richard pushed to branch tor-browser-115.11.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits:
-
b04fa658
by Richard Pospesel at 2024-05-13T13:18:28+00:00
-
8e9d5e49
by Richard Pospesel at 2024-05-13T13:18:28+00:00
2 changed files:
Changes:
| ... | ... | @@ -21,8 +21,6 @@ pref("network.proxy.socks_remote_dns", true); |
| 21 | 21 | pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
|
| 22 | 22 | pref("network.proxy.allow_hijacking_localhost", true); // Allow proxies for localhost (#31065)
|
| 23 | 23 | pref("network.proxy.type", 1);
|
| 24 | -// Bug 40548: Disable proxy-bypass
|
|
| 25 | -pref("network.proxy.failover_direct", false);
|
|
| 26 | 24 | // localhost is already blocked by setting `network.proxy.allow_hijacking_localhost` to
|
| 27 | 25 | // true, allowing users to explicitly block ports makes them fingerprintable; for details, see
|
| 28 | 26 | // Bug 41317: Tor Browser leaks banned ports in network.security.ports.banned
|
| ... | ... | @@ -455,6 +455,8 @@ pref("network.protocol-handler.warn-external.snews", true); |
| 455 | 455 | pref("network.protocol-handler.warn-external.ms-windows-store", true);
|
| 456 | 456 | #endif
|
| 457 | 457 | pref("network.proxy.allow_bypass", false, locked); // #40682
|
| 458 | +// Bug 40548: Disable proxy-bypass
|
|
| 459 | +pref("network.proxy.failover_direct", false, locked);
|
|
| 458 | 460 | // Lock to 'true', which is already the firefox default, to prevent users
|
| 459 | 461 | // from making themselves fingerprintable by disabling. This pref
|
| 460 | 462 | // alters content load order in a page. See tor-browser#24686
|