![]() ![]() As soon as the request is initiated, is processed LOCALLY by NoScript and blocked, so the information never leaves the browser. It's used as the report URI for the script-blocking CSP, in order to catch LOCALLY whatever has been blocked by NoScript and show it in the UI. "", as the name implies, is a domain which does not resolve to anything, and since is under my control I can make sure nobody makes it real domain. This might result in being able to reconstruct the browsing historyĪccording to a statement from Giorgio Maone there's no privacy issue (browser history leakage): NoScript's CSP reports only fire when the first party domain is not whitelisted in NoScript. when a site is blocked in NoScript, appears as a blocked third-party domain in uBO's panel (and allowing it doesn't do nothing, i.e. I'm using uMatrix add-on to block the 3-rd party requests that NoScript doesn't show, and recently noticed that uMatrix blocks the CSP requests created by NoScript. Bug 27178+ 27179: Add support for xz compression in mar files.Bug 27061: Enable verification of langpacks checksums.Bug 27411: Fix broken security slider and NoScript interaction on Windows.Bug 26381: Work around endless loop during page load and about:tor not loading.Bug 26049: Reduce delay for showing update prompt to 1 hour.Bug 27221: Purge startup cache if Tor Browser version changed.Bug 26048: Fix potentially confusing "restart to update" message.Bug 26114: Don't expose navigator.mozAddonManager to websites.Bug 27281: Enable Reader View mode again.Bug 26614: Disable Web Authentication API until it is properly audited.Bug 21549: Disable wasm for now until it is properly audited.Bug 21607: Disable WebVR for now until it is properly audited.Bug 26670: Make canvas permission prompt respect first-party isolation.Bug 27213: Update about:tbupdate to new (about:tor) layout.Bug 27283: Fix first-party isolation for UI tour.Bug 27403: The onboarding bubble is not always displayed.Bug 25405: Cannot use Moat if a meek bridge is configured.Bug 27097: Add text for Tor News signup widget.Bug 27301: Improve about:tor behavior and appearance.Bug 26490: Remove the security slider notification.Bug 26520: Fix sec slider/NoScript for TOR_SKIP_LAUNCH=1.Bug 26884: Use Torbutton to provide security slider on mobile.Bug 27276: Adapt to new NoScript messaging protocol.Bug 27401: Start listening for NoScript before it loads.The full changelog since Tor Browser 8.0a10 is: In addition, we updated Tor to 0.3.4.7-rc and fixed an issue with Moat when a meek bridge has been configured. It contains all the improvements from the new 8.0 release. Tor Browser 8.5a1 is the first alpha release in the 8.5 series. This release features important security updates to Firefox. Tor Browser 8.5a1 is now available from the Tor Browser Project page and also from our distribution directory.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |