Tor Browser 7.5.4 is released

Tor Browser 7.5.4 is now available from the Tor Browser Project page and also from our distribution directory.
This release features important security updates to Firefox.
This release updates Firefox to 52.8.0esr, HTTPS Everywhere to 2018.4.11, and NoScript to 5.1.8.5. In addition, we exempt .onion domains from mixed content warnings, fixed a fingerprinting issue and an issue with localized content.
The full changelog since Tor Browser 7.5.3 is:
- All platforms
- Update Firefox to 52.8.0esr
- Update HTTPS Everywhere to 2018.4.11
- Update NoScript to 5.1.8.5
- Bug 23439: Exempt .onion domains from mixed content warnings
- Bug 22614: Make e10s/non-e10s Tor Browsers indistinguishable
- Bug 22659: Changes to `intl.accept.languages` get overwritten after restart
- Bug 25973: Backport off-by-one fix (bug 1352073)
- Bug 25020: Add a tbb_version.json file
Thanks for everything you…
Thanks for everything you have done for us!
Bug 23439: Exempt .onion…
- Bug 23439: Exempt .onion domains from mixed content warnings
Many comments on that bug and tickets they link to debate how to treat HTTPS clearnet the same as HTTP onion services, but I don't see a perspective of the consequences from the insecure end. Meaning:
Now that HTTP onion services are treated as secure and now that HTTP onions are exempt from mixed content warnings, then is HTTP onion service traffic recognized and warned as different from HTTP to clearnet? If an HTTP .onion webpage loads content from an HTTP clearnet domain, does Tor Browser still warn about mixed content? Or since they are both HTTP, does the warning not appear?
Awesome work on the…
Awesome work on the development as per usual guys!