diff options
| author | Gaming4JC <g4jc@hyperbola.info> | 2019-05-31 21:33:21 -0400 |
|---|---|---|
| committer | Gaming4JC <g4jc@hyperbola.info> | 2019-05-31 21:33:21 -0400 |
| commit | 15c1341ea2c364138d042831fe6263469cadce1b (patch) | |
| tree | 891685a3667a687459044cb887935d8b08f5d971 | |
| parent | 855fd1dfe369303a055e02b9188e602b1f9ed9ac (diff) | |
| download | iceweasel-uxp-15c1341ea2c364138d042831fe6263469cadce1b.tar.gz | |
Set Strict Pinning Enforcement Level
| -rw-r--r-- | app/profile/iceweasel-uxp.js | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/app/profile/iceweasel-uxp.js b/app/profile/iceweasel-uxp.js index 5600495..30eb213 100644 --- a/app/profile/iceweasel-uxp.js +++ b/app/profile/iceweasel-uxp.js @@ -1052,8 +1052,13 @@ pref("security.insecure_password.ui.enabled", true); // Show in-content login form warning UI for insecure login fields pref("security.insecure_field_warning.contextual.enabled", true); -// 1 = allow MITM for certificate pinning checks. -pref("security.cert_pinning.enforcement_level", 1); +// Set Strict Pinning Enforcement Level +// 0. Pinning disabled +// 1. Allow User MITM (pinning not enforced if the trust anchor is a user inserted CA, default) +// 2. Strict. Pinning is always enforced. +// 3. Enforce test mode. +// https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning +pref("security.cert_pinning.enforcement_level", 2); // Override the Gecko-default value of false for Firefox. |