javascript: hrefs don't run at medium-high security level, even on an HTTPS page
On this page, at the medium-high security level, the "Enter promotional code" link doesn't work. It's supposed to cause another DOM element to become visible. https://www.eventbrite.com/e/rightscon-silicon-valley-2016-tickets-19158023163 It's because the link, rather than using an onclick handler or something, uses a javascript: URL in the href:
<a href="javascript: Hide('discountDiv1'); Show('discountDiv');">Enter promotional code</a>
They use the same technique for some other buttons, which are also broken. The JS actually works, as I can paste it into the browser console and it does what it's supposed to do.
It works if I reduce the security level to medium-low, so I suspect it's caused by Tor Browser not considering the javascript: URL to be in an HTTPS context or something.