mirror/ arkenfox-user.js
1
1
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-05-27 06:06:12 +02:00
Code Issues Wiki
1,997 Commits 2 Branches 104 Tags 3.9 MiB
Commit Graph

1430 Commits

Author SHA1 Message Date
Thorin-Oakenpants 85438d00e4
v93 deprecated 2021-10-12 08:23:46 +00:00
Thorin-Oakenpants a764149520
v92 2021-10-11 13:56:38 +00:00
Thorin-Oakenpants 412c8f9f94
0807 urlbar contextual suggestions, #1257 2021-10-09 07:14:20 +00:00
Thorin-Oakenpants 380a88ee57
oophs 2021-10-05 11:14:16 +00:00
Thorin-Oakenpants 8404e8a59c
tidy, closes #1260 2021-10-05 03:04:14 +00:00
Thorin-Oakenpants b37df0bcfe
embiggen 4500, #1218 2021-09-25 02:32:48 +00:00
Thorin-Oakenpants 044e3e76e8
make 0706 more cromulent 2021-09-25 01:47:54 +00:00
Thorin-Oakenpants 1c6d633144
more nits 2021-09-11 05:35:39 +00:00
Thorin-Oakenpants 278336196c
nit 2021-09-11 05:31:21 +00:00
Thorin-Oakenpants 76c1aad4be
grammar 2021-09-10 13:07:04 +00:00
Thorin-Oakenpants e5c128804c
remove locale in link 2021-09-10 05:09:05 +00:00
Thorin-Oakenpants c9956d85b1
92-alpha 2021-09-10 04:32:09 +00:00
Thorin-Oakenpants 524823fd05
proxy direct failover (#1247) 2021-09-07 13:35:32 +00:00
Thorin-Oakenpants 283bfd744a
fixup missing 1022 reference 2021-08-29 14:32:37 +00:00
Thorin-Oakenpants a1b4aa6000
add DoH rollout pref, closes #1027 2021-08-29 07:42:24 +00:00
Thorin-Oakenpants a308878b11
finish removal of 500s and cleanup of 300s 2021-08-29 04:50:36 +00:00
Thorin-Oakenpants 453fcd32cb
remove 2003, fixes #1245 2021-08-29 04:10:48 +00:00
Thorin-Oakenpants 7e80231ac5
was 6005: remove mixed active 2021-08-28 08:38:31 +00:00
Thorin-Oakenpants 6df03e1a74
add removed from arkenfox section 
- this helps mitigate the need for scratchpad for those who use prefsCleaner
- in future, if anything was active during the ESR cycle, then it goes in here when removed
- similar to deprecated items: clean out after ESR EOL
 2021-08-28 08:30:12 +00:00
Thorin-Oakenpants 4b437771fa
oophs, thanks @eleius 
fixup 3b52557143
 2021-08-28 07:11:44 +00:00
Thorin-Oakenpants 4043467ad9
tidy 2021-08-28 06:03:13 +00:00
Thorin-Oakenpants 5ac8fd8f70
0906: tweak, #1243 2021-08-28 05:57:19 +00:00
Thorin-Oakenpants 2cf20c56a7
standardize cross origin/domain 2021-08-28 05:48:54 +00:00
Thorin-Oakenpants 3b52557143
start removal of section 0500s 
- I am no longer short one parrot
- move inactive screenshots to personal
- move FORM autofill to `0800... FORMS` - can't find it now, but this is slated to cease being a system addon and instead be "built-in"
- the rest will get swallowed into a revamped, split QUIETER FOX
 2021-08-28 05:19:13 +00:00
Thorin-Oakenpants 08395de188
1273: remove inactive pref 2021-08-27 10:37:54 +00:00
Thorin-Oakenpants 4ac17eaf78
tidy last commit 2021-08-26 06:50:46 +00:00
Thorin-Oakenpants b5a3b54d3f
clipboard to don't bother 2021-08-26 06:43:28 +00:00
Thorin-Oakenpants 80f69a6f3d
2406: remove 
This doesn't achieve anything. AFAICT, it's an old gecko only API, not used on the web: superseded by the Clipboard API (added in FF21+)
 2021-08-26 06:26:41 +00:00
Thorin-Oakenpants 498a25c759
0806: remove confusing line 2021-08-26 06:04:57 +00:00
Thorin-Oakenpants 64e8dfad0a
1004: remove setup tag 
IDK if this is true: no one has ever complained, and I'm not interested in maintaining/testing it
 2021-08-26 05:55:11 +00:00
Thorin-Oakenpants 5ec4fef4ed
dedupe 0808 2021-08-26 05:40:59 +00:00
Thorin-Oakenpants 881a2d22eb
cleanup tags 
- there was only one perf left
- warning is down to 5: two in section headers, 3 on inactive prefs: no need to mention it, people will see them if they read each item/section
 2021-08-25 16:14:59 +00:00
