|
@@ -793,6 +793,9 @@ user_pref("security.cert_pinning.enforcement_level", 2);
|
|
|
user_pref("security.mixed_content.block_active_content", true); // default: true
|
|
user_pref("security.mixed_content.block_active_content", true); // default: true
|
|
|
/* 1241: disable insecure passive content (such as images) on https pages - mixed context ***/
|
|
/* 1241: disable insecure passive content (such as images) on https pages - mixed context ***/
|
|
|
user_pref("security.mixed_content.block_display_content", true);
|
|
user_pref("security.mixed_content.block_display_content", true);
|
|
|
|
|
+/* 1243: block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks (FF59+)
|
|
|
|
|
+ * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1190623 ***/
|
|
|
|
|
+user_pref("security.mixed_content.block_object_subrequest", true);
|
|
|
|
|
|
|
|
/** CIPHERS [see the section 1200 intro] ***/
|
|
/** CIPHERS [see the section 1200 intro] ***/
|
|
|
/* 1260: disable or limit SHA-1
|
|
/* 1260: disable or limit SHA-1
|
Thorin-Oakenpants