Merge branch 'v102'
This commit is contained in:
ohfp
commit
6e2e56e079
2 changed files with 30 additions and 10 deletions
|
|
@ -1,10 +1,35 @@
|
|||
This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
|
||||
Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
|
||||
|
||||
# 6.5
|
||||
# 6.6
|
||||
|
||||
**target commit**:
|
||||
|
||||
**base librewolf version**: 102.x
|
||||
|
||||
**References**:
|
||||
- sha1 certificates: https://bugzilla.mozilla.org/1767489 and https://bugzilla.mozilla.org/1766687.
|
||||
- trimming only applies to http websites so it's very minimal.
|
||||
- crlite: https://bugzilla.mozilla.org/show_bug.cgi?id=1773371, we can stick to default 3 till v103, then the value will be changed to 2 which is the best possible if mozilla feels like it's ready usability wise.
|
||||
- add more entries to the native query stripping list, to [get in line with brave](https://github.com/brave/brave-core/blob/master/browser/net/brave_site_hacks_network_delegate_helper.cc).
|
||||
|
||||
#### Removed preferences
|
||||
```
|
||||
defaultPref("security.pki.sha1_enforcement_level", 1); // default
|
||||
defaultPref("browser.urlbar.trimURLs", false);
|
||||
defaultPref("security.pki.crlite_mode", 3); // default
|
||||
defaultPref("security.OCSP.enabled", 1); // default
|
||||
```
|
||||
|
||||
#### Changed preferences
|
||||
```
|
||||
defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oft_c oft_ck oft_d oft_id oft_ids oft_k oft_lk oft_sk oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid");
|
||||
```
|
||||
|
||||
# 6.5
|
||||
|
||||
**target commit**: b10dcbdd84e63787c4f2f6d34d41724b437df5be
|
||||
|
||||
**base librewolf version**: 101.x
|
||||
|
||||
**References**:
|
||||
|
|
@ -12,7 +37,6 @@ Setting versions are documented using the pref `librewolf.cfg.version`, availabl
|
|||
- session cookie prefs are useless given that we sanitize on close, [more details at arkenfox](https://github.com/arkenfox/user.js/pull/1443/commits/3207478033fefc19e933dab4eef6445125341ec4).
|
||||
- fission has been a default for the longest now.
|
||||
|
||||
|
||||
#### Removed preferences
|
||||
```
|
||||
defaultPref("privacy.query_stripping.enabled", true);
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
*
|
||||
* WARNING: please make sure the first line of this file is empty. this is a known bug.
|
||||
*/
|
||||
defaultPref("librewolf.cfg.version", "6.5");
|
||||
defaultPref("librewolf.cfg.version", "6.6");
|
||||
|
||||
|
||||
/** INDEX
|
||||
|
|
@ -80,7 +80,7 @@ defaultPref("browser.sessionstore.interval", 60000); // increase time between se
|
|||
* currently we set the same query stripping list that brave uses:
|
||||
* https://github.com/brave/brave-core/blob/f337a47cf84211807035581a9f609853752a32fb/browser/net/brave_site_hacks_network_delegate_helper.cc#L29
|
||||
*/
|
||||
defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid");
|
||||
defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oft_c oft_ck oft_d oft_id oft_ids oft_k oft_lk oft_sk oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid");
|
||||
/**
|
||||
* librewolf specific pref that allows to include the query stripping lists in uBO by default.
|
||||
* the asset file is fetched every 7 days.
|
||||
|
|
@ -188,7 +188,6 @@ defaultPref("webgl.disabled", true);
|
|||
|
||||
/** [SECTION] CERTIFICATES */
|
||||
defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning, might cause issues with AVs
|
||||
defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates
|
||||
/**
|
||||
* enable safe negotiation and show warning when it is not supported. might cause breakage.
|
||||
*/
|
||||
|
|
@ -199,10 +198,9 @@ defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
|||
* cannot be checked with it we use OCSP stapled with hard-fail, to still keep privacy and
|
||||
* increase security.
|
||||
* crlite is in mode 3 by default, which allows us to detect false positive with OCSP.
|
||||
* in v103, when crlite is fully mature, it will switch to mode 2 and no longer double-check.
|
||||
*/
|
||||
defaultPref("security.remote_settings.crlite_filters.enabled", true);
|
||||
defaultPref("security.pki.crlite_mode", 3); // default
|
||||
defaultPref("security.OCSP.enabled", 1); // default
|
||||
defaultPref("security.OCSP.require", true); // set to hard-fail
|
||||
|
||||
/** [SECTION] TLS/SSL */
|
||||
|
|
@ -282,13 +280,11 @@ defaultPref("media.gmp-provider.enabled", false);
|
|||
defaultPref("media.gmp-gmpopenh264.enabled", false);
|
||||
|
||||
/** [SECTION] SEARCH AND URLBAR
|
||||
* disable search suggestion and do not update opensearch engines. urls should also be
|
||||
* displayed in full instead of trimming them.
|
||||
* disable search suggestion and do not update opensearch engines.
|
||||
*/
|
||||
defaultPref("browser.urlbar.suggest.searches", false);
|
||||
defaultPref("browser.search.suggest.enabled", false);
|
||||
defaultPref("browser.search.update", false);
|
||||
defaultPref("browser.urlbar.trimURLs", false);
|
||||
/**
|
||||
* the pref disables the whole feature and hide it from the ui
|
||||
* (as noted in https://bugzilla.mozilla.org/show_bug.cgi?id=1755057).
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue