[tor-bugs] #27307 [Applications/Tor Browser]: NoScript marks HTTP Onion as insecure
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Oct 27 22:15:29 UTC 2019
#27307: NoScript marks HTTP Onion as insecure
--------------------------------------+--------------------------
Reporter: cypherpunks3 | Owner: tbb-team
Type: defect | Status: closed
Priority: Low | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Minor | Resolution: wontfix
Keywords: noscript | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by ma1):
Replying to [comment:7 gk]:
> There is still the scary http: in red which should not be relevant for
.onions either. Additionally, the expectation here is that onions over
http:// on medium level security can actually run JavaScript etc. because
http:// is secure for .onion domains They should get treated as loaded
over https://. Could you address those two items for Tor Browser users? (I
am fine opening a new bug for the latter if you like)
Not sure if you opened another bug (if you did, sorry for the cross-
posting): I've addressed this in
https://github.com/hackademix/noscript/releases/tag/11.0.4rc15
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27307#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list