Thorin-Oakenpants 76c8ecd10d
tidy 2021-08-25 15:56:57 +00:00
Thorin-Oakenpants 677b81765f
tidy webgl 2021-08-25 15:36:15 +00:00
Thorin-Oakenpants 9f43d48a32
targetBlankNoOpener -> don't touch 2021-08-25 14:09:39 +00:00
Thorin-Oakenpants 6077d09b9f
window.name -> don't touch 
Also FPI FF65+ patch is not part of FPI, it is part of 4002 which is a separate pref
 2021-08-25 14:04:50 +00:00
Thorin-Oakenpants 7144f8b7f8
cleanup continued, #1239 
More minor tweaks to come. This isn't final
- 0102: ambiguous that the clearing was related to PB mode
- 0900s:
   - get rid of 0901, it has no pref, stick link in header
   - 0905: values on multi-lines use spaces = more readable
- 1000s:
   - rename as disk avoidance and remove sub-section headers
   - remove the outdated section header
- 4001: it will never be perfected, it's doing it's job
- 5500s: optional hardening
   - legit security measures, but commonality in caveats, so I made them a separate section
   - this flips graphite, asm.js and wasm from active to inactive: these are overkill: exhibit A: hundreds of millions of Firefox users
   - e.g. graphite and wasm are enabled on Tor Browser
   - new CVE keyword links
- 7000s: don't bother - two more items added
- 5000s: optional opsec and cleanout 0800s header
- re-number
   - 0900s, 1000s, 1400s, 2400s

PS: I need a new parrot: "9000 syntax error: I ran out of parrots"
 2021-08-24 22:51:48 +00:00
Thorin-Oakenpants 778421cad4
#1241 2021-08-24 08:59:11 +00:00
Thorin-Oakenpants 35ccaff58e
calrify password prompt, #1241 2021-08-24 08:52:12 +00:00
Thorin-Oakenpants 69132b588f
7000s: mathml, svg, #1235 2021-08-24 05:43:38 +00:00
Thorin-Oakenpants 51748ea25a
leverage cve keyword 2021-08-24 03:09:33 +00:00
Thorin-Oakenpants 269cf965bd
renumber 1700s 2021-08-23 10:03:13 +00:00
Thorin-Oakenpants b177c73f0d
typo 
technically it's "or" - FPI overrides network partitioning
 2021-08-23 09:47:34 +00:00
Thorin-Oakenpants 613e55ae8c
7000s: add MOAR; renumber 0700s, #1235 2021-08-23 09:42:21 +00:00
Thorin-Oakenpants 3697bd8d3a
1603 -> inactive 
Yes it's pretty much useless. Yes it's fingerprintable, and what that entropy is, who knows. Since it's sent regardless with ETP, which we enable in all windows, then who cares. And if you don't use ETP in all windows, then I don't care either - just saying
 2021-08-23 06:26:45 +00:00
Thorin-Oakenpants 9f08c7c0f4
7000s: referer policy #1235 
and re-number 1600s
 2021-08-23 06:04:19 +00:00
Thorin-Oakenpants 05b7d61735
7000s: non cross origin referers 2021-08-23 04:54:49 +00:00
Thorin-Oakenpants e31a6876e6
section 6000 2021-08-23 04:40:29 +00:00
Thorin-Oakenpants 47be7ba42f
1203 is a reset not enforce 2021-08-23 04:08:49 +00:00
Thorin-Oakenpants 033977fe10
move personal to last 
probably more professional to keep it at the end since it isn't strictly project related. It also opens up space for `DON'T TOUCH` and `OPTIONAL OPSEC`
 2021-08-23 03:39:15 +00:00
Thorin-Oakenpants ab42deb541
Four more items to 7000s, #1235 2021-08-23 02:55:36 +00:00
icpantsparti 8a22a90804
colon insertion (#1238) 2021-08-22 16:23:51 +00:00
Thorin-Oakenpants cf379bcce0
typos 2021-08-22 05:45:08 +00:00
Thorin-Oakenpants 2b26cd4f41
7000s: ciphers, #1235 
- merged 3DES cipher to bottom: it is still the same order of [1]
- 3DES pref will be deprecated: pref name changes, and the cipher slated to be unavailable unless you downgrade to < TLS1.2 - see https://bugzilla.mozilla.org/show_bug.cgi?id=1724072
   - FYI: we reset TLS downgrades to session only by resetting the pref currently in 1203
- "Minimal/non-existent threat of downgrade attacks"
   - FYI: these old ciphers are about 1-2% of traffic (from memory) - but that's still significant breakage
   - So the only reason to do this would be to harden against downgrade attacks (and inadvertently use weak sites = breakage): but that doesn't fit most user's threat model: and is probably never going to happen for them. Not sure if I can word that much better and just as succinct
 2021-08-22 05:18:54 +00:00
Thorin-Oakenpants 04d648d55b
remove 2508 
- inactive in user.js since
   - v55: gfx.direct2d.disabled
   - v67: layers.acceleration.disabled
- the way to counter hardware fingerprinting is within each API that may expose it
- this may have made some sense way back in the day, when there were less options/protections, but not any more
- [are we web render yet](https://arewewebrenderyet.com/) - yes, 100% - there is no need to cripple your browser's perf
 2021-08-22 01:53:01 +00:00
Thorin-Oakenpants aded0707a4
misc 
- renumber 0200s, 2500s
- remove 2414: doesn't apply to desktop, and I think it has been neutered in android
 2021-08-21 04:39:08 +00:00
Thorin-Oakenpants 213467d91b
remove 2517 
- inactive since we added it in v63
- this is not how you defeat fingerprinting (unless done in an enforced set)
- for the record: not even tor browser disable this
- fingerprinting this is not cheap in gecko (for now)
- from [2]
   - decoding/encoding capabilities: "it is expected that the entropy ... isn’t going to be significant"
   - HDR detection: "... has the potential to add significant entropy .. however .. but ... thus minimizing effective entropy" - it is what it is
   - note that RFP has some mitigations in FF82+ 1461454
 2021-08-21 03:21:32 +00:00
Thorin-Oakenpants 27ce48f319
trim fluff 2021-08-21 02:00:43 +00:00
Thorin-Oakenpants 37ded2a519
remove redundant warning 2021-08-20 14:10:09 +00:00
Thorin-Oakenpants c9bdceb8d6
1244: fix no upgrade test 2021-08-20 13:23:59 +00:00
Thorin-Oakenpants 95136382e1
improve 1244, closes #1047 again 2021-08-20 13:18:43 +00:00
Thorin-Oakenpants 78d953bfda
remove 1032 
dead wood: marked as default false since at least v68, inactive since at least v78, and web notifications are controlled in 2300s
 2021-08-20 03:16:25 +00:00
Thorin-Oakenpants cef08b63f1
4520 -> personal 2021-08-20 02:52:55 +00:00
Thorin-Oakenpants a8e95e7310
dexter would be proud #1235 
- just to be clear, this section is not supported: not interested in references or explanations or  FF version numbers or default info etc
- "do more harm than good" - ambiguous, not interested in explaining why exactly: but FYI
  - some leak
  - most break shit
  - almost all are easily fingerprinted and the combo of them would make you really stand out
- removed the duplicate `ui.prefersReducedMotion` - this should move to personal as well
- moved `ui.systemUsesDarkTheme` to personal
 2021-08-20 02:13:53 +00:00
Thorin-Oakenpants 5ab3c47b6b
7001: tweak 
F11 has nothing to do with the API or why
 2021-08-19 15:26:22 +00:00
Thorin-Oakenpants 45c52b6620
start section 7000s 2021-08-19 14:44:06 +00:00
Thorin-Oakenpants 93f6aea06a
1605: change to active enforced 2021-08-19 13:17:07 +00:00
Thorin-Oakenpants ac84da2af4
remove XHTML config warning 
dead weight: ESR users will already be aware of and ticked the warning box by now
 2021-08-19 02:07:03 +00:00
Thorin-Oakenpants f19d850845
tidy #1235 
8000s (was 4600s)
- move below personal, so user-relevant part is shorter
- swap out font vis with document fonts + font whitelist
   - font vis still has usability/visual purposes: it just won't really help much with fingerprinting
   - ESR78 users (who can't use font vis), sorry, but we made doc fonts inactive for a while now, and now recommend you don't use it anyway
