notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 15:40:48 +05:30
Code Issues Releases Wiki Activity

Updated Optional Hardening (markdown)

yokoffing
2023-10-11 15:57:32 -04:00
parent 7ee1aa890e
commit 3b18c671a8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Optional-Hardening.md
+1 -1
@@ -183,7 +183,7 @@ user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
Block connections to servers that do not support RFC 5746, as they are potentially [vulnerable](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) to man-in-the-middle attacks. Block connections to servers that do not support RFC 5746, as they are potentially [vulnerable](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) to man-in-the-middle attacks.
A server without [RFC 5746](https://datatracker.ietf.org/doc/html/rfc5746) can be safe from the attack if it disables renegotiations. However, the browser cannot know that. Setting this pref to `true` is the only way for the browser to ensure no unsafe renegotiations occur between the browser itself and the server. A server without [RFC 5746](https://datatracker.ietf.org/doc/html/rfc5746) can be safe from the attack if it disables renegotiations. However, the browser cannot know that. Setting this pref to `true` is the only way to ensure no unsafe renegotiations occur between the browser and the server.
:warning: Some sites, like `EA.com`, will not let you login due to their weak encryption. :warning: Some sites, like `EA.com`, will not let you login due to their weak encryption.