[tor-talk] Should DOM storage really be enabled by default in TorBrowser?
Georg Koppen
gk at torproject.org
Fri Jun 20 08:15:26 UTC 2014
Aymeric Vitte:
>
> Le 19/06/2014 20:51, Georg Koppen a écrit :
>> DOM Storage in Tor Browser does not save state to disc.
>
> So it's there until you close your browser, that's far enough to track
> you and expose you.
>
>> And it is bound
>> to the URL bar domain (see design document).
>
> That's not specific to DOM storage, it just follows the same origin
> policy like all W3C/WHATWG APIs
That holds for the one in a vanilla Firefox, yes. But not for the one we
ship. You should really read our design document and look at the commit
in my other mail.
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140620/9dfb79d5/attachment.sig>
More information about the tor-talk
mailing list