Opened 11 months ago

Closed 7 months ago

#25836 closed defect (duplicate)

Make NoScript work on the highest security level on protected Mozilla websites

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ff60-esr
Cc: tom, arthuredelstein Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

https://bugzilla.mozilla.org/show_bug.cgi?id=1453988 raised awareness for a new mechanism to regulate webextension interference with priviledged Mozilla sites. We need to clear the whitelist that got implemented in https://bugzilla.mozilla.org/show_bug.cgi?id=1415644. https://bugzilla.mozilla.org/show_bug.cgi?id=1453988#c0 gives a good introduction about the trade-offs involved and we might think about a better solution while preparing our switch to ESR60 (or do so in a follow-up bug).

One idea tjr had was to get a patch developed to make an exemption to that whitelist for Mozilla-signed extensions. We could then piggyback on that by signing all the extensions we ship which we thought about doing anyway.

Child Tickets

Change History (1)

comment:1 Changed 7 months ago by gk

Resolution: duplicate
Status: newclosed

I think we are good here for now and I'll close this as duplicate of #26114 which actually flipped the neccessary prefs.

Note: See TracTickets for help on using tickets.