Closed earthlng closed 2 years ago
* apz.nonwr.activate_all_scroll_frames Bug [1733520](https://bugzilla.mozilla.org/show_bug.cgi?id=1733520). Remove apz.nonwr.activate_all_scroll_frames* prefs. * apz.nonwr.activate_all_scroll_frames_when_fission Bug [1733520](https://bugzilla.mozilla.org/show_bug.cgi?id=1733520). Remove apz.nonwr.activate_all_scroll_frames* prefs. * browser.contentblocking.features.strict Bug [1664995](https://bugzilla.mozilla.org/show_bug.cgi?id=1664995) - Part 4: Enable OCSP partiitoning in strict mode. Bug [1698843](https://bugzilla.mozilla.org/show_bug.cgi?id=1698843) - Part 3: Set content blocking category flag for cookieBehavior for the private mode. * browser.display.use_system_colors Bug [1593273](https://bugzilla.mozilla.org/show_bug.cgi?id=1593273): Default browser.display.use_system_colors to true on windows, false elsewhere * browser.download.enable_spam_prevention Bug [1731668](https://bugzilla.mozilla.org/show_bug.cgi?id=1731668) - Move downloads spam prevention work behind a pref. * browser.newtabpage.activity-stream.customizationMenu.enabled Bug [1710937](https://bugzilla.mozilla.org/show_bug.cgi?id=1710937) - Part 2 - Remove showCustomizationMenu pref and associated code. * browser.newtabpage.activity-stream.discoverystream.compactLayout.enabled Bug [1717682](https://bugzilla.mozilla.org/show_bug.cgi?id=1717682) - Pref and implementation for compact 4 card row layout for Pocket newtab. * browser.newtabpage.activity-stream.discoverystream.lastCardMessage.enabled Bug [1729946](https://bugzilla.mozilla.org/show_bug.cgi?id=1729946) - Adding Pocket newtab load more button. * browser.newtabpage.activity-stream.discoverystream.loadMore.enabled Bug [1729946](https://bugzilla.mozilla.org/show_bug.cgi?id=1729946) - Adding Pocket newtab load more button. * browser.newtabpage.activity-stream.discoverystream.newFooterSection.enabled Bug [1730018](https://bugzilla.mozilla.org/show_bug.cgi?id=1730018) - New Pocket footer section on newtab * browser.newtabpage.activity-stream.discoverystream.saveToPocketCard.enabled Bug [1730017](https://bugzilla.mozilla.org/show_bug.cgi?id=1730017) - Adding save to Pocket button to newtab Pocket cards on hover. * browser.newtabpage.activity-stream.newNewtabExperience.enabled Bug [1710937](https://bugzilla.mozilla.org/show_bug.cgi?id=1710937) - Part 1 - Remove newNewTabExperienceEnabled pref and associated code. Bug [1703941](https://bugzilla.mozilla.org/show_bug.cgi?id=1703941) - Turn on prefs for new tab design work in Firefox 89. * browser.privatebrowsing.infoBody Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoEnabled Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoIcon Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoLinkText Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoLinkUrl Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoTitle Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment. Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.infoTitleEnabled Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment. * browser.privatebrowsing.promoEnabled Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.promoLinkText Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.promoLinkUrl Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.promoTitle Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment. Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing Bug [1709344](https://bugzilla.mozilla.org/show_bug.cgi?id=1709344) - Add Nimbus to about:privatebrowsing. * browser.privatebrowsing.promoTitleEnabled Bug [1729766](https://bugzilla.mozilla.org/show_bug.cgi?id=1729766) - Update about:privatebrowsing with VPN promo Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment Bug [1715504](https://bugzilla.mozilla.org/show_bug.cgi?id=1715504) - Banner variations for Private Browsing mode experiment. * browser.sessionstore.dom_form_limit Bug [1727367](https://bugzilla.mozilla.org/show_bug.cgi?id=1727367) - Part 1: Add prefs for max session store form entry size. * browser.sessionstore.dom_form_max_limit Bug [1727367](https://bugzilla.mozilla.org/show_bug.cgi?id=1727367) - Part 1: Add prefs for max session store form entry size. * browser.sessionstore.warnOnQuit Bug [1724976](https://bugzilla.mozilla.org/show_bug.cgi?id=1724976), whether to show quit warning should not be dependent on session restore state, and remove the redundant browser.sessionstore.warnOnQuit preference, * browser.startup.couldRestoreSession.count Bug [1724960](https://bugzilla.mozilla.org/show_bug.cgi?id=1724960) - Add a one-time infobar to explain session restore. * browser.tabs.remote.testOnly.failPBrowserCreation.enabled Bug [1725572](https://bugzilla.mozilla.org/show_bug.cgi?id=1725572) - Part 3: Recover from a missing subframe BrowsingContext in ConstructBrowser, * browser.tabs.warnOnClose Bug [1724977](https://bugzilla.mozilla.org/show_bug.cgi?id=1724977), change default value of browser.tabs.warnOnClose to false, Bug [1724976](https://bugzilla.mozilla.org/show_bug.cgi?id=1724976), whether to show quit warning should not be dependent on session restore state, and remove the redundant browser.sessionstore.warnOnQuit preference, * browser.warnOnQuitShortcut Bug [1726736](https://bugzilla.mozilla.org/show_bug.cgi?id=1726736), add a separate preference when quitting using the shortcut key, and modify the close dialog warning to indicate that the warning only applies to keyboard quitting, * clipboard.copyPrivateDataToClipboardCloudOrHistory Bug [1730194](https://bugzilla.mozilla.org/show_bug.cgi?id=1730194) - Prevent Copy button to send information to Cloud Clipboard and Clipboard History on Windows. * content.sink.pending_event_mode Bug [1730958](https://bugzilla.mozilla.org/show_bug.cgi?id=1730958) - Fix some #ifdefs in static prefs. * devtools.every-frame-target.enabled Bug [1685500](https://bugzilla.mozilla.org/show_bug.cgi?id=1685500) - [devtools] Create target actors for all iframes. * dom.forms.enterkeyhint Bug [1648332](https://bugzilla.mozilla.org/show_bug.cgi?id=1648332) - Ship enterkeyhint in release. * dom.ipc.processCount.webIsolated Bug [1727158](https://bugzilla.mozilla.org/show_bug.cgi?id=1727158) - Part 2: Bump processCount.webIsolated to 4 on desktop, * dom.shadowdom.delegatesFocus.enabled Bug [1413836](https://bugzilla.mozilla.org/show_bug.cgi?id=1413836) - Add delegatesFocus attribute to shadow dom * fission.highValue.coop.expiration Bug [1723797](https://bugzilla.mozilla.org/show_bug.cgi?id=1723797) - Add a separate pref to control process isolation strategy when fission.autostart is enabled, * fission.webContentIsolationStrategy Bug [1723797](https://bugzilla.mozilla.org/show_bug.cgi?id=1723797) - Add a separate pref to control process isolation strategy when fission.autostart is enabled, * gfx.layerscope.enabled Bug [1732328](https://bugzilla.mozilla.org/show_bug.cgi?id=1732328) - Remove dead gfx.layerscope.*** pref. * gfx.layerscope.port Bug [1732328](https://bugzilla.mozilla.org/show_bug.cgi?id=1732328) - Remove dead gfx.layerscope.*** pref. * gfx.logging.painted-pixel-count.enabled Bug [1729954](https://bugzilla.mozilla.org/show_bug.cgi?id=1729954) - Remove gfx.logging.painted-pixel-count.enabled. * gfx.webrender.blob-tile-size Bug [1729441](https://bugzilla.mozilla.org/show_bug.cgi?id=1729441) - Add a pref to set the blob tile size. * gfx.webrender.debug.batched-texture-uploads Bug [1690247](https://bugzilla.mozilla.org/show_bug.cgi?id=1690247) - Enable the batched texture upload path on windows. Bug [1681310](https://bugzilla.mozilla.org/show_bug.cgi?id=1681310) - Add a batched texture upload code path using glTexSubImage2D. * gfx.webrender.debug.draw-calls-for-texture-copy Bug [1690247](https://bugzilla.mozilla.org/show_bug.cgi?id=1690247) - Enable the batched texture upload path on windows. Bug [1681310](https://bugzilla.mozilla.org/show_bug.cgi?id=1681310) - Add a batched texture upload code path using glTexSubImage2D. * gfx.webrender.enable-multithreading Bug [1731610](https://bugzilla.mozilla.org/show_bug.cgi?id=1731610) - Add new prefs in WebRender with less boilerplate. * gfx.webrender.pbo-uploads Bug [1732726](https://bugzilla.mozilla.org/show_bug.cgi?id=1732726) - Use PBO uploads on Windows. * layers.acceleration.draw-fps.print-histogram Bug [1729960](https://bugzilla.mozilla.org/show_bug.cgi?id=1729960) - Remove mozilla::layers::Diagnostics. * layers.acceleration.draw-fps.write-to-file Bug [1729960](https://bugzilla.mozilla.org/show_bug.cgi?id=1729960) - Remove mozilla::layers::Diagnostics. * layers.bench.enabled Bug [1732225](https://bugzilla.mozilla.org/show_bug.cgi?id=1732225) - Remove unused layers.bench.enabled pref. * layers.bufferrotation.enabled Bug [1729826](https://bugzilla.mozilla.org/show_bug.cgi?id=1729826) - Remove unused gfxPlatform::BufferRotationEnabled(). * layers.componentalpha.enabled Bug [1732227](https://bugzilla.mozilla.org/show_bug.cgi?id=1732227) - Remove unused layers.componentalpha.enabled pref. * layers.compositing-tiles.height Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.compositing-tiles.width Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.draw-bigimage-borders Bug [1729816](https://bugzilla.mozilla.org/show_bug.cgi?id=1729816) - part 1: Remove unused gfxPlatform::GetLayerDiagnosticTypes() and related prefs. * layers.draw-borders Bug [1729816](https://bugzilla.mozilla.org/show_bug.cgi?id=1729816) - part 1: Remove unused gfxPlatform::GetLayerDiagnosticTypes() and related prefs. * layers.draw-layer-info Bug [1729816](https://bugzilla.mozilla.org/show_bug.cgi?id=1729816) - part 3: Remove unused layers.draw-layer-info pref. * layers.draw-tile-borders Bug [1729816](https://bugzilla.mozilla.org/show_bug.cgi?id=1729816) - part 1: Remove unused gfxPlatform::GetLayerDiagnosticTypes() and related prefs. * layers.dump Bug [1729817](https://bugzilla.mozilla.org/show_bug.cgi?id=1729817) - Remove unused layers.dump and related prefs. * layers.dump-client-layers Bug [1729817](https://bugzilla.mozilla.org/show_bug.cgi?id=1729817) - Remove unused layers.dump and related prefs. * layers.dump-host-layers Bug [1729817](https://bugzilla.mozilla.org/show_bug.cgi?id=1729817) - Remove unused layers.dump and related prefs. * layers.dump-texture Bug [1729817](https://bugzilla.mozilla.org/show_bug.cgi?id=1729817) - Remove unused layers.dump and related prefs. * layers.effect.contrast Bug [1729822](https://bugzilla.mozilla.org/show_bug.cgi?id=1729822) - Remove unused layers.effect.