[tor-talk] Self-deleting scripts in http connections
Rythyrix
durindals917 at gmail.com
Sat Dec 3 04:47:11 UTC 2016
Greetings, all.
Recently, as I was browsing over to coppersurfer dot tk , I on a whim
opened up Firefox's Element Inspector (right click -> Inspect Element
(Q)) . Imagine my surprise when I find a script before the title tag.
(see pastebin HNqsDsq2 for sourcedump).
Given that I have NoScript, I needed to test it. Restarting with addons
disabled made the script not appear by the time I managed to open the
Element Inspector again. Given that Tor is based on Firefox, the ability
for a site to remotely delete a script from a client browser is
worrying. Is anyone willing to double check that this happens to more
than just myself?
A concerned netizen.
(I don't want to post hyperlinks, lack of accidental clicks that way.)
More information about the tor-talk
mailing list