Disable clipboard.autocopy in Tor Browser
On Linux Mint KDE (and possibly other distros) clicking with the mouse wheel on an empty (non-linked) area of a web page in Firefox will take you back to a previously closed page.
This also works if the page was in an already closed private window.
It also works if the page was in a TOR Browser instance after doing "create new identity".
Most hilariously, it is possible to reopen a closed page from before an identity change in a separate instance of normal Firefox.
Changing clipboard.autocopy to false in about:config stops this behavior.
In my opinion this is a highly questionable "feature" under any circumstances, but in the context of TOR Browser this should be considered a major security risk. Please disable this option by default.
This behavior is present in TOR Browser 7.0.2 on Linux Mint 18.2, but I have observed it in several older versions of both TOR Browser and Mint going back several years.
Trac:
Username: pqrst