https://www.facebook.com/tr/
via
zeit.de:73bb9561126604354e4dfe26f54a59dd
SyntaxError: invalid range in character class
InjectionChecker.reduceJSON at chrome://noscript/content/InjectionChecker.js:167:15
InjectionChecker_checkJSBreak at chrome://noscript/content/InjectionChecker.js:475:30
InjectionChecker.checkJS at chrome://noscript/content/InjectionChecker.js:748:70
InjectionChecker._checkRecursive at chrome://noscript/content/InjectionChecker.js:997:30
InjectionChecker.checkRecursive at chrome://noscript/content/InjectionChecker.js:992:12
InjectionChecker.checkRecursive at chrome://noscript/content/InjectionChecker.js:967:33
InjectionChecker.checkPostStream/<@chrome://noscript/content/InjectionChecker.js:1165:11
PostChecker.prototype.check at chrome://noscript/content/InjectionChecker.js:1259:17
InjectionChecker.checkPostStream at chrome://noscript/content/InjectionChecker.js:1162:13
InjectionChecker.checkPost at chrome://noscript/content/InjectionChecker.js:1156:12
RequestWatchdog.prototype.filterXSS at chrome://noscript/content/RequestWatchdog.js:789:46
RequestWatchdog.prototype.onHttpStart/<@chrome://noscript/content/RequestWatchdog.js:148:18
DOSChecker.prototype.run at chrome://noscript/content/RequestWatchdog.js:1104:22
RequestWatchdog.prototype.onHttpStart at chrome://noscript/content/RequestWatchdog.js:146:9
MainParent["http-on-modify-
request"].observe at chrome://noscript/content/MainParent.js:82:24
TypeError: unsafeRequest.window is null
}}}
Just opening zeit.de and waiting should give you that syntax error.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22362#comment:30>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list