From 1b4c4256ee7705724b02919b4d432b2a391bcd04 Mon Sep 17 00:00:00 2001
From: janekptacijarabaci <janekptacijarabaci@seznam.cz>
Date: Sun, 22 Apr 2018 18:51:38 +0200
Subject: moebius#223: Consider blocking top level window data: URIs (part 1/3
 without tests)

https://github.com/MoonchildProductions/moebius/pull/223
---
 modules/libpref/init/all.js | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'modules')

diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 182de4a11..ccc59269b 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5564,6 +5564,12 @@ pref("security.mixed_content.use_hsts", true);
 // Approximately 1 week default cache for HSTS priming failures
 pref ("security.mixed_content.hsts_priming_cache_timeout", 10080);
 
+// TODO: Bug 1380959: Block toplevel data: URI navigations
+// If true, all toplevel data: URI navigations will be blocked.
+// Please note that manually entering a data: URI in the
+// URL-Bar will not be blocked when flipping this pref.
+pref("security.data_uri.block_toplevel_data_uri_navigations", false);
+
 // Disable Storage api in release builds.
 #ifdef NIGHTLY_BUILD
 pref("dom.storageManager.enabled", true);
-- 
cgit v1.2.3