ma1 pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser
Commits: b0b0ccd9 by hackademix at 2024-10-07T23:25:50+02:00 fixup! Firefox preference overrides.
Bug 43197: Disable automatic exception for HTTPS-First.
- - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
===================================== browser/app/profile/001-base-profile.js ===================================== @@ -120,6 +120,8 @@ pref("dom.security.https_only_mode", true); // The previous pref automatically sets this to true (see StaticPrefList.yaml), // but set it anyway only as a defense-in-depth. pref("dom.security.https_only_mode_pbm", true); +// tor-browser#43197, defense in depth if ever https-only got disabled +pref("dom.security.https_first_add_exception_on_failiure", false);
// tor-browser#22320: Hide referer when comming from a .onion address // We enable this here (rather than in Tor Browser) in case users of other
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b0b0ccd9...