 2021-08-19 01:46:47 +00:00
Thorin-Oakenpants 7264271063
rusty-snake improvements, #1235 2021-08-19 00:15:30 +00:00
Thorin-Oakenpants dc63a752a5
tidy 0300 + 0301 2021-08-18 13:55:41 +00:00
Thorin-Oakenpants a70c312938
goodbye battery 
- dead weight since 2017-06-13 when ESR45 reached EOL .. good riddance
- if someone does use it, it's not going to do any harm, so no need to carry it for prefsCleaner
 2021-08-18 12:46:24 +00:00
Thorin-Oakenpants 29ad768a22
RFP tweak 
letterboxing is not part of RFP, it is a separate pref: bugzilla and FF version info is in 4504
 2021-08-18 09:08:36 +00:00
Thorin-Oakenpants 679648b33e
RFP info tweak 2021-08-18 09:03:16 +00:00
Thorin-Oakenpants 783786290d
tidy 
- geo -> warning
- merge container prefs
- remove redundant "see"s
- remove corresponding 4600's item number in RFP mitigations
   - it's pretty clear by the preference names in 4600
   - could be misconstrued that the 4600 pref is the same result
- RFP's language prompt only checks for en*, not en-US (so en-GB, en-CA etc do not get prompted)
   - https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPHelper.jsm#196
 2021-08-18 08:24:44 +00:00
Thorin-Oakenpants e7e6cfffe8
0503: tidy 2021-08-18 07:30:55 +00:00
Thorin-Oakenpants 08e9fb35fd
update some references 2021-08-18 07:16:19 +00:00
Thorin-Oakenpants fdc9376c69
tidy 
- 0105*: merge into a single block
- 1220: make values more readable with spaces, like 2701 (no need for value 2), add default, update advise (get a new AV, SHA1 is dead baby)
- 2619: remove fluff
 2021-08-18 01:50:09 +00:00
Thorin-Oakenpants 41c3c0ec26
tweak 2522: webgl 
- we already disable webgl, that's enough
- the other two prefs are not going to provide much protection if a user decides they want webgl
- "disable-fail-if-major-performance-caveat" only applies to ESR78 and will removed in the future
- one (or two) less pref(2) for users to troubleshoot/flip
 2021-08-17 03:47:33 +00:00
Thorin-Oakenpants d7208ccf34
tidy 2021-08-17 03:41:56 +00:00
Thorin-Oakenpants 77410bf86d
musical chairs part 2 
merge plugins with webrtc (camera + mic) and "media"
 2021-08-17 03:08:48 +00:00
Thorin-Oakenpants 1d63e836ee
musical chairs part 1 
- move 2200s into respective sections
- move FPing items into 2500s
 2021-08-17 02:52:19 +00:00
Thorin-Oakenpants 668e843fce
misc 
- remove 2720
   - this is a very old pref, been inactive since at least our first github release: v51
   - disabling the API is not how you control client side state: you do that by blocking cookies which also controls other state such as IDB etc
- 2700 section header
  - history/downloads is redundant
  - Offline Website Data info -> relevant item number with Active Logins info
  - ^ technically it still includes appCache for ESR78 users, but that will be moot in less than three months
- tidy RFP
  - update to FF91 userAgent spoofing: there is no Android ESR so we don't need to mention "Android 9"
  - we don't need to say if the API is enabled for mediaDevices
 2021-08-16 15:34:57 +00:00
Thorin-Oakenpants e7872b193b
!yoda 
no bytes were harmed in the making of this commit
 2021-08-16 04:22:46 +00:00
Thorin-Oakenpants 8d6ee7c0c7
oophs 2021-08-16 04:18:12 +00:00
Thorin-Oakenpants 7d1e244f5a
0506: clarify 
oh noes! what's blocked, the pref or the ping? .. also save MOAR bytes
 2021-08-16 04:10:20 +00:00
Thorin-Oakenpants dcc736bb85
I meant 14 lines, u lucky bastards 2021-08-16 04:03:56 +00:00
Thorin-Oakenpants 68568c1abf
trim 1198 bytes (u lucky bastards!) + 13 lines 2021-08-16 04:02:15 +00:00
Thorin-Oakenpants 1b33f574bb
RFP stuff 2021-08-14 04:44:50 +00:00
Thorin-Oakenpants 568a05ad7d
2502: trim 
this info is useless .. save three lines
 2021-08-14 04:18:04 +00:00
icpantsparti c45094fdd9
nits! (edit 2 typos) (#1232) 2021-08-11 20:56:51 +00:00
Thorin-Oakenpants 4b38e20f14
change 4600s into do not use, #1221 (#1225) 
see https://github.com/arkenfox/user.js/issues/1221#issuecomment-895623028
 2021-08-10 00:18:19 +00:00
Thorin-Oakenpants 92b7fb81d0
fixup STATS year 2021-08-04 18:45:15 +00:00
Thorin-Oakenpants 404d1d466a
update [STATS] 
- just in time for ESR91
 2021-08-04 17:23:38 +00:00
Thorin-Oakenpants 06e5de4332
tweak windows SSO info/reference 2021-08-04 10:32:33 +00:00
Thorin-Oakenpants eb4363dc18
tweak info in section 2800 header, #1223 2021-08-01 17:36:04 +00:00
Thorin-Oakenpants 5c93ebb54f
misc, closes #1220 2021-07-30 05:48:17 +00:00
Thorin-Oakenpants b8f3d93a5c
v90 2021-07-26 03:11:09 +00:00
Thorin-Oakenpants f53f01823f
1203 default info 2021-07-24 12:56:27 +00:00
Thorin-Oakenpants 18dbb56a3d
put 1203 back 
see 3bb9fc713f
 2021-07-24 12:51:15 +00:00
Thorin-Oakenpants f394fd0290
move webgl to hardware fingerprinting 
- merge into a single number, update the alt pref number
- update RFP info to reflect that it is not a cure-all
 2021-07-24 01:56:46 +00:00
Thorin-Oakenpants f24899fcac
cleanup language specific links 2021-07-24 01:04:03 +00:00
Thorin-Oakenpants a7ba61c0d4
0304: background service app update [windows] 
- the service implies a check is done first, I'm more concerned with the actual updating: not that updates are bad, it's about controlling when (if ever e.g. my test suite)
- since 0301 has to be done manually in Windows, 0302 is a good fallback **IF** the background service is applicable (read the link)
- clean up the numbering
 2021-07-24 00:52:38 +00:00
Thorin-Oakenpants babb9f3682
4612: remove outdated confusing line 2021-07-22 03:41:39 +00:00
Thorin-Oakenpants b22e349d44
make 4620 more accurate and match RFP section info 2021-07-20 03:38:49 +00:00
Thorin-Oakenpants bb48fe4ebe
RFP: 4612 is not disabled (by default) 2021-07-20 03:34:49 +00:00
Thorin-Oakenpants 44a8088481
tidy 
- "enforce" is for when we set the default value
- use [WARNING] for inactive (they're inactive for a reason and people really do not need to turn them on) but less scary [NOTE] for active (tweak away at your own risk)
  - seems neater, easier and less scary for users setting up the first time: i.e they only need to initially look at active items
  - FYI: I was going to add something to LSNG (2760) that it is required for Fission, but will wait, and it struck me that 2680 was the only active item with a warning: seems inconsistent
- 2684: security delay .. make enforce mean enforce (default) ... not worth occasionally saving .3 seconds
   - for now it's one less item in differences/flips
   - might make this inactive in 91+, and add a warning
   - it has been a very long time since we added this due to bad advise/references on the internet on how to speed up Firefox
 2021-07-20 02:51:52 +00:00
Thorin-Oakenpants 3bb9fc713f
remove 1203 
default false since it was added in FF71 - see https://bugzilla.mozilla.org/1579285
 2021-07-20 02:00:33 +00:00
Thorin-Oakenpants b761a9dd32
4505: experimental RFP prefs 
and tidy up all instances (eight) of "do not use": all caps, no asterisks, immediately after [warning]
 2021-07-08 07:08:38 +00:00
Thorin-Oakenpants 31e864c16c
0913: disable windows SSO FF91+ 
- and make 2730 more accurate and add bugzilla
- future RFP additions will be FF91+
 2021-07-08 06:21:53 +00:00
Thorin-Oakenpants f229a3cb75
fixup FF90 deprecated (#1207) 2021-07-07 11:51:44 +00:00
Thorin-Oakenpants 981462ee54
FF90 deprecated 2021-07-06 13:26:44 +00:00
Thorin-Oakenpants d940ffb3c6
105c: add "sponsored shortcuts" 2021-07-06 06:32:58 +00:00
Thorin-Oakenpants a6d20eaf5b
1264: update ciphers, fixes #1196 (#1197) 2021-06-23 16:22:10 +00:00
Thorin-Oakenpants b93a5e334c
2510 webaudio -> inactive RFP alts, closes #1194 2021-06-20 12:49:57 +00:00
Thorin-Oakenpants c98606430c
move 2505 to RFP alts, closes #1099 2021-06-20 09:29:38 +00:00
Thorin-Oakenpants 12c0631900
4501: remove confusing RFP line 2021-06-16 16:48:14 +00:00
Thorin-Oakenpants efcceaf2c3
enforce non-native widget theme 2021-06-15 09:55:42 +00:00
Thorin-Oakenpants d973e11714
add instagram word, closes #1184 2021-06-05 17:36:56 +00:00
Thorin-Oakenpants b6d7b2bff5
RFP info tweak 2021-06-01 11:02:30 +00:00
Thorin-Oakenpants 74f804a056
1243: more dead flash 2021-05-25 18:19:22 +00:00
Thorin-Oakenpants f0b5e3649d
tidy 2021-05-25 17:46:45 +00:00
Thorin-Oakenpants 9419e2faab
remove 1210 
been default true since FF26 - thanks earthlng
 2021-05-25 17:30:40 +00:00
Thorin-Oakenpants ba9b3c217b
tweak 4600s: closes #1172 2021-05-08 14:45:32 +00:00
Thorin-Oakenpants 79c5539edb
goodbye flash 
The prefs still exist, but won't do anything since most of the NPAPI code has been removed
 2021-05-05 16:41:43 +00:00
Thorin-Oakenpants cfd7cd01d1
cleanup 0500s, #1170 
- they all have on/off switches
- dxr no longer exists: update URL
- don't recommend users delete files
   - saves two lines
   - they poses zero threat (they have prefs)
   - deleting them can causes unwanted console errors/noise
 2021-04-25 11:18:39 +00:00
Thorin-Oakenpants da9f912862
2620: disable pdfjs scripting, v88 final 2021-04-23 14:25:54 +00:00
Thorin-Oakenpants 9930cfbc07
0102: add setup tag #1166 2021-04-17 07:12:20 +00:00
Thorin-Oakenpants 7738e320d5
RFP & Presentation API 2021-04-15 07:10:54 +00:00
Thorin-Oakenpants 6c10e03ce5
2012: remove webgl.min_capability_mode 
as promised in 4596d721e6
 2021-04-08 01:19:42 +00:00
Thorin-Oakenpants 7ad3bb9e61
0702: use a [STATS] tag 2021-04-07 09:44:24 +00:00
Thorin-Oakenpants 5dcf639d33
oophs .. and start 88-alpha 2021-04-07 09:36:56 +00:00
Thorin-Oakenpants 2da3b0192f
update HTTP2 stats 2021-04-07 09:36:01 +00:00
Thorin-Oakenpants ada8158caf
v87 2021-04-04 20:33:23 +00:00
Thorin-Oakenpants 2071939c5e
use [TOR] tags, add 1247 
not that we recommend using tor over firefox: but at least the info is there for fiddlers
 2021-04-04 14:21:24 +00:00
Thorin-Oakenpants f082278217
1607: save one line and some bytes 
and make it even MOAR clear we do NOT support tor over firefox
 2021-04-04 14:15:53 +00:00
Thorin-Oakenpants abe37add6e
save some overrides, closes #1157 
I do not think anyone will bemoan these four "personal" choices
 2021-04-04 12:54:17 +00:00
Thorin-Oakenpants bc07ca94c0
1830: add [TEST] 2021-04-04 12:37:17 +00:00
Thorin-Oakenpants 728c962684
2402: potential clipboard leak fixed in FF89+ 
Thanks @gwarser for testing, creating the bugzilla, being patient, and confirming the fix
 2021-04-04 12:01:49 +00:00
Thorin-Oakenpants ca99add006
turn ETP on everywhere 
It literally cannot hurt [1], and makes it easier for users to use custom mode with TCP/dFPI. Turning on socialtracking helps gain parity with strict mode

[1] gorhill: https://old.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gl9rn9n/
> All extensions and ETP work in parallel, they all inspect network requests and all make the decision to block or not, hence if they all decide to block, they will all report that they block something. ETP is a bit different than normal extension in that it will give precedence to an extension trying to redirect to a local resource, this ensures ETP works harmoniously with normal extensions.
