Opened 6 years ago

Closed 4 years ago

#9787 closed defect (user disappeared)

Google scripts are added to white list in NoScript XSS tab in TOR BROWSER BUDNLES

Reported by: cypherpunks Owned by: erinn
Priority: Medium Milestone:
Component: Applications/Tor bundles/installation Version: Tor: unspecified
Severity: Keywords: No-script, plugin, plugins, white-list, XSS
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Check the XSS tab in NOScript in TOR BROWSER and you will find that google scripts were added to the
white list! So their scripts are not checked for injections! Why should we trust google when everyone knows that google is NSA's subsidiary?
Please, remove their scripts from NO-SCRIPT white-list in TOR BROWSER.

Child Tickets

Change History (3)

comment:1 Changed 6 years ago by arma

Cc: mikeperry added
Component: TorTor bundles/installation
Milestone: Tor: very long term
Owner: set to erinn
Priority: majornormal
Type: enhancementdefect

comment:2 Changed 6 years ago by mikeperry

Status: newneeds_information

There is probably a good reason for this. The XSS filters probably break random things on Google. We're not changing this without input from Giorgio Maone (the NoScript Author). I suggest you ask him directly why he put Google on the whitelist. He is fairly responsive on his forums.

comment:3 Changed 4 years ago by cypherpunks

Resolution: user disappeared
Status: needs_informationclosed

No any information for 19 month.
Closing. Please reopen this ticket if found new information.

Note: See TracTickets for help on using tickets.