Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#24143 closed enhancement (duplicate)

Have medium security level allow JavaScript on non-HTTPS onion sites?

Reported by: nido Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: securitylevel javascript onionservices
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Medium security level allows JavaScript only on HTTPS sites, with no exception for onion sites. But is it any less secure to run JavaScript on an onion site (with or without HTTPS) than on a HTTPS clearnet site? (If so, how?) If not, wouldn't it be a good idea to allow JavaScript on all onion sites?

Child Tickets

Change History (2)

comment:1 Changed 2 years ago by boklm

Resolution: duplicate
Status: newclosed

This is a duplicate of #21004.

comment:2 Changed 2 years ago by nido

Sorry, didn't see that (although I did some searching).

Note: See TracTickets for help on using tickets.