Items to followup on from #442 #490
Comments
|
device sensors: We can ignore proximity & ambient light |
I don't think this makes any difference. It's very unlikely that a pdf exploit would need to wait until you load page 3 or whatever. That may be also why TBB removed the pref again IDK. |
@Thorin-Oakenpants I haven't moved to FF62 yet, maybe it's gone already and I don't know if it's used or not but since it's still in DXR I only assume it is. Similarly, I don't how regularly DXR gets updated (seems to always be current) so who knows but I went ahead and added it as "true" because of this bit:
Probably one of the least worrying prefs out there. Just wanted to be clear it is still around on Release channel. |
|
the code that used proof: |
|
started a |
|
|
|
moving to |
|
Moving to ---1
It's a battery thing for mobile. If you search DXR you can see the default for mobile is true, false for everything else. ---2
This used to be under Options as “Warn me when web sites try to redirect or reload the page” Not sure (I am but one person) how prevalent this is on the web these days, but I would find a browser prompt annoying. If a site requires auto-refreshing for content etc, big deal. Redirects are a different matter. I don't think this pref is the answer. I miss the legacy NoRedirect, but in the meantime, I think the damage redirects can do is mostly mitigated by other means - well, at least for me (hardened uM with default no JS) What damage can redirects do? Send you to a malicious site? Send you on a ticket clipping ad network ride? IDK, we already have mechanisms to make most of that a moot point What are your thoughts @earthlng |
|
^^ bump > What are your thoughts @earthlng |
|
yeah IDK. Refreshes work even when JS is disabled and can be quite annoying when they're used to redirect non-JS users to a warning page or something like that. But I tend to agree that it's probably not worth adding to the user.js |
If True, you can create entries like: and give it a value corresponding to the UA you want to use on that URL:
|
/* 0710: disable GIO as a potential proxy bypass vector
* [1] https://bugzilla.mozilla.org/1433507
* [2] https://en.wikipedia.org/wiki/GIO_(software) ***/
user_pref("network.gio.supported-protocols", ""); // (hidden pref)
|
|
I think we should flip /* 1403: disable icon fonts (glyphs) (FF41) and local fallback rendering
* [1] https://bugzilla.mozilla.org/789788
* [2] https://trac.torproject.org/projects/tor/ticket/8455 ***/
// user_pref("gfx.downloadable_fonts.enabled", false);
// user_pref("gfx.downloadable_fonts.fallback_delay", -1)Nits? Edit: Note on why it was at active true: I assume it's because too much broke for end users when false, and we can always control third party fonts with uM - or is this something else - fonts confuse me, @font-face is usually 3rd party right?. At inactive false, anyone who flips it themselves, then the breakage is on them. |
|
MOAR fonts: user_pref("layout.css.font-display.enabled", false); 1157064
Edit: PS:
Edit2: Is this just a master switch for killing @font-face? I am soooo confused right now |
|
GIO:
I'm not sure. LINUX for sure and perhaps MAC, IDK.
👍
yes I believe so. We should also add https://en.wikipedia.org/wiki/GVFS and maybe a link to the TBB trac issue so users can immediately see that it's a hardening thing also used in TBB: /* 0710: disable GIO as a potential proxy bypass vector
* Gvfs/GIO has a set of supported protocols like obex, network, archive,
* computer, dav, cdda, gphoto2, trash, etc. By default only smb and sftp
* protocols are accepted so far. (as of FF64)
* [1] https://bugzilla.mozilla.org/1433507
* [2] https://trac.torproject.org/23044
* [3] https://en.wikipedia.org/wiki/GVfs
* [4] https://en.wikipedia.org/wiki/GIO_(software) ***/
user_pref("network.gio.supported-protocols", ""); // (hidden pref) |
|
we can squeeze that text into 2 lines (both under 100chars), I'll do a commit |
|
moved to
/* 1243: block http-subrequests triggered by Flash (FF59+)
* [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1190623 ***/
user_pref("security.mixed_content.block_object_subrequest", true);👍 or nits? |
👍 maybe include MitM in the title? for example
or "Block unencrypted requests ...". I'm not sure if "http (sub)requests" is appropriate because unencrypted websocket requests are probably possible in Flash as well ( |
|
I got mixed up with the two But ping-center is a different thing. Current js has: /* 0506: disable PingCentre telemetry (used in several System Add-ons) (FF57+)
* Currently blocked by 'datareporting.healthreport.uploadEnabled' (see 0333) ***/
user_pref("browser.ping-centre.telemetry", false);This info is 7 releases old, NFI what's changed. I'll do a DXR search later. Assuming |
|
https://dxr.mozilla.org/mozilla-central/source/browser/modules/PingCentre.jsm is the only place I can find these prefs (outside tests etc). The hard-coded countries with less than 10K users is interesting 1421422
Edit: FYI: land PingCentre FF57 => use PingCenter FF57 So lemme know: worth it to add the two prefs for in-depth defense? |
|
|
Yup, I know. I was just referencing the constant to save time |
I clear most of the child entries, even if the master switch is disabled. |
the code using the endpoint URL is never reached because it returns early if either |
|
NAH to device sensors and WebVTT |
|
all moved to
|
|
can't be bothered with the rest. I don't get the BS with the handlers, block everything and have to allow all the exceptions. As for the other two prefs left, or some I just moved to |
So... someone kindly dumped (#442) over 450 prefs on
usme - prefs that were not in our user.js. These are the items that need more investigating--
🔻 ADDED
🔻 PENDING
expose*external*warn-external*those 32 `protocol-handler` prefs
🔻 NAH
general.useragent.override.websitenamehere.com, but didn't know it relied on this master pref. Not interested in adding to the user.js, because, see the header for section4700- it's an incomplete half-baked solution.2601so this is moot. A fallback of true would be good, but we already do way too much. Not interested.0506as well as telemetry pref03334604& RFPuser_pref("device.sensors.ambientLight.enabled", false);1462308user_pref("device.sensors.proximity.enabled", false);1462308// TBB 7.5.6=false, FF61=true. If false, only renders pages that are visible, see github
2422?) tor 21549, tor 26407 slider - nah, master pref is enoughThe text was updated successfully, but these errors were encountered: