diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-28 14:16:09 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-28 14:16:09 +0100 |
| commit | f227feb6efbfa61c62cba88ab85df3c650311560 (patch) | |
| tree | 1894f5e63b43ad6eca7270a0dedd7b0e678e403a /application/basilisk/app | |
| parent | c08b490c5c44f5f04049f408ad0848e9843f0702 (diff) | |
| download | UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.gz UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.lz UXP-f227feb6efbfa61c62cba88ab85df3c650311560.tar.xz UXP-f227feb6efbfa61c62cba88ab85df3c650311560.zip | |
Update Basilisk FE code with HTTP Auth DoS protection.
Diffstat (limited to 'application/basilisk/app')
| -rw-r--r-- | application/basilisk/app/profile/basilisk.js | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/application/basilisk/app/profile/basilisk.js b/application/basilisk/app/profile/basilisk.js index 79d767851..24f1c582c 100644 --- a/application/basilisk/app/profile/basilisk.js +++ b/application/basilisk/app/profile/basilisk.js @@ -1438,3 +1438,11 @@ pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // controlling validation are located in /services/sync/services-sync.js pref("services.sync.validation.enabled", true); #endif + +// When a user cancels this number of authentication dialogs coming from +// a single web page (eTLD+1) in a row, all following authentication dialogs +// will be blocked (automatically canceled) for that page. +// This counter is per-tab and per-domain to minimize false positives. +// The counter resets when the page is reloaded from the UI +// (content-reloads do NOT clear this to mitigate reloading tricks). +pref("prompts.authentication_dialog_abuse_limit", 3); |