From 38d772e4c8721f59a361370572cdb25d777ea04a Mon Sep 17 00:00:00 2001
From: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Tue, 25 Aug 2020 14:59:41 +0000
Subject: [PATCH] https-only mode updates (#1001)

---
 user.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/user.js b/user.js
index 0eccd71..4996b3f 100644
--- a/user.js
+++ b/user.js
@@ -735,11 +735,12 @@ user_pref("security.mixed_content.block_display_content", true);
  * [1] https://bugzilla.mozilla.org/1190623 ***/
 user_pref("security.mixed_content.block_object_subrequest", true);
 /* 1244: enable HTTPS-Only mode [FF76+]
- * [NOTE] This is experimental
+ * When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
  * [SETTING] to add site exceptions: Page Info>Permissions>Use insecure HTTP (FF80+)
- * [SETTING] Privacy & Security>HTTPS-Only Mode (FF81+)
- * [1] https://bugzilla.mozilla.org/1613063 */
+ * [SETTING] Privacy & Security>HTTPS-Only Mode (FF80+ with browser.preferences.exposeHTTPSOnly = true)
+ * [1] https://bugzilla.mozilla.org/1613063 ***/
    // user_pref("dom.security.https_only_mode", true); // [FF76+]
+   // user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
    // user_pref("dom.security.https_only_mode.upgrade_local", true); // [FF77+]
 
 /** CIPHERS [WARNING: do not meddle with your cipher suite: see the section 1200 intro]