Treat unsafe renegotiation as broken
Tor Browser currently has security.ssl.treat_unsafe_negotiation_as_broken = false
which means that sites with unsafe renegotiation will not display any warnings. Unsafe renegotiation makes MITM attacks possible, so this setting should be changed to true
so vulnerable sites display a warning (red padlock indicating broken encryption).
See https://security.stackexchange.com/a/111922 for more information.