berrythesoftwarecodeprogrammar
commented
8 years ago maybe add to the whitelist on security.ssl.renego_unrestricted_hosts? found on here https://wiki.mozilla.org/Security:Renegotiation
Open franco999 opened 8 years ago
berrythesoftwarecodeprogrammar
commented
8 years ago maybe add to the whitelist on security.ssl.renego_unrestricted_hosts? found on here https://wiki.mozilla.org/Security:Renegotiation
berrythesoftwarecodeprogrammar
commented
8 years ago hmm seems like that wont work anymore since the preference was removed https://bugzilla.mozilla.org/show_bug.cgi?id=1123020 that sucks
berrythesoftwarecodeprogrammar
commented
8 years ago Setting this preference to “true” is the only way to guarantee full protection against the attack. Unfortunately, as of time of (initial) writing, this would break nearly all secure sites on the web. (Update: As of December 2010, this still applies for a majority of web sites.)
Eventually, if enough sites have been upgraded to the new protocol versions, this preference will be set to “true” by default.
i guess its something that should just be left alone for mozilla to toggle later on
I wish I could have a whitelist of sites or for selective blocking certain websites.
For example: To use Mapillary.com correctly, you need to have activated WebGL, or to use Facebook, you need to disable security.ssl.require_safe_negotiation
I wish I could turn on/off only on certain pages. I do not know if this is too complicated to program, so only I discuss the idea.