1
0

1243: mixed OBJECT_SUBREQUESTS

This commit is contained in:
Thorin-Oakenpants 2018-11-15 07:06:34 +00:00 committed by GitHub
parent 4e42bad6a1
commit 7351e561c4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -793,6 +793,9 @@ user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.mixed_content.block_active_content", true); // default: true user_pref("security.mixed_content.block_active_content", true); // default: true
/* 1241: disable insecure passive content (such as images) on https pages - mixed context ***/ /* 1241: disable insecure passive content (such as images) on https pages - mixed context ***/
user_pref("security.mixed_content.block_display_content", true); user_pref("security.mixed_content.block_display_content", true);
/* 1243: block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks (FF59+)
* [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1190623 ***/
user_pref("security.mixed_content.block_object_subrequest", true);
/** CIPHERS [see the section 1200 intro] ***/ /** CIPHERS [see the section 1200 intro] ***/
/* 1260: disable or limit SHA-1 /* 1260: disable or limit SHA-1