Update 'user.js'
This commit is contained in:
parent
8ade0a83e0
commit
1b3201a2d2
9
user.js
9
user.js
|
@ -408,6 +408,7 @@ user_pref("browser.send_pings.require_same_host", true); // defense-in-depth
|
||||||
// [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an
|
// [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an
|
||||||
// OS/network level, and/or configured properly in VPN setups. If you are not masking your IP,
|
// OS/network level, and/or configured properly in VPN setups. If you are not masking your IP,
|
||||||
// then this won't make much difference. If you are masking your IP, then it can only help.
|
// then this won't make much difference. If you are masking your IP, then it can only help.
|
||||||
|
// [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
|
||||||
// [TEST] https://ipleak.org/
|
// [TEST] https://ipleak.org/
|
||||||
// https://github.com/arkenfox/user.js/issues/437#issuecomment-403740626
|
// https://github.com/arkenfox/user.js/issues/437#issuecomment-403740626
|
||||||
// https://www.internetsociety.org/tag/ipv6-security/ ***/
|
// https://www.internetsociety.org/tag/ipv6-security/ ***/
|
||||||
|
@ -1123,7 +1124,13 @@ user_pref("javascript.options.asmjs", false);
|
||||||
// user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
|
// user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Disable WebAssembly [FF52+] [SETUP-PERF]
|
// Disable WebAssembly [FF52+] [SETUP-PERF]
|
||||||
// https://developer.mozilla.org/docs/WebAssembly ***/
|
// Vulnerabilities have increasingly been found, including those known and fixed
|
||||||
|
// in native programs years ago. WASM has powerful low-level access, making
|
||||||
|
// certain attacks (brute-force) and vulnerabilities more possible
|
||||||
|
// [STATS] ~0.2% of websites, about half of which are for crytopmining / malvertising
|
||||||
|
// https://developer.mozilla.org/docs/WebAssembly
|
||||||
|
// https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
|
||||||
|
// https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/
|
||||||
user_pref("javascript.options.wasm", false);
|
user_pref("javascript.options.wasm", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Enable (limited but sufficient) window.opener protection [FF65+]
|
// Enable (limited but sufficient) window.opener protection [FF65+]
|
||||||
|
|
Loading…
Reference in New Issue