michel_ouba/FF_arkenfox_user.js
michel_ouba/FF_arkenfox_user.js
1
0
Fork 0
Code Releases Activity

1605: change to active enforced

Browse Source
This commit is contained in:
Thorin-Oakenpants 2021-08-19 13:17:07 +00:00 committed by GitHub
parent 00fa8f1b50
commit 93f6aea06a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
user.js
View File

@ -805,10 +805,10 @@ user_pref("network.http.referer.XOriginPolicy", 2);
/* 1604: CROSS ORIGIN: control the amount of information to send [FF52+]
* 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
/* 1605: ALL: disable spoofing a referer
* [WARNING] Do not set this to true, as spoofing effectively disables the anti-CSRF
* (Cross-Site Request Forgery) protections that some sites may rely on ***/
// user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
/* 1605: ALL: enforce no spoofing of referer
* Spoofing effectively disables the anti-CSRF (Cross-Site Request Forgery)
* protections that some sites may rely on ***/
user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
/* 1606: ALL: set the default Referrer Policy [FF59+]
* 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade
* [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy