Loading browser/app/profile/001-base-profile.js +5 −8 Original line number Diff line number Diff line Loading @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); // Bug 40183: Disable TLS ciphersuites using SHA-1 // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 // mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) // see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); pref("security.ssl3.rsa_aes_128_sha", false, locked); pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. Loading Loading
browser/app/profile/001-base-profile.js +5 −8 Original line number Diff line number Diff line Loading @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); // Bug 40183: Disable TLS ciphersuites using SHA-1 // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 // mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) // see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); pref("security.ssl3.rsa_aes_128_sha", false, locked); pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. Loading