5 changed files with 32 additions and 158 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,6 +0,0 @@
 stages:
  - dummy
 dummy-job:
  stage: dummy
  script:
    - echo "Hello, world!"
--- a/.gitlab/issue_templates/Default.md
+++ b/.gitlab/issue_templates/Default.md
@ -19,7 +19,7 @@ https://librewolf.net/docs/faq/#i-have-a-problem-where-do-i-open-a-new-issue
 ### details
 - browser version & OS:
- steps to reproduce:
+- steps to reprouce:
 - expected result:
 - actual result:
 - console errors and warnings:
--- a/distribution/policies.json
+++ b/distribution/policies.json
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -1,133 +1,11 @@
 This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
 Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
 # 7.7
 **base librewolf version**: 115.x
 **References**:
 - https://gitlab.com/librewolf-community/settings/-/issues/262
 #### Added preferences
 ```
 defaultPref("browser.urlbar.suggest.weather", false);
 defaultPref("extensions.quarantinedDomains.enabled", false);
 ```
 # 7.6
 **base librewolf version**: 111.x - 114.x
 **References**:
 - the prefs added in the `LOGGING` section are off by default in the official Mozilla builds, so we are just acting like Firefox here;
 #### Removed preferences
 ```
 defaultPref("browser.contentblocking.report.monitor.enabled", false); // default
 ```
 #### Changed preferences
 ```
 defaultPref("app.support.baseURL", "https://support.librewolf.net/");
 ```
 #### Added preferences
 ```
 pref("browser.dom.window.dump.enabled", false);
 pref("devtools.console.stdout.chrome", false);
 ```
 # 7.5
 **target commit**: from 71a20c6fff90e7fbcb216f1d644ca1b40b32b8e2 to 6fe09c63cbfb83ebfb6a17f5e624248f2501b97e
 **base librewolf version**: 109.x and 110.x
 **References**:
 - thumbnails are only used in privileged code to populate New Tab Page and Ctrl+Tab previews.
 - the startup blank window doesn't break anything and the perceived performance boost is irrelevant on modern hardware.
 - reset popup events to default as it's mostly a non-issue.
 #### Removed preferences
 ```
 defaultPref("browser.pagethumbnails.capturing_disabled", true);
 defaultPref("browser.startup.blankWindow", false);
 defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
 ```
 # 7.4
 **target commit**: b0d277a77b36e3bcc5c0f7a1b0eca7a54a388d9d
 **base librewolf version**: 108.x
 **References**:
 - win7/8.x don't need this pref thanks to Firefox's own implementation of mDNS.
 #### Removed preferences
 ```
 defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate
 ```
 # 7.3
 **target commit**: from 9395f5c0e061250acbcbcb523d2270d57136d411 to 240e184b785e4e46c09ca6881111f7c2d4d31a3f
 **base librewolf version**: 107.x
 **References**:
 - mixed content is already covered by HTTPS-only-mode;
 - [dom.disable_beforeunload is no longer necessary](https://github.com/arkenfox/user.js/issues/1575);
 - [beacon API is fine](https://gitlab.com/librewolf-community/settings/-/issues/229);
 - [Firefox Vew pref was removed in previous commit](https://gitlab.com/librewolf-community/settings/-/commit/9395f5c0e061250acbcbcb523d2270d57136d411), adding reference to the changelog;
 #### Removed preferences
 ```
 defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content
 defaultPref("dom.disable_beforeunload", true);
 defaultPref("dom.disable_open_during_load", true); // default
 defaultPref("browser.tabs.firefox-view", false);
 pref("beacon.enabled", false);
 ```
 # 7.2
 **target commit**: from 7211e954b82da3cde5c5cf2d613fe1f84288e635 to eb51b4785e5b67fc388bcbd06a8324d5a54f5850
 **base librewolf version**: 106.x
 **References**:
 - hide Firefox View til reviewed, see https://gitlab.com/librewolf-community/browser/source/-/issues/78;
 - hotfix for syntax error;
 #### Removed preferences
 ```
 defaultPref("browser.ssl_override_behavior", 1); // deprecated
 ```
 #### Added preferences
 ```
 defaultPref("browser.tabs.firefox-view", false);
 ```
 # 7.1
-**target commit**: 33e1ec1cb97d1f16a696057fe9007ae8391def6b
+**target commit**: 
-**base librewolf version**: 106.x
+**base librewolf version**: 
 **References**:
--- a/librewolf.cfg
+++ b/librewolf.cfg
@ -6,7 +6,7 @@
 * 
 * WARNING: make sure the first line of this file is empty. this is a known bug.
 */
-lockPref("librewolf.cfg.version", "7.7");
+lockpref("librewolf.cfg.version", "7.1");
 /** INDEX
@ -60,7 +60,9 @@ defaultPref("browser.cache.disk.enable", false); // disable disk cache
 /** prevent media cache from being written to disk in pb, but increase max cache size to avoid playback issues */
 defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true);
 defaultPref("media.memory_cache_max_size", 65536);
-defaultPref("browser.shell.shortcutFavicons", false); // disable favicons in profile folder
+// disable favicons in profile folder and page thumbnail capturing
 defaultPref("browser.shell.shortcutFavicons", false);
 defaultPref("browser.pagethumbnails.capturing_disabled", true);
 defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps
 /** [SECTION] HISTORY AND SESSION RESTORE
@ -83,14 +85,6 @@ defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hse
 */
 defaultPref("librewolf.uBO.assetsBootstrapLocation", "https://gitlab.com/librewolf-community/browser/source/-/raw/main/assets/uBOAssets.json");
 /** [SECTION] LOGGING
 * these prefs are off by default in the official Mozilla builds,
 * so it only makes sense that we also disable them.
 * See https://gitlab.com/librewolf-community/settings/-/issues/240
 */
 pref("browser.dom.window.dump.enabled", false);
 pref("devtools.console.stdout.chrome", false);
 /** [CATEGORY] NETWORKING */
@ -98,6 +92,7 @@ pref("devtools.console.stdout.chrome", false);
 /** [SECTION] HTTPS */
 defaultPref("dom.security.https_only_mode", true); // only allow https in all windows, including private browsing
 defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authentication credential dialogs
 defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content
 /** [SECTION] REFERERS
 * to enhance privacy but keep a certain level of usability we trim cross-origin
@ -108,9 +103,11 @@ defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authen
 defaultPref("network.http.referer.XOriginTrimmingPolicy", 2);
 /** [SECTION] WEBRTC
- * there is no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
+ * there's no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
- * the private IP address is only used in trusted environments, eg. allowed camera and mic access.
+ * with the below preference we protect the value even in trusted environments and for win7/8 users,
 * although this will likely cause breakage.
 */
 defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate
 defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used
 /** [SECTION] PROXY */
@ -156,6 +153,7 @@ defaultPref("browser.urlbar.speculativeConnect.enabled", false);
 defaultPref("privacy.resistFingerprinting", true);
 // rfp related settings
 defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); // prevents rfp from breaking AMO
 defaultPref("browser.startup.blankWindow", false); // if set to true it breaks RFP windows resizing
 defaultPref("browser.display.use_system_colors", false); // default, except Win
 /**
 * increase the size of new RFP windows for better usability, while still using a rounded value.
@ -194,8 +192,10 @@ defaultPref("security.OCSP.require", true); // set to hard-fail, might cause SEC
 /** [SECTION] TLS/SSL */
 pref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security
-pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only by enforcing it with pref(), default
+pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only by enforcing it with pref()
-defaultPref("browser.xul.error_pages.expert_bad_cert", true); // show relevant and advanced issues on warnings and error screens
+// show relevant and advanced issues on warnings and error screens
 defaultPref("browser.ssl_override_behavior", 1);
 defaultPref("browser.xul.error_pages.expert_bad_cert", true);
 /** [SECTION] PERMISSIONS */
 pref("permissions.delegation.enabled", false); // force permission request to show real origin
@ -274,7 +274,6 @@ defaultPref("browser.search.update", false);
 * this also includes the best match feature, as it is part of firefox suggest.
 */
 pref("browser.urlbar.quicksuggest.enabled", false);
 defaultPref("browser.urlbar.suggest.weather", false); // disable weather suggestions in urlbar once they are no longer behind feature gate
 /** [SECTION] DOWNLOADS
 * user interaction should always be required for downloads, as a way to enhance security by asking
@ -293,6 +292,12 @@ defaultPref("browser.download.alwaysOpenPanel", false); // do not expand toolbar
 defaultPref("media.autoplay.default", 5);
 /** [SECTION] POP-UPS AND WINDOWS
 * disable annoyin pop-ups and limit events that can trigger them.
 */
 defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups
 defaultPref("dom.disable_open_during_load", true); // block pop-ups windows
 defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
 /**
 * prevent scripts from resizing existing windows and opening new ones, by forcing them into
 * new tabs that can't be resized as well.
 */
@ -301,7 +306,7 @@ defaultPref("browser.link.open_newwindow", 3);
 defaultPref("browser.link.open_newwindow.restriction", 0);
 /** [SECTION] MOUSE */
-defaultPref("browser.tabs.searchclipboardfor.middleclick", false); // prevent mouse middle click on new tab button to trigger searches or page loads
+defaultPref("middlemouse.contentLoadURL", false); // prevent mouse middle click from opening links
@ -315,13 +320,6 @@ defaultPref("browser.tabs.searchclipboardfor.middleclick", false); // prevent mo
 defaultPref("extensions.webextensions.restrictedDomains", "");
 defaultPref("extensions.enabledScopes", 5); // hidden
 defaultPref("extensions.postDownloadThirdPartyPrompt", false);
 /**
 * the pref disables quarantined domains.
 * this is a security feature, we should remove it with v116 as there will be a UI to control this per-extension.
 * unless we patch remote settings we rely on static dumps. this means even if we did not flip this pref it would
 * not make a difference at the moment.
 */
 defaultPref("extensions.quarantinedDomains.enabled", false);
 /** [SECTION] SYSTEM
 * built-in extension are not allowed to auto-update. additionally the reporter extension
@ -376,6 +374,7 @@ pref("devtools.debugger.remote-enabled", false); // default, but subject to bran
 defaultPref("devtools.selfxss.count", 0); // required for devtools console to work
 /** [SECTION] OTHERS */
 pref("browser.translation.engine", ""); // remove translation engine
 pref("webchannel.allowObject.urlWhitelist", ""); // remove web channel whitelist
 defaultPref("services.settings.server", "https://%.invalid") // set the remote settings URL (REMOTE_SETTINGS_SERVER_URL in the code)
@ -386,7 +385,7 @@ defaultPref("services.settings.server", "https://%.invalid") // set the remote s
 /** [SECTION] BRANDING
 * set librewolf support and releases urls in the UI, so that users land in the proper places.
 */
-defaultPref("app.support.baseURL", "https://support.librewolf.net/");
+defaultPref("app.support.baseURL", "https://librewolf.net/docs/faq/#");
 defaultPref("browser.search.searchEnginesURL", "https://librewolf.net/docs/faq/#how-do-i-add-a-search-engine");
 defaultPref("browser.geolocation.warning.infoURL", "https://librewolf.net/docs/faq/#how-do-i-enable-location-aware-browsing");
 defaultPref("app.feedback.baseURL", "https://librewolf.net/#questions");
@ -430,6 +429,7 @@ lockPref("browser.newtabpage.activity-stream.default.sites", "");
 * remove annoying ui elements from the about pages, including about:protections
 */
 defaultPref("browser.contentblocking.report.lockwise.enabled", false);
 defaultPref("browser.contentblocking.report.monitor.enabled", false);
 lockPref("browser.contentblocking.report.hide_vpn_banner", true);
 lockPref("browser.contentblocking.report.vpn.enabled", false);
 lockPref("browser.contentblocking.report.show_mobile_app", false);
@ -495,6 +495,8 @@ pref("network.connectivity-service.enabled", false);
 // disable captive portal
 pref("network.captive-portal-service.enabled", false);
 pref("captivedetect.canonicalURL", "");
 // prevent sending server side analytics
 pref("beacon.enabled", false);
 /** [CATEGORY] WINDOWS
 * the prefs in this section only apply to windows installations and they don't have any