1
0
Commit Graph

1642 Commits

Author SHA1 Message Date
Thorin-Oakenpants
9cc132e69d
security.ssl.enable_ocsp_stapling
default true since FF26
2021-05-25 17:32:07 +00:00
Thorin-Oakenpants
9419e2faab
remove 1210
been default true since FF26 - thanks earthlng
2021-05-25 17:30:40 +00:00
Thorin-Oakenpants
0566ded651
fixup, closes #1174 2021-05-09 17:52:38 +00:00
Thorin-Oakenpants
ba9b3c217b
tweak 4600s: closes #1172 2021-05-08 14:45:32 +00:00
Thorin-Oakenpants
79c5539edb
goodbye flash
The prefs still exist, but won't do anything since most of the NPAPI code has been removed
2021-05-05 16:41:43 +00:00
Thorin-Oakenpants
cfd7cd01d1
cleanup 0500s, #1170
- they all have on/off switches
- dxr no longer exists: update URL
- don't recommend users delete files
   - saves two lines
   - they poses zero threat (they have prefs)
   - deleting them can causes unwanted console errors/noise
2021-04-25 11:18:39 +00:00
Thorin-Oakenpants
da9f912862
2620: disable pdfjs scripting, v88 final 2021-04-23 14:25:54 +00:00
Thorin-Oakenpants
9930cfbc07
0102: add setup tag #1166 2021-04-17 07:12:20 +00:00
Thorin-Oakenpants
7738e320d5
RFP & Presentation API 2021-04-15 07:10:54 +00:00
Thorin-Oakenpants
9b8735a87a
webgl.min_capability_mode 2021-04-08 01:21:14 +00:00
Thorin-Oakenpants
6c10e03ce5
2012: remove webgl.min_capability_mode
as promised in 4596d721e6
2021-04-08 01:19:42 +00:00
Thorin-Oakenpants
7ad3bb9e61
0702: use a [STATS] tag 2021-04-07 09:44:24 +00:00
Thorin-Oakenpants
5dcf639d33
oophs .. and start 88-alpha 2021-04-07 09:36:56 +00:00
Thorin-Oakenpants
2da3b0192f
update HTTP2 stats 2021-04-07 09:36:01 +00:00
Thorin-Oakenpants
ada8158caf
v87 2021-04-04 20:33:23 +00:00
Thorin-Oakenpants
2071939c5e
use [TOR] tags, add 1247
not that we recommend using tor over firefox: but at least the info is there for fiddlers
2021-04-04 14:21:24 +00:00
Thorin-Oakenpants
f082278217
1607: save one line and some bytes
and make it even MOAR clear we do NOT support tor over firefox
2021-04-04 14:15:53 +00:00
Thorin-Oakenpants
abe37add6e
save some overrides, closes #1157
I do not think anyone will bemoan these four "personal" choices
2021-04-04 12:54:17 +00:00
Thorin-Oakenpants
bc07ca94c0
1830: add [TEST] 2021-04-04 12:37:17 +00:00
Thorin-Oakenpants
728c962684
2402: potential clipboard leak fixed in FF89+
Thanks @gwarser for testing, creating the bugzilla, being patient, and confirming the fix
2021-04-04 12:01:49 +00:00
Thorin-Oakenpants
ca99add006
turn ETP on everywhere
It literally cannot hurt [1], and makes it easier for users to use custom mode with TCP/dFPI. Turning on socialtracking helps gain parity with strict mode

[1] gorhill: https://old.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gl9rn9n/
> All extensions and ETP work in parallel, they all inspect network requests and all make the decision to block or not, hence if they all decide to block, they will all report that they block something. ETP is a bit different than normal extension in that it will give precedence to an extension trying to redirect to a local resource, this ensures ETP works harmoniously with normal extensions.
> 
> Once something is not blocked, it then goes through a DNS query, and the browser waits for the response.
> 
> I will add examples of how ETP + multiple blocker extensions work together when dealing with a network request; let's say "A" and "B" are two different blockers:
> 
>   - ETP=block, A=allow, B=allow: result=block
>   - ETP=allow, A=block, B=allow: result=block
>   - ETP=allow, A=allow, B=redirect: result=redirect
>   - ETP=allow, A=block, B=redirect: result=block
>   - ETP=block, A=allow, B=redirect: result=redirect
> 
> So as you can see, ETP is a bit different than a normal extension in that it won't prevent redirection from happening if ever a network request is redirected by one of the normal extension.
2021-04-04 11:49:07 +00:00
Thorin-Oakenpants
f771027138
2720 was removed in FF72
https://bugzilla.mozilla.org/1488583
2021-04-04 11:18:54 +00:00
Thorin-Oakenpants
8f1c0044b9
2701: add cookie behavior 5 2021-04-04 11:07:39 +00:00
Thorin-Oakenpants
87cd828b5b
browser.send_pings.require_same_host
redundant/defense-in-depth pref for `browser.send_pings` which is still at default false after six years of watching it (false is what we want)
2021-04-03 14:25:46 +00:00
Thorin-Oakenpants
46ccd9f654
cleanup 0600s
three prefs are default since at least 78, and one pref is redundant for a pref that has been at our default since it was added
2021-04-03 14:20:39 +00:00
Thorin-Oakenpants
b1927f9de1
1607 make inactive
Useless, since Firefox doesn't use Tor (and which we don't recommend). It was added for the info factor.
2021-03-27 18:42:52 +00:00
Thorin-Oakenpants
b592e0e592
87 deprecated
It is simpler to leave the PointerEvent pref where it is, until ESR78 is EOL
- FF87+ users who use RFP Alts simply add a dead pref, no harm
- This way ESR78 users don't have to worry about extra char flipping: it's the same as before: 1 flip for ESR, 1 flip for RFP Alts
2021-03-27 07:49:14 +00:00
Thorin-Oakenpants
3b6cd93749
1606: default Referrer Policy default 2021-03-27 07:32:19 +00:00
Thorin-Oakenpants
3a24c01f03
0518: enforce no Web Compat Reporter
only stable is false, at the time of writing. but enforcing this for all channels is good, so no-one ends up wasting mozilla resources reporting a compat problem when they've got 200 odd prefs flipped
2021-03-17 14:01:16 +00:00
Thorin-Oakenpants
b7c80841a9
tweak defaults (#1140)
- don't differentiate between channels
- both can be made inactive
   - webcompat requires user action: and I don't see this as a bad thing to have in non-stable
   - unsubmitted crashReports on Nightly is probably already covered by killing the URL, so no big deal
2021-03-14 11:21:13 +00:00
earthlng
95645f59a3
Add files via upload 2021-03-11 14:06:38 +00:00
Thorin-Oakenpants
9138e342fd
misc (#1136)
- 0000: remove old XUL info, dropped in FF73+
- 0201: save 3 chars
- 0350: add default status for unsubmittedCheck
- 0351: change to enforce: has been default false going back to at least FF60, including current Beta/Dev/Nightly
   - along with 0602 `network.dns.disablePrefetchFromHTTPS` and 0603 `network.predictor.enable-prefetch`, I considered making them inactive, but decided it was good to leave them active for non-stable users just in case they get flipped
- 0515: add default status
- 0850c: remove info: out of date: doesn't work lilke that anymore and can't be assed figuring it out what with megabar and urlbar2 changes
- 0871: make inactive: default false since at least FF60
   - no need to enforce for non-stable in case it is flipped. It's a pretty minor shoulder-surfer privacy issue and the previews are small. If you're not sure what this pref does. On false you get one tab shown, on true you get as many as can fit across your screen. I squeezed in 15, and after that it became a list
- fixup `***/`
- shave off six lines and almost 400 bytes for you bastards
2021-03-10 00:06:30 +00:00
Thorin-Oakenpants
692ed70ea9
remove maintenance of this comment 2021-03-08 01:49:21 +00:00
earthlng
3430507ae4
v3.0 - improve readIniFile() (#1128)
- grep -c equals grep | wc -l
- make output prettier
- work with variable instead of temporary file

+ a few minor changes/cleanup
2021-03-07 13:29:33 +00:00
Thorin-Oakenpants
844f3ce9c8
tidy 2021-03-05 10:15:26 +00:00
Thorin-Oakenpants
03ffb90186
start 87-alpha, also fixes #1129
make all inactive permissions.default = same, blocked
2021-03-02 20:02:41 +00:00
Thorin-Oakenpants
5f9bb59b95
86 final 2021-02-28 20:49:57 +00:00
Thorin-Oakenpants
7163efdd1e
1825: inactive: it is redundant, fixes #1107 2021-02-28 15:57:27 +00:00
Thorin-Oakenpants
65fb24ff1b
layout.css.visited_links_enabled
added back to the user.js in 612cfbf313
2021-02-27 21:20:00 +00:00
Thorin-Oakenpants
612cfbf313
0805: re-add visited links
It can still be used to mitigate social engineering attacks (e.g. using visibility and user clicks), and advanced/targeted scripts
2021-02-27 21:18:17 +00:00
Thorin-Oakenpants
4596d721e6
2012: make webgl.min_capability_mode inactive
- This is too minimal to be of any use, breaks too much (e.g. zoom video)
- Tor browser stopped flipping this (I *think*) about 5 years ago: it certainly hasn't been used in ESR60+ based TB builds, I checked
- we already disable webgl, so making this inactive removes yet another pref users need to flip/troubleshoot
- I will leave it in the user js for a few releases so prefsCleaner will pick it up
2021-02-26 11:39:52 +00:00
Thorin-Oakenpants
911206eed5
5000s: disable ctrl-q quit shortcut FF87+
https://bugzilla.mozilla.org/show_bug.cgi?id=52821 .. 21 years, old enough to drink and vote
2021-02-25 01:22:08 +00:00
Thorin-Oakenpants
cb5cdca99d
update adding site exceptions
- https://bugzilla.mozilla.org/show_bug.cgi?id=1692553
- also HoM is not Page Info
2021-02-24 22:10:29 +00:00
Thorin-Oakenpants
e54ae46537
1204: ssl session ids inactive, closes #1110 2021-02-24 15:11:59 +00:00
Thorin-Oakenpants
7c978d4e70
0708: FTP default FF88+
https://bugzilla.mozilla.org/show_bug.cgi?id=1691890
2021-02-22 20:05:25 +00:00
Thorin-Oakenpants
d905b4387d
deprecated: put FF86 items in the right place 2021-02-21 20:52:20 +00:00
Thorin-Oakenpants
c31c825a74
2212: popup events, fixes DDG
https://bugzilla.mozilla.org/show_bug.cgi?id=1686045
2021-02-18 15:50:37 +00:00
Thorin-Oakenpants
6505a9fefd
FF86 deprecated 2021-02-18 15:30:58 +00:00
Thorin-Oakenpants
de74f812ee
2012: webgl default FF86+ 2021-02-18 15:00:06 +00:00
Thorin-Oakenpants
82bb3f987d
2604, closes #1111 2021-02-08 07:20:06 +00:00