From 1b4c4256ee7705724b02919b4d432b2a391bcd04 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 18:51:38 +0200 Subject: moebius#223: Consider blocking top level window data: URIs (part 1/3 without tests) https://github.com/MoonchildProductions/moebius/pull/223 --- modules/libpref/init/all.js | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'modules') diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 182de4a11..ccc59269b 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -5564,6 +5564,12 @@ pref("security.mixed_content.use_hsts", true); // Approximately 1 week default cache for HSTS priming failures pref ("security.mixed_content.hsts_priming_cache_timeout", 10080); +// TODO: Bug 1380959: Block toplevel data: URI navigations +// If true, all toplevel data: URI navigations will be blocked. +// Please note that manually entering a data: URI in the +// URL-Bar will not be blocked when flipping this pref. +pref("security.data_uri.block_toplevel_data_uri_navigations", false); + // Disable Storage api in release builds. #ifdef NIGHTLY_BUILD pref("dom.storageManager.enabled", true); -- cgit v1.2.3