browser-tweaks: document TRR/DoH #1127
|
@ -118,6 +118,24 @@
|
|||
</ul>
|
||||
</dd>
|
||||
|
||||
<dt>network.trr.mode = 2</dt>
|
||||
<dd>
|
||||
Use Trusted Recursive Resolver (DNS-over-HTTPS) first and if it fails, use the system resolver <a href="https://wiki.mozilla.org/Trusted_Recursive_Resolver">Source</a>
|
||||
<ul>
|
||||
<li>0 = disabled by default, may change in the future</li>
|
||||
<li>1 = use the faster resolver</li>
|
||||
<li>2 = use DoH first, fallback to system resolver</li>
|
||||
<li>3 = only use DoH. This may require <code>network.trr.bootstrapAddress</code> or using an IP address in <code>network.trr.uri</code>.</li>
|
||||
<li>5 = explicitly disable DoH</li>
|
||||
</ul>
|
||||
</dd>
|
||||
|
||||
<dt>network.trr.uri = CHANGEME</dt>
|
||||
<dd>The address of your DNS-over-HTTPS provider, if you don't have one, <a href="/providers/dns/#icanndns">check our encrypted DNS recommendations</a>. It can also be changed in <em>Settings, Network Settings, Enable DNS over HTTPS, Use Provider, Custom</em>.</dd>
|
||||
|
||||
<dt>network.security.esni.enabled = true</dt>
|
||||
<dd>Hide the address which you are requesting SSL certificate for if the server supports it. This <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1500289">requires DoH/TRR to be enabled</a> even <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1542754">on Android 9+ when Private DNS is enabled</a>.</dd>
|
||||
|
||||
<dt>webgl.disabled = true</dt>
|
||||
<dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>
|
||||
|
||||
|
|
Reference in New Issue