[tor-bugs] #23629 [- Select a component]: CSP error reports not sent - intended/safe ?

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Sep 24 15:54:37 UTC 2017

#23629: CSP error reports not sent - intended/safe ?
     Reporter:  cypherpunks           |      Owner:  (none)
         Type:  enhancement           |     Status:  new
     Priority:  Medium                |  Milestone:
    Component:  - Select a component  |    Version:
     Severity:  Normal                |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |   Reviewer:
      Sponsor:                        |
 when browsing sites that have a Content Security Policy (CSP) report URI,
 and a CSP violation is triggered, the reports aren't sent

 in a regular firefox they would be POSTED to the URI

 in TBB they don't - is that intended for security or what ever ?

 i cant remember any test sites but it might be possible to find one...

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23629>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list