Can't stop loading Clearnet data on .onion site anymore
In past users of TBB have the capability to block loading other sites/clearnet data on .onion sites as a security improvement with "permissions.default.image: 3" Since 22 Jan 2020(?) this is not possible anymore with no plausibility. Technical reason: ttps://hg.mozilla.org/mozilla-central/rev/dea8bc3b320a author pbz pbz@mozilla.com Wed, 22 Jan 2020 10:45:15 +0000 changeset 511088 dea8bc3b320acdd689a27596a0a54eb794941333 parent 511087 74493854a1b6478d5a9c3674df1369788783eeee child 511089 798234088fd904c05e9312a0f703980e284d3bf7 push id 37045 push user csabou@mozilla.com push date Wed, 22 Jan 2020 21:48:55 +0000 #---------------------------------------------------------------------# Prefs starting with "permissions." #--------------------------------------------------------------------- +# 1-Accept, 2-Deny, Any other value: Accept +- name: permissions.default.image
- type: RelaxedAtomicUint32
- value: 1
- mirror: always [...] -pref("permissions.default.image", 1); // 1-Accept, 2-Deny, 3-dontAcceptForeign
You can test this issue with e.g. theintercept.com: https://27m3p2uv7igmj6kvd4ql3cct5h3sdwrsajovkkndeufumzyfhlfev4qd.onion/
Result: Security problem, the advantage of .onion is at least affected.