From e505ddbf0242aec1017a565a74ff9ff5aa458fe5 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Sat, 9 Jul 2022 15:21:45 +0200 Subject: [PATCH 1/7] deprecate cookie lifetime policy, close #199 --- librewolf.cfg | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/librewolf.cfg b/librewolf.cfg index f2452a0..90d340a 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -45,12 +45,10 @@ pref("browser.contentblocking.category", "strict"); defaultPref("network.cookie.cookieBehavior", 5); // enforce dFPI defaultPref("privacy.partition.serviceWorkers", true); // isolate service workers -/** [SECTION] SANITIZING */ -defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until end of the session, then clear -/** - * this way of sanitizing cookies would override the exceptions set by the users and just delete everything, - * we disable it but cookies and site data are still cleared per session unless exceptions are set. - * all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want. +/** [SECTION] SANITIZING + * all the cleaning prefs true by default except for siteSetting and offlineApps, + * which is what we want. users should set manual exceptions in the UI if there + * are cookies they want to keep. */ defaultPref("privacy.clearOnShutdown.offlineApps", true); defaultPref("privacy.sanitize.sanitizeOnShutdown", true); From d3514954804abb98085b25180ca5f194993dba26 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Sat, 9 Jul 2022 15:24:26 +0200 Subject: [PATCH 2/7] stop disabling IPv6, close #96 --- librewolf.cfg | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/librewolf.cfg b/librewolf.cfg index 90d340a..7b77c55 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -13,7 +13,7 @@ defaultPref("librewolf.cfg.version", "6.6"); * the file is organized in categories, and each one has a number of sections: * * PRIVACY [ISOLATION, SANITIZING, CACHE AND STORAGE, HISTORY AND SESSION RESTORE, QUERY STRIPPING] - * NETWORKING [HTTPS, IPv6, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE] + * NETWORKING [HTTPS, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE] * FINGERPRINTING [RFP, WEBGL] * SECURITY [SITE ISOLATION, CERTIFICATES, TLS/SSL, PERMISSIONS, FONTS, SAFE BROWSING, OTHERS] * REGION [LOCATION, LANGUAGE] @@ -94,11 +94,6 @@ defaultPref("dom.security.https_only_mode", true); // only allow https in all wi defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authentication credential dialogs defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content -/** [SECTION] IPv6 - * privacy extension isn't the default for all linux distros, so we disable ipv6. - */ -defaultPref("network.dns.disableIPv6", true); - /** [SECTION] REFERERS * to enhance privacy but keep a certain level of usability we trim cross-origin * referers, instead of completely avoid sending them. From 514b44fe32d5e090d55f7e7cec9fdc9eb21193f2 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Sat, 9 Jul 2022 15:27:02 +0200 Subject: [PATCH 3/7] close #197 --- librewolf.cfg | 1 - 1 file changed, 1 deletion(-) diff --git a/librewolf.cfg b/librewolf.cfg index 7b77c55..3de97bf 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -143,7 +143,6 @@ defaultPref("browser.places.speculativeConnect.enabled", false); // disable speculative connections and domain guessing from the urlbar defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); defaultPref("browser.urlbar.speculativeConnect.enabled", false); -lockPref("browser.fixup.alternate.enabled", false); /** [SECTION] OFFLINE * let users set the browser as offline, without the browser trying to guess. From 0d631d6872f75e165c59c737864fc7d2b6954093 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Sat, 9 Jul 2022 15:28:09 +0200 Subject: [PATCH 4/7] update changelog --- docs/Changelog.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index eedeeda..f7f0260 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,10 +1,28 @@ This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version. Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config. -# 6.6 +# 6.7 **target commit**: +**base librewolf version**: 103.x + +**References**: +- the cookie lifetime policy pref has been deprecated, see https://gitlab.com/librewolf-community/settings/-/issues/199; +- stop disabling IPv6, see https://gitlab.com/librewolf-community/settings/-/issues/96; +- discussion about domain guessing is available at https://gitlab.com/librewolf-community/settings/-/issues/197. + +#### Removed preferences +``` +defaultPref("network.cookie.lifetimePolicy", 2); // deprecated +defaultPref("network.dns.disableIPv6", true); +lockPref("browser.fixup.alternate.enabled", false); +``` + +# 6.6 + +**target commit**: from bc16f4f14185e8791d819a69b7d798082ace67f8 to c983fcc8bea8fab31265bc345217b59ce5128de2 + **base librewolf version**: 102.x **References**: From b7cfe5831b0a4168f6b6b08d9d399508e499e6d2 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Mon, 18 Jul 2022 00:02:34 +0200 Subject: [PATCH 5/7] bring back fixup --- docs/Changelog.md | 2 -- librewolf.cfg | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index f7f0260..7e32b5f 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,13 +10,11 @@ Setting versions are documented using the pref `librewolf.cfg.version`, availabl **References**: - the cookie lifetime policy pref has been deprecated, see https://gitlab.com/librewolf-community/settings/-/issues/199; - stop disabling IPv6, see https://gitlab.com/librewolf-community/settings/-/issues/96; -- discussion about domain guessing is available at https://gitlab.com/librewolf-community/settings/-/issues/197. #### Removed preferences ``` defaultPref("network.cookie.lifetimePolicy", 2); // deprecated defaultPref("network.dns.disableIPv6", true); -lockPref("browser.fixup.alternate.enabled", false); ``` # 6.6 diff --git a/librewolf.cfg b/librewolf.cfg index 3de97bf..af8a89a 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -143,6 +143,7 @@ defaultPref("browser.places.speculativeConnect.enabled", false); // disable speculative connections and domain guessing from the urlbar defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); defaultPref("browser.urlbar.speculativeConnect.enabled", false); +lockPref("browser.fixup.alternate.enabled", false); // default v104+ /** [SECTION] OFFLINE * let users set the browser as offline, without the browser trying to guess. From 249041a8e75bbfe4abe71492fd0cc3ecd1530c3c Mon Sep 17 00:00:00 2001 From: fxbrit Date: Mon, 18 Jul 2022 00:25:21 +0200 Subject: [PATCH 6/7] unlock fixup --- docs/Changelog.md | 6 ++++++ librewolf.cfg | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 7e32b5f..f631479 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -10,6 +10,7 @@ Setting versions are documented using the pref `librewolf.cfg.version`, availabl **References**: - the cookie lifetime policy pref has been deprecated, see https://gitlab.com/librewolf-community/settings/-/issues/199; - stop disabling IPv6, see https://gitlab.com/librewolf-community/settings/-/issues/96; +- discussion about domain guessing is available at https://gitlab.com/librewolf-community/settings/-/issues/197. #### Removed preferences ``` @@ -17,6 +18,11 @@ defaultPref("network.cookie.lifetimePolicy", 2); // deprecated defaultPref("network.dns.disableIPv6", true); ``` +#### Unlocked preferences +``` +defaultPref("browser.fixup.alternate.enabled", false); // default v104+ +``` + # 6.6 **target commit**: from bc16f4f14185e8791d819a69b7d798082ace67f8 to c983fcc8bea8fab31265bc345217b59ce5128de2 diff --git a/librewolf.cfg b/librewolf.cfg index af8a89a..6c40fbc 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -143,7 +143,7 @@ defaultPref("browser.places.speculativeConnect.enabled", false); // disable speculative connections and domain guessing from the urlbar defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); defaultPref("browser.urlbar.speculativeConnect.enabled", false); -lockPref("browser.fixup.alternate.enabled", false); // default v104+ +defaultPref("browser.fixup.alternate.enabled", false); // default v104+ /** [SECTION] OFFLINE * let users set the browser as offline, without the browser trying to guess. From 02212c3f44e7aa68b22c8febd9158580d7e4b74f Mon Sep 17 00:00:00 2001 From: fxbrit Date: Mon, 25 Jul 2022 11:14:15 +0200 Subject: [PATCH 7/7] cleanup description --- librewolf.cfg | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/librewolf.cfg b/librewolf.cfg index 6c40fbc..738cec9 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -141,7 +141,7 @@ lockPref("network.prefetch-next", false); lockPref("network.http.speculative-parallel-limit", 0); defaultPref("browser.places.speculativeConnect.enabled", false); // disable speculative connections and domain guessing from the urlbar -defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); +defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); // default v104+ defaultPref("browser.urlbar.speculativeConnect.enabled", false); defaultPref("browser.fixup.alternate.enabled", false); // default v104+ @@ -392,7 +392,6 @@ defaultPref("devtools.selfxss.count", 0); // required for devtools console to wo lockPref("browser.translation.engine", ""); // remove translation engine defaultPref("accessibility.force_disabled", 1); // block accessibility services defaultPref("webchannel.allowObject.urlWhitelist", ""); // do not receive objects through webchannels -// NOTE/TODO: net really the right category/section, probably? defaultPref("services.settings.server", "https://%.invalid") // set the remote settings URL (REMOTE_SETTINGS_SERVER_URL in the code)