Commit Graph

1378 Commits

Author SHA1 Message Date
Thorin-Oakenpants
f06c78f897
update cookie settings info 2019-02-05 02:00:19 +13:00
Thorin-Oakenpants
847eb80877
0306 => inactive, closes #615
whatever we thought it may have done in the past, it doesn't do that now as far as we know. And it's not an issue since we allow extension update-CHECKs anyway.
2019-02-04 06:39:29 +00:00
Thorin-Oakenpants
ec0e58099f
pointer events -> RFP ALTS 2019-02-01 13:53:04 +00:00
Thorin-Oakenpants
e6eb473071
dom.storage_access.enabled
regardless of this pref setting: the permissions.sqlite file will still be abused to store a flag for this for every single site you connect to (as third party?) - fun.
2019-02-01 13:41:00 +00:00
Thorin-Oakenpants
f1b892bc1c
clean up "Firefox Data Collection & Use" (#627)
* clean up "Firefox Data Collection & Use"
  - telemetry prefs to 330's
  - Firefox Data Collection & Use prefs to 340's (but leave crash reports in 350s)
  - move `app.shield.optoutstudies.enabled` to 330's - this is an internal pref which controls if you get the system addon
  - make notes that `datareporting.healthreport.uploadEnabled` controls studies and ext recommendations
  - split crash reports better to reflex the UI setting
2019-02-02 00:57:22 +13:00
Thorin-Oakenpants
524b5f79dc
setting changes re cookies 2019-01-31 18:42:59 +00:00
Thorin-Oakenpants
24f2e1d982
disable storage access api
see: https://old.reddit.com/r/firefox/comments/alnn3f/storageaccessapi_permissions/effg5tp/
2019-01-31 16:16:59 +00:00
Thorin-Oakenpants
c6060e5645
storage access api 2019-01-31 16:03:39 +00:00
Thorin-Oakenpants
d0b8a08a4b
browser.urlbar.maxHistoricalSearchSuggestions
default 0 in ESR60 and FF60+
2019-01-30 16:16:12 +00:00
Thorin-Oakenpants
f047fe93c0
remove 0850f
`browser.urlbar.maxHistoricalSearchSuggestions` is default 0 is FF60 thru to FF66. It is also default 0 in ESR60.1 thru 60.5. (at least on Windows)

IDK if this has ever been used, maybe android, in which case it's probably useful?
2019-01-30 16:14:39 +00:00
Thorin-Oakenpants
6147fed61c
and the rest of the 0850's
The location bar dropdown cannot be disabled via prefs except with css, in which case the whole thing is hidden regardless of he above prefs. So there is no point in making any of them active. This is also in line with what we can achieve with relaxed and hardened tags / sticky issues - that is we can find a better balance, Shoulder surfers is a low risk, not even Tor Browser disables this stuff. People need to take responsibility and/or use common sense. Sure, we can leave em in for users to know about and enable if they want. End of story.

userChrome.css code is
```css
/* locationbar dropdown FF65+ */
#PopupAutoCompleteRichResult {display: none!important;}
```
2019-01-30 15:44:08 +00:00
Thorin-Oakenpants
54f79604da Make Firefox Great Again (#626)
* location bar changes
* if the dropdown is going to be used, then no point hiding search engines on the bottom line
2019-01-30 15:06:32 +00:00
Thorin-Oakenpants
2f351fa5ce
0702: http2 websockets
might as well add it: needs t be taken into consideration when looking at the whole http2 thing. Will be interesting to see what Tor Browser does with it in ESR68
2019-01-30 14:09:39 +00:00
Thorin-Oakenpants
5dc3ea66cd
browser.contentblocking.enabled
only existed for FF63+64, default true anyway
2019-01-30 12:38:07 +00:00
earthlng
d9a87b3ac4
FF65 removals (#624) 2019-01-30 12:27:53 +00:00
Thorin-Oakenpants
95b75a065d
up date info on what cookies control #622 2019-01-30 10:23:42 +00:00
claustromaniac
8c96432eb8 Update updater.sh (#618)
Closes #616 + #617
2019-01-25 14:28:00 +00:00
Thorin-Oakenpants
1c09ec36e3
0306: extra info, closes #615 2019-01-18 04:24:13 +00:00
Thorin-Oakenpants
f1e6d164f7
start 65 commits 2019-01-17 05:19:11 +00:00
Thorin-Oakenpants
3b90e6e592
end of v64 2019-01-17 05:11:29 +00:00
Thorin-Oakenpants
45bd5ccc02
PB Mode: ref added 2019-01-16 02:07:06 +00:00
Thorin-Oakenpants
7bf5790f2b
RFP: FF66 changes to UA HTTP Headers 2019-01-11 05:14:59 +00:00
Thorin-Oakenpants
075d6fe6e4
2615: s/cut keys: bug fix in 66+ 2019-01-11 05:09:14 +00:00
Thorin-Oakenpants
4604cf0d4e
references to other prefs s/be explicit 2018-12-21 11:02:40 +00:00
claustromaniac
b845f8fe3a
Update README.md
OK, I give up. I would've removed those commits by force-pushing, but the branch is protected. #NotMyFault
2018-12-20 19:53:48 +00:00
claustromaniac
96063027ba
Update README.md
second attempt at fixing the weird title...
2018-12-20 19:44:27 +00:00
claustromaniac
186fb1c9be
Update README.md
fix for the weird page title ![][b]
https://ghacksuserjs.github.io/ghacks-user.js/
2018-12-20 19:42:28 +00:00
Thorin-Oakenpants
ac4e764c37
http2, altsvc, ssl session ids vs FPI vs TB #571 2018-12-18 15:54:57 +00:00
earthlng
5b0952f60a
network.auth.subresource-http-auth-allow 2018-12-17 13:00:27 +00:00
Thorin-Oakenpants
5bd5f6b28e
0912: HTTP Auth sub-resources #585 (#602) 2018-12-18 01:41:37 +13:00
earthlng
55c2cacbce 0335: toolkit.telemetry.coverage.opt-out (#600) 2018-12-17 22:43:45 +13:00
Thorin-Oakenpants
4badc42879
0105b: kill snippets endpoint #528
it's too hard to follow AS changes, and work out if disabling showing items (basic toggling of show/hide sections etc) actually stops downloading a localized local copy etc. For items we actually want to block, let the endpoint slaughter begin.
2018-12-17 09:36:26 +00:00
earthlng
6946a01232
Update troubleshooter.js 2018-12-17 08:19:14 +00:00
Thorin-Oakenpants
da80e39064
0105s: description s/be self explanatory #578
when filtered and 0105a is not shown, AS doesn't mean anything
2018-12-16 17:37:42 +00:00
Thorin-Oakenpants
c1d6d81528
add PERF tags to wasm, asm.js, closes #599 2018-12-16 14:10:32 +00:00
Thorin-Oakenpants
d5ece0f6f4 1700s: revamp Containers header #585 (#596) 2018-12-14 07:05:43 +00:00
Thorin-Oakenpants
f6ea20a8b0
0335: Telemetry Coverage endpoint
let's just coverage-our-ass on this one

