Changes between Version 1 and Version 2 of Ticket #27719, comment 2


Ignore:
Timestamp:
Sep 16, 2018, 12:32:29 AM (13 months ago)
Author:
cypherpunks2
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #27719, comment 2

    v1 v2  
    55> https://bugzilla.mozilla.org/show_bug.cgi?id=665859 (flip the pref to `true` as this bug report requests)
    66
    7 The second report is over 7 years old and no progress has been made (it's still status NEW). It's very possible that we'll have to toggle this ourselves if we want to avoid trivial MITM. I mean, only enabling JavaScript on sites with TLS is a little odd if the exit node can still read and inject arbitrary data for a large number of those connections without even so much as a warning appearing to the user.
     7The second report is over 7 years old and no progress has been made (it's still status NEW). It's very possible that we'll have to toggle this ourselves if we want to avoid trivial MITM. I mean, only enabling JavaScript on sites with TLS is a little odd if the exit node can still read and inject arbitrary data for a non-negligible number of those connections without even so much as a warning appearing to the user.