Opened 5 weeks ago

Last modified 4 weeks ago

#24243 new defect

Tor Browser only render HTML for local pages via file://, no images/CSS

Reported by: anonym Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: AffectsTails
Cc: sajolida Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by arma)

In Tor Browser 7.0.10 (and earlier too, see below), if I open a local page via file:// only the HTML is rendered, but images are broken and CSS isn't applied at all. For Tails this breaks several important features, like reading the local copy of the documentation (e.g. when offline) and the start page for our Unsafe Browser.

This breakage started earlier, and it is a bit "interesting":

  • Tor Browser 7.0.7 is the last ok release (both images and CSS loads).
  • Tor Browser 7.0.7 -> 7.0.8 only upgrades Torbutton 1.9.7.8 -> 1.9.7.9 which only updates some translations + fixups on the donation banner. That is somehow enough to break images on local pages (but CSS is still fine). Disabling Torbutton makes the images work again.
  • Tor Browser 7.0.8 -> 7.0.9 only fixes #24052 ("Streamline handling of file:// resources") which breaks both images and CSS. I say "both" despite the previous bullet indicating that Torbutton is responsible for breaking images, because disabling Torbutton no longer fixes image loading in this version. So it indeed seems that the fix for #24052 alone breaks both CSS and images.

Child Tickets

Change History (6)

comment:1 Changed 5 weeks ago by arma

Description: modified (diff)

(fixing a mistyped ticket number)

comment:2 Changed 5 weeks ago by sajolida

Cc: sajolida added

comment:3 Changed 5 weeks ago by gk

Which file(s) could/should I use to test and investigate that?

Last edited 5 weeks ago by gk (previous) (diff)

comment:4 in reply to:  3 Changed 5 weeks ago by gk

Replying to gk:

Which file(s) could/should I use to test and investigate that?

Right now I am interested in understanding the Torbutton issue. The impact of #24052 is pretty clear to me.

comment:5 Changed 5 weeks ago by sajolida

I'm also severly affected by that as I work on the Tails website from Tails itself: I build a local copy of the website and test my changes on file:// before pushing them on the production website.

But I have a workaround for now which is to fallback on Firefox ESR for browsing file:// URLs.

I also noticed that the links between pages are broken as well: clicking on them as no effect.

To test this, if you have access to Tails, you can browse the embedded version of our website:

file:///usr/share/doc/tails/website/index.en.html

Otherwise, save your favorite web page locally (Right-click on the page and Save Page As) and open it back with Tor Browser (Ctrl+O and open the page that you saved).

In both cases these pages will appear as raw HTML with no CSS, images, or JS and broken links.

comment:6 Changed 4 weeks ago by Molly

This is not just a problem in Tails. I'm experiencing the same problem in Debian Stretch and Tor 7.09. Example web app that is unusable from file:// is bip32.github.io. This is a client-side javascript app that should really only be run locally because it exposes bitcoin private keys.

Note: See TracTickets for help on using tickets.