Firefox is sending disabled list of ciphers too in client hello ( ssl handshake)
under C:\Program Files\Mozilla Firefox\defaults\pref\ this folder , i have created a security-perfs.js file which has got the information about the disabled and enabled list of ciphers and ssl version.
In this file , i have made only one cipher enabled .. rest all the cipher are false. So during the SSL handshake i should see only one cipher being sent in the client hello request ( by firefox )... But i could see a big list of cipher is being sent by the client ( firefox ) in client hello request.
BTW: in about:config .. i could see only one cipher is enabled rest are disabled. so the changes are getting reflected in the firefox using security-perfs.js file.
I am using windows XP.
so can some one help me here.
Thanks + Tanuj
Modified by Tanuj
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Files in that folder are used to initialize a new profile and doesn't have otherwise any effect.
You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.
Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.
pref("general.config.filename", "mozilla.cfg"); pref("general.config.obscure_value", 0); // use this to disable the byte-shift
You can use these functions in mozilla.cfg:
defaultPref(); // set new default value pref(); // set pref, but allow changes in current session lockPref(); // lock pref, disallow changes