mirror of
https://github.com/yokoffing/Betterfox.git
synced 2026-06-12 15:40:48 +05:30
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 HJ
|
dd49bcaae4 | ||
|
HJ
|
288676b07d |
@@ -54,7 +54,7 @@ See [Optional Hardening](https://github.com/yokoffing/Betterfox/wiki/Optional-Ha
|
||||
|
||||
### Browser Integration
|
||||
* [Waterfox](https://github.com/WaterfoxCo/Waterfox/releases/tag/G6.0b3) | [files](https://github.com/WaterfoxCo/Waterfox/tree/future/waterfox/browser/app/profile) (August 2023)
|
||||
* [Floorp](https://github.com/Floorp-Projects/Floorp#-betterfox) <sup>[1](https://github.com/Floorp-Projects/Floorp/issues/233#issuecomment-1543557167) [2](https://blog.ablaze.one/3135/2023-04-01/)</sup> | [files](https://github.com/Floorp-Projects/Floorp/blob/f63e87016d88535aafa2b57d690442b9a69cbaa5/toolkit/content/license.html#L200-L224) (April 2023)
|
||||
* [Floorp](https://github.com/Floorp-Projects/Floorp#-betterfox) <sup>[1](https://github.com/Floorp-Projects/Floorp/issues/233#issuecomment-1543557167) [2](https://blog.ablaze.one/3135/2023-04-01/)</sup> | [files](https://github.com/Floorp-Projects/Floorp/blob/ESR115/floorp/browser/components/preferences/userjs.inc.xhtml) (April 2023)
|
||||
* [Pulse](https://github.com/pulse-browser/browser#%EF%B8%8F-credits) | [files](https://github.com/pulse-browser/browser/tree/alpha/src/browser/app/profile) (Dec 2021)
|
||||
* [Ghostery Private Browser](https://github.com/ghostery/user-agent-desktop#community) <sup>[1](https://web.archive.org/web/20210509171835/https://www.ghostery.com/ghostery-dawn-update-more/) [2](https://web.archive.org/web/20210921114333/https://www.ghostery.com/ghostery-dawn-product-update/)</sup> | [files](https://github.com/ghostery/user-agent-desktop/tree/main/brands/ghostery/branding/pref) (Feb 2021)
|
||||
|
||||
|
||||
+4
-3
@@ -1,9 +1,9 @@
|
||||
|
||||
/****************************************************************************
|
||||
* Securefox *
|
||||
* "Natura non contristatur" *
|
||||
* "Natura non contristatur" *
|
||||
* priority: provide sensible security and privacy *
|
||||
* version: 116 *
|
||||
* version: 116.1 *
|
||||
* url: https://github.com/yokoffing/Betterfox *
|
||||
****************************************************************************/
|
||||
|
||||
@@ -276,6 +276,7 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
|
||||
// PREF: require safe negotiation
|
||||
// [ERROR] SSL_ERROR_UNSAFE_NEGOTIATION
|
||||
// [WARNING] Breaks ea.com login (Sep 2023).
|
||||
// Blocks connections to servers that don't support RFC 5746 [2]
|
||||
// as they're potentially vulnerable to a MiTM attack [3].
|
||||
// A server without RFC 5746 can be safe from the attack if it
|
||||
@@ -288,7 +289,7 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
// [2] https://datatracker.ietf.org/doc/html/rfc5746
|
||||
// [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||
// [4] https://www.ssllabs.com/ssl-pulse/
|
||||
user_pref("security.ssl.require_safe_negotiation", true);
|
||||
//user_pref("security.ssl.require_safe_negotiation", true);
|
||||
|
||||
// PREF: display advanced information on Insecure Connection warning pages
|
||||
// [TEST] https://expired.badssl.com/
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
/****************************************************************************
|
||||
* Betterfox *
|
||||
* "Ad meliora" *
|
||||
* version: 116 *
|
||||
* version: 116.1 *
|
||||
* url: https://github.com/yokoffing/Betterfox *
|
||||
****************************************************************************/
|
||||
|
||||
@@ -85,7 +85,6 @@ user_pref("security.cert_pinning.enforcement_level", 2);
|
||||
|
||||
/** SSL / TLS ***/
|
||||
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
user_pref("security.ssl.require_safe_negotiation", true);
|
||||
user_pref("browser.xul.error_pages.expert_bad_cert", true);
|
||||
user_pref("security.tls.enable_0rtt_data", false);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user