Commit Graph

1196 Commits

Author SHA1 Message Date
Thorin-Oakenpants
2071939c5e
use [TOR] tags, add 1247
not that we recommend using tor over firefox: but at least the info is there for fiddlers
2021-04-04 14:21:24 +00:00
Thorin-Oakenpants
f082278217
1607: save one line and some bytes
and make it even MOAR clear we do NOT support tor over firefox
2021-04-04 14:15:53 +00:00
Thorin-Oakenpants
abe37add6e
save some overrides, closes #1157
I do not think anyone will bemoan these four "personal" choices
2021-04-04 12:54:17 +00:00
Thorin-Oakenpants
bc07ca94c0
1830: add [TEST] 2021-04-04 12:37:17 +00:00
Thorin-Oakenpants
728c962684
2402: potential clipboard leak fixed in FF89+
Thanks @gwarser for testing, creating the bugzilla, being patient, and confirming the fix
2021-04-04 12:01:49 +00:00
Thorin-Oakenpants
ca99add006
turn ETP on everywhere
It literally cannot hurt [1], and makes it easier for users to use custom mode with TCP/dFPI. Turning on socialtracking helps gain parity with strict mode

[1] gorhill: https://old.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gl9rn9n/
> All extensions and ETP work in parallel, they all inspect network requests and all make the decision to block or not, hence if they all decide to block, they will all report that they block something. ETP is a bit different than normal extension in that it will give precedence to an extension trying to redirect to a local resource, this ensures ETP works harmoniously with normal extensions.
> 
> Once something is not blocked, it then goes through a DNS query, and the browser waits for the response.
> 
> I will add examples of how ETP + multiple blocker extensions work together when dealing with a network request; let's say "A" and "B" are two different blockers:
> 
>   - ETP=block, A=allow, B=allow: result=block
>   - ETP=allow, A=block, B=allow: result=block
>   - ETP=allow, A=allow, B=redirect: result=redirect
>   - ETP=allow, A=block, B=redirect: result=block
>   - ETP=block, A=allow, B=redirect: result=redirect
> 
> So as you can see, ETP is a bit different than a normal extension in that it won't prevent redirection from happening if ever a network request is redirected by one of the normal extension.
2021-04-04 11:49:07 +00:00
Thorin-Oakenpants
f771027138
2720 was removed in FF72
https://bugzilla.mozilla.org/1488583
2021-04-04 11:18:54 +00:00
Thorin-Oakenpants
8f1c0044b9
2701: add cookie behavior 5 2021-04-04 11:07:39 +00:00
Thorin-Oakenpants
46ccd9f654
cleanup 0600s
three prefs are default since at least 78, and one pref is redundant for a pref that has been at our default since it was added
2021-04-03 14:20:39 +00:00
Thorin-Oakenpants
b1927f9de1
1607 make inactive
Useless, since Firefox doesn't use Tor (and which we don't recommend). It was added for the info factor.
2021-03-27 18:42:52 +00:00
Thorin-Oakenpants
b592e0e592
87 deprecated
It is simpler to leave the PointerEvent pref where it is, until ESR78 is EOL
- FF87+ users who use RFP Alts simply add a dead pref, no harm
- This way ESR78 users don't have to worry about extra char flipping: it's the same as before: 1 flip for ESR, 1 flip for RFP Alts
2021-03-27 07:49:14 +00:00
Thorin-Oakenpants
3b6cd93749
1606: default Referrer Policy default 2021-03-27 07:32:19 +00:00
Thorin-Oakenpants
3a24c01f03
0518: enforce no Web Compat Reporter
only stable is false, at the time of writing. but enforcing this for all channels is good, so no-one ends up wasting mozilla resources reporting a compat problem when they've got 200 odd prefs flipped
2021-03-17 14:01:16 +00:00
Thorin-Oakenpants
b7c80841a9
tweak defaults (#1140)
- don't differentiate between channels
- both can be made inactive
   - webcompat requires user action: and I don't see this as a bad thing to have in non-stable
   - unsubmitted crashReports on Nightly is probably already covered by killing the URL, so no big deal
2021-03-14 11:21:13 +00:00
Thorin-Oakenpants
9138e342fd
misc (#1136)
- 0000: remove old XUL info, dropped in FF73+
- 0201: save 3 chars
- 0350: add default status for unsubmittedCheck
- 0351: change to enforce: has been default false going back to at least FF60, including current Beta/Dev/Nightly
   - along with 0602 `network.dns.disablePrefetchFromHTTPS` and 0603 `network.predictor.enable-prefetch`, I considered making them inactive, but decided it was good to leave them active for non-stable users just in case they get flipped
- 0515: add default status
- 0850c: remove info: out of date: doesn't work lilke that anymore and can't be assed figuring it out what with megabar and urlbar2 changes
- 0871: make inactive: default false since at least FF60
   - no need to enforce for non-stable in case it is flipped. It's a pretty minor shoulder-surfer privacy issue and the previews are small. If you're not sure what this pref does. On false you get one tab shown, on true you get as many as can fit across your screen. I squeezed in 15, and after that it became a list
