Berry The Software Code Programmar
Berry The Software Code Programmar
windows too
- HSTS does work with non standard ports, at least it should https://tools.ietf.org/html/rfc6797 - CSP for webadmin would only need to add entries for 'self' which doesnt require adding the...
did noscript have a per domain option for that? if you want to block them completely maybe check out `gfx.downloadable_fonts.enabled` and/or `browser.display.use_document_fonts`. or if you want fine control then yeah...
can just bring up an alert popup with the string selected in a textbox once middle clicked
maybe not pretty but at least its only accessible if middle clicked
hmm i guess i do? ``` https://2-edge-chat.facebook.com/pull?channel=p_100009185400624&seq=0&partition=-2&clientid=475e63f0&cb=fa6g&idle=22&qp=y&cap=8&wtc=9%2C1%2C0.000%2C9%2C9&msgs_recv=0&uid=100009185400624&viewer_uid=100009185400624&sticky_token=320&sticky_pool=ash2c06_chat-proxy&state=offline&mode=stream&format=json GET /pull?channel=p_100009185400624&seq=0&partition=-2&clientid=475e63f0&cb=fa6g&idle=22&qp=y&cap=8&wtc=9%2C1%2C0.000%2C9%2C9&msgs_recv=0&uid=100009185400624&viewer_uid=100009185400624&sticky_token=320&sticky_pool=ash2c06_chat-proxy&state=offline&mode=stream&format=json HTTP/1.1 Host: 2-edge-chat.facebook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate origin: https://www.facebook.com Cookie:...
and yeah i just looked at my cookie list and all of the facebook ones are set for ".facebook.com"
so like is this an issue? i guess some cross site requests to domains are using cookies without permission and without any indication so that could be an issue. dont...
lol would be nice to have a release just for this fix ;-;
maybe add to the whitelist on `security.ssl.renego_unrestricted_hosts`? found on here https://wiki.mozilla.org/Security:Renegotiation