commit 40db113d07733df58872d54b269505f571a9243d parent 041e14a4d59d154a69f898c5b64c1f28eda80267 Author: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com> Date: Fri, 4 May 2018 16:08:20 +0000 2706: same-site cookies Diffstat:
| M | user.js | | | 5 | +++++ |
1 file changed, 5 insertions(+), 0 deletions(-)
diff --git a/user.js b/user.js @@ -1420,6 +1420,11 @@ user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+) /* 2705: disable HTTP sites setting cookies with the "secure" directive (FF52+) * [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/ user_pref("network.cookie.leave-secure-alone", true); // default: true +/* 2706: enable support for same-site cookies (FF60+) + * [1] https://bugzilla.mozilla.org/795346 + * [2] https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/ + * [3] https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ ***/ + // user_pref("network.cookie.same-site.enabled", true); // default: true /* 2710: disable DOM (Document Object Model) Storage * [WARNING] This will break a LOT of sites' functionality. * You are better off using an extension for more granular control ***/