diff --git a/3.2-Overrides-[Common].md b/3.2-Overrides-[Common].md index e4aee64..80a1ddf 100644 --- a/3.2-Overrides-[Common].md +++ b/3.2-Overrides-[Common].md @@ -27,14 +27,15 @@ - Override if you use and trust a privacy respecting search engine - `0811`: We disable search & form history - Form data can easily be stolen by third parties - - see this 2017 [article](https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/) and these [bugzillas](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1443083,1427543) - - see this 2011 [article](https://blog.mindedsecurity.com/2011/10/autocompleteagain.html) and this [bugzilla](https://bugzilla.mozilla.org/381681) + - see this 2017 [article](https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/) and [bugzillas 1443083 + 1427543](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1443083,1427543) + - see this 2011 [article](https://blog.mindedsecurity.com/2011/10/autocompleteagain.html) and [bugzilla 381681](https://bugzilla.mozilla.org/381681) - `1223`: We enforce strict pinning - Override if you have issues with antivirus - `1601`: We hardened cross origin referers 🥇 `#1 ISSUE` - This may cause breakage where third party images and videos may not load, and with authentication on sites such as banks. If `1601` is too strict for you, override it to default `0` and consider using Smart Referer extension in Strict mode - `2022`: We disable DRM - - Override if you use Netflix, Hulu, Amazon Prime, etc ... or consider watching those in a secondary browser + - Override if you use Netflix, Hulu, Diney+, Amazon Prime, etc ... or consider watching those in a secondary browser + - Note: Mac and Linux users: RFP's HTTP Header spoofing can break streaming sites, see [bugzilla 1610762](https://bugzilla.mozilla.org/1610762#c8) - `2811`: We delete history (download, form and browsing histories) on close - And `2812` for manual sanitizing - `4520`: We disable WebGL