From fc84f74d45f4a0c77cf1526558ff95f915f1bb43 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Tue, 3 May 2022 19:59:11 +0200 Subject: [PATCH 1/4] change crl mode, hide promo in pb mode --- docs/Changelog.md | 20 ++++++++++++++++++++ librewolf.cfg | 7 ++++--- 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 7c1e549..9852f64 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -1,6 +1,26 @@ This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version. Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config. +# 6.4 + +**target commit**: + +**base librewolf version**: 100.x + +**References**: +- hide Firefox Focus promo in private tabs. +- double checking revoked certificates with both CRL and OCSP allows to detect false positives and it is also [the default](https://hg.mozilla.org/mozilla-central/rev/a6ba7b4ee178) in v99+. + +#### Added preferences +``` +lockPref("browser.promo.focus.enabled", false); +``` + +#### Changed preferences +``` +defaultPref("security.pki.crlite_mode", 3); // prev 2 +``` + # 6.3 **target commit**: diff --git a/librewolf.cfg b/librewolf.cfg index e571abe..c3e2bb9 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -6,7 +6,7 @@ * * WARNING: please make sure the first line of this file is empty. this is a known bug. */ -defaultPref("librewolf.cfg.version", "6.3"); +defaultPref("librewolf.cfg.version", "6.4"); /** INDEX @@ -208,10 +208,10 @@ defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); * our strategy with revocation is to perform all possible checks with CRL, but when a cert * cannot be checked with it we use OCSP stapled with hard-fail, to still keep privacy and * increase security. - * switching to crlite mode 3 (v99+) would allow us to detect false positive with OCSP. + * crlite is in mode 3 by default, which allows us to detect false positive with OCSP. */ defaultPref("security.remote_settings.crlite_filters.enabled", true); -defaultPref("security.pki.crlite_mode", 2); // mode 2 means enforce CRL checks +defaultPref("security.pki.crlite_mode", 3); // default defaultPref("security.OCSP.enabled", 1); // default defaultPref("security.OCSP.require", true); // set to hard-fail @@ -472,6 +472,7 @@ lockPref("browser.contentblocking.report.hide_vpn_banner", true); lockPref("browser.contentblocking.report.vpn.enabled", false); lockPref("browser.contentblocking.report.show_mobile_app", false); lockPref("browser.vpn_promo.enabled", false); +lockPref("browser.promo.focus.enabled", false); // ...about:addons recommendations sections and more defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); defaultPref("extensions.getAddons.showPane", false); From 6b9383dc538c9b6013da27d12af13192529cb8cb Mon Sep 17 00:00:00 2001 From: fxbrit Date: Tue, 3 May 2022 20:03:37 +0200 Subject: [PATCH 2/4] add targets --- docs/Changelog.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 9852f64..614413e 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -23,7 +23,7 @@ defaultPref("security.pki.crlite_mode", 3); // prev 2 # 6.3 -**target commit**: +**target commit**: e84fc950bfd7c3542cb974e9d545b9b8e18c010d **base librewolf version**: 99.x @@ -32,7 +32,7 @@ defaultPref("security.pki.crlite_mode", 3); // prev 2 # 6.2 -**target commit**: +**target commit**: ac95f5195ed82ca6bcec48acf9d1241e3c683b25 **base librewolf version**: 99.x From 7d696d49db745bb573354ca292dd61c4406e09c0 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Tue, 3 May 2022 20:38:51 +0200 Subject: [PATCH 3/4] cookie exceptions are finally fixed --- docs/Changelog.md | 8 +++++++- librewolf.cfg | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index 614413e..aaf989d 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -9,11 +9,12 @@ Setting versions are documented using the pref `librewolf.cfg.version`, availabl **References**: - hide Firefox Focus promo in private tabs. -- double checking revoked certificates with both CRL and OCSP allows to detect false positives and it is also [the default](https://hg.mozilla.org/mozilla-central/rev/a6ba7b4ee178) in v99+. +- double checking revoked certificates with both CRL and OCSP allows to detect false positives and it is also [the default](https://hg.mozilla.org/mozilla-central/rev/a6ba7b4ee17](https://github.com/arkenfox/user.js/issues/1441) so we can tick all boxes in that UI as well. #### Added preferences ``` lockPref("browser.promo.focus.enabled", false); +defaultPref("privacy.clearOnShutdown.offlineApps", true); ``` #### Changed preferences @@ -21,6 +22,11 @@ lockPref("browser.promo.focus.enabled", false); defaultPref("security.pki.crlite_mode", 3); // prev 2 ``` +#### Removed preferences +``` +defaultPref("privacy.clearOnShutdown.cookies", false); +``` + # 6.3 **target commit**: e84fc950bfd7c3542cb974e9d545b9b8e18c010d diff --git a/librewolf.cfg b/librewolf.cfg index c3e2bb9..8f07322 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -54,7 +54,7 @@ defaultPref("network.cookie.thirdparty.nonsecureSessionOnly", true); * we disable it but cookies and site data are still cleared per session unless exceptions are set. * all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want. */ -defaultPref("privacy.clearOnShutdown.cookies", false); +defaultPref("privacy.clearOnShutdown.offlineApps", true); defaultPref("privacy.sanitize.sanitizeOnShutdown", true); defaultPref("privacy.sanitize.timeSpan", 0); From 757e1610e2cda6f89e55305b724680e16eadf472 Mon Sep 17 00:00:00 2001 From: fxbrit Date: Wed, 4 May 2022 01:04:17 +0200 Subject: [PATCH 4/4] fix changelog --- docs/Changelog.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/Changelog.md b/docs/Changelog.md index aaf989d..a731a98 100644 --- a/docs/Changelog.md +++ b/docs/Changelog.md @@ -9,7 +9,8 @@ Setting versions are documented using the pref `librewolf.cfg.version`, availabl **References**: - hide Firefox Focus promo in private tabs. -- double checking revoked certificates with both CRL and OCSP allows to detect false positives and it is also [the default](https://hg.mozilla.org/mozilla-central/rev/a6ba7b4ee17](https://github.com/arkenfox/user.js/issues/1441) so we can tick all boxes in that UI as well. +- double checking revoked certificates with both CRL and OCSP allows to detect false positives and it is also [the default](https://hg.mozilla.org/mozilla-central/rev/a6ba7b4ee17]. +- [clearOnShutdown prefs now respect exceptions](https://github.com/arkenfox/user.js/issues/1441) so we can tick all boxes in that UI as well. #### Added preferences ```