My test:
Windows XP Home SP3
Firefox 28 + Noscript
score 16/17 (fail Origin header)
You can get 17/17 ?
Sorry my bad English.
Security Test Browserscope
-
sampei.nihira
- Posts: 3
- Joined: Sat Apr 12, 2014 4:27 pm
- Location: Italy (Granducato di Toscana)
Security Test Browserscope
http://www.browserscope.org/security/test
My test:
Windows XP Home SP3
Firefox 28 + Noscript
score 16/17 (fail Origin header)
You can get 17/17 ?
Sorry my bad English.
My test:
Windows XP Home SP3
Firefox 28 + Noscript
score 16/17 (fail Origin header)
You can get 17/17 ?
Sorry my bad English.
釣りキチ三平
Mozilla/5.0 (Windows NT 5.1; rv:28.0) Gecko/20100101 Firefox/28.0
-
Giorgio Maone
- Site Admin
- Posts: 9524
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Security Test Browserscope
You're basically asking NoScript of fix/work-around Mozilla's bug 446344, which is mostly a cosmetic one since adopting the whole CORS is much more reliable/robust than relying on the Origin header being sent for any request (and also maybe less privacy disputable).
Answer is: maybe, I must consider all the implications (especially the privacy-related ones).
Answer is: maybe, I must consider all the implications (especially the privacy-related ones).
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0
-
sampei.nihira
- Posts: 3
- Joined: Sat Apr 12, 2014 4:27 pm
- Location: Italy (Granducato di Toscana)
Re: Security Test Browserscope
TH Giorgio.Giorgio Maone wrote:You're basically asking NoScript of fix/work-around Mozilla's bug 446344, which is mostly a cosmetic one since adopting the whole CORS is much more reliable/robust than relying on the Origin header being sent for any request (and also maybe less privacy disputable).
Answer is: maybe, I must consider all the implications (especially the privacy-related ones).
It would be a very interesting thing.
Good Luck!!
釣りキチ三平
Mozilla/5.0 (Windows NT 5.1; rv:28.0) Gecko/20100101 Firefox/28.0