Additional protections for browsing hidden websites
I want to recommend researching and implementing additional protections for browsing hidden service websites.
Some ideas:
-
#9623 (moved): Don't send referers from hidden addresses.
-
Javascript disabled by default for hiddden services, whether it is enabled for public websites.
-
This is all I can think of for now