ma1 pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser

Commits: 93669b13 by hackademix at 2024-10-08T09:06:43+02:00 fixup! Firefox preference overrides.

Bug 43197: Disable automatic exception for HTTPS-First.

- - - - -

1 changed file:

- browser/app/profile/001-base-profile.js

Changes:

===================================== browser/app/profile/001-base-profile.js ===================================== @@ -120,6 +120,8 @@ pref("dom.security.https_only_mode", true); // The previous pref automatically sets this to true (see StaticPrefList.yaml), // but set it anyway only as a defense-in-depth. pref("dom.security.https_only_mode_pbm", true); +// tor-browser#43197, defense in depth if ever https-only got disabled +pref("dom.security.https_first_add_exception_on_failiure", false);

// tor-browser#22320: Hide referer when comming from a .onion address // We enable this here (rather than in Tor Browser) in case users of other

View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/9366...