From e7d20867cb50c0f934bc3883ce60e16ec69a82ef Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 6 Apr 2020 00:39:52 +0000 Subject: [PATCH] 2623 delegation 2421 ion/jit tweak --- user.js | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/user.js b/user.js index 1131884..4bf0cb3 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: ghacks user.js -* date: 11 March 2020 -* version 74-alpha +* date: 05 April 2020 +* version 74-beta * authors: v52+ github | v51- www.ghacks.net * url: https://github.com/ghacksuserjs/ghacks-user.js * license: MIT: https://github.com/ghacksuserjs/ghacks-user.js/blob/master/LICENSE.txt @@ -1055,8 +1055,7 @@ user_pref("dom.vibrator.enabled", false); * [6] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ ***/ user_pref("javascript.options.asmjs", false); /* 2421: disable Ion and baseline JIT to help harden JS against exploits - * [NOTE] Disabling JIT also disables Ion. In FF75+ disabling Ion no longer affects extensions (1599226) - * [WARNING] If false, causes the odd site issue and there is also a performance loss + * [WARNING] Disabling Ion/JIT can cause some site issues and performance loss * [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817 ***/ // user_pref("javascript.options.ion", false); // user_pref("javascript.options.baselinejit", false); @@ -1192,6 +1191,12 @@ user_pref("network.protocol-handler.external.ms-windows-store", false); /* 2622: enforce no system colors; they can be fingerprinted * [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false] +/* 2623: disable permissions delegation [FF73+] + * Currently applies to cross-origin geolocation, camera, mic and screen-sharing + * permissions, and fullscreen requests. Disabling delegation means any prompts + * for these will show/use their correct 3rd party origin + * [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion */ +user_pref("permissions.delegation.enabled", false); /** DOWNLOADS ***/ /* 2650: discourage downloading to desktop