michel_ouba/FF_arkenfox_user.js
michel_ouba/FF_arkenfox_user.js
1
0
Fork 0
Code Releases Activity

1241->active: block mixed passive content #326

Browse Source
This commit is contained in:
Thorin-Oakenpants 2018-01-05 09:02:59 +13:00 committed by GitHub
parent d89e9834ff
commit d82791a933
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
user.js
View File

@ -775,9 +775,8 @@ user_pref("network.stricttransportsecurity.preloadlist", true);
/* 1240: disable insecure active content on https pages - mixed content /* 1240: disable insecure active content on https pages - mixed content
* [1] https://trac.torproject.org/projects/tor/ticket/21323 ***/ * [1] https://trac.torproject.org/projects/tor/ticket/21323 ***/
user_pref("security.mixed_content.block_active_content", true); user_pref("security.mixed_content.block_active_content", true);
/* 1241: disable insecure passive content (such as images) on https pages - mixed context /* 1241: disable insecure passive content (such as images) on https pages - mixed context ***/
* [WARNING] When set to true, this will visually break many sites (March 2017) ***/ user_pref("security.mixed_content.block_display_content", true);
// user_pref("security.mixed_content.block_display_content", true);
/* 1242: enable Mixed-Content-Blocker to use the HSTS cache but disable the HSTS Priming requests (FF51+) /* 1242: enable Mixed-Content-Blocker to use the HSTS cache but disable the HSTS Priming requests (FF51+)
* Allow resources from domains with an existing HSTS cache record or in the HSTS preload list * Allow resources from domains with an existing HSTS cache record or in the HSTS preload list
* to be upgraded to HTTPS internally but disable sending out HSTS Priming requests, because * to be upgraded to HTTPS internally but disable sending out HSTS Priming requests, because