aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/firefox/chrome
diff options
context:
space:
mode:
authorLibravatar sommerfeld <sommerfeld@sommerfeld.dev>2026-05-13 13:43:42 +0100
committerLibravatar sommerfeld <sommerfeld@sommerfeld.dev>2026-05-13 13:43:42 +0100
commit6c9641629be956399d2de24c578ebc6ca239d558 (patch)
tree068cb99272889f896718353125e8a03605ade8cc /firefox/chrome
parentfd512ffcd1206260e8cf17e8bed0273c64658d30 (diff)
downloaddotfiles-6c9641629be956399d2de24c578ebc6ca239d558.tar.gz
dotfiles-6c9641629be956399d2de24c578ebc6ca239d558.tar.bz2
dotfiles-6c9641629be956399d2de24c578ebc6ca239d558.zip
feat(firefox): allow plain-HTTP loopback for VPN SSO callbacks
LibreWolf 149+ hardens beyond arkenfox by force-upgrading loopback to HTTPS (dom.security.https_only_mode.upgrade_local=true) and enabling LNA blocking of public->loopback redirects. Both break snx-rs / Forticlient / generic VPN SAML callbacks that land on http://127.0.0.1:<port>/<token>. Restore stock Firefox / arkenfox loopback behaviour. arkenfox 1245 leaves upgrade_local intentionally commented out and does not touch network.lna.*, so this brings us in line with arkenfox rather than weaker than it. Refs: LibreWolf issues #2954 (Forticlient SSO broken in 149), #2962 (HTTPS-Only Mode locked in 149.0.2-1, reverted in 149.0.2-2).
Diffstat (limited to 'firefox/chrome')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-31 23:31:00 +0000