#27307: NoScript marks HTTP Onion as insecure --------------------------------------+-------------------------- Reporter: cypherpunks3 | Owner: tbb-team Type: defect | Status: closed Priority: Low | Milestone: Component: Applications/Tor Browser | Version: Severity: Minor | Resolution: wontfix Keywords: noscript | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+--------------------------
Comment (by ma1): Replying to [comment:7 gk]: > There is still the scary http: in red which should not be relevant for .onions either. Additionally, the expectation here is that onions over http:// on medium level security can actually run JavaScript etc. because http:// is secure for .onion domains They should get treated as loaded over https://. Could you address those two items for Tor Browser users? (I am fine opening a new bug for the latter if you like) Not sure if you opened another bug (if you did, sorry for the cross- posting): I've addressed this in https://github.com/hackademix/noscript/releases/tag/11.0.4rc15 -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27307#comment:8> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs