Commit Graph

1423 Commits

Author SHA1 Message Date
Thorin-Oakenpants
3bb9fc713f
remove 1203
default false since it was added in FF71 - see https://bugzilla.mozilla.org/1579285
2021-07-20 02:00:33 +00:00
Thorin-Oakenpants
b761a9dd32
4505: experimental RFP prefs
and tidy up all instances (eight) of "do not use": all caps, no asterisks, immediately after [warning]
2021-07-08 07:08:38 +00:00
Thorin-Oakenpants
31e864c16c
0913: disable windows SSO FF91+
- and make 2730 more accurate and add bugzilla
- future RFP additions will be FF91+
2021-07-08 06:21:53 +00:00
Thorin-Oakenpants
f229a3cb75
fixup FF90 deprecated (#1207) 2021-07-07 11:51:44 +00:00
Thorin-Oakenpants
981462ee54
FF90 deprecated 2021-07-06 13:26:44 +00:00
Thorin-Oakenpants
d940ffb3c6
105c: add "sponsored shortcuts" 2021-07-06 06:32:58 +00:00
Thorin-Oakenpants
a6d20eaf5b
1264: update ciphers, fixes #1196 (#1197) 2021-06-23 16:22:10 +00:00
Thorin-Oakenpants
b93a5e334c
2510 webaudio -> inactive RFP alts, closes #1194 2021-06-20 12:49:57 +00:00
Thorin-Oakenpants
c98606430c
move 2505 to RFP alts, closes #1099 2021-06-20 09:29:38 +00:00
Thorin-Oakenpants
12c0631900
4501: remove confusing RFP line 2021-06-16 16:48:14 +00:00
Thorin-Oakenpants
efcceaf2c3
enforce non-native widget theme 2021-06-15 09:55:42 +00:00
Thorin-Oakenpants
d973e11714
add instagram word, closes #1184 2021-06-05 17:36:56 +00:00
Thorin-Oakenpants
b6d7b2bff5
RFP info tweak 2021-06-01 11:02:30 +00:00
Thorin-Oakenpants
74f804a056
1243: more dead flash 2021-05-25 18:19:22 +00:00
Thorin-Oakenpants
f0b5e3649d
tidy 2021-05-25 17:46:45 +00:00
Thorin-Oakenpants
9419e2faab
remove 1210
been default true since FF26 - thanks earthlng
2021-05-25 17:30:40 +00:00
Thorin-Oakenpants
ba9b3c217b
tweak 4600s: closes #1172 2021-05-08 14:45:32 +00:00
Thorin-Oakenpants
79c5539edb
goodbye flash
The prefs still exist, but won't do anything since most of the NPAPI code has been removed
2021-05-05 16:41:43 +00:00
Thorin-Oakenpants
cfd7cd01d1
cleanup 0500s, #1170
- they all have on/off switches
- dxr no longer exists: update URL
- don't recommend users delete files
   - saves two lines
   - they poses zero threat (they have prefs)
   - deleting them can causes unwanted console errors/noise
2021-04-25 11:18:39 +00:00
Thorin-Oakenpants
da9f912862
2620: disable pdfjs scripting, v88 final 2021-04-23 14:25:54 +00:00
Thorin-Oakenpants
9930cfbc07
0102: add setup tag #1166 2021-04-17 07:12:20 +00:00
Thorin-Oakenpants
7738e320d5
RFP & Presentation API 2021-04-15 07:10:54 +00:00
Thorin-Oakenpants
6c10e03ce5
2012: remove webgl.min_capability_mode
as promised in 4596d721e6
2021-04-08 01:19:42 +00:00
Thorin-Oakenpants
7ad3bb9e61
0702: use a [STATS] tag 2021-04-07 09:44:24 +00:00
Thorin-Oakenpants
5dcf639d33
oophs .. and start 88-alpha 2021-04-07 09:36:56 +00:00
Thorin-Oakenpants
2da3b0192f
update HTTP2 stats 2021-04-07 09:36:01 +00:00
Thorin-Oakenpants
ada8158caf
v87 2021-04-04 20:33:23 +00:00
Thorin-Oakenpants
2071939c5e
use [TOR] tags, add 1247
not that we recommend using tor over firefox: but at least the info is there for fiddlers
2021-04-04 14:21:24 +00:00
Thorin-Oakenpants
f082278217
1607: save one line and some bytes
and make it even MOAR clear we do NOT support tor over firefox
2021-04-04 14:15:53 +00:00
Thorin-Oakenpants
abe37add6e
save some overrides, closes #1157
I do not think anyone will bemoan these four "personal" choices
2021-04-04 12:54:17 +00:00
Thorin-Oakenpants
bc07ca94c0
1830: add [TEST] 2021-04-04 12:37:17 +00:00
Thorin-Oakenpants
728c962684
2402: potential clipboard leak fixed in FF89+
Thanks @gwarser for testing, creating the bugzilla, being patient, and confirming the fix
2021-04-04 12:01:49 +00:00
Thorin-Oakenpants
ca99add006
turn ETP on everywhere
It literally cannot hurt [1], and makes it easier for users to use custom mode with TCP/dFPI. Turning on socialtracking helps gain parity with strict mode

[1] gorhill: https://old.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gl9rn9n/
> All extensions and ETP work in parallel, they all inspect network requests and all make the decision to block or not, hence if they all decide to block, they will all report that they block something. ETP is a bit different than normal extension in that it will give precedence to an extension trying to redirect to a local resource, this ensures ETP works harmoniously with normal extensions.
> 
> Once something is not blocked, it then goes through a DNS query, and the browser waits for the response.
> 
> I will add examples of how ETP + multiple blocker extensions work together when dealing with a network request; let's say "A" and "B" are two different blockers:
> 
>   - ETP=block, A=allow, B=allow: result=block
>   - ETP=allow, A=block, B=allow: result=block
>   - ETP=allow, A=allow, B=redirect: result=redirect
>   - ETP=allow, A=block, B=redirect: result=block
>   - ETP=block, A=allow, B=redirect: result=redirect
> 
> So as you can see, ETP is a bit different than a normal extension in that it won't prevent redirection from happening if ever a network request is redirected by one of the normal extension.
2021-04-04 11:49:07 +00:00
Thorin-Oakenpants
f771027138
2720 was removed in FF72
https://bugzilla.mozilla.org/1488583
2021-04-04 11:18:54 +00:00
Thorin-Oakenpants
8f1c0044b9
2701: add cookie behavior 5 2021-04-04 11:07:39 +00:00
Thorin-Oakenpants
46ccd9f654
cleanup 0600s
three prefs are default since at least 78, and one pref is redundant for a pref that has been at our default since it was added
2021-04-03 14:20:39 +00:00
Thorin-Oakenpants
b1927f9de1
1607 make inactive
Useless, since Firefox doesn't use Tor (and which we don't recommend). It was added for the info factor.
2021-03-27 18:42:52 +00:00
Thorin-Oakenpants
b592e0e592
87 deprecated
It is simpler to leave the PointerEvent pref where it is, until ESR78 is EOL
- FF87+ users who use RFP Alts simply add a dead pref, no harm
- This way ESR78 users don't have to worry about extra char flipping: it's the same as before: 1 flip for ESR, 1 flip for RFP Alts
2021-03-27 07:49:14 +00:00
Thorin-Oakenpants
3b6cd93749
1606: default Referrer Policy default 2021-03-27 07:32:19 +00:00
Thorin-Oakenpants
3a24c01f03
0518: enforce no Web Compat Reporter
only stable is false, at the time of writing. but enforcing this for all channels is good, so no-one ends up wasting mozilla resources reporting a compat problem when they've got 200 odd prefs flipped
2021-03-17 14:01:16 +00:00
Thorin-Oakenpants
b7c80841a9
tweak defaults (#1140)
- don't differentiate between channels
- both can be made inactive
   - webcompat requires user action: and I don't see this as a bad thing to have in non-stable
   - unsubmitted crashReports on Nightly is probably already covered by killing the URL, so no big deal
2021-03-14 11:21:13 +00:00
Thorin-Oakenpants
9138e342fd
misc (#1136)
- 0000: remove old XUL info, dropped in FF73+
- 0201: save 3 chars
- 0350: add default status for unsubmittedCheck
- 0351: change to enforce: has been default false going back to at least FF60, including current Beta/Dev/Nightly
   - along with 0602 `network.dns.disablePrefetchFromHTTPS` and 0603 `network.predictor.enable-prefetch`, I considered making them inactive, but decided it was good to leave them active for non-stable users just in case they get flipped
- 0515: add default status
- 0850c: remove info: out of date: doesn't work lilke that anymore and can't be assed figuring it out what with megabar and urlbar2 changes
- 0871: make inactive: default false since at least FF60
   - no need to enforce for non-stable in case it is flipped. It's a pretty minor shoulder-surfer privacy issue and the previews are small. If you're not sure what this pref does. On false you get one tab shown, on true you get as many as can fit across your screen. I squeezed in 15, and after that it became a list
- fixup `***/`
- shave off six lines and almost 400 bytes for you bastards
2021-03-10 00:06:30 +00:00
Thorin-Oakenpants
692ed70ea9
remove maintenance of this comment 2021-03-08 01:49:21 +00:00
Thorin-Oakenpants
03ffb90186
start 87-alpha, also fixes #1129
make all inactive permissions.default = same, blocked
2021-03-02 20:02:41 +00:00
Thorin-Oakenpants
5f9bb59b95
86 final 2021-02-28 20:49:57 +00:00
Thorin-Oakenpants
7163efdd1e
1825: inactive: it is redundant, fixes #1107 2021-02-28 15:57:27 +00:00
Thorin-Oakenpants
612cfbf313
0805: re-add visited links
It can still be used to mitigate social engineering attacks (e.g. using visibility and user clicks), and advanced/targeted scripts
2021-02-27 21:18:17 +00:00
Thorin-Oakenpants
4596d721e6
2012: make webgl.min_capability_mode inactive
- This is too minimal to be of any use, breaks too much (e.g. zoom video)
- Tor browser stopped flipping this (I *think*) about 5 years ago: it certainly hasn't been used in ESR60+ based TB builds, I checked
- we already disable webgl, so making this inactive removes yet another pref users need to flip/troubleshoot
- I will leave it in the user js for a few releases so prefsCleaner will pick it up
2021-02-26 11:39:52 +00:00
Thorin-Oakenpants
911206eed5
5000s: disable ctrl-q quit shortcut FF87+
https://bugzilla.mozilla.org/show_bug.cgi?id=52821 .. 21 years, old enough to drink and vote
2021-02-25 01:22:08 +00:00
Thorin-Oakenpants
cb5cdca99d
update adding site exceptions
- https://bugzilla.mozilla.org/show_bug.cgi?id=1692553
- also HoM is not Page Info
2021-02-24 22:10:29 +00:00
Thorin-Oakenpants
e54ae46537
1204: ssl session ids inactive, closes #1110 2021-02-24 15:11:59 +00:00
Thorin-Oakenpants
7c978d4e70
0708: FTP default FF88+
https://bugzilla.mozilla.org/show_bug.cgi?id=1691890
2021-02-22 20:05:25 +00:00
Thorin-Oakenpants
d905b4387d
deprecated: put FF86 items in the right place 2021-02-21 20:52:20 +00:00
Thorin-Oakenpants
c31c825a74
2212: popup events, fixes DDG
https://bugzilla.mozilla.org/show_bug.cgi?id=1686045
2021-02-18 15:50:37 +00:00
Thorin-Oakenpants
6505a9fefd
FF86 deprecated 2021-02-18 15:30:58 +00:00
Thorin-Oakenpants
de74f812ee
2012: webgl default FF86+ 2021-02-18 15:00:06 +00:00
Thorin-Oakenpants
82bb3f987d
2604, closes #1111 2021-02-08 07:20:06 +00:00
Thorin-Oakenpants
a35a616de7
highlight 1603 (cross origin referer), fixes 1108
especially since we recently hardened it: also added it to the few things highlighted in the wiki
2021-02-04 07:19:28 +00:00
Thorin-Oakenpants
ecf99bf9e7
0603: add default value
AFAICT:  false 48-51: true 52-55.0.1/ESR52.1: false ever since
2021-02-03 16:45:34 +00:00
Thorin-Oakenpants
cfaf354fe3
oophs, better start 86-alpha 2021-02-02 04:09:50 +00:00
Thorin-Oakenpants
fa51251235
remove widevine vis pref, see #1107
- It is controlled in both runtime and via user.js by the state of `media.eme.enabled`. Also, who cares about the vis of a ui option
- note, there is no need to add this to the removed scratchpad list
2021-02-01 17:17:16 +00:00
Thorin-Oakenpants
21fcd0bd35
update xul/xhtml config info
- the XUL version is also pre FF71
- the XHTML version was removed in FF87+
2021-02-01 05:14:46 +00:00
Thorin-Oakenpants
96d558dd0c
add window.name test 2021-01-31 07:28:05 +00:00
Thorin-Oakenpants
b6e8dcab81
fixup spelling mistake 2021-01-30 00:28:28 +00:00
Thorin-Oakenpants
fa78c53114
v85 2021-01-28 03:13:36 +00:00
Thorin-Oakenpants
2f6b14ab6e
1201: add error code, fixes #1094 2021-01-26 19:58:57 +00:00
Thorin-Oakenpants
306610da8e
remove 2614, see #1100 2021-01-26 19:37:54 +00:00
Thorin-Oakenpants
c974b3252d
move [STATS] from 1270 to 1201, #1094 2021-01-22 12:10:15 +00:00
Thorin-Oakenpants
480933484f
2624: windows.name default FF86+
https://bugzilla.mozilla.org/1685089
2021-01-21 11:17:16 +00:00
Thorin-Oakenpants
1f098f2eaf
start 85-alpha, also fix #1090 2021-01-17 23:04:37 +00:00
Thorin-Oakenpants
27dd6aa62d
84 final 2021-01-05 13:13:52 +00:00
Thorin-Oakenpants
9d74cb9526
remove useless snippet pref 2020-12-30 10:17:35 +00:00
Thorin-Oakenpants
8c9d0bbe72
harden cross-domain referers, closes #1077 2020-12-27 05:01:33 +00:00
Thorin-Oakenpants
0152b38b8b
add override recipes link to readme steps 2020-12-25 16:06:32 +00:00
Thorin-Oakenpants
2cfbba1472
search-to-tab: FF85+ 2020-12-19 07:23:13 +00:00
Thorin-Oakenpants
335ee84540
remove layout.css.visited_links_enabled, #933
This no longer has any affect since FF77+: see https://bugzilla.mozilla.org/1632765
2020-12-09 09:26:50 +00:00
Thorin-Oakenpants
5c37d50f4e
tidy
- remove useless `see` word for reference links
- fixup 0701
   - "do not play nice" is not measurable
   - don't reference to self as a source: people can just search "VPN leak Ipv6" or something
2020-12-07 19:34:14 +00:00
Thorin-Oakenpants
77abf35761
tidy
- shrink and remove outdated info from section 0300 header
- combine some bugzillas
- drop some references
   - 1647829 for HTTPS-Only mode
   - hardware metrics: not going to implicitly encourage users to use this pref or tell them what sizes to use
- update [STATS]
   - also remove TLS [STATS].. stats on TLS 1.0 and 1.1 are irrelevant: the default is now TLS 1.2+
- single CRLite reference for all blog articles
- save 588 bytes so all you bastards can theoretically load Firefox just that tiny bit faster
2020-12-06 21:09:07 +00:00
Thorin-Oakenpants
fa85c9da5b
fixup double word 2020-11-23 10:46:30 +00:00
Thorin-Oakenpants
cf53982086
1244: CRLite, closes #1065 2020-11-22 18:15:25 +00:00
Thorin-Oakenpants
91cbc1e09a
HTTPS-Only mode, closes #1047 2020-11-22 17:59:44 +00:00
Thorin-Oakenpants
a7e4268d8b
2730 appCache, closes #1055 2020-11-22 17:25:33 +00:00
Thorin-Oakenpants
699eacf1fd
add FPI scheme, closes #1066 (#1067) 2020-11-22 17:21:31 +00:00
Thorin-Oakenpants
0189438e46
start 84-alpha 2020-11-22 17:11:31 +00:00
Thorin-Oakenpants
94712f59a3
83 final 2020-11-22 17:05:34 +00:00
Thorin-Oakenpants
ef93a754ce
warnings always come after notes 2020-11-21 01:49:19 +00:00
Thorin-Oakenpants
ccbca41e2d
start 83 alpha, fixup 1244 setting info
`browser.preferences.exposeHTTPSOnly` is now default true
2020-11-13 01:03:29 +00:00
Thorin-Oakenpants
5b0d173078
82 final 2020-11-13 00:55:45 +00:00
Thorin-Oakenpants
ea0eb85404
82-beta 2020-11-11 18:23:00 +00:00
Thorin-Oakenpants
8dc43cfdc2
RFP 82+ changes
Note
 - this is not the same as 2517 which disables the API
 - RFP does not determine what is supported or not supported: so that entropy remains
 - with or without RFP, if the media config is not supported it returns false,false (so there is nothing to spoof here)
2020-11-11 18:20:13 +00:00
Thorin-Oakenpants
f7bee988de
0517: add creditCards.available / defense-in-depth
see https://github.com/arkenfox/user.js/issues/1038#issuecomment-713643850
2020-11-11 18:08:06 +00:00
Thorin-Oakenpants
f2fe7f02b0
add 2624: window.name protection, fixes #1012 2020-11-11 16:59:27 +00:00
Thorin-Oakenpants
accef19af4
add LSNG, fixes #1059 2020-11-11 16:27:43 +00:00
Thorin-Oakenpants
910d7004c6
release info, fixes #1042
now we have somewhere to add things like HTTPS-Only Mode, appCache, secure downloads when we make changes that impact ESR
2020-11-11 16:12:57 +00:00
Thorin-Oakenpants
07cccd5386
remove 4003: partition, see #1051 (#1057) 2020-11-02 17:05:40 +00:00
Thorin-Oakenpants
ac52886ea8
2422 WASM, add reason for disabling, fixes #1037 (#1054) 2020-10-26 10:37:49 +00:00
Thorin-Oakenpants
c45780d79b
0701 PHP localhost + IPv6, fixes #1053 2020-10-26 10:34:54 +00:00
Thorin-Oakenpants
e14732aad3
2031: better reference: closes #1022 (#1048) 2020-10-23 23:29:31 +00:00
Thorin-Oakenpants
0adfddd1e2
misc (#1040)
* misc

- cleanup of old release notation in comments: e.g. if it's not applicable to ESR78+
- same with default version info
- simplify and save bytes on section 4700
- update 4500 header
  - and unify the message about using extensions as counterproductive
- letterboxing
   - provide info on stepped ranged (and drop crap about FF67)
   - don't judge users who dislike seeing margins (I don't like them either, but I force my window to exact dimensions and stay there)
- screenshots uploading was disabled in FF67+ : [67 release notes](https://www.mozilla.org/en-US/firefox/67.0/releasenotes/)
   - the pref is still there (default false) but so far I'm 99% sure this pref now does anything
   - I will add it to the scatchpad script if this change sticks

* simplify 4500 RFP, see #1041

* update removed script

* tidy readme, see #1045

- also put readme before releases

* RIP FX Site Compat

* clean out RFP Alts info: the information is redundant: it's already in the readme
2020-10-20 11:58:20 +00:00
Thorin-Oakenpants
f591a8adf8
82-alpha, 82 deprecated, remove old deprecated 2020-10-13 14:12:53 +00:00
Thorin-Oakenpants
0e10a820d9
81 final 2020-10-13 14:01:41 +00:00
earthlng
c90341dded
1244: HTTPS-Only mode update (#1031) 2020-10-07 12:10:24 +00:00
Thorin-Oakenpants
d5ccf4693b
fixup font prefs vs RFP, fixes #1025 (#1028)
- make 1401 inactive: it affects RFP's FPing
- remove old warning/setup-web: we do not care about documenting breakage or FPing risks when we have a warning and they are inactive. If someone uses them, that's on them
- new warnings
2020-10-06 13:43:51 +00:00
Thorin-Oakenpants
a56ba85936
remove dom.IntersectionObserver.enabled #1026
- this was made inactive in v68
- since at least FF79, when active as false, it breaks the web and browser consoles
- it breaks websites
- it breaks extensions: e.g. uBO panel functionality
- it does nothing to mitigate possible fingerprinting (which was why it was initially added as a concern) - i.e the API only provided a standardized method, it does not stop previous/earlier workarounds
2020-10-02 08:33:27 +00:00
Thorin-Oakenpants
421f1e361c
[ ] are for for prefs only 2020-09-29 06:10:57 +00:00
Thorin-Oakenpants
2391874e04
UI setting change in 81
https://bugzilla.mozilla.org/show_bug.cgi?id=1613468
2020-09-28 19:04:08 +00:00
Thorin-Oakenpants
c367beabe3
81-beta 2020-09-23 12:20:59 +00:00
Thorin-Oakenpants
ae0c980d25
migration 2020-09-15 04:15:03 +00:00
Thorin-Oakenpants
18112f9ae8
last F time :) update TZP links 2020-09-11 21:55:12 +00:00
Thorin-Oakenpants
c8eee094e0
update links 2020-09-11 03:23:55 +00:00
Thorin-Oakenpants
78a7c194eb
update ref links 2020-09-10 07:33:50 +00:00
Thorin-Oakenpants
f606c8b866
2203 values
see https://bugzilla.mozilla.org/show_bug.cgi?id=1663500 where they reverted https://bugzilla.mozilla.org/show_bug.cgi?id=1661643 where they said value 1 didn't do anything - all changes in FF82, so nothing to see here folks ... move along
2020-09-08 23:49:22 +00:00
Thorin-Oakenpants
9c98972d14
misc2 (#1010)
* forceMediaMemoryCache breakage

* add back ESR68-EOL for prefsCleaner users
2020-09-05 15:42:34 +00:00
Thorin-Oakenpants
75a03df0f7
miscellaneous (#1007)
- less active prefs
   - now that ESR68 is EOL, at least a whopping two (0602, 1273)
   - also I don't know when the default changed - another whopping whole one (1240)
   - and where we do enforce/reset a pref to default, lets say that
   - this is not a definitive list, sing out if there is anything else
- IPv6 info
   - especially for Iron Heart who likes to claim that this pref breaks 5% of sites
- cleanup of settings tags now we only care abut ESR78+
2020-09-05 15:20:46 +00:00
Thorin-Oakenpants
76019e6fbe
ESR78 unhidden prefs
also, the note about WebExt + SVG only applies to people using outdated versions .. so that can go too
2020-09-03 13:27:25 +00:00
Thorin-Oakenpants
3c2bd930c3
start 81-alpha, EOL for ESR68 2020-09-03 13:11:16 +00:00
Thorin-Oakenpants
ed993d5502
80 final 2020-09-03 13:04:31 +00:00
Thorin-Oakenpants
22d2d702be
1409: obsolete RFP mention 2020-09-03 13:02:09 +00:00
Diogo Agostinho
8dacf6e91f
fix typo (#1005) 2020-08-31 21:47:57 +00:00
Thorin-Oakenpants
fbe1d48fe2
2203: open_newwindow values
- FYI: https://bugzilla.mozilla.org/show_bug.cgi?id=1661643
- https://hg.mozilla.org/integration/autoland/rev/12d62b074178
2020-08-31 19:49:00 +00:00
Thorin-Oakenpants
5fd7f6de7e
80-alpha 2020-08-28 18:27:20 +00:00
Thorin-Oakenpants
c6f53c8768
2201 deprecated (dead prefs removed in 82), #979 (#1002) 2020-08-26 11:28:47 +00:00
Thorin-Oakenpants
38d772e4c8
https-only mode updates (#1001) 2020-08-25 14:59:41 +00:00
Thorin-Oakenpants
cfce521919
1409: RFP changes in FF81+ (#998) 2020-08-23 14:37:18 +00:00
Thorin-Oakenpants
8d6d17d46b
1244: HTTPS-only mode: FF80+ site exceptions
The option is not shown if https-only-mode is not being applied. I tested with `http://asmjs.org/` since it doesn't redirect/upgrade to secure.
2020-08-21 21:05:08 +00:00
Thorin-Oakenpants
9a37e1340c
0905: add reference, #982 2020-08-20 17:18:22 +00:00
Thorin-Oakenpants
f1e0203ef4
0105b, cleaner value, see #992 2020-08-15 01:56:01 +00:00
Thorin-Oakenpants
726d5bde30
0105b: stop console error, closes #992 2020-08-14 14:12:28 +00:00
Thorin-Oakenpants
93840ca181
0602 not hidden in ESR78 2020-08-13 15:37:25 +00:00
Thorin-Oakenpants
99aa5af356
password master->primary 2020-08-13 15:34:26 +00:00
Thorin-Oakenpants
0358fdac8b
80-alpha 2020-08-13 15:32:45 +00:00
Thorin-Oakenpants
815c3026b5
79 final 2020-08-13 15:30:36 +00:00
Thorin-Oakenpants
5ed3047b7a
references cleanup 2020-08-13 15:22:38 +00:00
Thorin-Oakenpants
e16ede1cdf
79-beta 2020-08-13 14:44:27 +00:00
Thorin-Oakenpants
6905187b3e
0207/0208: region/search (#989) 2020-08-13 04:39:38 +00:00
Thorin-Oakenpants
172118e61b
RFP+Alts: fixup sequential numbering, see #987 2020-08-05 01:35:10 +00:00
Thorin-Oakenpants
8452edb94b
4600: see #987 2020-08-04 10:25:29 +00:00
Thorin-Oakenpants
0f6957bbd4
4600: add missing version section 2020-08-04 10:18:29 +00:00
Thorin-Oakenpants
8c2bcc0352
1007: bump to 64mb, see #941 2020-08-03 22:50:58 +00:00
earthlng
bc832575d8
1003: kibibytes 2020-08-03 14:52:21 +00:00
Thorin-Oakenpants
c4b7e07691
4500: site partitioning 2020-08-02 01:47:48 +00:00
Thorin-Oakenpants
58fb1db838
HTTPS-Only Mode UI 2020-08-02 01:27:30 +00:00
Thorin-Oakenpants
2809854802
font visibility / RFP (#985) 2020-08-01 11:03:17 +00:00
Thorin-Oakenpants
117ab133b1
remove 0809
not deprecated, just hidden: default is false anyway
2020-07-29 02:19:20 +00:00
Thorin-Oakenpants
f8fd03482d
79 deprecated 2020-07-23 11:19:49 +00:00
Thorin-Oakenpants
46d03279d3
79 start, fixup 2429 default info 2020-07-22 12:35:13 +00:00
Thorin-Oakenpants
fe0af3bb34
remove 0709 duplicate, 78 final 2020-07-21 10:40:01 +00:00
Thorin-Oakenpants
84997386c1
78-beta 2020-07-20 05:24:18 +00:00
Thorin-Oakenpants
1a389c0214
dnsResolveSingleWordsAfterSearch (#968) 2020-07-10 10:09:13 +00:00
Thorin-Oakenpants
d0060fed3c
2031: use exceptions if you need to, #969 2020-07-08 13:18:38 +00:00
Thorin-Oakenpants
3d18af19e3
various, #959 (#967)
Co-authored-by: rusty-snake
2020-07-05 14:02:25 +00:00
Thorin-Oakenpants
b5b04454e0
0850a search keywords fixup 2020-07-01 03:46:52 +00:00
Thorin-Oakenpants
618f7bed3f
0850a: add top sites FF78+ 2020-06-29 15:49:11 +00:00
Thorin-Oakenpants
488a825626
update weak ciphers/tests etc, closes #931 (#963)
- adds the new tests including the non-JS JA3

Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
Co-authored-by: earthlng <earthlng@users.noreply.github.com>
2020-06-28 15:48:13 +00:00
Thorin-Oakenpants
aaf6cb33d7
4617 restart
- at least for disabling chrome animations
2020-06-27 12:37:32 +00:00
Thorin-Oakenpants
77ecef8be3
78 deprecated, add 2032 (#962) 2020-06-27 12:16:57 +00:00
Thorin-Oakenpants
4be0a80720
update trac tor tickets (#958)
and some other minor tweaks
2020-06-24 17:26:25 +00:00
Thorin-Oakenpants
f573200aa8
ciphers in ESR78
[1496639](https://bugzilla.mozilla.org/show_bug.cgi?id=1496639)
2020-06-18 02:29:54 +00:00
Thorin-Oakenpants
48f258ff53
start 78-alpha 2020-06-14 10:28:32 +00:00
Thorin-Oakenpants
b9100488cb
77 final 2020-06-14 10:26:10 +00:00
Thorin-Oakenpants
9d78e050ee
77-beta 2020-06-12 17:39:28 +00:00
Thorin-Oakenpants
b07cf1f03d
remove extra line from last commit, save one byte 2020-06-05 03:10:09 +00:00
Thorin-Oakenpants
683ef63b37
RFP alts: prefers-reduced-motion 2020-06-05 03:08:16 +00:00
Thorin-Oakenpants
05580f5e99
0709 hotfix, #923, #951 2020-06-02 20:48:41 +00:00
Thorin-Oakenpants
ecc62554e5
2608: remote debugging: default value, closes #950 2020-06-01 15:27:38 +00:00
Thorin-Oakenpants
f6e6de8444
77 deprecated 2020-05-29 12:41:59 +00:00
Thorin-Oakenpants
f69d92e6dd
1244: https upgrade local 2020-05-29 12:23:17 +00:00
Thorin-Oakenpants
868882ae33
start 77-alpha 2020-05-24 18:11:55 +00:00
Thorin-Oakenpants
ff9bf76e52
76 final, save some bytes in RFP section 2020-05-24 18:09:46 +00:00
Thorin-Oakenpants
4bc5b89cfe
4500: RFP changes 78+ re canvas 2020-05-15 23:18:11 +00:00
Thorin-Oakenpants
bb1e5bfd54
76-beta 2020-05-07 14:56:49 +00:00
Thorin-Oakenpants
27d72eda9e
1244: https-only-mode 2020-05-07 06:20:10 +00:00
Thorin-Oakenpants
07117c65c1
RFP spoofs FF78+ 2020-05-07 05:13:19 +00:00
Thorin-Oakenpants
919d4bfe96
godamnit, also move related reference 2020-05-04 10:52:25 +00:00
Thorin-Oakenpants
e38e253c25
oophs, forgot deprecation source 2020-05-04 10:49:07 +00:00
Thorin-Oakenpants
14aaec71fb
76 deprecated 2020-05-04 07:34:23 +00:00
Thorin-Oakenpants
c0780df24d
1401: PDF breakage, closes #937 2020-04-30 21:50:50 +00:00
Thorin-Oakenpants
0ea1605642
start 76-alpha, 2605 default 2020-04-30 18:52:27 +00:00
Thorin-Oakenpants
3366e0aa16
75 final 2020-04-23 08:52:48 +00:00
W
dff5bb478a
0211: add possible breakage for CJK input methods 2020-04-16 04:04:13 +00:00
Thorin-Oakenpants
d455c500a6
75-beta 2020-04-15 14:44:14 +00:00
Thorin-Oakenpants
b90e72370c
1007 fixup what FF75+ applies to 2020-04-14 00:28:00 +00:00
Thorin-Oakenpants
dd162d9f48
1007 fixups 2020-04-14 00:16:03 +00:00
Thorin-Oakenpants
d7c276b3fe
2402: clipboardevents -> inactive, #887 2020-04-13 06:17:54 +00:00
Thorin-Oakenpants
394b691599
2421: grammar fix 2020-04-13 04:55:10 +00:00
Thorin-Oakenpants
b695468c7e
remove 0205 2020-04-12 18:07:12 +00:00
Thorin-Oakenpants
deae6e14f9
75 deprecated 2020-04-12 16:38:12 +00:00
Thorin-Oakenpants
97c5378e52
1007: *forceMediaMemoryCache PB mode 2020-04-12 16:23:48 +00:00
Thorin-Oakenpants
d2dd0c2ab4
tls stats update
- Go to https://telemetry.mozilla.org/
- click `measurement dashboard`
- select `SSL_HANDSHAKE_VERSION`

I looked at Nightly 75 (0.26 and 0.01) and Nightly 76 (0.2 and 0)
2020-04-11 02:51:17 +00:00
Thorin-Oakenpants
8c7149c6a5
2421: Ion/JIT trusted principals, closes #914 2020-04-09 06:07:13 +00:00
Thorin-Oakenpants
d2da48c215
revert top sites, see #922 2020-04-08 08:01:07 +00:00
Thorin-Oakenpants
7e71b6663c
75-alpha, add 105e, closes #922 2020-04-08 07:12:14 +00:00
Thorin-Oakenpants
94c83519f2
74 final 2020-04-08 07:08:36 +00:00
Thorin-Oakenpants
e7d20867cb
2623 delegation 2421 ion/jit tweak 2020-04-06 00:39:52 +00:00
Thorin-Oakenpants
55ae994972
2421 fixup Ion/Jit note 2020-03-28 13:18:34 +00:00
Thorin-Oakenpants
f0945743b7
2662: clarify 4503 needed, #912 2020-03-27 16:20:41 +00:00
Thorin-Oakenpants
ee35d7c70d
2421: ion/jit and extensions note 2020-03-27 12:44:06 +00:00
Thorin-Oakenpants
fe1b03bd2a
tls downgrades -> session only 2020-03-27 12:36:16 +00:00
Thorin-Oakenpants
187692af66
enforce disabled system + prefixed colors 2020-03-19 11:36:03 +00:00
Thorin-Oakenpants
b6e2a3f64f
one of the 2012 webgl prefs deprecated 2020-03-12 14:44:14 +00:00
Thorin-Oakenpants
6f7e09ad43
1704 deprecated, add 1703 2020-03-12 05:23:57 +00:00
Thorin-Oakenpants
4ddf60cf32
0203: make sure users know these are 74+ prefs 2020-03-12 03:56:13 +00:00
earthlng
24777c9ac2
FF74: 0203 updates (#904) 2020-03-12 03:44:52 +00:00
Thorin-Oakenpants
615ebeda2f
start 74-alpha 2020-03-12 03:43:31 +00:00
Thorin-Oakenpants
4139630635
73 final 2020-03-12 03:37:46 +00:00
Thorin-Oakenpants
1afd52de6e
0306: minor tweak
There is no "show more details about an addon" anymore since they moved to the new html/card layout
2020-02-22 13:56:30 +00:00
Thorin-Oakenpants
64f34f1471
73-beta 2020-02-15 12:55:59 +00:00
Thorin-Oakenpants
5f3e3b2691
VR default prompt, RFP info, start 73-alpha 2020-02-14 01:00:02 +00:00
earthlng
1ce1f74494
Update user.js 2020-02-12 12:03:29 +00:00
earthlng
03f558b09c
nit: 0517 SETTING
we don't include `Options>` in [SETTING] lines
2020-02-10 17:12:08 +00:00
Thorin-Oakenpants
7619e312de
72 final 2020-01-24 16:48:16 +00:00
Thorin-Oakenpants
5d2c5de11c
fixup deprecated ESR-cycle version 2020-01-15 02:53:07 +00:00
Thorin-Oakenpants
e1022c2e72
72-beta 2020-01-14 17:38:22 +00:00
Thorin-Oakenpants
e431b324c8
FF72 deprecated 2020-01-08 02:53:25 +00:00
Thorin-Oakenpants
18ad40a5c6
systemUsesDarkTheme -> RFP Alts 2019-12-25 02:14:49 +00:00
rusty-snake
315de066ec typo (#870) 2019-12-24 11:49:19 +00:00
Thorin-Oakenpants
85273d0f19
0517: setting tag 2019-12-22 07:13:48 +00:00
Thorin-Oakenpants
ef293b57a7
5000s: add ui.systemUsesDarkTheme 2019-12-22 06:14:25 +00:00
Thorin-Oakenpants
79d316fd22
remove old deprecations 2019-12-19 16:37:19 +00:00
Thorin-Oakenpants
ed60588473
72-alpha start 2019-12-19 16:34:44 +00:00
Thorin-Oakenpants
07c128a190
71 final 2019-12-19 16:31:51 +00:00
Thorin-Oakenpants
34cfcedc1b
2402+2403, finally closes #735 2019-12-19 16:19:39 +00:00
Thorin-Oakenpants
f9146fdf24
update setting tags, minor tweaks 2019-12-18 09:46:21 +00:00
Thorin-Oakenpants
a1cdbc8324
1408 graphite, closes #1408 and 2619 puncyode 2019-12-18 07:46:44 +00:00
earthlng
cd07641a9d 2701: make sure cookieBehavior is always honored (#866)
see #862
2019-12-18 05:02:25 +00:00
earthlng
9c02949e04
0000: config.xhtml in FF73+ (#865) 2019-12-17 15:00:34 +00:00
Thorin-Oakenpants
5672bc8cc8
2032 removed, 4002 inactive, closes #840 2019-12-12 01:21:17 +00:00
Thorin-Oakenpants
df1732745d
0308: seach engine updates: better info #840 2019-12-10 22:07:23 +00:00
Thorin-Oakenpants
30daf8640c
FPI stuff 2019-12-09 20:18:42 +00:00
earthlng
4074a37e1d 1201 + 1270 update (#859)
trim by a line, remove extra space, fixup on red, indicate it only applies if 1201 is false
2019-12-07 18:26:39 +00:00
Thorin-Oakenpants
97043b0ce1
71-beta 2019-12-06 12:19:21 +00:00
Thorin-Oakenpants
42ea484017
71 deprecated (#856) 2019-12-04 14:13:49 +13:00
Thorin-Oakenpants
3f6340b69c
OMG!! 2019-12-03 14:51:44 +00:00
earthlng
884e84a4cb about:config warning back to the top + active (#855) 2019-12-04 03:44:59 +13:00
Thorin-Oakenpants
560acfc94f
70 final 2019-12-03 07:31:47 +00:00
Thorin-Oakenpants
fb263f5624
favicons: 1031 better info, 1032 inactive #840 (#851) 2019-12-02 23:04:09 +13:00
Thorin-Oakenpants
19b392b83d
70-beta 2019-11-24 05:23:10 +00:00
Thorin-Oakenpants
2db76c95c3
1603: breaks icloud, closes #850 2019-11-23 16:19:09 +00:00
Thorin-Oakenpants
8f76d9439f
2002: add FF70 bugzilla link 2019-11-22 15:26:38 +00:00
earthlng
f0980b5cb8
2002: add proxy_only_if_behind_proxy 2019-11-22 15:19:37 +00:00
Thorin-Oakenpants
450c9a9e0f
simplify ciphers, closes #839 (#844)
* simplify ciphers

- let's not encourage (remove options 1, 2) changing your cipher suite FP
- remove "it's quite technical ..." (everything is technical to someone), trim to one line
- add test link so users can just see that it's FP'able
- reinforce not to fuck with the cipher suite in the cipher's sub-section
2019-11-23 03:23:08 +13:00
Thorin-Oakenpants
6acfdaccbd
RFP stuff 2019-11-20 04:48:15 +00:00
Thorin-Oakenpants
a0e0a2a6c9
2680 tweak #840 2019-11-19 16:26:14 +00:00
Thorin-Oakenpants
f67e729197
whatsNewPanel correct version 2019-11-19 06:39:08 +00:00
rusty-snake
19526b573c 2805 note, FPI change (#842) 2019-11-19 16:31:48 +13:00
Thorin-Oakenpants
b0221ec838
1576254 version fixup 2019-11-17 10:33:02 +00:00
Thorin-Oakenpants
a3611b7cf8
changes to prefs affecting extensions
also first word on pdfjs.disabled, to be consistent
2019-11-14 02:39:48 +00:00
Thorin-Oakenpants
0cfb2fb06d
1703: remove
default true since FF61, and ESR60 is now EOL
2019-11-09 23:23:34 +00:00
Thorin-Oakenpants
d5f297ed42
5000s: disable what's new 2019-11-08 18:06:35 +00:00
earthlng
c13dbdf40d 1201 update (#838)
https://wiki.mozilla.org/Security:Renegotiation describes

> **the new default behaviour** that was introduced in experimental mozilla-central nightly versions on 2010-02-08

where the last step is

> - should the server (or a MITM) request **renegotiation**, Mozilla will terminate the connection with an error message

and then after talking about breakage ...

> The above defaults may break some client/server environments where a Server is still using old software and requires renegotiation.

mentions workarounds to reduce said breakage:

> In order to give such environments a way to keep using Firefox (et.al.) to connect to their vulnerable server infrastructure, the following preferences are available:

specifically talking about the first 2 prefs listed there, one allowing to specify a list of hosts "where renegotiation may be performed" and the 2nd one "completely disables the new protection mechanisms".
But both those prefs were removed in FF38, meaning that since then it's no longer possible to disable the default behaviour that is "should the server (or a MITM) request **renegotiation**, Mozilla will terminate the connection with an error message".

But all of this is about the **re**-negotiation part and not negotiation. And nowhere does it say "insecure" renegotiation, which, as I read it, means that FF will terminate the connection for any kind of **renegotiation**, safe or unsafe.

1201 controls the negotiation part:

> This pref controls the behaviour during the initial negotiation between client and server.
> If set to true, a Mozilla client will reject all connection attempts to servers that are still using the old SSL/TLS protocol and which might be vulnerable to the attack.
> Setting this preference to “true” is the only way to guarantee full protection against the attack.

I think "servers that are still using the old SSL/TLS protocol" actually means servers that **only** support the old protocols.
Servers still supporting those old protocols in addition to some new protocol versions should not be affected by this pref because FF will be able to negotiate to use one of the newer protocol versions.

Ergo lets fix the title and remove the line about renegotiation support because I think that's irrelevant.


ps. the sslpulse link is nice and I'd like to keep it somewhere but it doesn't really fit in 1201 IMO so I moved it to 1202.
2019-11-09 05:42:21 +13:00