From 1e87458c8a117eaa0e8a84015a8654cb298e596d Mon Sep 17 00:00:00 2001
From: quindecim <quindecim@airmail.cc>
Date: Sun, 28 Jul 2019 09:34:35 +0000
Subject: [PATCH] Update 'config/mozilla.cfg'
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

⛔️ Locked security bypass buttons (DESKTOP only)
---
 config/mozilla.cfg | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/config/mozilla.cfg b/config/mozilla.cfg
index a8a9bb5..fc9f7e8 100644
--- a/config/mozilla.cfg
+++ b/config/mozilla.cfg
@@ -1233,6 +1233,13 @@ lockPref("media.devices.insecure.enabled", false);
 lockPref("remote.enabled", false); // [DESKTOP]
 lockPref("remote.force-local", true); // [DESKTOP]
 lockPref("remote.log.level", ""); // [DESKTOP]
+// -------------------------------------
+// Pref : Disable security bypass buttons
+// Prevent the user from bypassing security in certain cases.
+// "security.certerror.hideAddException" prevents adding an exception when an invalid certificate is shown.
+// "browser.safebrowsing.allowOverride" prevents selecting "ignore the risk" and visiting a harmful site anyway.
+lockPref("browser.safebrowsing.allowOverride", false); // [DESKTOP]
+lockPref("security.certerror.hideAddException", true); // [DESKTOP]
 //
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Block Implicit Outbound
@@ -1965,7 +1972,6 @@ lockPref("extensions.getAddons.cache.enabled", false)
 // -------------------------------------
 // Pref : Disable Google Safe Browsing (Block dangerous and deceptive contents)
 lockPref("browser.safebrowsing.enabled", false); // [DESKTOP]
-lockPref("browser.safebrowsing.allowOverride", false);
 lockPref("browser.safebrowsing.blockedURIs.enabled", false);
 lockPref("browser.safebrowsing.debug", false);
 lockPref("browser.safebrowsing.downloads.enabled", false); // [DEFAULT: false]