forked from d3cim/mobile_user.js
Update 'user.js'
This commit is contained in:
parent
0c8406a636
commit
e94e847342
11
user.js
11
user.js
|
@ -800,10 +800,6 @@ user_pref("middlemouse.paste", false);
|
|||
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10089
|
||||
user_pref("middlemouse.contentLoadURL", false);
|
||||
// -------------------------------------
|
||||
// Pref : Limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
|
||||
// [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins). To control HTML Meta tag and JS redirects, use an extension.
|
||||
user_pref("network.http.redirection-limit", 15); // [DEFAULT: 20]
|
||||
// -------------------------------------
|
||||
// Pref : Remove webchannel whitelist
|
||||
user_pref("webchannel.allowObject.urlWhitelist", "");
|
||||
// -------------------------------------
|
||||
|
@ -1481,8 +1477,11 @@ user_pref("dom.security.https_only_mode", true); [FF76+]
|
|||
user_pref("dom.security.https_only_mode_send_http_background_request", false);
|
||||
// -------------------------------------
|
||||
// Pref : Require safe negotiation
|
||||
// Blocks connections to servers that don't support RFC 5746 as they're potentially vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack if it disables renegotiations but the problem is that the browser can't know that.
|
||||
// Setting this pref to true is the only way for the browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server.
|
||||
// Blocks connections (SSL_ERROR_UNSAFE_NEGOTIATION) to servers that don't support RFC 5746
|
||||
// as they're potentially vulnerable to a MiTM attack. A server without RFC 5746 can be
|
||||
// safe from the attack if it disables renegotiations but the problem is that the browser can't
|
||||
// know that. Setting this pref to true is the only way for the browser to ensure there will be
|
||||
// no unsafe renegotiations on the channel between the browser and the server.
|
||||
// https://wiki.mozilla.org/Security:Renegotiation
|
||||
// https://tools.ietf.org/html/rfc5746
|
||||
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||
|
|
Loading…
Reference in New Issue