From a0e0a2a6c96167735b1f684da385ddb2ae6c6fbb Mon Sep 17 00:00:00 2001
From: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Tue, 19 Nov 2019 16:26:14 +0000
Subject: [PATCH] 2680 tweak #840

---
 user.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/user.js b/user.js
index 6e61b1e..3a4458f 100644
--- a/user.js
+++ b/user.js
@@ -1208,7 +1208,8 @@ user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
    // user_pref("extensions.webextensions.restrictedDomains", "");
 
 /** SECURITY ***/
-/* 2680: enable CSP (Content Security Policy)
+/* 2680: enforce CSP (Content Security Policy)
+ * [WARNING] CSP is a very important and widespread security feature. Don't disable it!
  * [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/
 user_pref("security.csp.enable", true); // [DEFAULT: true]
 /* 2684: enforce a security delay on some confirmation dialogs such as install, open/save