Treat unsafe renegotiation as broken
Tor Browser currently has
security.ssl.treat_unsafe_negotiation_as_broken = false which means that sites with unsafe renegotiation will not display any warnings. Unsafe renegotiation makes MITM attacks possible, so this setting should be changed to
true so vulnerable sites display a warning (red padlock indicating broken encryption).
See https://security.stackexchange.com/a/111922 for more information.