Google scripts are added to white list in NoScript XSS tab in TOR BROWSER BUDNLES
Check the XSS tab in NOScript in TOR BROWSER and you will find that google scripts were added to the white list! So their scripts are not checked for injections! Why should we trust google when everyone knows that google is NSA's subsidiary? Please, remove their scripts from NO-SCRIPT white-list in TOR BROWSER.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information