Updated extensions:

 * Upgraded Privacy Redirect to 1.1.49 and configured to use the 10 most reliable invidious instances
 * Removed ViewTube
 * Added torproxy@icecat.gnu based on 'Proxy toggle' extension
 * Added jShelter 0.11.1
 * Upgraded LibreJS to 7.21.0
 * Upgraded HTTPS Everywhere to 2021.7.13
 * Upgraded SubmitMe to 1.9

1 files changed, 48 insertions, 0 deletions

diff --git a/data/extensions/https-everywhere@eff.org/background-scripts/modules/ssl_codes.js b/data/extensions/https-everywhere@eff.org/background-scripts/modules/ssl_codes.js
new file mode 100644
index 0000000..ed955ec
--- /dev/null
+++ b/data/extensions/https-everywhere@eff.org/background-scripts/modules/ssl_codes.js
@@ -0,0 +1,48 @@
+"use strict";
+
+/**
+ * @exports error_list
+ * @type {array}
+ * @description A list of known SSL config errors to filter through and not try to upgrade the user
+ * @see
+ * Chrome SSL errors: https://github.com/chromium/chromium/blob/master/components/domain_reliability/util.cc
+ * Firefox SSL Errors: https://hg.mozilla.org/releases/mozilla-release/file/tip/security/manager/locales/en-US/chrome/pipnss/nsserrors.properties
+ */
+
+(function (exports) {
+
+const error_list = [
+  "net::ERR_SSL_PROTOCOL_ERROR",
+  "net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH",
+  "net::ERR_SSL_UNRECOGNIZED_NAME_ALERT",
+  "net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN",
+  "net::ERR_CERT_COMMON_NAME_INVALID",
+  "net::ERR_CERT_DATE_INVALID",
+  "net::ERR_CERT_AUTHORITY_INVALID",
+  "net::ERR_CERT_REVOKED",
+  "net::ERR_CERT_INVALID",
+  "net::ERR_CONNECTION_CLOSED",
+  "net::ERR_CONNECTION_RESET",
+  "net::ERR_CONNECTION_REFUSED",
+  "net::ERR_CONNECTION_ABORTED",
+  "net::ERR_CONNECTION_FAILED",
+  "net::ERR_ABORTED", ,
+  "NS_ERROR_CONNECTION_REFUSED",
+  "NS_ERROR_NET_ON_TLS_HANDSHAKE_ENDED",
+  "NS_BINDING_ABORTED",
+  "SSL received a record that exceeded the maximum permissible length.",
+  "Peer’s Certificate has expired.",
+  "Unable to communicate securely with peer: requested domain name does not match the server’s certificate.",
+  "Peer’s Certificate issuer is not recognized.",
+  "Peer’s Certificate has been revoked.",
+  "Peer reports it experienced an internal error.",
+  "The server uses key pinning (HPKP) but no trusted certificate chain could be constructed that matches the pinset. Key pinning violations cannot be overridden.",
+  "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.",
+  "The certificate was signed using a signature algorithm that is disabled because it is not secure.",
+  "Cannot communicate securely with peer: no common encryption algorithm(s).",
+  "SSL peer has no certificate for the requested DNS name."
+];
+
+Object.assign(exports, { error_list });
+
+})(typeof exports !== 'undefined' ? exports : require.scopes.ssl_codes = {});
\ No newline at end of file