* prefs. * layers.effect.grayscale Bug [1729822](https://bugzilla.mozilla.org/show_bug.cgi?id=1729822) - Remove unused layers.effect.* prefs. * layers.effect.invert Bug [1729822](https://bugzilla.mozilla.org/show_bug.cgi?id=1729822) - Remove unused layers.effect.* prefs. * layers.flash-borders Bug [1729816](https://bugzilla.mozilla.org/show_bug.cgi?id=1729816) - part 1: Remove unused gfxPlatform::GetLayerDiagnosticTypes() and related prefs. * layers.geometry.basic.enabled Bug [1732221](https://bugzilla.mozilla.org/show_bug.cgi?id=1732221) - Remove unused layers.geometry.*** prefs. * layers.geometry.d3d11.enabled Bug [1732221](https://bugzilla.mozilla.org/show_bug.cgi?id=1732221) - Remove unused layers.geometry.*** prefs. * layers.geometry.opengl.enabled Bug [1732221](https://bugzilla.mozilla.org/show_bug.cgi?id=1732221) - Remove unused layers.geometry.*** prefs. * layers.low-precision-opacity Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.max-active Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.orientation.sync.timeout Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.single-tile.enabled Bug [1727782](https://bugzilla.mozilla.org/show_bug.cgi?id=1727782) - Remove layers.single-tile.enabled pref * layers.tile-initial-pool-size Bug [1729476](https://bugzilla.mozilla.org/show_bug.cgi?id=1729476) - Remove unused CompositorBridgeChild::GetTexturePool. * layers.tile-pool-clear-timeout Bug [1729476](https://bugzilla.mozilla.org/show_bug.cgi?id=1729476) - Remove unused CompositorBridgeChild::GetTexturePool. * layers.tile-pool-shrink-timeout Bug [1729476](https://bugzilla.mozilla.org/show_bug.cgi?id=1729476) - Remove unused CompositorBridgeChild::GetTexturePool. * layers.tile-pool-unused-size Bug [1729476](https://bugzilla.mozilla.org/show_bug.cgi?id=1729476) - Remove unused CompositorBridgeChild::GetTexturePool. * layers.tiles.edge-padding Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.tiles.fade-in.duration-ms Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.tiles.fade-in.enabled Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.tiles.retain-back-buffer Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.transaction.warning-ms Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.uniformity-info Bug [1729580](https://bugzilla.mozilla.org/show_bug.cgi?id=1729580) - Remove unused `layers.***` pref more. * layers.use-image-offscreen-surfaces Bug [1729579](https://bugzilla.mozilla.org/show_bug.cgi?id=1729579) - Remove gfxPlatformGtk::UseImageOffscreenSurfaces(). * layout.animated-image-layers.enabled Bug [1729824](https://bugzilla.mozilla.org/show_bug.cgi?id=1729824) - Remove unused layout.animated-image-layers.enabled. * layout.css.autofill.background Bug [1687682](https://bugzilla.mozilla.org/show_bug.cgi?id=1687682) - Make autofill use a semi-transparent background-image rather than filter. * layout.css.font-visibility.level Bug [1715507](https://bugzilla.mozilla.org/show_bug.cgi?id=1715507) - Support different levels of font-visibility per context, depending on tracking/fingerprinting protection settings. * layout.css.font-visibility.private Bug [1715507](https://bugzilla.mozilla.org/show_bug.cgi?id=1715507) - Support different levels of font-visibility per context, depending on tracking/fingerprinting protection settings. * layout.css.font-visibility.resistFingerprinting Bug [1715507](https://bugzilla.mozilla.org/show_bug.cgi?id=1715507) - Support different levels of font-visibility per context, depending on tracking/fingerprinting protection settings. * layout.css.font-visibility.standard Bug [1715507](https://bugzilla.mozilla.org/show_bug.cgi?id=1715507) - Support different levels of font-visibility per context, depending on tracking/fingerprinting protection settings. * layout.css.font-visibility.trackingprotection Bug [1715507](https://bugzilla.mozilla.org/show_bug.cgi?id=1715507) - Support different levels of font-visibility per context, depending on tracking/fingerprinting protection settings. * layout.css.grid-item-baxis-measurement.enabled Bug [1591366](https://bugzilla.mozilla.org/show_bug.cgi?id=1591366) - Improve nested grid layout performance * layout.css.scroll-linked-animations.enabled Bug [1676782](https://bugzilla.mozilla.org/show_bug.cgi?id=1676782) - Part 2: Hook @scroll-timeline rule into style system. * layout.css.trig.enabled Bug [1729804](https://bugzilla.mozilla.org/show_bug.cgi?id=1729804) - Add