Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by Georg Koppen@gk

Tor Browser locale is leaked via title of link tag on non-html page

ryotak reported via our HackerOne bug bounty program that the Tor Browser locale is leaked via the title of the link tag on any non-html page.

For a test ryotak came up with see: https://people.torproject.org/~gk/tests/tor_plaintext_locale_leak.html.

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information