#19048: Review Firefox Developer Docs and Undocumented bugs since FF45esr -------------------------------------------------+------------------------- Reporter: gk | Owner: tbb- | team Type: task | Status: new Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: ff52-esr, tbb-7.0-must, | Actual Points: TorBrowserTeam201703, GeorgKoppen201703 | Parent ID: | Points: Reviewer: | Sponsor: | Sponsor4 -------------------------------------------------+-------------------------
Comment (by mcs): Replying to [comment:28 gk]: > > b) We should verify that the new `<input>` types do not leak locale information, e.g., `<input type="time">`, `type="date"`, `type="week"`, etc. > > https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input > > Hm. The docs say these are not implemented yet and the linked bug (https://bugzilla.mozilla.org/show_bug.cgi?id=888320) seems to second that. What made you believe they are wrong? I don't remember what we saw, but you are correct: the implementation seems to be a work in progress and the new input types are disabled via a `dom.forms.datetime` pref. > > d) HTTP Opportunistic Security may add some linkability risks, although it seems okay at a glance. > > http://httpwg.org/http-extensions/opsec.html > > https://bugzilla.mozilla.org/show_bug.cgi?id=1301117 > > It seems that needs HTTP2/Alternative Services being enabled which is both not the case for us? Yes, I think #16673 took care of disabling it. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19048#comment:30> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs