[tor-bugs] #29646 [Applications/Tor Browser]: NoScript XSS user choices are persisted
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 4 11:29:08 UTC 2019
#29646: NoScript XSS user choices are persisted
-------------------------------------+-------------------------------------
Reporter: atac | Owner: tbb-team
Type: defect | Status: new
Priority: High | Component: Applications/Tor
| Browser
Version: | Severity: Normal
Keywords: tbb-disk-leak xss | Actual Points:
noscript |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+-------------------------------------
Whenever user chooses 'Always allow' or 'Always block' in one of the
NoScript XSS popups the setting is persisted in `storage-sync.sqlite` file
and this is never cleared on browser startup as the rest of NoScript
preferences.
The full persisted object can be inspected via `about:debugging` -> Debug
Noscript -> `browser.storage.sync.get('xssUserChoices')`.
I understand this is not intended behaviour, since NoScript default is to
not persist user choices (clearing them up on browser start).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29646>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list