michel_ouba/FF_arkenfox_user.js
michel_ouba/FF_arkenfox_user.js
1
0
Fork 0
Code Releases Activity

enforce HSTS preload list

Browse Source
This commit is contained in:
Roman-Nopantski 2017-02-23 20:30:18 +13:00 committed by GitHub
parent d17fa573a9
commit 2fcd21083e
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
user.js
View File

@ -658,9 +658,9 @@ user_pref("security.mixed_content.block_active_content", true);
// https://bugzilla.mozilla.org/show_bug.cgi?id=1246540#c145
user_pref("security.mixed_content.send_hsts_priming", false);
user_pref("security.mixed_content.use_hsts", false);
// 1219: disable HSTS preload list
// recommended left inactive and at default, unless you fully understand the risks and trade-offs
// user_pref("network.stricttransportsecurity.preloadlist", false);
// 1219: enforce HSTS preload list (default is true)
// recommended left at default, unless you fully understand the risks and trade-offs
user_pref("network.stricttransportsecurity.preloadlist", true);
// 1220: disable intermediate certificate caching (fingerprinting attack vector)
// NOTE: This may be better handled under FPI (ticket 1323644, part of Tor Uplift)
// WARNING: This affects login/cert/key dbs. The effect is all credentials are session-only.