Tor Browser locale is leaked via title of link tag on non-html page
ryotak reported via our HackerOne bug bounty program that the Tor Browser locale is leaked via the title of the link tag on any non-html page.
For a test ryotak came up with see: https://people.torproject.org/~gk/tests/tor_plaintext_locale_leak.html.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information