> 
> Once something is not blocked, it then goes through a DNS query, and the browser waits for the response.
> 
> I will add examples of how ETP + multiple blocker extensions work together when dealing with a network request; let's say "A" and "B" are two different blockers:
> 
>   - ETP=block, A=allow, B=allow: result=block
>   - ETP=allow, A=block, B=allow: result=block
>   - ETP=allow, A=allow, B=redirect: result=redirect
>   - ETP=allow, A=block, B=redirect: result=block
>   - ETP=block, A=allow, B=redirect: result=redirect
> 
> So as you can see, ETP is a bit different than a normal extension in that it won't prevent redirection from happening if ever a network request is redirected by one of the normal extension.
 2021-04-04 11:49:07 +00:00
Thorin-Oakenpants f771027138
2720 was removed in FF72 
https://bugzilla.mozilla.org/1488583
 2021-04-04 11:18:54 +00:00
Thorin-Oakenpants 8f1c0044b9
2701: add cookie behavior 5 2021-04-04 11:07:39 +00:00
Thorin-Oakenpants 46ccd9f654
cleanup 0600s 
three prefs are default since at least 78, and one pref is redundant for a pref that has been at our default since it was added
 2021-04-03 14:20:39 +00:00
Thorin-Oakenpants b1927f9de1
1607 make inactive 
Useless, since Firefox doesn't use Tor (and which we don't recommend). It was added for the info factor.
 2021-03-27 18:42:52 +00:00
Thorin-Oakenpants b592e0e592
87 deprecated 
It is simpler to leave the PointerEvent pref where it is, until ESR78 is EOL
- FF87+ users who use RFP Alts simply add a dead pref, no harm
- This way ESR78 users don't have to worry about extra char flipping: it's the same as before: 1 flip for ESR, 1 flip for RFP Alts
 2021-03-27 07:49:14 +00:00
Thorin-Oakenpants 3b6cd93749
1606: default Referrer Policy default 2021-03-27 07:32:19 +00:00
Thorin-Oakenpants 3a24c01f03
0518: enforce no Web Compat Reporter 
only stable is false, at the time of writing. but enforcing this for all channels is good, so no-one ends up wasting mozilla resources reporting a compat problem when they've got 200 odd prefs flipped
 2021-03-17 14:01:16 +00:00
Thorin-Oakenpants b7c80841a9
tweak defaults (#1140) 
- don't differentiate between channels
- both can be made inactive
   - webcompat requires user action: and I don't see this as a bad thing to have in non-stable
   - unsubmitted crashReports on Nightly is probably already covered by killing the URL, so no big deal
 2021-03-14 11:21:13 +00:00
Thorin-Oakenpants 9138e342fd
misc (#1136) 
- 0000: remove old XUL info, dropped in FF73+
- 0201: save 3 chars
- 0350: add default status for unsubmittedCheck
- 0351: change to enforce: has been default false going back to at least FF60, including current Beta/Dev/Nightly
   - along with 0602 `network.dns.disablePrefetchFromHTTPS` and 0603 `network.predictor.enable-prefetch`, I considered making them inactive, but decided it was good to leave them active for non-stable users just in case they get flipped
- 0515: add default status
- 0850c: remove info: out of date: doesn't work lilke that anymore and can't be assed figuring it out what with megabar and urlbar2 changes
- 0871: make inactive: default false since at least FF60
   - no need to enforce for non-stable in case it is flipped. It's a pretty minor shoulder-surfer privacy issue and the previews are small. If you're not sure what this pref does. On false you get one tab shown, on true you get as many as can fit across your screen. I squeezed in 15, and after that it became a list
- fixup `***/`
- shave off six lines and almost 400 bytes for you bastards
 2021-03-10 00:06:30 +00:00
Thorin-Oakenpants 692ed70ea9
remove maintenance of this comment 2021-03-08 01:49:21 +00:00