Merge pull request #22 from ghacksuserjs/earthlng-patch-2
network.IDN_show_punycode draft modifications
This commit is contained in:
commit
fd3311297d
4
user.js
4
user.js
@ -1240,10 +1240,10 @@ user_pref("security.block_script_with_wrong_mime", true);
|
|||||||
// WARNING: SVG is fairly common (~15% of the top 10K sites), so will cause some breakage
|
// WARNING: SVG is fairly common (~15% of the top 10K sites), so will cause some breakage
|
||||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1216893
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1216893
|
||||||
user_pref("svg.disabled", true);
|
user_pref("svg.disabled", true);
|
||||||
// 2672: force Punycode for Internationalized Domain Names to eliminate possible spoofing security risk.
|
// 2672: force Punycode for Internationalized Domain Names to eliminate possible spoofing security risk
|
||||||
// Firefox has *some* protections to mitigate the risk, but it is better to be safe than sorry.
|
// Firefox has *some* protections to mitigate the risk, but it is better to be safe than sorry.
|
||||||
// The downside: it will also display legitimate IDN's punycoded, which might be undesirable for
|
// The downside: it will also display legitimate IDN's punycoded, which might be undesirable for
|
||||||
// users from countries with non-latin alphabets
|
// users from countries with non-latin alphabets
|
||||||
// http://kb.mozillazine.org/Network.IDN_show_punycode
|
// http://kb.mozillazine.org/Network.IDN_show_punycode
|
||||||
// https://wiki.mozilla.org/IDN_Display_Algorithm
|
// https://wiki.mozilla.org/IDN_Display_Algorithm
|
||||||
// https://en.wikipedia.org/wiki/IDN_homograph_attack
|
// https://en.wikipedia.org/wiki/IDN_homograph_attack
|
||||||
|
Loading…
Reference in New Issue
Block a user