- fixup `***/`
- shave off six lines and almost 400 bytes for you bastards
2021-03-10 00:06:30 +00:00
Thorin-Oakenpants
692ed70ea9
remove maintenance of this comment 2021-03-08 01:49:21 +00:00
Thorin-Oakenpants
03ffb90186
start 87-alpha, also fixes #1129
make all inactive permissions.default = same, blocked
2021-03-02 20:02:41 +00:00
Thorin-Oakenpants
5f9bb59b95
86 final 2021-02-28 20:49:57 +00:00
Thorin-Oakenpants
7163efdd1e
1825: inactive: it is redundant, fixes #1107 2021-02-28 15:57:27 +00:00
Thorin-Oakenpants
612cfbf313
0805: re-add visited links
It can still be used to mitigate social engineering attacks (e.g. using visibility and user clicks), and advanced/targeted scripts
2021-02-27 21:18:17 +00:00
Thorin-Oakenpants
4596d721e6
2012: make webgl.min_capability_mode inactive
- This is too minimal to be of any use, breaks too much (e.g. zoom video)
- Tor browser stopped flipping this (I *think*) about 5 years ago: it certainly hasn't been used in ESR60+ based TB builds, I checked
- we already disable webgl, so making this inactive removes yet another pref users need to flip/troubleshoot
- I will leave it in the user js for a few releases so prefsCleaner will pick it up
2021-02-26 11:39:52 +00:00
Thorin-Oakenpants
911206eed5
5000s: disable ctrl-q quit shortcut FF87+
https://bugzilla.mozilla.org/show_bug.cgi?id=52821 .. 21 years, old enough to drink and vote
2021-02-25 01:22:08 +00:00
Thorin-Oakenpants
cb5cdca99d
update adding site exceptions
- https://bugzilla.mozilla.org/show_bug.cgi?id=1692553
- also HoM is not Page Info
2021-02-24 22:10:29 +00:00
Thorin-Oakenpants
e54ae46537
1204: ssl session ids inactive, closes #1110 2021-02-24 15:11:59 +00:00
Thorin-Oakenpants
7c978d4e70
0708: FTP default FF88+
https://bugzilla.mozilla.org/show_bug.cgi?id=1691890
2021-02-22 20:05:25 +00:00
Thorin-Oakenpants
d905b4387d
deprecated: put FF86 items in the right place 2021-02-21 20:52:20 +00:00
Thorin-Oakenpants
c31c825a74
2212: popup events, fixes DDG
https://bugzilla.mozilla.org/show_bug.cgi?id=1686045
2021-02-18 15:50:37 +00:00
Thorin-Oakenpants
6505a9fefd
FF86 deprecated 2021-02-18 15:30:58 +00:00
Thorin-Oakenpants
de74f812ee
2012: webgl default FF86+ 2021-02-18 15:00:06 +00:00
Thorin-Oakenpants
82bb3f987d
2604, closes #1111 2021-02-08 07:20:06 +00:00
Thorin-Oakenpants
a35a616de7
highlight 1603 (cross origin referer), fixes 1108
especially since we recently hardened it: also added it to the few things highlighted in the wiki
2021-02-04 07:19:28 +00:00
Thorin-Oakenpants
ecf99bf9e7
0603: add default value
AFAICT:  false 48-51: true 52-55.0.1/ESR52.1: false ever since
2021-02-03 16:45:34 +00:00
Thorin-Oakenpants
cfaf354fe3
oophs, better start 86-alpha 2021-02-02 04:09:50 +00:00
Thorin-Oakenpants
fa51251235
remove widevine vis pref, see #1107
- It is controlled in both runtime and via user.js by the state of `media.eme.enabled`. Also, who cares about the vis of a ui option
- note, there is no need to add this to the removed scratchpad list
2021-02-01 17:17:16 +00:00
Thorin-Oakenpants
21fcd0bd35
update xul/xhtml config info
- the XUL version is also pre FF71
- the XHTML version was removed in FF87+
2021-02-01 05:14:46 +00:00
Thorin-Oakenpants
96d558dd0c
add window.name test 2021-01-31 07:28:05 +00:00
Thorin-Oakenpants
b6e8dcab81
fixup spelling mistake 2021-01-30 00:28:28 +00:00
Thorin-Oakenpants
fa78c53114
v85 2021-01-28 03:13:36 +00:00
Thorin-Oakenpants
2f6b14ab6e
1201: add error code, fixes #1094 2021-01-26 19:58:57 +00:00
Thorin-Oakenpants
306610da8e
remove 2614, see #1100 2021-01-26 19:37:54 +00:00
Thorin-Oakenpants
c974b3252d
move [STATS] from 1270 to 1201, #1094 2021-01-22 12:10:15 +00:00
Thorin-Oakenpants
480933484f
2624: windows.name default FF86+
https://bugzilla.mozilla.org/1685089
2021-01-21 11:17:16 +00:00
Thorin-Oakenpants
1f098f2eaf
start 85-alpha, also fix #1090 2021-01-17 23:04:37 +00:00
Thorin-Oakenpants
27dd6aa62d
84 final 2021-01-05 13:13:52 +00:00
Thorin-Oakenpants
9d74cb9526
remove useless snippet pref 2020-12-30 10:17:35 +00:00
Thorin-Oakenpants
8c9d0bbe72
harden cross-domain referers, closes #1077 2020-12-27 05:01:33 +00:00
Thorin-Oakenpants
0152b38b8b
add override recipes link to readme steps 2020-12-25 16:06:32 +00:00
Thorin-Oakenpants
2cfbba1472
search-to-tab: FF85+ 2020-12-19 07:23:13 +00:00
Thorin-Oakenpants
335ee84540
remove layout.css.visited_links_enabled, #933
This no longer has any affect since FF77+: see https://bugzilla.mozilla.org/1632765
2020-12-09 09:26:50 +00:00
Thorin-Oakenpants
5c37d50f4e
tidy
- remove useless `see` word for reference links
- fixup 0701
   - "do not play nice" is not measurable
   - don't reference to self as a source: people can just search "VPN leak Ipv6" or something
2020-12-07 19:34:14 +00:00