Qrious do not work when canvas read is disabled for privacy reasons #120
Comments
|
@neocotic: Do you have by any chance any clue why you used some read capability in place of a simple write? This way i can try to fix and with your availability try to get a update working package, |
evilaliv3
added a commit
to globaleaks/globaleaks-whistleblowing-software
that referenced
this issue
Dec 11, 2019
The requirements for this change is the bug described at: - neocotic/qrious#120 - https://bugzilla.mozilla.org/show_bug.cgi?id=1446472 - https://trac.torproject.org/projects/tor/ticket/27543
|
@neocotic: Actually for necessities of security i evaluated to switch to angular-qrcode. Probably the library used by it coul be taken as reference for fixing this inconvenience with your. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
On many browsers, reading canvas is blocked or requires asking users permissions.
Currently it seems the qrious library while writing a canvas performs as well a read and this results in a usability issue for all the users of Firefox [1] and of the Tor browser [2].
I'm analyzing this problem in relation to the GlobaLeaks project that uses Qrious in its two factor authentication based on TOTP.
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1446472
[2] https://trac.torproject.org/projects/tor/ticket/27543
The text was updated successfully, but these errors were encountered: