Git-Mirrors/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-06-26 14:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixup font prefs vs RFP, fixes #1025 (#1028)

Browse Source 
- make 1401 inactive: it affects RFP's FPing
- remove old warning/setup-web: we do not care about documenting breakage or FPing risks when we have a warning and they are inactive. If someone uses them, that's on them
- new warnings
This commit is contained in:
Thorin-Oakenpants 2020-10-07 02:43:51 +13:00 committed by GitHub
parent e89f9a5d89
commit d5ccf4693b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
user.js
View File

@ -794,9 +794,9 @@ user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
/* 1401: disable websites choosing fonts (0=block, 1=allow)
* This can limit most (but not all) JS font enumeration which is a high entropy fingerprinting vector
* [SETUP-WEB] Can break some PDFs (missing text). Limiting to default fonts can "uglify" the web
* [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis (4618)
* [SETTING] General>Language and Appearance>Fonts & Colors>Advanced>Allow pages to choose... ***/
user_pref("browser.display.use_document_fonts", 0);
// user_pref("browser.display.use_document_fonts", 0);
/* 1403: disable icon fonts (glyphs) and local fallback rendering
* [1] https://bugzilla.mozilla.org/789788
* [2] https://gitlab.torproject.org/legacy/trac/-/issues/8455 ***/
@ -812,9 +812,8 @@ user_pref("gfx.font_rendering.opentype_svg.enabled", false);
user_pref("gfx.font_rendering.graphite.enabled", false);
/* 1409: limit system font exposure to a whitelist [FF52+] [RESTART]
* If the whitelist is empty, then whitelisting is considered disabled and all fonts are allowed
* [NOTE] in FF80 RFP restricts the whitelist to bundled and "Base Fonts"
* ...and in FF81+ the whitelist **overrides** RFP's font visibility (see 4618)
* [WARNING] Creating your own probably highly-unique whitelist will raise your entropy.
* [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis (4618)
* [NOTE] In FF81+ the whitelist **overrides** RFP's font visibility (see 4618)
* [1] https://bugzilla.mozilla.org/1121643 ***/
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF]