Merge branch 'v103' into 'master'
Draft: v103 Closes #199, #96, and #197 See merge request librewolf-community/settings!45
This commit is contained in:
fxbrit
commit
b23ea901ad
2 changed files with 30 additions and 16 deletions
|
|
@ -1,10 +1,32 @@
|
|||
This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
|
||||
Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
|
||||
|
||||
# 6.6
|
||||
# 6.7
|
||||
|
||||
**target commit**:
|
||||
|
||||
**base librewolf version**: 103.x
|
||||
|
||||
**References**:
|
||||
- the cookie lifetime policy pref has been deprecated, see https://gitlab.com/librewolf-community/settings/-/issues/199;
|
||||
- stop disabling IPv6, see https://gitlab.com/librewolf-community/settings/-/issues/96;
|
||||
- discussion about domain guessing is available at https://gitlab.com/librewolf-community/settings/-/issues/197.
|
||||
|
||||
#### Removed preferences
|
||||
```
|
||||
defaultPref("network.cookie.lifetimePolicy", 2); // deprecated
|
||||
defaultPref("network.dns.disableIPv6", true);
|
||||
```
|
||||
|
||||
#### Unlocked preferences
|
||||
```
|
||||
defaultPref("browser.fixup.alternate.enabled", false); // default v104+
|
||||
```
|
||||
|
||||
# 6.6
|
||||
|
||||
**target commit**: from bc16f4f14185e8791d819a69b7d798082ace67f8 to c983fcc8bea8fab31265bc345217b59ce5128de2
|
||||
|
||||
**base librewolf version**: 102.x
|
||||
|
||||
**References**:
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ defaultPref("librewolf.cfg.version", "6.6");
|
|||
* the file is organized in categories, and each one has a number of sections:
|
||||
*
|
||||
* PRIVACY [ISOLATION, SANITIZING, CACHE AND STORAGE, HISTORY AND SESSION RESTORE, QUERY STRIPPING]
|
||||
* NETWORKING [HTTPS, IPv6, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE]
|
||||
* NETWORKING [HTTPS, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE]
|
||||
* FINGERPRINTING [RFP, WEBGL]
|
||||
* SECURITY [SITE ISOLATION, CERTIFICATES, TLS/SSL, PERMISSIONS, FONTS, SAFE BROWSING, OTHERS]
|
||||
* REGION [LOCATION, LANGUAGE]
|
||||
|
|
@ -45,12 +45,10 @@ pref("browser.contentblocking.category", "strict");
|
|||
defaultPref("network.cookie.cookieBehavior", 5); // enforce dFPI
|
||||
defaultPref("privacy.partition.serviceWorkers", true); // isolate service workers
|
||||
|
||||
/** [SECTION] SANITIZING */
|
||||
defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until end of the session, then clear
|
||||
/**
|
||||
* this way of sanitizing cookies would override the exceptions set by the users and just delete everything,
|
||||
* we disable it but cookies and site data are still cleared per session unless exceptions are set.
|
||||
* all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want.
|
||||
/** [SECTION] SANITIZING
|
||||
* all the cleaning prefs true by default except for siteSetting and offlineApps,
|
||||
* which is what we want. users should set manual exceptions in the UI if there
|
||||
* are cookies they want to keep.
|
||||
*/
|
||||
defaultPref("privacy.clearOnShutdown.offlineApps", true);
|
||||
defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
|
||||
|
|
@ -96,11 +94,6 @@ defaultPref("dom.security.https_only_mode", true); // only allow https in all wi
|
|||
defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authentication credential dialogs
|
||||
defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content
|
||||
|
||||
/** [SECTION] IPv6
|
||||
* privacy extension isn't the default for all linux distros, so we disable ipv6.
|
||||
*/
|
||||
defaultPref("network.dns.disableIPv6", true);
|
||||
|
||||
/** [SECTION] REFERERS
|
||||
* to enhance privacy but keep a certain level of usability we trim cross-origin
|
||||
* referers, instead of completely avoid sending them.
|
||||
|
|
@ -148,9 +141,9 @@ lockPref("network.prefetch-next", false);
|
|||
lockPref("network.http.speculative-parallel-limit", 0);
|
||||
defaultPref("browser.places.speculativeConnect.enabled", false);
|
||||
// disable speculative connections and domain guessing from the urlbar
|
||||
defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
|
||||
defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); // default v104+
|
||||
defaultPref("browser.urlbar.speculativeConnect.enabled", false);
|
||||
lockPref("browser.fixup.alternate.enabled", false);
|
||||
defaultPref("browser.fixup.alternate.enabled", false); // default v104+
|
||||
|
||||
/** [SECTION] OFFLINE
|
||||
* let users set the browser as offline, without the browser trying to guess.
|
||||
|
|
@ -399,7 +392,6 @@ defaultPref("devtools.selfxss.count", 0); // required for devtools console to wo
|
|||
lockPref("browser.translation.engine", ""); // remove translation engine
|
||||
defaultPref("accessibility.force_disabled", 1); // block accessibility services
|
||||
defaultPref("webchannel.allowObject.urlWhitelist", ""); // do not receive objects through webchannels
|
||||
// NOTE/TODO: net really the right category/section, probably?
|
||||
defaultPref("services.settings.server", "https://%.invalid") // set the remote settings URL (REMOTE_SETTINGS_SERVER_URL in the code)
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue