Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • T Tor Browser
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,249
    • Issues 1,249
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 6
    • Merge requests 6
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Applications
  • Tor Browser
  • Issues
  • #16607

Closed
Open
Created Jul 17, 2015 by Trac@tracbot

Allow SVG for extensions, even on "high" security level

When setting the security level to "high" (in the privacy and security settings), SVG images are blocked everywhere. Even for internal (or addon) pages, there is no possibility to show SVG images, which might prevent some addons from working.

Is it possible to introduce a whitelist of pages/protocols that can use svg?

Good candidates for a whitelist are: "about:", "chrome://" and "re/*". Actually, the NoScript addon already comes with such a whitelist, which allows javascript for addon pages.

 

For my case, I'm creating an addon (for Tor Browser 5.0+) that uses a library to create graphs on a re/... page. The library uses an inline svg element ("...") to display it's graphics. Currently, the "high" mode breaks my addon.

Best Markus

Trac:
Username: mbauer

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking