[tor-bugs] #25836 [Applications/Tor Browser]: Make NoScript work on the highest security level on protected Mozilla websites

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 18 11:10:00 UTC 2018


#25836: Make NoScript work on the highest security level on protected Mozilla
websites
------------------------------------------+----------------------
     Reporter:  gk                        |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:  ff60-esr
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 https://bugzilla.mozilla.org/show_bug.cgi?id=1453988 raised awareness for
 a new mechanism to regulate webextension interference with priviledged
 Mozilla sites. We need to clear the whitelist that got implemented in
 https://bugzilla.mozilla.org/show_bug.cgi?id=1415644.
 https://bugzilla.mozilla.org/show_bug.cgi?id=1453988#c0 gives a good
 introduction about the trade-offs involved and we might think about a
 better solution while preparing our switch to ESR60 (or do so in a follow-
 up bug).

 One idea tjr had was to get a patch developed to make an exemption to that
 whitelist for Mozilla-signed extensions. We could then piggyback on that
 by signing all the extensions we ship which we thought about doing anyway.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25836>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list