From ac0820a5dc00e04fe14fc2a74ba75e590883293c Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 21 Jan 2022 03:48:06 +0000 Subject: [PATCH] add last bits about ETP Strict/dFPI, closes #1337 --- user.js | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/user.js b/user.js index 0037897..9c60d66 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: arkenfox user.js -* date: 9 December 2021 -* version 96-alpha +* date: 21 January 2021 +* version 96 * url: https://github.com/arkenfox/user.js * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt @@ -757,11 +757,18 @@ user_pref("extensions.postDownloadThirdPartyPrompt", false); /*** [SECTION 2700]: ETP (ENHANCED TRACKING PROTECTION) ***/ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!"); /* 2701: enable ETP Strict Mode [FF86+] - * [NOTE] ETP Strict Mode enables Total Cookie Protection (TCP) + * ETP Strict Mode enables Total Cookie Protection (TCP) + * [NOTE] Adding site exceptions disables all ETP protections for that site and increases the risk of + * cross-site state tracking e.g. exceptions for SiteA and SiteB means PartyC on both sites is shared * [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ * [SETTING] to add site exceptions: Urlbar>ETP Shield * [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/ user_pref("browser.contentblocking.category", "strict"); +/* 2702: disable ETP web compat features [FF93+] + * [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants + * [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/ + * [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12 ***/ + // user_pref("privacy.antitracking.enableWebcompat", false); /* 2710: enable state partitioning of service workers [FF96+] ***/ user_pref("privacy.partition.serviceWorkers", true);