notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 15:40:48 +05:30
Code Issues Releases Wiki Activity

116.1 (#221)

Browse Source 
* require_safe_negotiation breaks EA
This commit is contained in:
HJ
2023-09-05 12:18:20 -04:00
committed by GitHub
parent 288676b07d
commit dd49bcaae4
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Securefox.js
+3 -2
View File
@@ -3,7 +3,7 @@
* Securefox * * Securefox *
* "Natura non contristatur" * * "Natura non contristatur" *
* priority: provide sensible security and privacy * * priority: provide sensible security and privacy *
* version: 116 * * version: 116.1 *
* url: https://github.com/yokoffing/Betterfox * * url: https://github.com/yokoffing/Betterfox *
****************************************************************************/ ****************************************************************************/
@@ -276,6 +276,7 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
// PREF: require safe negotiation // PREF: require safe negotiation
// [ERROR] SSL_ERROR_UNSAFE_NEGOTIATION // [ERROR] SSL_ERROR_UNSAFE_NEGOTIATION
// [WARNING] Breaks ea.com login (Sep 2023).
// Blocks connections to servers that don't support RFC 5746 [2] // Blocks connections to servers that don't support RFC 5746 [2]
// as they're potentially vulnerable to a MiTM attack [3]. // as they're potentially vulnerable to a MiTM attack [3].
// A server without RFC 5746 can be safe from the attack if it // A server without RFC 5746 can be safe from the attack if it
@@ -288,7 +289,7 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
// [2] https://datatracker.ietf.org/doc/html/rfc5746 // [2] https://datatracker.ietf.org/doc/html/rfc5746
// [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 // [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
// [4] https://www.ssllabs.com/ssl-pulse/ // [4] https://www.ssllabs.com/ssl-pulse/
user_pref("security.ssl.require_safe_negotiation", true); //user_pref("security.ssl.require_safe_negotiation", true);
// PREF: display advanced information on Insecure Connection warning pages // PREF: display advanced information on Insecure Connection warning pages
// [TEST] https://expired.badssl.com/ // [TEST] https://expired.badssl.com/
user.js
+1 -2
View File
@@ -10,7 +10,7 @@
/**************************************************************************** /****************************************************************************
* Betterfox * * Betterfox *
* "Ad meliora" * * "Ad meliora" *
* version: 116 * * version: 116.1 *
* url: https://github.com/yokoffing/Betterfox * * url: https://github.com/yokoffing/Betterfox *
****************************************************************************/ ****************************************************************************/
@@ -85,7 +85,6 @@ user_pref("security.cert_pinning.enforcement_level", 2);
/** SSL / TLS ***/ /** SSL / TLS ***/
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("browser.xul.error_pages.expert_bad_cert", true); user_pref("browser.xul.error_pages.expert_bad_cert", true);
user_pref("security.tls.enable_0rtt_data", false); user_pref("security.tls.enable_0rtt_data", false);