[tahoe-lafs-trac-stream] [tahoe-lafs] #127: Cap URLs leaked via HTTP Referer header
tahoe-lafs
trac at tahoe-lafs.org
Tue May 28 18:24:15 UTC 2013
#127: Cap URLs leaked via HTTP Referer header
-------------------------+-------------------------------------------------
Reporter: warner | Owner: davidsarah
Type: defect | Status: assigned
Priority: major | Milestone: 1.11.0
Component: code- | Version: 0.7.0
frontend-web | Keywords: confidentiality integrity
Resolution: | preservation capleak research
Launchpad Bug: |
-------------------------+-------------------------------------------------
Comment (by zooko):
Great! We should try to turn these on in Tahoe-LAFS ASAP.
Hey, I remember that Brad Hill offered to support standardization of a CSP
rule to restrict Referer leakage. What happened with that? Did we drop the
ball on giving him some sort of spec doc?
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/127#comment:40>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list