On 1/20/14 11:53 PM, tortestprivacy tortestprivacy wrote: > With Tor Browser Bundle default settings any web-site can access to > local resources by JavaScript and XMLHttpRequest. Could you please explain why the same-origin policy of Firefox doesn't prevent this?