Richard Pospesel pushed to branch base-browser-102.8.0esr-12.5-1 at The Tor Project / Applications / Tor Browser
Commits: 926c3f33 by Richard Pospesel at 2023-02-15T13:54:12+00:00 fixup! Firefox preference overrides.
bug 41627: Enable network.http.referer.hideOnionSource in base-browser
(cherry picked from commit 90df17dac724c43bbc533a0f449a72ba419d9d67) - - - - -
1 changed file:
- browser/app/profile/001-base-profile.js
Changes:
===================================== browser/app/profile/001-base-profile.js ===================================== @@ -68,6 +68,12 @@ pref("browser.pagethumbnails.capturing_disabled", true); pref("dom.security.https_only_mode", true); pref("dom.security.https_only_mode_pbm", true);
+// tor-browser#22320: Hide referer when comming from a .onion address +// We enable this here (rather than in Tor Browser) in case users of other +// base-browser derived browsers configure it to use a system Tor daemon +// to visit onion services. +pref("network.http.referer.hideOnionSource", true); + // Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 ) // Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a // MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/926c3f33...
tbb-commits@lists.torproject.org