diff --git a/docs/Changelog.md b/docs/Changelog.md index 1b1b657..b09c590 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,10 +1,43 @@ This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version. Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config. -# 6.0 +# 6.1 **target commit**: +**base librewolf version**: 99.x + +**References**: +- csp pref has been deprecated. +- quicksuggest prefs are redundant as it has a master switch. the master switch is now force applied on each restart of the browser. +- do not whitelist offscreencanvas for now, we need to first check how it is tied to the "normal" canvas. + +**Notes**: using the vpn pref should allow us to get rid of one patch. + +#### Added preferences +``` +lockPref("browser.vpn_promo.enabled", true); +defaultPref("gfx.offscreencanvas.domain-enabled", false); +``` + +#### Removed preferences +``` +lockPref("security.csp.enable", true); // enforce csp, default +lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); +lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); +lockPref("browser.urlbar.quicksuggest.dataCollection.enabled", false); // default +lockPref("browser.urlbar.quicksuggest.scenario", "history"); +``` + +#### Changed preferences +``` +pref("browser.urlbar.quicksuggest.enabled", false); +``` + +# 6.0 + +**target commit**: 0822d491d2b377b5cd7f0429cee5aa916538fa50 + **base librewolf version**: 98.x **References**: diff --git a/librewolf.cfg b/librewolf.cfg index 8525c82..dd2afd2 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -6,7 +6,7 @@ * * WARNING: please make sure the first line of this file is empty. this is a known bug. */ -defaultPref("librewolf.cfg.version", "6.0"); +defaultPref("librewolf.cfg.version", "6.1"); /** INDEX @@ -14,7 +14,7 @@ defaultPref("librewolf.cfg.version", "6.0"); * * PRIVACY [ISOLATION, SANITIZING, CACHE AND STORAGE, HISTORY AND SESSION RESTORE, QUERY STRIPPING] * NETWORKING [HTTPS, IPv6, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE] - * FINGERPRINTING [RFP, WEBGL] + * FINGERPRINTING [RFP, WEBGL, OFFSCREENCANVAS] * SECURITY [SITE ISOLATION, CERTIFICATES, TLS/SSL, PERMISSIONS, FONTS, SAFE BROWSING, OTHERS] * REGION [LOCATION, LANGUAGE] * BEHAVIOR [DRM, SEARCH AND URLBAR, DOWNLOADS, AUTOPLAY, POP-UPS AND WINDOWS, MOUSE] @@ -186,6 +186,13 @@ defaultPref("privacy.resistFingerprinting.letterboxing", false); /** [SECTION] WEBGL */ defaultPref("webgl.disabled", true); +/** [SECTION] OFFSCREENCANVAS + * it will need a revisit in the near future, in case it causes breakage or + * if it has been tied to canvas api permission or if it is not allowed to + * exchange values through it. for now leave disabled just because. + */ +defaultPref("gfx.offscreencanvas.domain-enabled", false); + /** [CATEGORY] SECURITY */ @@ -255,7 +262,6 @@ lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); /** [SECTION] OTHERS */ -lockPref("security.csp.enable", true); // enforce csp, default defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing defaultPref("pdfjs.enableScripting", false); // disable js scripting in the built-in pdf reader @@ -301,15 +307,11 @@ defaultPref("browser.search.suggest.enabled", false); defaultPref("browser.search.update", false); defaultPref("browser.urlbar.trimURLs", false); /** - * quicksuggest is a feature of firefox that shows sponsored suggestions. we disable it in full - * but the list could and should be trimmed at some point. the scenario controls the opt-in, while - * the second pref disables the feature and hides it from the ui. + * the pref disables the whole feature and hide it from the ui + * (as noted in https://bugzilla.mozilla.org/show_bug.cgi?id=1755057). + * this also includes the best match feature, as it is part of firefox suggest. */ -lockPref("browser.urlbar.quicksuggest.scenario", "history"); -lockPref("browser.urlbar.quicksuggest.enabled", false); -lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); -lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); -lockPref("browser.urlbar.quicksuggest.dataCollection.enabled", false); // default +pref("browser.urlbar.quicksuggest.enabled", false); /** [SECTION] DOWNLOADS * user interaction should always be required for downloads, as a way to enhance security by asking @@ -476,6 +478,7 @@ defaultPref("browser.contentblocking.report.monitor.enabled", false); lockPref("browser.contentblocking.report.hide_vpn_banner", true); lockPref("browser.contentblocking.report.vpn.enabled", false); lockPref("browser.contentblocking.report.show_mobile_app", false); +lockPref("browser.vpn_promo.enabled", true); // ...about:addons recommendations sections and more defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); defaultPref("extensions.getAddons.showPane", false);