[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [sandboxed-tor-browser/master] Default disable `dom.securecontext.whitelist_onions`.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [sandboxed-tor-browser/master] Default disable `dom.securecontext.whitelist_onions`.
From: yawning@xxxxxxxxxxxxxx
Date: Mon, 24 Jul 2017 16:00:51 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 24 Jul 2017 12:01:02 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Yawning Angel <yawning@xxxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 26c9478ed9539a12a3a2939ccd7ef28ce916215d
Author: Yawning Angel <yawning@xxxxxxxxxxxxxxx>
Date:   Mon Jul 24 15:59:07 2017 +0000

    Default disable `dom.securecontext.whitelist_onions`.
    
    Honestly, bluring the line between CA signed HTTPS and onions is terrible.
---
 ChangeLog                  | 1 +
 data/installer/mozilla.cfg | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 0484a7b..bc20c39 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@ Changes in version 0.0.12 - UNRELEASED:
  * Bug 22984: Force IDNs to be displayed as punycode to thwart homograph
               attacks.
  * Bug 22967: Force disable crashdump reporting.
+ * Default disable `dom.securecontext.whitelist_onions`.
 
 Changes in version 0.0.11 - 2017-07-18:
  * Bug 22910: Deprecate the volatile extension dir option.
diff --git a/data/installer/mozilla.cfg b/data/installer/mozilla.cfg
index dc03adb..1b8f97d 100644
--- a/data/installer/mozilla.cfg
+++ b/data/installer/mozilla.cfg
@@ -37,3 +37,7 @@ lockPref("extensions.blocklist.enabled", false);
 
 // Force IDNs to be displayed as punycode to thwart homograph attacks.
 defaultPref("network.IDN_show_punycode", true);
+
+// Anything that tries to blur the line between CA signed HTTPS and Onion
+// Services is misguided at best.
+defaultPref("dom.securecontext.whitelist_onions", false);

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [sandboxed-tor-browser/master] Bug 22853: Something in Ubuntu's libraries is totally brain damaged.
Next by Author: [tor-commits] [sandboxed-tor-browser/master] Bug 22901: Clarify/expand on the warnings for all the config settings.
Previous by thread: [tor-commits] [webwml/master] Update Stephanie's entry
Next by thread: [tor-commits] [torspec/master] Clarify how clients find the expected identity key
Index(es):
- Author
- Thread