summaryrefslogtreecommitdiffstats
path: root/modules/libpref/init/all.js
diff options
context:
space:
mode:
authorMoonchild <mcwerewolf@gmail.com>2018-04-23 11:46:21 +0200
committerGitHub <noreply@github.com>2018-04-23 11:46:21 +0200
commit8ed46f424e1a8a09bad7147882b83c9b2aad17c6 (patch)
tree5c6953fd44fddb74891ddd96613f1ef949c85fd7 /modules/libpref/init/all.js
parent8ffac11aa6eb32be75ff049787191e12476586d3 (diff)
parentccbd5ecf57fcd53ac8b28ddf7466b6c930f764df (diff)
downloadUXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar
UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.gz
UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.lz
UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.tar.xz
UXP-8ed46f424e1a8a09bad7147882b83c9b2aad17c6.zip
Merge pull request #231 from janekptacijarabaci/security_blocking_data_1
moebius#223, #224, #226, #230: DOM - consider blocking top level window data: URIs
Diffstat (limited to 'modules/libpref/init/all.js')
-rw-r--r--modules/libpref/init/all.js6
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 182de4a11..ccc59269b 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5564,6 +5564,12 @@ pref("security.mixed_content.use_hsts", true);
// Approximately 1 week default cache for HSTS priming failures
pref ("security.mixed_content.hsts_priming_cache_timeout", 10080);
+// TODO: Bug 1380959: Block toplevel data: URI navigations
+// If true, all toplevel data: URI navigations will be blocked.
+// Please note that manually entering a data: URI in the
+// URL-Bar will not be blocked when flipping this pref.
+pref("security.data_uri.block_toplevel_data_uri_navigations", false);
+
// Disable Storage api in release builds.
#ifdef NIGHTLY_BUILD
pref("dom.storageManager.enabled", true);