[tor-bugs] #22501 [Applications/Tor Browser]: Requests via javascript: violate FPI

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Sep 27 08:03:52 UTC 2017


#22501: Requests via javascript: violate FPI
---------------------------------------+-----------------------------------
 Reporter:  cypherpunks                |          Owner:  pospeselr
     Type:  defect                     |         Status:  needs_information
 Priority:  High                       |      Milestone:
Component:  Applications/Tor Browser   |        Version:
 Severity:  Major                      |     Resolution:
 Keywords:  tbb-linkability, noscript  |  Actual Points:
Parent ID:                             |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+-----------------------------------

Comment (by ma1):

 It's the "Attempt to fix Javascript links" ('''noscript.fixLinks''' in
 ''!about:config'') feature.

 Do you need me to modify the HEAD XHR preflight request in order to fit
 into your navigation restrictions, or to omit it outright? Or would it be
 better for you to just flip the preference?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22501#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list