diff options
| author | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-28 13:58:23 +0100 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@wolfbeast.com> | 2019-02-28 13:58:23 +0100 |
| commit | c08b490c5c44f5f04049f408ad0848e9843f0702 (patch) | |
| tree | 550c6a94bcd13d5eea1c049cc70df6271c9ef806 | |
| parent | c962e2051a1f3767a221254487bcfc6d53aa59a1 (diff) | |
| download | uxp-c08b490c5c44f5f04049f408ad0848e9843f0702.tar.gz | |
Move default-enable pref to application.
| -rw-r--r-- | application/palemoon/app/profile/palemoon.js | 8 | ||||
| -rw-r--r-- | modules/libpref/init/all.js | 11 |
2 files changed, 14 insertions, 5 deletions
diff --git a/application/palemoon/app/profile/palemoon.js b/application/palemoon/app/profile/palemoon.js index 43f020f9a1..3df5d71944 100644 --- a/application/palemoon/app/profile/palemoon.js +++ b/application/palemoon/app/profile/palemoon.js @@ -1160,6 +1160,14 @@ pref("toolkit.pageThumbs.minHeight", 180); pref("ui.key.menuAccessKeyFocuses", true); #endif +// When a user cancels this number of authentication dialogs coming from +// a single web page (eTLD+1) in a row, all following authentication dialogs +// will be blocked (automatically canceled) for that page. +// This counter is per-tab and per-domain to minimize false positives. +// The counter resets when the page is reloaded from the UI +// (content-reloads do NOT clear this to mitigate reloading tricks). +pref("prompts.authentication_dialog_abuse_limit", 3); + // ****************** s4e prefs ****************** pref("status4evar.addonbar.borderStyle", false); pref("status4evar.addonbar.closeButton", false); diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index f6e90170e9..3666ca4254 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -5451,8 +5451,9 @@ pref("dom.storageManager.enabled", true); pref("dom.storageManager.enabled", false); #endif -// When a user cancels this number of authentication dialogs coming from -// a single web page in a row, all following authentication dialogs will -// be blocked (automatically canceled) for that page. The counter resets -// when the page is reloaded. To turn this feature off, just set the limit to 0. -pref("prompts.authentication_dialog_abuse_limit", 3); +// DoS protection for HTTP Auth prompt spawning. +// -1 = completely disable HTTP Auth prompting. (careful!) +// 0 = disable this DoS protection +// >0 = suppress further prompts after the user has canceled the dialog n times +// See application preferences for appropriate defaults. +pref("prompts.authentication_dialog_abuse_limit", 0); |