id	summary	keywords	status	owner	type	priority
615	Can JavaScript loaded from Tahoe access all your content which is loaded from Tahoe?	newcaps confidentiality integrity preservation capleak gsoc websec	assigned	davidsarah	defect	critical
127	Cap URLs leaked via HTTP Referer header	confidentiality integrity preservation capleak research websec	assigned	davidsarah	defect	major
366	"address Nathan Wilcox's concerns about ""Tahoe and the browser security model"""	security capleak docs websec	assigned	blaisep	defect	major
821	A script in a file viewed through the WUI can obtain the file's read cap	newcaps newurls confidentiality capleak websec	assigned	davidsarah	defect	major
827	Put file download links ('?save=true') in WUI directory listings	security usability capleak docs download easy	assigned	davidsarah	defect	major
922	The URL of the info page for an unknown dirnode should not grant authority to the containing directory	capleak integrity confidentiality newurls	assigned	davidsarah	defect	major
954	revocable write authority	integrity capleak forward-compatibility newcaps revocation research	new		enhancement	major
995	It's way too easy to give away write directory caps	wui jsui usability confidentiality capleak websec	new	nobody	defect	major
997	The webapi/WUI should have https enabled by default	confidentiality wui webapi capleak	new	nobody	defect	major
1234	UnrecoverableFileError message should say which file it refers to	error usability capleak	assigned	davidsarah	defect	major
1254	eliminate use of urllib.urlopen in check_load	security capleak	assigned	davidsarah	defect	major
1513	memory usage in MDMF publish	mutable mdmf memory-leak performance docs	new		defect	major
1649	WUI: the error message page for a writeable file/directory nonobviously includes the write cap	usability security capleak websec	assigned	davidsarah	defect	major
1798	Segregate gateway HTTP ports: one for raw bytes and one for generated WUI pages	wui same-origin security capleak	new	freddyb	defect	major
1859	Proof-of-concept attack: Upload and execute attacker controlled js from any domain.	security javascript same-origin capleak websec	new	davidsarah	defect	major
2090	Don't expose URIs after failed CLI commands	easy security capleak error cli	new	daira	defect	major
1415	WUI is more useful than CLI	security privacy capleak integrity confidentiality	new		defect	normal
1535	Allow restricting Tahoe-LAFS gateway to one user by supporting Unix sockets	wui cli socket unix security confidentiality integrity capleak	new		enhancement	normal
1890	submit proposal for restrict-referrer-leakage to the CSP standardizers and implementors	referer referrer standards capleak research	assigned	davidsarah	task	normal
1910	memory leak on 'tahoe get'	memory leak immutable	new	T_X	defect	normal
1989	"foolscap: ""an inbound callRemote ... failed"" log entries include all arguments"	memory confidentiality capleak logging foolscap	new	warner	defect	normal
2100	passphrase-encrypt the aliases file	aliases security capleak usability	new	daira	enhancement	normal
2331	don't display capabilities without user explicitly asking for it	security capleak	assigned	daira	defect	normal
2720	format_http_error leaks the URI	security capleak	new	daira	defect	normal
907	Stop caps from leaking to phishing-filter servers	capleak integrity confidentiality forward-compatibility newurls docs websec	assigned	davidsarah	defect	minor