While I don't mind telemetry (development needs meaningful feedback to better the product), and I trust the data is not PII, and/or anonymized into buckets etc (you can check this you know), and I understand this one needs to be outside the Telemetry pref in order to gather the one-time ping ... and I trust Mozilla's motives ... I'm starting to get a little annoyed at the non-stop incessant increasing telemetry bullshittery and ass-fuckery around sending data home, and the lengths some Mozilla devs will go to, to hide this info (hidden prefs, access denied tickets to hide discussion of what should be public, and even **not even adhering to their own documentation**).

I will also be killing as many Activity Stream endpoints as well - as long as they are in line with our js - pocket, snippets, onboarding etc. And I will add those from personal as inactive for end-users - eg cfr
2018-12-13 17:28:16 +00:00
Thorin-Oakenpants
645492e82f
grammar, case, etc, closes #594
thanks @Just-me-ghacks
2018-12-14 04:49:50 +13:00
earthlng
15c68dc344 disable System Add-on updates (#595)
remember the new Coverage Telemetry shit? with a **hidden** opt-out pref? guess what, they are already collecting for 3 months ...

https://bugzilla.mozilla.org/show_bug.cgi?id=1487578 - **3 months ago**: "I see data coming in that looks reasonable"

guess what else ...

"It has also replaced the previous version that was there (from bug 1480194)" and oh, surprise surprise, 1480194 is ACCESS DENIED!

they're not just using private tickets to hide security critical information from potential hackers and blackhats, no they also use it to hide shady AF things. Things that they fully know are shady as fuck and that they absolutely know a lot of people would not like. There's simply no other reason why they'd do that

but wait, that's not all. If you think an opt-out pref that 99% of people wouldn't know about even if it showed up in about:config BUT ALSO HAPPENS TO BE HIDDEN is kind of questionable, well ... the system addon that they use for this shit apparently looked or still looks for `toolkit.telemetry.coverage.opt-out` [1] instead of `toolkit.coverage.opt-out` as their documentation [2] claims

[1] https://github.com/mozilla/one-off-system-add-ons/pull/131/files#diff-6e0cbf76986d04383ccb32a29ef27a7aR25
[2] https://hg.mozilla.org/mozilla-central/file/tip/toolkit/components/telemetry/docs/data/coverage-ping.rst#l32

It's time to opt out of all that shit for good. Disable system addon updates and kill it at the root

> In FF61 and lower, you will not get any System Add-on updates except when you update Firefox

on its own that's not true. You will get SA updates unless you disable app update checks + auto install. Let's just remove that as well.
2018-12-14 03:21:57 +13:00
Thorin-Oakenpants
04b797f1aa
0209: remove trailing space
@Just-me-ghacks 💋
2018-12-13 11:14:44 +00:00
Thorin-Oakenpants
e60abd6c44
64-beta 2018-12-12 17:17:33 +00:00
Thorin-Oakenpants
d55b8176ad
dyslexia and/or dementia 2018-12-12 16:52:12 +00:00
Thorin-Oakenpants
31adbba774
5000s: disable CFR 2018-12-12 16:34:27 +00:00
Thorin-Oakenpants
3c247a2c5b
Update ghacks-clear-[removed].js 2018-12-12 13:22:58 +00:00
Thorin-Oakenpants
879f0abf28
2201: more garbage 2018-12-12 13:21:24 +00:00
Thorin-Oakenpants
d97d0ec0f5
media.peerconnection*
covered by user_pref("media.peerconnection.enabled", false);
2018-12-12 13:09:03 +00:00
earthlng
3916e38681 taking out the garbage (#590) 2018-12-13 02:02:38 +13:00
Thorin-Oakenpants
51ac69874b
0105* remove // has setting 2018-12-12 11:58:48 +00:00
earthlng
2d956d04f3 move 1260 to 122x (#591)
* move 1260 to 122x

"disable or limit SHA-1 certificates" is about certs, not ciphers.
Because CERTS is 1st in the title I moved it to the 1st item there because it's arguably also the most important of the lot (and renumbered the rest)
We can also drop HSTS from the subgroup title because there's nothing HSTS left atm.
2018-12-13 00:52:49 +13:00
Thorin-Oakenpants
9d6bfb650c
disable Telemetry Coverage (#589) 2018-12-13 00:29:29 +13:00