knock down some more reordering

2022-02-06 21:21:55 +01:00 · 2022-02-06 21:21:55 +01:00 · 624708acdc
commit 624708acdc
parent 5035c4446d
2 changed files with 159 additions and 106 deletions
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -1,6 +1,23 @@
 This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
 Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
 # 5.5
 #### Removed preferences
 ```
 defaultPref("security.insecure_connection_text.enabled", true); // display http websites as insecure in the ui
 ```
 #### Added preferences
 ```
 defaultPref("browser.places.speculativeConnect.enabled", false);
 ```
 ### Changed preferences
 ```
 pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only
 ```
 ## 5.4
 **target commit**:
--- a/librewolf.cfg
+++ b/librewolf.cfg
@ -7,12 +7,32 @@ defaultPref("librewolf.cfg.version", "5.5");
 /**
- * the file is organized in categories, and each one has a number of sections
+ * the file is organized in categories, and each one has a number of sections:
 * 
 * - PRIVACY
 *   - ISOLATION
 *   - SANITIZING
 *   - CACHE AND STORAGE
 *   - HISTORY AND SESSION RESTORE 
 *   - QUERY STRIPPING
 * 
 * - NETWORKING
 *   - HTTPS
 *   - IPv6
 *   - REFERERS
 *   - WEBRTC
 *   - PROXY
 *   - DNS
 *   - PREFETCHING
 * 
 * - FINGERPRINTING
 *   - RFP
 *   - WEBGL
 * 
 * - SECURITY
 *   - SITE ISOLATION
 *   - CERTIFICATES
 *   - TLS/SSL
 */
@ -44,6 +64,16 @@ defaultPref("privacy.clearOnShutdown.cookies", false);
 defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
 defaultPref("privacy.sanitize.timeSpan", 0);
 /** [SECTION] CACHE AND STORAGE */
 defaultPref("browser.cache.disk.enable", false); // disable disk cache
 /** prevent media cache from being written to disk in pb, but increase max cache size to avoid playback issues */
 defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true);
 defaultPref("media.memory_cache_max_size", 65536);
 // disable favicons in profile folder and page thumbnail capturing
 defaultPref("browser.shell.shortcutFavicons", false);
 defaultPref("browser.pagethumbnails.capturing_disabled", true);
 defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps
 /** [SECTION] HISTORY AND SESSION RESTORE */
 defaultPref("browser.formfill.enable", false); // disable form history
 defaultPref("browser.sessionstore.privacy_level", 2); // prevent websites from storing session data like cookies and forms
@ -62,138 +92,123 @@ defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hse
 */
 defaultPref("librewolf.uBO.assetsBootstrapLocation", "https://gitlab.com/librewolf-community/browser/source/-/raw/main/assets/uBOAssets.json");
 // ----------------------
 // # NETWORKING
 // ----------------------
-// https and mixed content
+/** [CATEGORY] NETWORKING */
 /** [SECTION] HTTPS */
 defaultPref("dom.security.https_only_mode", true); // only allow https in all windows, including private browsing
-defaultPref("network.auth.subresource-http-auth-allow", 1); // stop cross-origin resources from using HTTP authentication
+defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authentication credential dialogs
 defaultPref("security.insecure_connection_text.enabled", true); // display http websites as insecure in the ui
 defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content
-defaultPref("network.dns.disableIPv6", true); // disable ipv6
+/** [SECTION] IPv6
 * privacy extension isn't the default for all linux distros, so we disable ipv6.
 */
 defaultPref("network.dns.disableIPv6", true);
-// always send xorigin referer but trim them
+/** [SECTION] REFERERS
-defaultPref("network.http.referer.XOriginPolicy", 0); // default, might be worth changing to 2
+ * to enhance privacy but keep a certain level of usability we trim cross-origin
 * referers, instead of completely avoid sending them.
 * as a general rule, the behavior of referes which are not cross-origin should not
 * be changed.
 */
 defaultPref("network.http.referer.XOriginPolicy", 0); // default, might be worth changing to 2 to stop sending them completely
 defaultPref("network.http.referer.XOriginTrimmingPolicy", 2); // trim referer to only send scheme, host and port
-defaultPref("network.file.disable_unc_paths", true); // hidden, disable using uniform naming convention
+/** [SECTION] WEBRTC
-defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing
+ * there's no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
-
+ * with the below preference we protect the value even in trusted environments and for win7/8 users,
-// proxy
+ * although this will likely cause breakage.
-defaultPref("network.proxy.socks_remote_dns", true); // forces dns query through the proxy when using one
+ */
 defaultPref("network.gio.supported-protocols", ""); // disable gio as it could bypass proxy
 // doh
 defaultPref("network.trr.confirmationNS", "skip"); // skip undesired doh test connection
 /**
 0 = default
 1 = browser picks faster
 2 = DoH with system dns fallback
 3 = DoH without fallback
 5 = DoH is off, default currently
 below prefs must be applied with pref in order to work
 */
 // pref("network.trr.mode", 2);
 // pref("network.trr.uri", "https://dns.quad9.net/dns-query");
 // prefetching
 defaultPref("network.dns.disablePrefetch", true); // disable dns prefetching
 lockPref("network.predictor.enabled", false); // disable predictor
 lockPref("network.prefetch-next", false); // disable link prefetching
 lockPref("network.http.speculative-parallel-limit", 0); // disable prefetching on mouse over
 defaultPref("network.manage-offline-status", false); // let user control the offline behavior
 // ------------
 // # DOM
 // ------------
 // pop-ups and window related preferences
 defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups on close
 defaultPref("dom.disable_open_during_load", true); // block pop-ups windows
 defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); // limit events that cause pop-ups
 defaultPref("dom.disable_window_move_resize", true); // block scripts from resizing windows
 defaultPref("browser.link.open_newwindow", 3); // open 'new windows' targeted links in 'new tab'
 defaultPref("browser.link.open_newwindow.restriction", 0); // ignore the size when applying the above pref
 // --------------------------------
 // # CACHE AND TEMPORARY FILES
 // --------------------------------
 defaultPref("browser.cache.disk.enable", false); // disable disk cache
 defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true); // block media cache from writing to disk in pb mode
 defaultPref("media.memory_cache_max_size", 65536); // increase max cache size to avoid playback issues caused by above setting
 defaultPref("browser.shell.shortcutFavicons", false); // disable shortcut favicons from being stored in profile
 defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps
 defaultPref("browser.pagethumbnails.capturing_disabled", true); // disable page thumbnails capturing
 // ----------------------
 // # MEDIA
 // ----------------------
 /**
 * limit potential private IP leaks for webrtc users.
 * mDNS protects the value on linux, osx and win10+.
 * these prefs protect the value when allowing mic and camera access, and for win7/8.x.
 * */
 defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate
 defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used
 defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy, when one is used
-// autoplay
+/** [SECTION] PROXY */
-defaultPref("media.autoplay.blocking_policy", 2); // only allow to play when a certain element is clicked
+defaultPref("network.gio.supported-protocols", ""); // disable gio as it could bypass proxy
-defaultPref("media.autoplay.default", 5); // personal preference, currently apply blocking policy to all autplay including muted
+defaultPref("network.file.disable_unc_paths", true); // hidden, disable using uniform naming convention to prevent proxy bypass
 defaultPref("network.proxy.socks_remote_dns", true); // forces dns query through the proxy when using one
 defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy when one is used
-// --------------------------------------
+/** [SECTION] DNS */
-// # FINGERPRINTING
+defaultPref("network.trr.confirmationNS", "skip"); // skip undesired doh test connection
-// --------------------------------------
+defaultPref("network.dns.disablePrefetch", true); // disable dns prefetching
 /**
 * librewolf doesn't use DoH, but it can be enabled with the following prefs:
 * pref("network.trr.mode", 2);
 * pref("network.trr.uri", "https://dns.quad9.net/dns-query");
 * 
 * the possible modes are:
 * 0 = default
 * 1 = browser picks faster
 * 2 = DoH with system dns fallback
 * 3 = DoH without fallback
 * 5 = DoH is off, default currently
 */
-defaultPref("privacy.resistFingerprinting", true); // master switch
+/** [SECTION] PREFETCHING
 * disable prefecthing for different things such as links, bookmarks and predictors.
 */
 lockPref("network.predictor.enabled", false);
 lockPref("network.prefetch-next", false);
 lockPref("network.http.speculative-parallel-limit", 0);
 defaultPref("browser.places.speculativeConnect.enabled", false);
-// rfp compatibility settings
+// TODO
 defaultPref("network.manage-offline-status", false); // let user control the offline behavior
 /** [CATEGORY] FINGERPRINTING */
 /** [SECTION] RFP
 * librewolf should stick to RFP for fingerprinting. we should not set prefs that interfere with it
 * and disabling API for no good reason will be counter productive, so it should also be avoided.  
 */
 defaultPref("privacy.resistFingerprinting", true);
 // rfp related settings
 defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); // prevents rfp from breaking AMO
 defaultPref("browser.startup.blankWindow", false); // if set to true it breaks RFP windows resizing
 defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP
 defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default
 /**
 * increase the size of new RFP windows for better usability, while still using a rounded value.
 * if the screen resolution is lower it will stretch to the biggest possible rounded value.
- * */
+ * also, expose hidden letterboxing pref but do not enable it for now.
 */
 defaultPref("privacy.window.maxInnerWidth", 1600);
 defaultPref("privacy.window.maxInnerHeight", 900);
 defaultPref("privacy.resistFingerprinting.letterboxing", false);
-defaultPref("webgl.disabled", true); // master switch, disable webgl
+/** [SECTION] WEBGL */
 defaultPref("webgl.disabled", true);
 // --------------------------------
 // # SECURITY
 // --------------------------------
-defaultPref("fission.autostart", true); // enable fission by default
+/** [CATEGORY] SECURITY */
-// certificates
+/** [SECTION] SITE ISOLATION
-defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning
+ * https://wiki.mozilla.org/Project_Fission
 */
 defaultPref("fission.autostart", true);
 /** [SECTION] CERTIFICATES */
 defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning, might cause issues with AVs
 defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates
 /**
 * enable safe negotiation and show warning when it is not supported. might cause breakage.
 */
 defaultPref("security.ssl.require_safe_negotiation", true);
 defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 /**
 * our strategy with revocation is to disable OCSP as it is slower and less privacy minded, and to use
 * CRL instead, particularly the CRLite solution with no OCSP fallback.
 */
 defaultPref("security.OCSP.enabled", 0); // disable ocsp fetching
 // crl with no ocsp fallback
 defaultPref("security.remote_settings.crlite_filters.enabled", true);
-defaultPref("security.pki.crlite_mode", 2);
+defaultPref("security.pki.crlite_mode", 2); // mode 2 means no fallback
-// safe negotiation
+/** [SECTION] TLS/SSL */
-defaultPref("security.ssl.require_safe_negotiation", true); // block websites that do not support safe negotiation, occasional breakage
+lockPref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security
-defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); // show warning when safe negotiation is not enable and website is accessed
+pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only
-
+// show relevant and advanced issues on warnings and error screens
-// tls behavior
+defaultPref("browser.ssl_override_behavior", 1);
-lockPref("security.tls.enable_0rtt_data", false); // disable 0 round trip time to improve tls 1.3 security
+defaultPref("browser.xul.error_pages.expert_bad_cert", true);
 defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference
 defaultPref("browser.ssl_override_behavior", 1); // prepopulate url on ssl warning screens
 defaultPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos for broken connections
 // permissions
 lockPref("permissions.delegation.enabled", false); // force permission request to show the real origin
@ -204,6 +219,7 @@ defaultPref("gfx.font_rendering.opentype_svg.enabled", false); // disale svg ope
 defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location
 lockPref("security.csp.enable", true); // default
 defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing
 // ---------------------------------
 // # SAFE BROWSING
@ -230,6 +246,28 @@ lockPref("browser.safebrowsing.passwords.enabled", false);
 lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
 lockPref("browser.safebrowsing.provider.google4.dataSharingURL", "");
 // ------------
 // # DOM - TODO
 // ------------
 // pop-ups and window related preferences
 defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups on close
 defaultPref("dom.disable_open_during_load", true); // block pop-ups windows
 defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); // limit events that cause pop-ups
 defaultPref("dom.disable_window_move_resize", true); // block scripts from resizing windows
 defaultPref("browser.link.open_newwindow", 3); // open 'new windows' targeted links in 'new tab'
 defaultPref("browser.link.open_newwindow.restriction", 0); // ignore the size when applying the above pref
 // ----------------------
 // # MEDIA - TODO
 // ----------------------
 // autoplay
 defaultPref("media.autoplay.blocking_policy", 2); // only allow to play when a certain element is clicked
 defaultPref("media.autoplay.default", 5); // personal preference, currently apply blocking policy to all autplay including muted
 // -----------------------
 // # DRM
 // -----------------------
@ -287,8 +325,6 @@ defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
 defaultPref("browser.urlbar.speculativeConnect.enabled", false);
 lockPref("browser.fixup.alternate.enabled", false);
 defaultPref("browser.places.speculativeConnect.enabled", false); // speculative connections for history and bookmarks
 // ----------------------------------
 // # BROWSER BEHAVIOR
 // ----------------------------------