cleanup, new patch

build.sh

@@ -87,8 +87,8 @@ do_patches() {
 	patch -p1 -i ../patches/nightly/context-menu2.patch
 	echo "../patches/nightly/report-site-issue.patch"
 	patch -p1 -i ../patches/nightly/report-site-issue.patch
-	echo "../patches/nightly/megabar2.patch"
+	echo "../patches/nightly/megabar3.patch"
-	patch -p1 -i ../patches/nightly/megabar2.patch
+	patch -p1 -i ../patches/nightly/megabar3.patch
     else
 	echo "../linux/context-menu.patch"
 	patch -p1 -i ../linux/context-menu.patch
@@ -307,6 +307,7 @@ git_init() {
 
 
 # Permissive/strict configuration options (win10 only at the moment)
+# this stuff should probably go away..
 
 perm_config_diff() {
     pushd settings > /dev/null
@@ -328,25 +329,6 @@ perm_policies_diff() {
     popd > /dev/null
 }
 
-strict_config_diff() {
-    pushd settings > /dev/null
-      cp "/c/Program Files/LibreWolf/librewolf.cfg" librewolf.cfg
-      if [ $? -ne 0 ]; then exit 1; fi
-      git diff librewolf.cfg > ../patches/strict/librewolf-config.patch
-      git diff librewolf.cfg
-      git checkout librewolf.cfg > /dev/null 2>&1
-    popd > /dev/null
-}
-
-strict_policies_diff() {
-    pushd settings/distribution > /dev/null
-      cp "/c/Program Files/LibreWolf/distribution/policies.json" policies.json
-      if [ $? -ne 0 ]; then exit 1; fi
-      git diff policies.json > ../../patches/strict/librewolf-policies.patch
-      git diff policies.json
-      git checkout policies.json > /dev/null 2>&1 
-    popd > /dev/null
-}
 
 #
 # Nightly builds, alternative builds.
@@ -588,14 +570,6 @@ if [[ "$*" == *perm_policies_diff* ]]; then
     perm_policies_diff
     done_something=1
 fi
-if [[ "$*" == *strict_config_diff* ]]; then
-    strict_config_diff
-    done_something=1
-fi
-if [[ "$*" == *strict_policies_diff* ]]; then
-    strict_policies_diff
-    done_something=1
-fi
 
 
 # by default, give help..
@@ -638,15 +612,13 @@ Use: ./build.sh clean | all | [other stuff...]
 
     perm_config_diff     - diff between -release and -permissive config
     perm_policies_diff   - diff between -release and -permissive policies.json
-    strict_config_diff   - diff between -release and -strict config
-    strict_policies_diff - diff between -release and -strict policies.json
 
 The *_diff commands are dangerous (change repo files), win10 specific, and 
 just for internal use. You can use './build set_perm all' to build permissve
 and './build set_strict all' for -strict. This functionality exists because
 we're constantly balancing settings between usability and security.
 
-# Cross-compile from linux: (experimental)
+# Cross-compile from linux: (in development)
 
     linux_patches    - the 'do_patches' for linux->win crosscompile.
     linux_artifacts  - standard artifact zip file. perhaps a -setup.exe.

linux

@@ -1 +1 @@
-Subproject commit 062a454cf3a13f04f303c5a1ac88c80f92e689d7
+Subproject commit 95feca84f5c83a27418cf4822a83537606a21a53

patches/nightly/megabar3.patch

@@ -0,0 +1,148 @@
+diff --git a/browser/components/urlbar/UrlbarInput.jsm b/browser/components/urlbar/UrlbarInput.jsm
+index f076d5d7f2..92f0adf003 100644
+--- a/browser/components/urlbar/UrlbarInput.jsm
++++ b/browser/components/urlbar/UrlbarInput.jsm
+@@ -1704,13 +1704,13 @@ class UrlbarInput {
+ 
+     // Enable the animation only after the first extend call to ensure it
+     // doesn't run when opening a new window.
+-    if (!this.hasAttribute("breakout-extend-animate")) {
+-      this.window.promiseDocumentFlushed(() => {
+-        this.window.requestAnimationFrame(() => {
+-          this.setAttribute("breakout-extend-animate", "true");
+-        });
+-      });
+-    }
++//    if (!this.hasAttribute("breakout-extend-animate")) {
++//      this.window.promiseDocumentFlushed(() => {
++//        this.window.requestAnimationFrame(() => {
++//          this.setAttribute("breakout-extend-animate", "true");
++//        });
++//      });
++//    }
+   }
+ 
+   endLayoutExtend() {
+diff --git a/browser/themes/shared/urlbar-searchbar.inc.css b/browser/themes/shared/urlbar-searchbar.inc.css
+index 3abd701732..87713b9cbd 100644
+--- a/browser/themes/shared/urlbar-searchbar.inc.css
++++ b/browser/themes/shared/urlbar-searchbar.inc.css
+@@ -5,7 +5,7 @@
+ %endif
+ 
+ %define fieldHoverBorderColor hsla(240,5%,5%,.35)
+-%define urlbarMarginInline 5px
++%define urlbarMarginInline 0px
+ %define urlbarSearchButtonWidth calc(16px + 2 * var(--urlbar-icon-padding))
+ 
+ :root {
+@@ -273,40 +273,40 @@
+ }
+ 
+ #urlbar[breakout][breakout-extend] {
+-  top: -@urlbarBreakoutExtend@;
+-  left: calc(-@urlbarMarginInline@ - @urlbarBreakoutExtend@);
+-  width: calc(100% + 2 * @urlbarMarginInline@ + 2 * @urlbarBreakoutExtend@);
++  top: 0;
++  left: 0;
++  width: 100%;
+ }
+ 
+ @media (-moz-proton) {
+ #urlbar[breakout][breakout-extend] {
+   top: 0;
+-  left: -@urlbarMarginInline@;
+-  width: calc(100% + 2 * @urlbarMarginInline@);
++  left: 0;
++  width: 100%;
+ }
+ } /*** END proton ***/
+ 
+ @media not (-moz-proton) {
+ #urlbar[breakout][breakout-extend] > #urlbar-background {
+-  box-shadow: 0 3px 8px 0 rgba(0,0,0,.15)
++  box-shadow: 0 1px 4px rgba(0,0,0,.05);
+ }
+ 
+ #urlbar[breakout][breakout-extend][open] > #urlbar-background {
+-  box-shadow: 0 5px 18px rgba(0,0,0,.2);
++  box-shadow: 0 1px 4px rgba(0,0,0,.05);
+ }
+ } /*** END !proton ***/
+ 
+ #urlbar[breakout][breakout-extend] > #urlbar-input-container {
+-  height: calc(var(--urlbar-toolbar-height) + 2 * @urlbarBreakoutExtend@);
+-  padding-block: calc(@urlbarBreakoutExtend@ + (var(--urlbar-toolbar-height) - var(--urlbar-height)) / 2);
+-  padding-inline: calc(@urlbarMarginInline@ + @urlbarBreakoutExtend@);
++  height: var(--urlbar-toolbar-height);
++  padding-block: 0;
++  padding-inline: 0;
+ }
+ 
+ @media (-moz-proton) {
+ #urlbar[breakout][breakout-extend] > #urlbar-input-container {
+   height: var(--urlbar-toolbar-height);
+-  padding-block: calc((var(--urlbar-toolbar-height) - var(--urlbar-height)) / 2 + var(--urlbar-container-padding));
+-  padding-inline: calc(@urlbarMarginInline@ + var(--urlbar-container-padding));
++  padding-block: 0;
++  padding-inline: 0;
+ }
+ } /*** END proton ***/
+ 
+@@ -325,7 +325,7 @@
+ }
+ 
+ #urlbar[breakout][breakout-extend] > #urlbar-background {
+-  animation-name: urlbar-grow;
++  animation-name: none;
+   animation-duration: 0s;
+   animation-timing-function: var(--animation-easing-function);
+ }
+diff --git a/browser/themes/shared/urlbarView.inc.css b/browser/themes/shared/urlbarView.inc.css
+index e58531723e..dba8668168 100644
+--- a/browser/themes/shared/urlbarView.inc.css
++++ b/browser/themes/shared/urlbarView.inc.css
+@@ -86,16 +86,16 @@
+   display: block;
+   text-shadow: none;
+   overflow: clip;
+-  margin-inline: calc(5px + var(--urlbar-container-padding));
+-  width: calc(100% - 2 * (5px + var(--urlbar-container-padding)));
++  margin-inline: 0;
++  width: 100%
+   /* Match urlbar-background's border. */
+   border-inline: 1px solid transparent;
+ }
+ 
+ @media not (-moz-proton) {
+ .urlbarView {
+-  margin-inline: calc(4px + var(--identity-box-margin-inline));
+-  width: calc(100% - 2 * (4px + var(--identity-box-margin-inline)));
++  margin-inline: 0;
++  width: 100%;
+ }
+ /* If the view is open, offset the toolbar overlap so the view's top border
+    aligns with the toolbar. */
+@@ -298,6 +298,7 @@
+   object-fit: contain;
+   flex-shrink: 0;
+   -moz-context-properties: fill, fill-opacity;
++  margin-inline-start: 20px;
+ }
+ 
+ @media not (-moz-proton) {
+@@ -331,10 +332,10 @@
+ 
+ .urlbarView-type-icon {
+   position: absolute;
+-  width: 12px;
+-  height: 12px;
+-  margin-bottom: -4px;
+-  margin-inline-start: 8px;
++  width: 16px;
++  height: 16px;;
++  margin-bottom: 0;
++  margin-inline-start: 0;
+   align-self: end;
+   background-repeat: no-repeat;
+   background-size: contain;

patches/permissive/librewolf-config.patch

@@ -1,26 +1,16 @@
 diff --git a/librewolf.cfg b/librewolf.cfg
-index 1ad0cea..934e6ca 100644
+index 03524fd..7aa8d33 100644
 --- a/librewolf.cfg
 +++ b/librewolf.cfg
-@@ -264,11 +264,12 @@ defaultPref("media.gmp-manager.certs.1.commonName", "");
+@@ -375,6 +375,7 @@ defaultPref("network.proxy.socks_version", 5);
- // User Settings : WebRTC
+ defaultPref("browser.tabs.loadBookmarksInTabs", true);
- // ----------------------
+ defaultPref("devtools.debugger.remote-enabled", false);
- 
+ defaultPref("devtools.chrome.enabled", false);
--defaultPref("media.navigator.enabled", false);
++defaultPref("general.useragent.site_specific_overrides", false);
--defaultPref("media.navigator.video.enabled", false);
+ defaultPref("extensions.ui.experiment.hidden", false);
--defaultPref("media.getusermedia.browser.enabled", false);
+ //defaultPref("extensions.ui.dictionary.hidden", false);
--defaultPref("media.getusermedia.screensharing.enabled", false);
+ //defaultPref("extensions.ui.locale.hidden", false);
--defaultPref("media.getusermedia.audiocapture.enabled", false);
+@@ -388,7 +389,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
-+// these 5 are needed to be true for webcam/camera
-+defaultPref("media.navigator.enabled", true);
-+defaultPref("media.navigator.video.enabled", true);
-+defaultPref("media.getusermedia.browser.enabled", true);
-+defaultPref("media.getusermedia.screensharing.enabled", true);
-+defaultPref("media.getusermedia.audiocapture.enabled", true);
- defaultPref("media.peerconnection.use_document_iceservers", false);
- defaultPref("media.peerconnection.identity.enabled", false);
- // 10000 per default
-@@ -389,7 +390,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
  lockPref("dom.indexedDB.enabled", true); //default true
  //lockPref("dom.indexedDB.logging.details", false); //default true
  //lockPref("dom.indexedDB.logging.enabled", false); //default true
@@ -29,7 +19,16 @@ index 1ad0cea..934e6ca 100644
  //lockPref("network.http.spdy.enabled", false);
  //lockPref("network.http.spdy.enabled.deps", false);
  //lockPref("network.http.spdy.enabled.http2", false);
-@@ -882,12 +883,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
+@@ -616,7 +617,7 @@ defaultPref("extensions.webextensions.background-delayed-startup", true); //defa
+ // >>>>>>>>>>>>>>>>>>>>
+ 
+ // Pref : Disabling performance addon url [FF64+]
+-lockPref("devtools.performance.recording.ui-base-url", "http://localhost:4242");
++lockPref("devtools.performance.recording.ui-base-url", "https://localhost:4242");
+ // Default Value : https://perf-html.io
+ 
+ // Pref : The default set of protocol handlers for irc [FF64+]
+@@ -881,12 +882,12 @@ lockPref("extensions.getAddons.compatOverides.url", "");
  // https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=%LOCALE%
  
  // Pref :
@@ -44,7 +43,7 @@ index 1ad0cea..934e6ca 100644
  // Default Value
  // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
  
-@@ -897,12 +898,12 @@ defaultPref("extensions.getAddons.link.url", "");
+@@ -896,12 +897,12 @@ defaultPref("extensions.getAddons.link.url", "");
  // https://addons.mozilla.org/%LOCALE%/firefox/
  
  // Pref :
@@ -59,7 +58,7 @@ index 1ad0cea..934e6ca 100644
  // Default Value
  // https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox
  
-@@ -932,7 +933,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
+@@ -931,7 +932,7 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
  // https://accounts.firefox.com/
  
  // Pref :
@@ -68,33 +67,16 @@ index 1ad0cea..934e6ca 100644
  // Default Value
  // https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
  // %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
-@@ -1430,18 +1431,18 @@ defaultPref("browser.tabs.animate", false);
+@@ -1476,7 +1477,7 @@ lockPref("javascript.options.shared_memory", false);
- // Bench Diff : -220/5000
+ // So overall, disabling SW should enhance performance because it blocks SW Scripts.
- // Pref : Disable webGL I/II
+ // [NOTE] Service worker APIs are hidden (in Firefox) and cannot be used when in PB mode.
- // WebGL introduces high fingerprinting (WebGL is a js API for directly accessing hardware)
+ // [NOTE] Service workers only run over HTTPS. Service Workers have no DOM access.
--defaultPref("webgl.disabled", false); // Tor have it false but the rest is the same (webgl)
+-defaultPref("dom.serviceWorkers.enabled", false);
-+//defaultPref("webgl.disabled", false); // Tor have it false but the rest is the same (webgl)
++lockPref("dom.serviceWorkers.enabled", false);
- // This does not leak
--lockPref("webgl.enable-webgl2", false);
--lockPref("webgl.min_capability_mode", true);
-+//lockPref("webgl.enable-webgl2", false);
-+//lockPref("webgl.min_capability_mode", true);
  
- // Bench Diff : 0/5000
+ // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
- // Pref : Disable webGL II/II
+ // Section : General Settings 1/3
- // WebGL introduces high fingerprinting (WebGL is a js API for directly accessing hardware)
+@@ -1803,7 +1804,7 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
--lockPref("pdfjs.enableWebGL", false);
--lockPref("webgl.disable-extensions", true);
--lockPref("webgl.disable-fail-if-major-performance-caveat", true);
--lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active
-+//lockPref("pdfjs.enableWebGL", false);
-+//lockPref("webgl.disable-extensions", true);
-+//lockPref("webgl.disable-fail-if-major-performance-caveat", true);
-+//lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active
- 
- // Bench Diff : -1500/5000
- // Pref : Disable asm.js
-@@ -1804,13 +1805,13 @@ lockPref("datareporting.healthreport.uploadEnabled", false);
  lockPref("datareporting.policy.dataSubmissionEnabled", false);
  
  // Pref : Disable right-click menu manipulation via JavaScript (disabled)
@@ -103,14 +85,16 @@ index 1ad0cea..934e6ca 100644
  
  // Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
  // Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in
- // JS-based web applications (Google Docs etc.)
+@@ -1893,7 +1894,7 @@ lockPref("dom.enable_user_timing", false);
- // https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled
+ // Pref : Disable Web Audio API
--lockPref("dom.event.clipboardevents.enabled", false);
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=1288359
-+lockPref("dom.event.clipboardevents.enabled", true);
+ // Avoid fingerprinting
+-defaultPref("dom.webaudio.enabled", false);
++lockPref("dom.webaudio.enabled", false);
  
- // Pref : Force Punycode for Internationalized Domain Names
+ // Pref : When geolocation is enabled, don't log geolocation requests to the console
- // http://kb.mozillazine.org/Network.IDN_show_punycode
+ lockPref("geo.wifi.logging.enabled", false);
-@@ -2773,3 +2774,14 @@ defaultPref("devtools.selfxss.count", 0);
+@@ -2772,3 +2773,10 @@ defaultPref("devtools.selfxss.count", 0);
  // enable HTTPS only mode by default
  defaultPref("dom.security.https_only_mode", true);
  defaultPref("dom.security.https_only_mode_ever_enabled", true);
@@ -121,7 +105,3 @@ index 1ad0cea..934e6ca 100644
 +defaultPref("privacy.clearOnShutdown.cookies", false);
 +defaultPref("privacy.clearOnShutdown.offlineApps", false);
 +defaultPref("network.cookie.lifetimePolicy", 2);
-+
-+// attempting to allow webcam and microphone
-+defaultPref("permissions.default.microphone",1);
-+defaultPref("permissions.default.camera",1);

patches/strict/README.md

@@ -1,9 +0,0 @@
-# current differences between -release and -strict
-
-## librewolf.cfg:
-
-* todo
-
-## policies.json
-
-* todo: add noscript

patches/urlbarprovider-interventions.patch

@@ -0,0 +1,13 @@
+diff --git a/browser/components/urlbar/UrlbarProviderInterventions.jsm b/browser/components/urlbar/UrlbarProviderInterventions.jsm
+index e22886ce92..d46d8191f2 100644
+--- a/browser/components/urlbar/UrlbarProviderInterventions.jsm
++++ b/browser/components/urlbar/UrlbarProviderInterventions.jsm
+@@ -451,7 +451,7 @@ class ProviderInterventions extends UrlbarProvider {
+         ]),
+       });
+       for (let [id, phrases] of Object.entries(DOCUMENTS)) {
+-        queryScorer.addDocument({ id, phrases });
++//        queryScorer.addDocument({ id, phrases });
+       }
+       return queryScorer;
+     });