Inicio Explorar Ayuda
Iniciar sesión
rootless
/
ghacks-user.js
1
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Explorar el Código

enforce HSTS preload list

Roman-Nopantski hace 8 años
padre
d17fa573a9
commit
2fcd21083e
Se han modificado 1 ficheros con 3 adiciones y 3 borrados
Dividir vista Mostrar estadísticas de diff
  1. 3 3
      user.js

+ 3 - 3
user.js
Ver fichero 

@@ -658,9 +658,9 @@ user_pref("security.mixed_content.block_active_content", true);
 
    // https://bugzilla.mozilla.org/show_bug.cgi?id=1246540#c145

 user_pref("security.mixed_content.send_hsts_priming", false);

 user_pref("security.mixed_content.use_hsts", false);

-// 1219: disable HSTS preload list

-   // recommended left inactive and at default, unless you fully understand the risks and trade-offs

-   // user_pref("network.stricttransportsecurity.preloadlist", false);

+// 1219: enforce HSTS preload list (default is true)

+   // recommended left at default, unless you fully understand the risks and trade-offs

+user_pref("network.stricttransportsecurity.preloadlist", true);

 // 1220: disable intermediate certificate caching (fingerprinting attack vector)

    // NOTE: This may be better handled under FPI (ticket 1323644, part of Tor Uplift)

    // WARNING: This affects login/cert/key dbs. The effect is all credentials are session-only.