Disable NoScript ClickJack Protection
Pending an actual fix for #14985 (moved), we need to disable NoScript's clickjacking, because it is currently broken in Tor Browser, and is the source of a lot of improper warnings and dialogs while clicking on elements (especially cloudflare captchas). This ticket is just for a bug number for tracking the workaround of disabling it, so we don't have to close #14985 (moved) (which has lots of good analysis details).
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information