michel_ouba/FF_arkenfox_user.js
michel_ouba/FF_arkenfox_user.js
1
0
Fork 0
Code Releases Activity

minor edits

Browse Source
This commit is contained in:
Thorin-Oakenpants 2018-02-06 23:50:30 +00:00 committed by GitHub
parent a290b3ad3d
commit ca11a88189
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
user.js
View File

@ -844,9 +844,9 @@ user_pref("gfx.font_rendering.graphite.enabled", false);
// user_pref("font.system.whitelist", ""); // (hidden pref)
/*** 1600: HEADERS / REFERERS
Only *cross domain* referers need controlling and XOriginPolicy (1603) is perfect for that.
Thus we enforce the default values for 1601, 1602, 1605 and 1606 to minimize breakage,
and only tweak 1603 (+1604).
Only *cross domain* referers need controlling and XOriginPolicy (1603) is perfect for that. Thus we enforce
the default values for 1601, 1602, 1605 and 1606 to minimize breakage, and only tweak 1603 and 1604.
Our default settings provide the best balance between protection and amount of breakage.
To harden it a bit more you can set XOriginPolicy (1603) to 2 (+ optionally 1604 to 1 or 2).
To fix broken sites, temporarily set XOriginPolicy=0 and XOriginTrimmingPolicy=2 in about:config,