What are "Prohibited ports" in 28.17.0?
Moderator: trava90
Forum rules
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
-
HKMaly
What are "Prohibited ports" in 28.17.0?
In https://www.palemoon.org/releasenotes.shtml you are explaining that you maintain a blacklist of ports the browser may normally not connect to on servers and mentioned "a number of additional default ports for various non-http protocols" were added. As a person with some experience in how far "normally" is from "never", I would like to ask which ports specifically are you blocking. Also, is there some way to edit that list in preferences?
-
adesh
- Board Warrior
- Posts: 1273
- Joined: 2017-06-06, 07:38
-
Moonchild
- Pale Moon guru
- Posts: 37382
- Joined: 2011-08-28, 17:27
- Location: Motala, SE
Re: What are "Prohibited ports" in 28.17.0?
First off: Please don't mess with this essential security measure, not even out of a sense of sheer entitlement to have control over your browser. This is an essential part of net-abuse prevention that should always remain in full effect on the public Internet.
Actually, the way the list works does allow you to override banned ports (by adding additional ports or override the banned ports on a port by port basis).
network.security.ports.banned and network.security.ports.banned.override are there for that purpose, but PLEASE don't do this unless you have a very specific need for the browser to make a non-standard direct connection to known ports for other protocols. Be aware that individual protocol handlers are allowed to decide whether a port is permitted even if on the blacklist; this allows legitimate protocol handler connections but not raw connections from web content.
Actually, the way the list works does allow you to override banned ports (by adding additional ports or override the banned ports on a port by port basis).
network.security.ports.banned and network.security.ports.banned.override are there for that purpose, but PLEASE don't do this unless you have a very specific need for the browser to make a non-standard direct connection to known ports for other protocols. Be aware that individual protocol handlers are allowed to decide whether a port is permitted even if on the blacklist; this allows legitimate protocol handler connections but not raw connections from web content.
"A dead end street is a place to turn around and go into a new direction" - Anonymous
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite