librewolf-bot/settings
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

updated changelog

Browse source
This commit is contained in:
fxbrit 2021-05-06 01:59:06 +02:00
parent 6f5190f26a
commit dcca9f1d62
1 changed files with 168 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

219
Changelog.md
View file

@ -159,6 +159,7 @@ defaultPref("media.autoplay.blocking_policy", 2); // Previously media.autoplay.e
```
#### Removed
<<<<<<< HEAD
Lines that were commented and are now removed
```
// Librefox Compatibility Fix
@ -289,6 +290,8 @@ ALL OF Disabled - Deprecated Inactive
ALL OF Disabled - Section OFF
```
>>>>>>> 55c94dc (reorganized, revisited)
=======
>>>>>>> 57702f8 (updated changelog)
Active prefs that were removed
```
lockPref("network.cookie.same-site.enabled", true); // Deprecated
@ -625,6 +628,9 @@ defaultPref("pdfjs.enableWebGL", false); // default
lockPref("browser.cache.offline.enable", false); // apparently increases fingerprinting and redundant with browser.cache.offline.storage.enable
lockPref("network.predictor.enable-prefetch", false); // default
<<<<<<< HEAD
<<<<<<< HEAD
=======
>>>>>>> 57702f8 (updated changelog)
lockPref("network.http.referer.spoofSource", false); // default
defaultPref("network.http.referer.defaultPolicy", 2); // default
defaultPref("network.http.referer.defaultPolicy.pbmode", 2); // default
@ -658,8 +664,11 @@ lockPref("xpinstall.whitelist.required", true); // default
lockPref("browser.sessionhistory.max_entries", 20); // why?
lockPref("extensions.webapi.testing", false); // hidden but default false
lockPref("canvas.capturestream.enabled", false); // any real benefit?
<<<<<<< HEAD
lockPref("network.http.redirection-limit", 10); // small benefit from having it at default 20, and break some payments
defaultPref("dom.event.clipboardevents.enabled", false); // causes breakage with small benefits, moved to hardened setup
=======
>>>>>>> 57702f8 (updated changelog)
// fxaccounts is disabled in policies
lockPref("identity.fxaccounts.enabled", false);
@ -669,6 +678,7 @@ lockPref("identity.fxaccounts.commands.enabled", false);
lockPref("identity.fxaccounts.remote.oauth.uri", "");
lockPref("identity.fxaccounts.remote.profile.uri", "");
lockPref("identity.fxaccounts.service.monitorLoginUrl", "");
<<<<<<< HEAD
=======
=======
defaultPref("accessibility.typeaheadfind", false); // Already default
@ -688,6 +698,9 @@ Active prefs that were commented in order to address them before removing them
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
<<<<<<< HEAD
=======
>>>>>>> 57702f8 (updated changelog)
// all handled by lockPref("services.settings.server", "")
lockPref("services.blocklist.addons.collection", "");
lockPref("services.blocklist.plugins.collection", "");
@ -812,6 +825,7 @@ lockPref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false)
lockPref("services.sync.prefs.sync.browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
lockPref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false);
lockPref("services.sync.tabs.lastSync", "0");
<<<<<<< HEAD
=======
// redudant with RFP and javascript.use_us_english_locale
// defaultPref("privacy.spoof_english", 2);
@ -1558,8 +1572,10 @@ lockPref("services.sync.tabs.lastSync", "0");
```
>>>>>>> 814a479 (reviewed DRM, removed ircs hand, moved exp prefs)
=======
=======
>>>>>>> 57702f8 (updated changelog)
/*
// useless as ui elements are not in the report page
lockPref("browser.contentblocking.report.cookie.url", "");
lockPref("browser.contentblocking.report.cryptominer.url", "");
lockPref("browser.contentblocking.report.endpoint_url", "");
@ -1579,7 +1595,17 @@ lockPref("browser.contentblocking.report.vpn.url", "");
lockPref("browser.contentblocking.report.vpn-promo.url", "");
lockPref("browser.contentblocking.report.vpn-ios.url", "");
lockPref("browser.contentblocking.report.vpn-android.url", "");
*/
```
#### Commented
Prefs that need to be addressed and that were disabled for now
```
// all covered by previous prefs
// defaultPref("media.navigator.video.enabled", false);
// defaultPref("media.peerconnection.use_document_iceservers", false);
// defaultPref("media.peerconnection.identity.enabled", false);
// defaultPref("media.peerconnection.identity.timeout", 1);
// defaultPref("media.peerconnection.turn.disable", true);
// defaultPref("media.peerconnection.ice.tcp", false);
```
<<<<<<< HEAD
>>>>>>> 48fecfd (removed redundant stuff)
@ -1588,56 +1614,25 @@ lockPref("browser.contentblocking.report.vpn-android.url", "");
#### Unlocked
Locked prefs that were unlocked, more should be unlocked probably
```
lockPref("general.config.filename", "librewolf.cfg");
// Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("privacy.donottrackheader.enabled", true);
// Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("permissions.default.geo", 2);
defaultPref("general.config.filename", "librewolf.cfg");
defaultPref("privacy.donottrackheader.enabled", true); // Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("permissions.default.geo", 2); // Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("extensions.getAddons.themes.browseURL", "")
defaultPref("pdfjs.enableWebGL", false);
defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
defaultPref("pdfjs.enabledCache.state", false);
defaultPref("alerts.showFavicons", false); // default: false
defaultPref("security.remote_settings.intermediates.enabled", true);
// Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("dom.battery.enabled", false);
defaultPref("browser.tabs.closeTabByDblclick", true);
// Unlocked as known to cause breakage
defaultPref("dom.event.clipboardevents.enabled", false);
// already default and no reason to lock it
lockPref("network.http.referer.trimmingPolicy", 0);
defaultPref("dom.battery.enabled", false); // Unlocked as some think it increases fingerprint, they can now disable it
defaultPref("dom.event.clipboardevents.enabled", false); // Unlocked as known to cause breakage
defaultPref("extensions.blocklist.enabled", false);
defaultPref("extensions.blocklist.detailsURL", "");
defaultPref("extensions.blocklist.itemURL", "");
// someone might want to have it on for security concerns
defaultPref("security.OCSP.enabled", 0);
defaultPref("security.OCSP.enabled", 0); // someone might want to have it on for security concerns
defaultPref("security.OCSP.require", false);
defaultPref("reader.parse-on-load.enabled", false);
```
#### Made default
Prefs that were user set and are now default
```
defaultPref("signon.management.page.breach-alerts.enabled", false);
defaultPref("signon.management.page.breachAlertUrl", "");
defaultPref("startup.homepage_override_url", "about:blank");
defaultPref("startup.homepage_welcome_url", "about:blank");
defaultPref("startup.homepage_welcome_url.additional", "");
defaultPref("identity.sendtabpromo.url", "");
```
#### To discuss
Prefs that need to be addressed and potential roadmap
```
@ -1655,18 +1650,6 @@ dom.security.https_only_mode_send_http_background_request -> DISCUSS
browser.download.useDownloadDir -> do we want to ask for download location each time?
```
#### Commented
Prefs that need to be addressed and that were disabled for now
```
// all covered by previous prefs
// defaultPref("media.navigator.video.enabled", false);
// defaultPref("media.peerconnection.use_document_iceservers", false);
// defaultPref("media.peerconnection.identity.enabled", false);
// defaultPref("media.peerconnection.identity.timeout", 1);
// defaultPref("media.peerconnection.turn.disable", true);
// defaultPref("media.peerconnection.ice.tcp", false);
```
## How to...
#### Stay logged
Add website to exceptions before login, both http and https link
@ -1709,4 +1692,138 @@ defaultPref("javascript.options.asmjs", false);
defaultPref("webgl.disabled", true);
defaultPref("privacy.resistFingerprinting.letterboxing", true);
```
<<<<<<< HEAD
>>>>>>> e7a5601 (more good stuff)
=======
## Who cares
Prefs that were commented and are now removed
```
// Librefox Compatibility Fix
// commented out, we're setting it differently later on
// defaultPref("extensions.autoDisableScopes", 0);
// Removing https-everywhere adding 2 librefox addons
// keep it commented out for now, until we have more recent, properly pre-installed addons
// defaultPref("extensions.enabledAddons", ...);
//lockPref("browser.contentblocking.global-toggle.enabled", false);
//lockPref("browser.contentblocking.rejecttrackers.ui.recommended", false);
//lockPref("browser.contentblocking.fastblock.ui.enabled", false);
//lockPref("browser.contentblocking.fastblock.control-center.ui.enabled", false);
//lockPref("browser.contentblocking.allowlist.annotations.enabled", false);
//lockPref("browser.contentblocking.allowlist.storage.enabled", false);
//lockPref("pref.privacy.disable_button.tracking_protection_exceptions", false);
//lockPref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", false);
//lockPref("browser.contentblocking.ui.enabled", false);
//lockPref("browser.contentblocking.enabled", false);
//lockPref("security.ask_for_password", 2);
//lockPref("security.password_lifetime", 5);
//defaultPref("privacy.cpd.openWindows", true); // Clear session data
//defaultPref("privacy.clearOnShutdown.openWindows", true);
//defaultPref("privacy.sanitize.pending", '[{"id":"shutdown","itemsToClear":["cache","cookies","history","formdata","downloads"],"options":{}}]');
//lockPref("permissions.memory_only", true); // (hidden pref)
//lockPref("browser.formfill.expire_days", 0);
//lockPref("browser.urlbar.autoFill", false);
//lockPref("browser.urlbar.autoFill.typed", false);
//lockPref("media.peerconnection.video.h264", true);
//lockPref("network.proxy.autoconfig_url.include_path", false);
//lockPref("network.proxy.socks_remote_dns", true);
//lockPref("widget.content.gtk-theme-override", "Adwaita:light");
//lockPref("browser.devedition.theme.enabled", true);
//lockPref("devtools.theme", "dark");
//lockPref("browser.devedition.theme.showCustomizeButton", true);
//defaultPref("extensions.ui.dictionary.hidden", false);
//defaultPref("extensions.ui.locale.hidden", false);
//lockPref("dom.indexedDB.logging.details", false); //default true
//lockPref("dom.indexedDB.logging.enabled", false); //default true
//lockPref("network.http.spdy.enabled", false);
//lockPref("network.http.spdy.enabled.deps", false);
//lockPref("network.http.spdy.enabled.http2", false);
//lockPref("network.http.spdy.websockets", false);
// lockPref("dom.IntersectionObserver.enabled", false);
// Pref : CSP Main Settings I/II :
// Those are default values for CSP
// Those are not meant to to be uncommented
//defaultPref("security.csp.enable", true); //This is its default value
//defaultPref("security.csp.enableStrictDynamic", true); //This is its default value
//defaultPref("security.csp.enable_violation_events", true); //This is its default value
//defaultPref("security.csp.experimentalEnabled", false); //This is its default value
//defaultPref("security.csp.reporting.script-sample.max-length", 40); //This is its default value
// Default Content Security Policy to apply to signed contents.
//defaultPref("security.signed_content.CSP.default", "script-src 'self'; style-src 'self'"); //This is its default value
// Pref : CSP Settings For Extensions II/II : Extension Firewall Feature
// This value is applied after the first one (just ignore this)
//defaultPref("extensions.webextensions.default-content-security-policy", "script-src 'self'; object-src 'self';");
// Default Value : "script-src 'self'; object-src 'self';"
// Pref :Whether or not the installed extensions should be migrated to the
// storage.local IndexedDB backend.
//defaultPref("extensions.webextensions.ExtensionStorageIDB.enabled", false); //default false
// Pref : if enabled, store execution times for API calls
//defaultPref("extensions.webextensions.enablePerformanceCounters", false); //default false
// Pref : Maximum age in milliseconds of performance counters in children
// When reached, the counters are sent to the main process and
// reset, so we reduce memory footprint.
//defaultPref("extensions.webextensions.performanceCountersMaxAge", 1000); //Hidden prefs
// Pref : Test To Make FFox Silent
//lockPref("media.gmp-manager.certs.1.issuerName", "");
// Default Value
// CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US
// Pref : Test To Make FFox Silent
//lockPref("media.gmp-manager.certs.2.issuerName", "");
// Default Value
// CN=thawte SSL CA - G2,O="thawte, Inc.",C=US
// Pref : Manage certificates button
//lockPref("security.disable_button.openCertManager", false);
// Disabled because of a bug that disables the button regardless of its value
// Pref : Manage security devices button
//lockPref("security.disable_button.openDeviceManager", false);
// Disabled because of a bug that disables the button regardless of its value
// Pref : The impact for this one is negligible
//defaultPref("browser.download.animateNotifications", false);
// Bench Diff : -80/5000
// Pref : Spoof CPU Core Def 16
// Default settings seems to be the best
//defaultPref("dom.maxHardwareConcurrency", 8);
// Bench Diff : -500/5000
// Pref : Tell garbage collector to start running when javascript is using xx MB of memory.
// Garbage collection releases memory back to the system.
// Default settings seems to be the best
//lockPref("javascript.options.mem.high_water_mark", 96);
// Bench Diff : -100/5000
// Pref : Prevent font fingerprinting
// https://browserleaks.com/fonts
// https://github.com/pyllyukko/user.js/issues/120
// Solved by extension disabled here for performance
//lockPref("browser.display.use_document_fonts", 0);
// Fix ESR Devtools
//lockPref("devtools.telemetry.tools.opened.version", "");
// Default {"DEVTOOLS_SCREEN_RESOLUTION_ENUMERATED_PER_USER":"60.4.0"}
// defaultPref("network.http.sendRefererHeader", 1); default is better
ALL OF Disabled - Deprecated Inactive
ALL OF Disabled - Section OFF
```
>>>>>>> 57702f8 (updated changelog)