Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ToDo: diffs FF126-FF127 #1860

Closed
4 tasks done
earthlng opened this issue Jun 22, 2024 · 14 comments
Closed
4 tasks done

ToDo: diffs FF126-FF127 #1860

earthlng opened this issue Jun 22, 2024 · 14 comments

Comments

@earthlng
Copy link
Contributor

earthlng commented Jun 22, 2024

FF127 release date: Jun. 11th 2024

FF127 release notes
FF127 for developers
FF127 security advisories


118 diffs ( 71 new, 32 gone, 15 different )

removed, renamed or hidden in v127.0:

  • 2630 pref("browser.contentanalysis.default_allow", false); - 1880314 - 1000651
  • 4511 pref("widget.non-native-theme.enabled", true); - 1848899 - 1000651

changed in v127.0:

  • 0602 pref("network.dns.disablePrefetchFromHTTPS", false); // prev: true - 1596935 - 5131044
  • FYI
    • pref("screenshots.browser.component.enabled", true); // prev: false - 🎉 yay! the built in component doesn't leak a uuid
    • pref("security.mixed_content.upgrade_display_content", true); // prev: false
    • pref("security.mixed_content.upgrade_display_content.image", true); // prev: false
      • ^ we're already on HTTPS-Only Mode, but this is good for everyone else not on HTTPS-First
    • pref("browser.startup.windowsLaunchOnLogin.enabled", true); // prev: false 1892782

ignore

click me for details

==NEW

pref("browser.backup.preferences.ui.enabled", false);
pref("browser.backup.sqlite.pages_per_step", 5);
pref("browser.backup.sqlite.step_delay_ms", 250);
pref("browser.contentanalysis.bypass_for_same_tab_operations", false);
pref("browser.ml.modelCacheTimeout", 120000);
pref("browser.ml.modelHubRootUrl", "https://model-hub.mozilla.org/");
pref("browser.ml.modelHubUrlTemplate", "{model}/{revision}");
pref("browser.newtabpage.activity-stream.discoverystream.pocket-feed-parameters", "");
pref("browser.newtabpage.activity-stream.discoverystream.region-weather-config", "");
pref("browser.newtabpage.activity-stream.feeds.weatherfeed", true);
pref("browser.newtabpage.activity-stream.showWeather", true);
pref("browser.newtabpage.activity-stream.system.showWeather", false);
pref("browser.newtabpage.activity-stream.weather.display", "simple");
pref("browser.newtabpage.activity-stream.weather.locationSearchEnabled", false);
pref("browser.newtabpage.activity-stream.weather.query", "");
pref("browser.newtabpage.activity-stream.weather.temperatureUnits", "f");
pref("browser.sessionstore.log.appender.console", "Fatal");
pref("browser.sessionstore.log.appender.dump", "Error");
pref("browser.sessionstore.log.appender.file.level", "Trace");
pref("browser.sessionstore.log.appender.file.logOnError", true);
pref("browser.sessionstore.log.appender.file.logOnSuccess", false);
pref("browser.sessionstore.log.appender.file.maxErrorAge", 864000);
pref("browser.sessionstore.loglevel", "Warn");
pref("browser.tabs.context.close-duplicate.enabled", true);
pref("browser.urlbar.secondaryActions.featureGate", false);
pref("browser.urlbar.untrimOnUserInteraction.featureGate", false);
pref("dom.memory.memory_pressure_on_background", 0);
pref("extensions.originControls.grantByDefault", true);
pref("identity.fxaccounts.commands.remoteTabManagement.enabled", false);
pref("image.testing.decode-sync.enabled", false);
pref("javascript.options.experimental.new_set_methods", true);
pref("javascript.options.mem.gc_max_parallel_marking_threads", 2);
pref("javascript.options.wasm_branch_hinting", false);
pref("javascript.options.wasm_js_promise_integration", false);
pref("layout.css.content.alt-text.enabled", false);
pref("media.getusermedia.audio.capture.enabled", false);
pref("media.getusermedia.audio.max_channels", 0);
pref("media.getusermedia.audio.processing.aec", 1);
pref("media.getusermedia.audio.processing.aec.enabled", true);
pref("media.getusermedia.audio.processing.aec.mobile", false);
pref("media.getusermedia.audio.processing.agc", 1);
pref("media.getusermedia.audio.processing.agc.enabled", true);
pref("media.getusermedia.audio.processing.agc2.forced", true);
pref("media.getusermedia.audio.processing.hpf.enabled", true);
pref("media.getusermedia.audio.processing.noise", 2);
pref("media.getusermedia.audio.processing.noise.enabled", true);
pref("media.getusermedia.audio.processing.platform.enabled", false);
pref("media.getusermedia.audio.processing.transient.enabled", true);
pref("media.getusermedia.microphone.voice_stream_priming.enabled", false);
pref("media.prefer-non-ffvpx", false);
pref("network.connectivity-service.DNS_HTTPS.domain", "cloudflare-dns.com");
pref("network.dns.only_refresh_on_fresh_connection", true);
pref("network.dns.prefetch_via_proxy", false);
pref("places.history.floodingPrevention.enabled", false);
pref("places.history.floodingPrevention.maxSecondsFromLastUserInteraction", 3);
pref("places.history.floodingPrevention.restrictionCount", 3);
pref("places.history.floodingPrevention.restrictionExpireSeconds", 5);
pref("privacy.bounceTrackingProtection.enableDryRunMode", true);
pref("privacy.bounceTrackingProtection.hasMigratedUserActivationData", false);
pref("reader.character_spacing", "");
pref("reader.improved_text_menu.enabled", false);
pref("reader.text_alignment", "start");
pref("reader.word_spacing", "");
pref("security.xfocsp.hideOpenInNewWindow", true);
pref("toolkit.contentRelevancy.ingestEnabled", false);
pref("toolkit.scrollbox.pagescroll.maxOverlapLines", 2);
pref("toolkit.scrollbox.pagescroll.maxOverlapPercent", 10);

==REMOVED, RENAMED or HIDDEN

pref("browser.privateWindowSeparation.enabled", true);
pref("browser.search.serpEventTelemetry.enabled", true);
pref("browser.tabs.firefox-view", true);
pref("browser.tabs.firefox-view-newIcon", true);
pref("browser.tabs.firefox-view-next", true);
pref("browser.tabs.firefox-view.notify-for-tabs", false);
pref("extensions.abuseReport.amoDetailsURL", "https://services.addons.mozilla.org/api/v4/addons/addon/");
pref("extensions.abuseReport.amoFormEnabled", true);
pref("extensions.abuseReport.amWebAPI.enabled", true);
pref("extensions.abuseReport.url", "https://services.addons.mozilla.org/api/v4/abuse/report/addon/");
pref("extensions.formautofill.reauth.enabled", false);
pref("image.decode-sync.enabled", false);
pref("layers.force-shmem-tiles", false);
pref("media.getusermedia.aec", 1);
pref("media.getusermedia.aec_enabled", true);
pref("media.getusermedia.agc", 1);
pref("media.getusermedia.agc2_forced", true);
pref("media.getusermedia.agc_enabled", true);
pref("media.getusermedia.audiocapture.enabled", false);
pref("media.getusermedia.channels", 0);
pref("media.getusermedia.hpf_enabled", true);
pref("media.getusermedia.noise", 2);
pref("media.getusermedia.noise_enabled", true);
pref("media.getusermedia.transient_enabled", true);
pref("media.getusermedia.use_aec_mobile", false);
pref("media.mediasource.webm.audio.enabled", true);
pref("network.protocol-handler.external.firefox-bridge", false);
pref("network.protocol-handler.external.firefox-private-bridge", false);
pref("signon.management.page.os-auth.enabled", false);
pref("widget.non-native-theme.webrender", true);

==CHANGED

pref("app.update.interval", 21600); // prev: 43200
pref("browser.newtabpage.activity-stream.discoverystream.contile-topsites-positions", "0,1,2"); // prev: "0,1"
pref("devtools.performance.recording.features", "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\",\"memory\"]"); // prev: "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\"]"
pref("devtools.performance.recording.features.remote", "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\",\"memory\",\"java\"]"); // prev: "[\"js\",\"stackwalk\",\"cpu\",\"screenshots\",\"java\"]"
pref("dom.events.asyncClipboard.clipboardItem", true); // prev: false
pref("javascript.options.mem.nursery.max_kb", 65536); // prev: 16384
pref("layout.css.gradient-color-interpolation-method.enabled", true); // prev: false
pref("media.peerconnection.dtls.version.max", 772); // prev: 771
pref("print.save_as_pdf.internal_destinations.enabled", true); // prev: false
pref("privacy.bounceTrackingProtection.requireStatefulBounces", true); // prev: false

</p></details>
@earthlng
Copy link
Contributor Author

some bugzilla tickets

  • browser.backup.preferences.ui.enabled
    Bug 1892959 - Stub out initial section for backup management within about:preferences.

  • browser.backup.sqlite.pages_per_step
    Bug 1891141 - Create preferences for the pages per step and step delay used by BackupResources.

  • browser.backup.sqlite.step_delay_ms
    Bug 1891141 - Create preferences for the pages per step and step delay used by BackupResources.

  • browser.contentanalysis.bypass_for_same_tab_operations
    Bug 1869868 part 2 - do not consult DLP when copy/pasting items in the same tab

  • browser.contentanalysis.default_allow
    Bug 1880314 - add a default warn setting to Content Analysis

  • browser.contentanalysis.default_result
    Bug 1880314 - add a default warn setting to Content Analysis

  • browser.ml.modelCacheTimeout
    Bug 1887826 - Implement the Transformers.js based Pipeline for alt-text

  • browser.ml.modelHubRootUrl
    Bug 1887826 - Implement the Transformers.js based Pipeline for alt-text

  • browser.ml.modelHubUrlTemplate
    Bug 1887826 - Implement the Transformers.js based Pipeline for alt-text

  • browser.newtabpage.activity-stream.discoverystream.contile-topsites-positions
    Bug 1888540 - Home and newtab turn on third sponsored tile position
    Bug 1870160 - Newtab configurable positions for topsites from contile

  • browser.newtabpage.activity-stream.discoverystream.pocket-feed-parameters
    Bug 1894517 - Update Pocket feed URL default value.
    Bug 1894517 - Add region-specific parameter to Pocket feed URL for experimentation.

  • browser.newtabpage.activity-stream.discoverystream.region-weather-config
    Bug 1896681 - Home and newtab adding region control for weather widget a=pascalc

  • browser.newtabpage.activity-stream.showWeather
    Bug 1896678 - Home and newtab weather widget user pref default to true, system pref is still false
    Bug 1886833 - Home and newtab creating weather feed

  • browser.newtabpage.activity-stream.system.showWeather
    Bug 1896681 - Home and newtab adding region control for weather widget a=pascalc
    Bug 1886833 - Home and newtab creating weather feed

  • browser.newtabpage.activity-stream.weather.display
    Bug 1890136 - Add preferences, hook up toggle button on new tab customization panel and about:preferences#home

  • browser.newtabpage.activity-stream.weather.locationSearchEnabled
    Bug 1890136 - Add preferences, hook up toggle button on new tab customization panel and about:preferences#home

  • browser.newtabpage.activity-stream.weather.query
    Bug 1886833 - Home and newtab creating weather feed

  • browser.newtabpage.activity-stream.weather.temperatureUnits
    Bug 1890136 - Add preferences, hook up toggle button on new tab customization panel and about:preferences#home

  • browser.privateWindowSeparation.enabled
    Bug 1883673 - Remove majorRelease2022 Nimbus feature

  • browser.search.serpEventTelemetry.enabled
    Bug 1851907 - Remove SERP Telemetry v1 feature gating pref -

  • browser.sessionstore.log.appender.console
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.log.appender.dump
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.log.appender.file.level
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.log.appender.file.logOnError
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.log.appender.file.logOnSuccess
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.log.appender.file.maxErrorAge
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.sessionstore.loglevel
    Bug 1854373 Use the loggers to capture errors and debug details during session restore.r=sessionstore-reviewers,markh,sclements

  • browser.startup.windowsLaunchOnLogin.enabled
    Bug 1892782 - Enable Firefox launch on login by default

  • browser.tabs.context.close-duplicate.enabled
    Bug 1892266 - Enable "Close duplicate tabs" by default.
    Bug 1891797 - Close duplicate tabs from the context menu.

  • browser.tabs.firefox-view
    Bug 1851697 - Remove Firefox View button notification dot
    Bug 1882114 - Remove unused Firefox View prefs
    Bug 1783521 - add card preview when inactive tab hovered.
    Bug 1817794 - Remove Firefox View feature pref
    Bug 1854957 - remove Firefox View newIcon pref.
    Bug 1864534 - remove firefox-view-next pref and update about AboutRedirector

  • browser.tabs.firefox-view.notify-for-tabs
    Bug 1851697 - Remove Firefox View button notification dot

  • browser.tabs.firefox-view-newIcon
    Bug 1882114 - Remove unused Firefox View prefs
    Bug 1783521 - add card preview when inactive tab hovered.
    Bug 1854957 - remove Firefox View newIcon pref.

  • browser.tabs.firefox-view-next
    Bug 1882114 - Remove unused Firefox View prefs
    Bug 1783521 - add card preview when inactive tab hovered.
    Bug 1864534 - remove firefox-view-next pref and update about AboutRedirector

  • browser.urlbar.secondaryActions.featureGate
    Bug 1871206 - Implement secondary actions for the urlbar.

  • browser.urlbar.untrimOnUserInteraction.featureGate
    Bug 1848715 - Untrim address bar value on user interaction.

  • devtools.performance.recording.features
    Bug 1817163 - Add a profiler feature for memory tracking to enable the memory hooks
    Bug 1858420: Remove the old "leaf" feature from the profiler features prefs

  • devtools.performance.recording.features.remote
    Bug 1817163 - Add a profiler feature for memory tracking to enable the memory hooks
    Bug 1858420: Remove the old "leaf" feature from the profiler features prefs

  • dom.events.asyncClipboard.clipboardItem
    Bug 1887845 - Enabled dom.events.asyncClipboard.clipboardItem by default;

  • dom.memory.memory_pressure_on_background
    Bug 1892278 - Add a pref'ed off memory-pressure when a content process moves to background,

  • dom.prefetch_dns_for_anchor_http_document
    Bug 1596935 - Separate rel=dns-prefetch behaviour from html anchor dns prefetch

  • dom.prefetch_dns_for_anchor_https_document
    Bug 1596935 - Separate rel=dns-prefetch behaviour from html anchor dns prefetch

  • extensions.abuseReport.amoDetailsURL
    Bug 1893116 - Remove built-in abuse report UI.

  • extensions.abuseReport.amoFormEnabled
    Bug 1893116 - Remove built-in abuse report UI.
    Bug 1859791 - Move prefs enabling the abuse report features only implemented on FirefoxDesktop into FirefoxDesktop prefs file.
    Bug 1859791 - Replace in-product abuse report flow with AMO web form.

  • extensions.abuseReport.amWebAPI.enabled
    Bug 1893116 - Remove built-in abuse report UI.
    Bug 1859791 - Move prefs enabling the abuse report features only implemented on FirefoxDesktop into FirefoxDesktop prefs file.
    Bug 1777492 - Merge geckoview-prefs.js and mobile.js

  • extensions.abuseReport.url
    Bug 1893116 - Remove built-in abuse report UI.

  • extensions.formautofill.reauth.enabled
    Bug 1898323 - Fix OsAuth migration for beta and have it disabled by default on Beta and Release.
    Bug 1898323 - Fix OsAuth migration. a=pascalc

  • extensions.originControls.grantByDefault
    Bug 1889402 - Grant origin permissions during install for mv3

  • identity.fxaccounts.commands.remoteTabManagement.enabled
    Bug 1885064 - Ability to send and receive close remote tab pushes

  • image.decode-sync.enabled
    Bug 1892678. Rename pref image.decode-sync.enabled to image.testing.decode-sync.enabled.

  • image.testing.decode-sync.enabled
    Bug 1892678. Rename pref image.decode-sync.enabled to image.testing.decode-sync.enabled.

  • javascript.options.experimental.new_set_methods
    Bug 1868423 - Ship New Set Methods;

  • javascript.options.mem.gc_max_parallel_marking_threads
    Bug 1821671 - Part 2: Add pref for setting the maximum number of marking threads to use

  • javascript.options.mem.nursery.max_kb
    Bug 1892242: Increase maximum nursery size to 64MB.
    Bug 1837944 - Part 1: Use the same nursery size settings on Android as desktop configuraions

  • javascript.options.wasm_branch_hinting
    Bug 1837683 - wasm: Parsing of the custom branch hinting section.

  • javascript.options.wasm_js_promise_integration
    Bug 1850627 - Wasm JS Promise integration basics.

  • layers.force-shmem-tiles
    Bug 1896006 - Remove unused layers.force-shmem-tiles pref

  • layout.css.content.alt-text.enabled
    Bug 1281158 - Parse alternative text for the content property.

  • layout.css.gradient-color-interpolation-method.enabled
    Bug 1861363 - Enable the gradient-color-interpolation-method flag on stable

  • media.getusermedia.aec
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.aec_enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.agc
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.agc_enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.agc2_forced
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.capture.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.max_channels
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.aec
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.aec.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.aec.mobile
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.agc
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.agc.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.agc2.forced
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.hpf.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.noise
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.noise.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audio.processing.platform.enabled
    Bug 1895787 - Disable platform processing on macOS.
    Bug 1404972 - Add a pref for platform audio processing.

  • media.getusermedia.audio.processing.transient.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.audiocapture.enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.channels
    Bug 1404972 - Rename audio input prefs to be more consistent.
    Bug 1866014 - Remove temporary Mac-only mono input channel count limit.
    Bug 1866014 - Temporarily only request mono input on MacOS, take 2.

  • media.getusermedia.hpf_enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.microphone.voice_stream_priming.enabled
    Bug 1890873 - Prime a voice processing stream on macOS before showing gUM prompt.

  • media.getusermedia.noise
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.noise_enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.transient_enabled
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.getusermedia.use_aec_mobile
    Bug 1404972 - Rename audio input prefs to be more consistent.

  • media.mediasource.webm.audio.enabled
    Bug 1842507 - Remove media.mediasource.webm.audio.enabled pref

  • media.peerconnection.dtls.version.max
    Bug 1884140: Allow the use of DTLS 1.3 on release/beta.

  • media.prefer-non-ffvpx
    Bug 1892066 - Bug 1891175 - Allow switching between using ffvpx-based decoders and other decoders, with a pref.

  • network.connectivity-service.DNS_HTTPS.domain
    Bug 1895226 - Add HTTPS record support to Network connectivity service

  • network.dns.disablePrefetchFromHTTPS
    Bug 1596935 - Firefox doesn’t resolve <link rel=dns-prefetch> on HTTPS

  • network.dns.only_refresh_on_fresh_connection
    Bug 1888815 - Do not set the NS_HTTP_REFRESH_DNS flag unless force-reloading the page

  • network.dns.prefetch_via_proxy
    Bug 1596935 - Add tests for rel="dns-prefetch"

  • network.protocol-handler.external.firefox-bridge
    Bug 1889232 - Removed firefox-bridge and firefox-private-bridge protocol creation
    Bug 1880368 - change firefox and firefox-private protocols to firefox-bridge and firefox-private-bridge protocols

  • network.protocol-handler.external.firefox-private-bridge
    Bug 1889232 - Removed firefox-bridge and firefox-private-bridge protocol creation
    Bug 1880368 - change firefox and firefox-private protocols to firefox-bridge and firefox-private-bridge protocols

  • places.history.floodingPrevention.enabled
    Bug 1891145: Implement history flooding protection

  • places.history.floodingPrevention.maxSecondsFromLastUserInteraction
    Bug 1891145: Implement history flooding protection

  • places.history.floodingPrevention.restrictionCount
    Bug 1891145: Implement history flooding protection

  • places.history.floodingPrevention.restrictionExpireSeconds
    Bug 1891145: Implement history flooding protection

  • print.save_as_pdf.internal_destinations.enabled
    Bug 1729276: Re-enable the use of internal link destinations in PDF output.

  • privacy.bounceTrackingProtection.enableDryRunMode
    Bug 1895222 - Enable Bounce Tracking Protection tracker purging in Nightly.
    Bug 1877432 - Enable BounceTrackingProtection in Nightly in dry-run mode.
    Bug 1888504 - Add a dry-run mode for Bounce Tracking Protection.

  • privacy.bounceTrackingProtection.hasMigratedUserActivationData
    Bug 1893434 - Import user activation signals from permission manager into BTP user activation store.

  • privacy.bounceTrackingProtection.requireStatefulBounces
    Bug 1848406 - Enable requireStatefulBounces pref by default.

  • privacy.fingerprintingProtection.remoteOverrides.enabled
    Bug 1862195: Implement privacy.fingerprintingProtection.remoteOverrides.enabled option to disable remote FPP overrides.

  • reader.character_spacing
    Bug 1880654 - Created slider reusable component for Reader menu.

  • reader.improved_text_menu.enabled
    Bug 1880658 - Added text alignment controls in Reader menu.

  • reader.text_alignment
    Bug 1880658 - Added text alignment controls in Reader menu.

  • reader.word_spacing
    Bug 1880654 - Created slider reusable component for Reader menu.

  • screenshots.browser.component.enabled
    Bug 1870127 - Enable screenshots.browser.component.enabled.
    Bug 1789727 - Default to the component implementation of Screenshots for nightly builds.

  • security.mixed_content.upgrade_display_content
    Bug 1779757 - Upgrade passive Mixed Content by default

  • security.mixed_content.upgrade_display_content.image
    Bug 1779757 - Upgrade passive Mixed Content by default

  • security.xfocsp.hideOpenInNewWindow
    Bug 1888695 - Add a pref for the iframe XFO/CSP Open In New Window button.

  • signon.management.page.os-auth.enabled
    Bug 1898323 - Fix OsAuth migration for beta and have it disabled by default on Beta and Release.
    Bug 1898323 - Fix OsAuth migration. a=pascalc

  • toolkit.contentRelevancy.ingestEnabled
    Bug 1895888 - Vendor fully-implemented Rust relevancy component

  • toolkit.scrollbox.pagescroll.maxOverlapLines
    Bug 1783183 - Make overlap between scrolled pages configurable

  • toolkit.scrollbox.pagescroll.maxOverlapPercent
    Bug 1783183 - Make overlap between scrolled pages configurable

  • widget.non-native-theme.enabled
    Bug 1848899 - Remove widget.non-native-theme.enabled.

  • widget.non-native-theme.webrender
    Bug 1873138 - Remove widget.non-native-theme.webrender pref

@arkenfox arkenfox deleted a comment from mik0l Jun 22, 2024
@Jee-Hex
Copy link

Jee-Hex commented Jun 26, 2024

  • xpinstall.signatures.weakSignaturesTemporarilyAllowed
    Bug 1886160 - Enable new AOM restrictions on new weak signatures xpi installs on all channels.
    Bug 1886157 - Disable xpinstall.signatures.weakSignaturesTemporarilyAllowed by default on Nightly.
    Bug 1885004 - Add to XPIProvider restrictions on installing new addons through XPI files only signed with SHA1.

Looks like there is a new hidden pref for those (for whatever reason) need to use some ancient versions of specific add-ons. Test case can be found in Bug 1886157 comment 5.

@HazelHex
Copy link

HazelHex commented Jun 27, 2024

Hey, on Linux FF127 clean profile I have these by default:
browser.urlbar.quicksuggest.enabled = true
browser.urlbar.suggest.quicksuggest.nonsponsored = true
browser.urlbar.suggest.quicksuggest.sponsored = true

which in some manner contradicts with arkenfox' [DEFAULT: false] statements, so I explicitly enabled them as "false".

Also 126->127 update somehow borked my profile (which never ever happened before), so that FF could not save session (pinned tabs) between restarts. Absolutely nothing helped, so I created the new profile. There are a couple of identical reports on FF forum.

Anyways, thanks for hard work!

@Thorin-Oakenpants
Copy link
Contributor

so that FF could not save session

I believe this is something to do with the require device sign in to fill and manage passwords

@Thorin-Oakenpants
Copy link
Contributor

https://searchfox.org/mozilla-central/source/browser/components/urlbar/UrlbarPrefs.sys.mjs#1059-1092

they don't seem to be in static prefs, so IDK. I'll change them all to be active in the next AF release. For me they default false, and I was talking about it the other day with someone - seems weird to built it all and then not use it. And it's not like it would be OS dependent. Maybe it regional/roll-out.

Thorin-Oakenpants added a commit that referenced this issue Jun 28, 2024
default status is unknown
- see #1860 (comment)
@Tiagoquix
Copy link
Contributor

about https://bugzilla.mozilla.org/show_bug.cgi?id=1658094 (fixed by https://hg.mozilla.org/mozilla-central/rev/d85a0c432b59), should we change any "site settings" shutdown prefs and enforce false for them just to be safe?

@HazelHex
Copy link

HazelHex commented Jun 28, 2024

Maybe it regional/roll-out

Thanks, so yeah IDK too, checked under the clean profile for OpenSUSE Tumbleweed (standard repo package, without any language packs). And also why I went to check these in the first place - the "suggested" links started to appear for me after 126->127 update.

@Thorin-Oakenpants
Copy link
Contributor

about https://bugzilla.mozilla.org/show_bug.cgi?id=1658094 (fixed by https://hg.mozilla.org/mozilla-central/rev/d85a0c432b59), should we change any "site settings" shutdown prefs and enforce false for them just to be safe?

Arkenfox has never set this to true. Until v94 it was active and set to false (which is what you're suggesting). In v94+ it has been inactive (and still kept at false). Wiping site settings is incredible destructive (I know that's not what you asked).

But I'm also not going to go out of my way to enforce it false. It's on users who have to go out of their way to change this setting and that's on them. They may or may not have an override (you would think they do if they use prefsCleaner). Pretty sure the reason I dropped it active in 94 was to reduce all the noise and active prefs

@Tiagoquix
Copy link
Contributor

Tiagoquix commented Jul 10, 2024

FYI about #1860 (comment)

seems like it is what they've said in the release notes:
https://www.mozilla.org/en-US/firefox/128.0/releasenotes/

For users in the US and Canada, Firefox will now show your recent searches or currently trending searches when you open the Address Bar to get you back to your previous search session or inspire your next one.

I guess that's why some have it ON while others don't

I would also suggest enforcing browser.urlbar.suggest.topsites to false in user.js so Amazon/Facebook etc. don't get recommended by Firefox automatically

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Jul 15, 2024

recent searches

browser.urlbar.suggest.recentsearches - this is default true for me (I am using en-US as default app language and spoof english although I doubt spoof english means anything - but I am absolutely not in the US or Canada etc)

browser.urlbar.recentsearches.featureGate is the more likely pref and 1900900 where the patch description says "Enable trending suggestions and recent searches for release" - but that would block recent searches and we can be more precise with other prefs - i.e block trending but keep recent searches

Anyway, recent searches is not something that is a privacy concern IIUIC. I bookmarked a bugzilla comment a few weeks ago anticipating that someone would bring this up, and then after a week I deleted. Now I have to find it again .... sigh

here it is https://bugzilla.mozilla.org/show_bug.cgi?id=1852848#c0

I guess the question is, do we sanitize search history on close (I think we do, but someone could test it)

@Thorin-Oakenpants
Copy link
Contributor

^ https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42735

maybe PB mode treats it differently? lets see what TB devs think, or feel free to dig in for me

@Thorin-Oakenpants
Copy link
Contributor

#1860 (comment)

@Tiagoquix .. so some people might even clear site settings now (FF129+) - see b498a65

I'd do it myself except, while I hardly use them (excluding site cookies and data exceptions - I think I have about 3), those 3 items would be a real PITA to reset each session - and since there's really nothing in site settings for me, there's not much reason to sanitize it.

Each to their own .. I sanitize everything everywhere all at once in all my other profiles :) fucking love it

@Tiagoquix
Copy link
Contributor

Thanks for the information. In contrast to cookies, site settings only exist if the user manually adds overrides (grants or not access to camera, location, microphone etc.), so I don't think there's really a reason to sanitize them.

If we did clear then, it would mean clearing the exceptions, so no reason to do it as far as I can tell.

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Aug 13, 2024

well yeah that's kinda my point - if I add an exception it's for a reason - e.g. canvas RFP for tor forum. That said, sometimes you only want a temporary exception or from testing you want to clean out all the crap. IDK, up to each user :) Is nice to have as an option, but also a footgun - e.g. you sanitize site settings but the site data exception stays leading the mafia don to discover you visited/know-about pinocchio.com

edit: which is getting out of scope: disk access required and you'd have bigger issues - also opsec

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

5 participants