[tor-commits] [sandboxed-tor-browser/master] Default disable `dom.securecontext.whitelist_onions`.
yawning at torproject.org
yawning at torproject.org
Mon Jul 24 16:00:51 UTC 2017
commit 26c9478ed9539a12a3a2939ccd7ef28ce916215d
Author: Yawning Angel <yawning at schwanenlied.me>
Date: Mon Jul 24 15:59:07 2017 +0000
Default disable `dom.securecontext.whitelist_onions`.
Honestly, bluring the line between CA signed HTTPS and onions is terrible.
---
ChangeLog | 1 +
data/installer/mozilla.cfg | 4 ++++
2 files changed, 5 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 0484a7b..bc20c39 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@ Changes in version 0.0.12 - UNRELEASED:
* Bug 22984: Force IDNs to be displayed as punycode to thwart homograph
attacks.
* Bug 22967: Force disable crashdump reporting.
+ * Default disable `dom.securecontext.whitelist_onions`.
Changes in version 0.0.11 - 2017-07-18:
* Bug 22910: Deprecate the volatile extension dir option.
diff --git a/data/installer/mozilla.cfg b/data/installer/mozilla.cfg
index dc03adb..1b8f97d 100644
--- a/data/installer/mozilla.cfg
+++ b/data/installer/mozilla.cfg
@@ -37,3 +37,7 @@ lockPref("extensions.blocklist.enabled", false);
// Force IDNs to be displayed as punycode to thwart homograph attacks.
defaultPref("network.IDN_show_punycode", true);
+
+// Anything that tries to blur the line between CA signed HTTPS and Onion
+// Services is misguided at best.
+defaultPref("dom.securecontext.whitelist_onions", false);
More information about the tor-commits
mailing list