experimental support for "e", "pi", and various trigonometric functions in calc(). * layout.paint_rects_separately Bug [1729955](https://bugzilla.mozilla.org/show_bug.cgi?id=1729955) - Remove layout.paint_rects_separately. * layout.smaller-painted-layers Bug [1729935](https://bugzilla.mozilla.org/show_bug.cgi?id=1729935) - Remove unused layout.smaller-painted-layers. * media.decoder.skip_when_video_too_slow_ms Bug [1722171](https://bugzilla.mozilla.org/show_bug.cgi?id=1722171) - use time threshold to determine if we need to skip to next key frame. * network.cache.bug1708673 Bug [1733958](https://bugzilla.mozilla.org/show_bug.cgi?id=1733958) - Set network.cache.bug1708673 to false. Bug [1731054](https://bugzilla.mozilla.org/show_bug.cgi?id=1731054) - Reenable bug1708673 without perf regression Bug [1718267](https://bugzilla.mozilla.org/show_bug.cgi?id=1718267) - Flip network.cache.bug1708673 to false to fix browsertime regression * network.disable-localhost-when-offline Bug [1634246](https://bugzilla.mozilla.org/show_bug.cgi?id=1634246) - Add option to disallow connections to localhost while in offline mode. * network.dns.http3_echconfig.enabled Bug [1726528](https://bugzilla.mozilla.org/show_bug.cgi?id=1726528) - Add a pref to control whether to enable echConfig for http3, * network.http.altsvc.oe Bug [1730935](https://bugzilla.mozilla.org/show_bug.cgi?id=1730935) - Disable Opportunistic Encryption, the feature has a low usage. * network.http.clear_bogus_content_encoding Bug [1030660](https://bugzilla.mozilla.org/show_bug.cgi?id=1030660) - Disable ClearBogusContentEncodingIfNeeded. * network.http.early_data_disable_on_error Bug [1718520](https://bugzilla.mozilla.org/show_bug.cgi?id=1718520) - Disable early-data if a SSL_ERROR_PROTOCOL_VERSION_ALERT is received * network.http.early_data_max_error Bug [1718520](https://bugzilla.mozilla.org/show_bug.cgi?id=1718520) - Disable early-data if a SSL_ERROR_PROTOCOL_VERSION_ALERT is received * network.notify.IPv6 Bug [1730958](https://bugzilla.mozilla.org/show_bug.cgi?id=1730958) - Fix some #ifdefs in static prefs. * network.proxy.testing_localhost_is_secure_when_hijacked Bug [1729897](https://bugzilla.mozilla.org/show_bug.cgi?id=1729897) - CSP Upgrade-insecure-requests is upgrading localhost websocket * network.send_ODA_to_content_directly Bug [1731192](https://bugzilla.mozilla.org/show_bug.cgi?id=1731192) - Enable "network.send_ODA_to_content_directly" by default, * network.ssl_tokens_cache_enabled Bug [1728648](https://bugzilla.mozilla.org/show_bug.cgi?id=1728648) - Use the TLS token cache in necko on release as well. Bug [1728543](https://bugzilla.mozilla.org/show_bug.cgi?id=1728543) - Enable the necko TLS token cache on the early Beta * network.trr.strict_native_fallback Bug [1714182](https://bugzilla.mozilla.org/show_bug.cgi?id=1714182) - Don't fallback from DoH to native in cases of request failure. * privacy.clearsitedata.cache.enabled Bug [1671182](https://bugzilla.mozilla.org/show_bug.cgi?id=1671182) - Remove "cache" feature from Clear-Site-Data. * privacy.partition.network_state.ocsp_cache Bug [1664995](https://bugzilla.mozilla.org/show_bug.cgi?id=1664995) - Part 1: Make OCSP cache to be aware of the partitionKey in the originAttributes. * privacy.partition.network_state.ocsp_cache.pbmode Bug [1664995](https://bugzilla.mozilla.org/show_bug.cgi?id=1664995) - Part 1: Make OCSP cache to be aware of the partitionKey in the originAttributes. * security.disallow_privileged_data_subdocuments_loads WIP: Bug [1727251](https://bugzilla.mozilla.org/show_bug.cgi?id=1727251) - Cancel system principal subdocument requests with data URL Bug [1725339](https://bugzilla.mozilla.org/show_bug.cgi?id=1725339) - Restrict systemprincipal from loading type *SUBDOCUMENT* via HTTP, HTTPS and data schemes (data restriction preffed OFF). * services.sync.prefs.sync.browser.sessionstore.warnOnQuit Bug [1724976](https://bugzilla.mozilla.org/show_bug.cgi?id=1724976), whether to show quit warning should not be dependent on session restore state, and remove the redundant browser.sessionstore.warnOnQuit preference, * signon.usernameOnlyForm.enabled Bug [1732901](https://bugzilla.mozilla.org/show_bug.cgi?id=1732901) - Enable multi-page login form in beta and release * toolkit.aboutProcesses.profileDuration Bug [1730239](https://bugzilla.mozilla.org/show_bug.cgi?id=1730239) - Offer a way to profile a specific process from about:processes, * toolkit.aboutProcesses.showProfilerIcons Bug [1730239](https://bugzilla.mozilla.org/show_bug.cgi?id=1730239) - Offer a way to profile a specific process from about:processes, * toolkit.sqlitejsm.loglevel Bug [1727261](https://bugzilla.mozilla.org/show_bug.cgi?id=1727261) - Allow to control Sqlite.jsm logging through a pref. * widget.non-native-theme.always-high-contrast Bug [1734115](https://bugzilla.mozilla.org/show_bug.cgi?id=1734115) - Add basic support for dark form controls to nsNativeBasicTheme.
https://blog.mozilla.org/netpolicy/2021/10/28/implementing-global-privacy-control/
Did anyone ANYONE told them¹ that there's a ten years old w3c standard for that? https://www.w3.org/TR/tracking-dnt/
:facepalm:
Two Headers for the same thing. One passive FP vector more.
¹authors of CCPA and CRPA
One passive FP vector more
and active - you can query it via JS
However, it should have no impact on fingerprinting for most people. Just don't do anything and you will be the same as almost everyone else on Firefox .... it's completely independent of everything else (for now)
But then I fully expect them to tie it to ETP strict mode and PB windows and it'll be the shit-show that DNT. DNT and this should have a RFP protection - DNT was too hard to do and a political fucktoy - everyone hated it and no-one wanted to touch it.
They should deprecate DNT, and if/when GPC is controlled via other settings (ETP/PB windows) then when that happens they need to wrap RFP into it
Firefox 94.0, See All New Features, Updates and Fixes https://www.mozilla.org/en-US/firefox/94.0/releasenotes/
To better protect all Firefox users against side-channel attacks such as Spectre, we’ve introduced Site Isolation. We’ve got your back...errr...side!
But site isolation don't seem to be enabled.
Introducing Firefox’s new Site Isolation Security Architecture https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/
To enable Site Isolation on Firefox Beta or Release:
Navigate to about:config. Set
fission.autostart
pref totrue
. Restart Firefox.
This pref is default set to 'false'..
Now Firefox introduced site isolation, should it be enabled in the user.js or wait till Firefox enables it?
1732358 assuming everything goes smoothly ... FF96 landing 2022-Jan-11
1732358 assuming everything goes smoothly ... FF96 landing 2022-Jan-11
Thanks! That explains it. (Mozilla could have been more clear on that in the release notes)
Just something to add on the Do Not Track and Global Privacy Control discussion...
DNT https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT
Deprecated: This feature is no longer recommended. Though some browsers might still support it, it may have already been removed from the relevant web standards, may be in the process of being dropped, or may only be kept for compatibility purposes. Avoid using it, and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.
I think the Do Not Track header in on a dead end. Global Privacy Control looks like a successor, but it's Californian law and therefor limited to California.
In the EU you have the GDPR which states that you cannot track users, collect and process personal data without consent, that's why people in de EU have those cookie policy warnings. Complete guide to GDPR compliance https://gdpr.eu/
The EU privacy watchdog wants a complete ban on targeted advertising.
Euro privacy watchdog calls for end of targeted advertising plus a squeeze on the processing of personal info https://www.theregister.com/2021/02/11/eu_ad_rules/
But as with GPC this is limited to the EU.
And many of us already use ad-blockers which do a lot of 'do not track'. :)
anyone knows if with "Site Isolation",the Temporary containers add-on will not be needed anymore?
TL;DR: No
"Site Isolation" (aka. fission) and (d)FPI/TC are two different kinds of isolation.
current draft patch - https://github.com/arkenfox/user.js/pull/1275
/* 1402: limit font visibility (Windows, Mac, some Linux) [FF94+]
* [NOTE] RFP ignores these and uses the value in 4506
* Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
* 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
* [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
// user_pref("layout.css.font-visibility.private", 1);
// user_pref("layout.css.font-visibility.standard", 1);
// user_pref("layout.css.font-visibility.trackingprotection", 1);
https://hg.mozilla.org/mozilla-central/rev/1bb499672d52
layout.css.font-visibility.resistFingerprinting
What if RFP was enabled at at level 2, but TP was at 1 - WTF happens?
The actual value used in a private-browsing context will be the lesser of the appropriate standard/trackingprotection/RFP value from above, and the private-browsing level specified by this pref
I might see if I can get @jfkthame to clarify
Edit: OK, I need to add that PB windows choose the lowest value depending if they're applicable
Paste the function below in your console and the call it like font_visibility({privacy.resistFingerprinting}, {PBM}, {privacy.trackingprotection.enabled}, {privacy.trackingprotection.pbmode.enabled}, {layout.css.font-visibility.private}, {layout.css.font-visibility.standard}, {layout.css.font-visibility.trackingprotection}, {layout.css.font-visibility.resistFingerprinting}
.
Example:
>> font_visibility(true, true, true, true, 3, 3, 3, 1)
1
>> font_visibility(false, true, true, true, 3, 3, 3, 1)
3
function font_visibility(rfp, pbm, tp, tp_pbm, private_, standard, trackingprotection, resistFingerprinting) {
const BASE = 1;
const USER = 3;
var level = 0;
if (rfp === true) {
level = resistFingerprinting;
} else if (tp === true || (pbm === true && tp_pbm === true)) {
level = trackingprotection;
} else {
level = standard;
}
if (pbm === true) {
level = Math.max(Math.min(level, private_), BASE);
}
level = Math.max(Math.min(level, USER), BASE);
return level;
}
python version:
def font_visibility(
rfp, pbm, tp, tp_pbm,
private, standard, trackingprotection, resistFingerprinting
):
BASE = 1
USER = 3
if rfp is True:
level = resistFingerprinting
elif tp is True or (pbm is True and tp_pbm is True):
level = trackingprotection
else:
level = standard
if pbm is True:
level = max(min(level, private), BASE)
level = max(min(level, USER), BASE)
return level
Yeah, I get that
Ignoring PB windows. There is RFP, or TP or standard (TP being the component you see in custom which has an option for all windows or just PB windows). That is all crystal clear. RFP overrides TP which overrides standard
But in a PB windows it takes the lowest of the above one value, or private. This means that is RFP is higher than private, then RFP is altered. RFP should not be overridden IMO, as it alters the FP. Now it's going to be very unlikely that someone does that, but I'd rather the code didn't allow it
edit: see
console.log( font_vis(true, true, true, true, 1, 1, 1, 2 ) ) // rfp on in a pb window = 1
cconsole.log( font_vis(true, false, true, true, 1, 1, 1, 2 ) ) // rfp on in a normal window = 2
end edit
Anyway, do you want to type up how that all works in a sentence?
@rusty-snake , do you want to add: https://bugzilla.mozilla.org/show_bug.cgi?id=1714182
/* 0700s: disable falling back from DoH to native in cases of request failure ***/
// user_pref("network.trr.strict_native_fallback", true);
If you do not want leak via native DNS, you should use network.trr.mode=3
anyway. If you use mode 2 and set this pref to true
, you still have leaks (e.g. for NXDOMAIN). So I would say we can ignore it.
FYI:
privacy.partition.network_state.ocsp_cache
is flipped to true when TP is in strict mode, which explains the new entry in browser.contentblocking.features.strict
.browser.warnOnQuitShortcut
is exposed in the UI as "Confirm before quitting with Ctrl + Q".others:
browser.download.improvements_to_download_panel
+ the new browser.download.enable_spam_prevention
looks, but I couldn't find any website that behaves similarly to the test. any assist?privacy.clearsitedata.cache.enabled
is a welcomed entry in the source code.network.ssl_tokens_cache_enabled
is required for quic, see OPprivacy.clearsitedata.cache.enabled
added
security.disallow_privileged_data_subdocuments_loads
- sounds F good to me
security.disallow_privileged_https_subdocuments_loads
getting enabledbrowser.warnOnQuitShortcut
I wanted to look at because we have other warn on quit prefs
^ thanks, not enough of what I was after, but a start, also XP is not supported anyway :) There are also changes to the warnings since 94
signon.usernameOnlyForm.enabled
what does it do? - support multi-page logins
To support password manager features for multi-page login forms, we will need to:
- Implement heuristics to detect username-only forms
- Notify the password manager when a form has username-compatible
- Support autofill, autocomplete, context menu in the username-only form
- Support login capture when users submit the form with
After discussing with the team, we decide to disable the support of multi-page login form on release channel for 2-3 cycles ito make sure the feature is in a stable state. We have seen some false-positive cases so far
In some sites, the autocomplete popup for login might be shown in a non-username field
We disable auto-filling of signon fields (0903), but that's not the concern here, as it would still trigger when you enter the field - which has always been the case
This patch adds
DOMFormHasPossibleUsername
event to notify the password manager when a form has a possible username field (text or email). The event works similar to the existingDOMFormHasPassword
event.
Anyway, I guess this is stable enough for release now. And I don't see any privacy issues here not already mitigated
browser.download.enable_spam_prevention
- OK, I wanted to check this because of the name, but it's only internal UI stuff, ignoringpref("network.disable-localhost-when-offline", false);
I tried this, and TBH IDK what they mean by offline
localhost/tzp/
localhost/tzp/
¯\_(ツ)_/¯
I tried this, and TBH IDK what they mean by offline
This offline mode
https://www.howtogeek.com/wp-content/uploads/2016/07/02_selecting_work_offline_in_file_menu.png
Yes, I tried that, it didn't stop localhost loading - quote "went to menu and chose offline"
WFM
localhost:631
(linux/mac) to test, result: page loadsabout:config
set network.disable-localhost-when-offline=true
OK, IDK what the fuck I did, but WFM too - could have sworn I did a restart (and I sanitize on close) - must have been cached (I always use a new tab, so refreshing is not a thing for me - instead did a quick ctrl-shift-del)
played around with the other closing prefs:
browser.tabs.warnOnClose
: it is in the UI as "Confirm before closing multiple tabs"browser.tabs.warnOnCloseOtherTabs
: I can't get it to work, in theory it should warn when doing right "Close multiple tabs" > "Close other tabs" but it doesn't work for me. weird.browser.warnOnQuitShortcut
: see previous comments. despite it's value and look in the UI it can be bypassed with browser.warnOnQuit
set to false.browser.warOnQuit
would control also the tabs warning prefs, but it doesn't.network partitioning includes OCSP
OCSP is only isolated by the firstPartyDomain. It should also be isolated by the partitionKey
but wait... we use FPI https://github.com/arkenfox/user.js/blob/6b351a9458a307bfa37d0e61c7434a616f4de006/user.js#L958
but wait... we'll be moving to dFPI very soon
looking at pbm
prefs, there are two in the user.js, and I think it's always a good idea to leave these alone - they are commented out. And they always(?) have a corresponding master all windows mode pref.
For now, I have added it to the tasks in #1051 and we can revisit it in FF96+
played around with the other closing prefs:
browser.tabs.warnOnClose
: it is in the UI as "Confirm before closing multiple tabs"
browser.tabs.warnOnCloseOtherTabs
: I can't get it to work, in theory it should warn when doing right "Close multiple tabs" > "Close other tabs" but it doesn't work for me. weird.
browser.warnOnQuitShortcut
: see previous comments. despite it's value and look in the UI it can be bypassed withbrowser.warnOnQuit
set to false.based on this comment I thought
browser.warOnQuit
would control also the tabs warning prefs, but it doesn't.
OK, so I'm thinking this should be as simple as just adding it and letting users work it all out themselves
My use case
browser.tabs.closeWindowWithLastTab
coversbrowser.tabs.warnOnClose
falsebrowser.tabs.warnOnCloseOtherTabs
falseRight now,
browser.tabs.warnOnClose
governs a warning that appears when closing multiple tabs
warnOnCloseOtherTabs
for then?browser.warnOnQuit - hidden preference that overrides all others if false browser.sessionstore.warnOnQuit - hidden preference that disables warning on quit when session store is active browser.tabs.warnOnClose - disables close tab warning, corresponds to checkbox in preferences
warnOnQuit
pref that's been floating aroundAnyway, I think we should just ignore this rabbit hole labyrinth of old vs new behavior, different OS defaults, changed OS defaults, call it a day, and resort to some nude drinking
browser.tabs.warnOnCloseOtherTabs: I can't get it to work, in theory it should warn when doing right "Close multiple tabs" > "Close other tabs" but it doesn't work for me. weird.
IDK about the menu contexts, but in an app close the warn on other tabs seems about as useful as tits on a bull- see comments from moz devs in previous post
I did some tests (closing app via close button)
FF78, Nightly96
t - warnOnClose
t/f - warnOnCloseOtherTabs
t - warnOnQuit
multi-tab = warning, single-tab = no warning
f - warnOnClose
t/f - warnOnCloseOtherTabs
t - warnOnQuit
multi-tabs = no warning, single-tab = no warning
I couldn't even get a warning for closing the app with a single tab (I do not close on lasttab - this is probably tied into it). In the above, clearly warnOnCloseOtherTabs
is fucking useless (maybe it adds something when lasttab is not flipped)
IDFC anymore :)
FF94 is scheduled for release Nov. 2nd
FF94 release notes [when ready] FF94 for developers FF94 security advisories
122 diffs ( 45 new, 65 gone, 12 different )
1402
pref replacement - 1715507 - https://github.com/arkenfox/user.js/commit/e2e7f9c64704ab75a22a5efd911af3845a0fefdfremoved, renamed or hidden in v94.0:
1402
pref("layout.css.font-visibility.level", 3); - 1715507 - https://github.com/arkenfox/user.js/commit/e2e7f9c64704ab75a22a5efd911af3845a0fefdfchanged in v94.0:
4510
pref("browser.display.use_system_colors", true); // prev: false 1593273 - https://github.com/arkenfox/user.js/commit/bd59131d3e56b9fdafe7aa7b5889106bb9f484a9 + https://github.com/arkenfox/user.js/commit/17beb468f1ce5acf1438e17f7ed9490a5377f45c9000
pref("browser.tabs.warnOnClose", false); // prev: true 1724977 - https://github.com/arkenfox/user.js/commit/15158974496806e8ee9564d0b36fe0cbbb0f869f7010
pref("network.http.altsvc.oe", false); // prev: true 1730935 - https://github.com/arkenfox/user.js/commit/15158974496806e8ee9564d0b36fe0cbbb0f869fignore
click me for details
==NEW ```js pref("browser.download.enable_spam_prevention", false); pref("browser.newtabpage.activity-stream.discoverystream.compactLayout.enabled", false); pref("browser.newtabpage.activity-stream.discoverystream.lastCardMessage.enabled", false); pref("browser.newtabpage.activity-stream.discoverystream.loadMore.enabled", false); pref("browser.newtabpage.activity-stream.discoverystream.newFooterSection.enabled", false); pref("browser.newtabpage.activity-stream.discoverystream.saveToPocketCard.enabled", false); pref("browser.tabs.remote.testOnly.failPBrowserCreation.enabled", false); pref("browser.sessionstore.dom_form_limit", 2097152); pref("browser.sessionstore.dom_form_max_limit", 52428800); pref("browser.startup.couldRestoreSession.count", 0); pref("devtools.every-frame-target.enabled", false); pref("dom.shadowdom.delegatesFocus.enabled", true); pref("fission.highValue.coop.expiration", 2592000); pref("fission.webContentIsolationStrategy", 1); pref("gfx.webrender.batched-texture-uploads", true); pref("gfx.webrender.blob-tile-size", 256); pref("gfx.webrender.draw-calls-for-texture-copy", true); pref("gfx.webrender.multithreading", true); pref("gfx.webrender.pbo-uploads", false); pref("layout.css.autofill.background", true); pref("layout.css.grid-item-baxis-measurement.enabled", false); pref("layout.css.scroll-linked-animations.enabled", false); pref("layout.css.trig.enabled", false); pref("network.cache.bug1708673", false); pref("network.disable-localhost-when-offline", false); pref("network.dns.http3_echconfig.enabled", false); pref("network.http.clear_bogus_content_encoding", false); pref("network.http.early_data_disable_on_error", true); pref("network.http.early_data_max_error", 5); pref("network.proxy.testing_localhost_is_secure_when_hijacked", false); pref("network.trr.strict_native_fallback", false); pref("media.decoder.skip_when_video_too_slow_ms", 2500); pref("toolkit.aboutProcesses.profileDuration", 5); pref("toolkit.aboutProcesses.showProfilerIcons", false); pref("toolkit.sqlitejsm.loglevel", "Error"); pref("widget.non-native-theme.always-high-contrast", false); ``` ==REMOVED or HIDDEN ```js pref("apz.nonwr.activate_all_scroll_frames", false); pref("apz.nonwr.activate_all_scroll_frames_when_fission", false); pref("browser.newtabpage.activity-stream.customizationMenu.enabled", false); pref("browser.newtabpage.activity-stream.newNewtabExperience.enabled", true); pref("browser.privatebrowsing.infoBody", ""); pref("browser.privatebrowsing.infoEnabled", true); pref("browser.privatebrowsing.infoIcon", ""); pref("browser.privatebrowsing.infoLinkText", ""); pref("browser.privatebrowsing.infoLinkUrl", ""); pref("browser.privatebrowsing.infoTitle", ""); pref("browser.privatebrowsing.infoTitleEnabled", true); pref("browser.privatebrowsing.promoEnabled", true); pref("browser.privatebrowsing.promoLinkText", ""); pref("browser.privatebrowsing.promoLinkUrl", ""); pref("browser.privatebrowsing.promoTitle", ""); pref("browser.privatebrowsing.promoTitleEnabled", true); pref("browser.sessionstore.warnOnQuit", false); pref("gfx.layerscope.enabled", false); pref("gfx.layerscope.port", 23456); pref("gfx.logging.painted-pixel-count.enabled", false); pref("gfx.webrender.debug.batched-texture-uploads", true); pref("gfx.webrender.debug.draw-calls-for-texture-copy", true); pref("gfx.webrender.enable-multithreading", true); pref("layers.acceleration.draw-fps.print-histogram", false); pref("layers.acceleration.draw-fps.write-to-file", false); pref("layers.bench.enabled", false); pref("layers.bufferrotation.enabled", true); pref("layers.componentalpha.enabled", true); pref("layers.compositing-tiles.height", 1024); pref("layers.compositing-tiles.width", 1024); pref("layers.draw-bigimage-borders", false); pref("layers.draw-borders", false); pref("layers.draw-layer-info", false); pref("layers.draw-tile-borders", false); pref("layers.dump", false); pref("layers.dump-client-layers", false); pref("layers.dump-host-layers", false); pref("layers.dump-texture", false); pref("layers.effect.contrast", "0.0"); pref("layers.effect.grayscale", false); pref("layers.effect.invert", false); pref("layers.flash-borders", false); pref("layers.geometry.basic.enabled", true); pref("layers.geometry.d3d11.enabled", true); pref("layers.geometry.opengl.enabled", true); pref("layers.low-precision-opacity", "1.0"); pref("layers.max-active", -1); pref("layers.orientation.sync.timeout", 0); pref("layers.single-tile.enabled", true); pref("layers.tile-initial-pool-size", 50); pref("layers.tile-pool-clear-timeout", 5000); pref("layers.tile-pool-shrink-timeout", 50); pref("layers.tile-pool-unused-size", 10); pref("layers.tiles.edge-padding", false); pref("layers.tiles.fade-in.duration-ms", 250); pref("layers.tiles.fade-in.enabled", false); pref("layers.tiles.retain-back-buffer", true); pref("layers.transaction.warning-ms", 200); pref("layers.uniformity-info", false); pref("layers.use-image-offscreen-surfaces", true); pref("layout.animated-image-layers.enabled", false); pref("layout.paint_rects_separately", true); pref("layout.smaller-painted-layers", false); pref("services.sync.prefs.sync.browser.sessionstore.warnOnQuit", true); ``` ==CHANGED ```js pref("content.sink.pending_event_mode", 1); // prev: 0 pref("dom.forms.enterkeyhint", true); // prev: false pref("dom.ipc.processCount.webIsolated", 4); // prev: 1 pref("network.notify.IPv6", false); // prev: true pref("network.send_ODA_to_content_directly", true); // prev: false pref("security.disallow_privileged_data_subdocuments_loads", true); // prev: false pref("signon.usernameOnlyForm.enabled", true); // prev: false ```