1201: add error code, fixes #1094

2024-10-01 01:35:52 -04:00 · 2021-01-26 19:58:57 +00:00 · 2021-01-26 19:58:57 +00:00 · 2f6b14ab6e
commit 2f6b14ab6e
parent 2dd455ef83
1 changed files with 4 additions and 4 deletions
--- a/user.js
+++ b/user.js
@ -624,10 +624,10 @@ user_pref("browser.shell.shortcutFavicons", false);
 user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
 /** SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
 /* 1201: require safe negotiation
- * Blocks connections to servers that don't support RFC 5746 [2] as they're potentially
- * vulnerable to a MiTM attack [3]. A server *without* RFC 5746 can be safe from the attack
- * if it disables renegotiations but the problem is that the browser can't know that.
- * Setting this pref to true is the only way for the browser to ensure there will be
+ * Blocks connections (SSL_ERROR_UNSAFE_NEGOTIATION) to servers that don't support RFC 5746 [2]
+ * as they're potentially vulnerable to a MiTM attack [3]. A server without RFC 5746 can be
+ * safe from the attack if it disables renegotiations but the problem is that the browser can't
+ * know that. Setting this pref to true is the only way for the browser to ensure there will be
 * no unsafe renegotiations on the channel between the browser and the server.
 * [STATS] SSL Labs (Dec 2020) reports 99.0% of sites have secure renegotiation [4]
 * [1] https://wiki.mozilla.org/Security:Renegotiation