changelog: v52-alpha

[earthlng]

• date: 13-March-2017
• foreword: Here are the changes since the last changelog (except this is the first!). While we are continually improving and making changes, rest assured all the important 52 bits and bobs have been covered.
• note: the comments in the code snippets below are for this changelog's commentary

---

changelog:

• if you're not willing to do some reading (a lot!) this user.js is not for you
• from the 116 pref-changes in FF52 (that we discussed here) we ...
  • added 6
  • deprecated 4
  • had 6 already covered
  • and ignored the rest (at least for now)
    • if we missed something important please let us know (here)
• lots of formatting changes, we hope you like it
  • sorry for changing 50%+ of lines --- Paaants! I told you we should've done this earlier!
• a bunch of re-numbering and re-ordering
• we removed all the informational Sections from the user.js
  • 9996: PALEMOON SPECIFIC
  • 9998: TO INVESTIGATE - TOR UPLIFT + 9999: TO INVESTIGATE - OTHER
    • meta: tor uplift: privacy.resistFingerprinting
    • meta: tor uplift: privacy.firstparty.isolate
    • meta: tor uplift: the rest
    • sticky: items to investigate keep an eye on
  • APPENDIX B: FIREFOX ADD-ONS
  • APPENDIX C: TEST SITES

ok ... let's get to the good stuff now ... prefs, prefs, prefs and some more prefs ...

• we reworked the Referrer Header section
  (thanks to @fmarier [our resident mozilla Security Engineer] and everyone else who helped!)

user_pref("network.http.referer.XOriginPolicy", 1); // Beware! This can cause breakage! see section 1600
user_pref("network.http.referer.spoofSource", false); // enforcing FF52 default value
user_pref("network.http.referer.trimmingPolicy", 0); // enforcing FF52 default value
user_pref("network.http.referer.XOriginTrimmingPolicy", 0); // enforcing FF52 default value -- new in FF52
user_pref("network.http.sendRefererHeader", 2); // enforcing FF52 default value
// user_pref("network.http.referer.userControlPolicy", 3); // not in FF52 - new in FF53

• new Prefs for Firefox 52.0

user_pref("javascript.options.wasm", false); // default: true -- if you want to use WebAssembly comment this one out
user_pref("network.cookie.leave-secure-alone", true); // enforcing FF52 default value
user_pref("security.insecure_field_warning.contextual.enabled", true); // enforcing FF52 default value
user_pref("signon.autofillForms.http", false); // enforcing FF52 default value

• other new additions since user.js v51

user_pref("browser.ssl_override_behavior", 1);
user_pref("browser.urlbar.suggest.bookmark", false); // you may not like this
user_pref("browser.urlbar.suggest.openpage", false); // ... or this
user_pref("browser.xul.error_pages.expert_bad_cert", true);
user_pref("network.IDN_show_punycode", true); // you may not like this if you're using a non-latin alphabet
user_pref("security.csp.enable", true); // enforcing FF52 default value
user_pref("security.csp.experimentalEnabled", true); // experimental - yes we're adventurous - use on your own risk !!

• added some prefs that are commented out by default

// user_pref("accessibility.typeaheadfind", true);
// user_pref("browser.privatebrowsing.autostart", true);
// user_pref("font.system.whitelist", "");
// user_pref("security.ssl3.rsa_aes_128_sha", false);
// user_pref("security.ssl3.rsa_aes_256_sha", false);

• activated previously commented-out prefs

user_pref("browser.link.open_newwindow.restriction", 0); // this will open some popup-windows in a tab instead
user_pref("network.stricttransportsecurity.preloadlist", true); // we also changed the value to true !!! -- default: true
user_pref("privacy.clearOnShutdown.openWindows", false); // we also changed the value to false !!! -- default: false
user_pref("privacy.cpd.openWindows", false); // we also changed the value to false !!! -- default: false
user_pref("privacy.donottrackheader.enabled", false); // we also changed the value to false !!! -- default: false

• changed the value of one pref

user_pref("browser.sessionhistory.max_entries", 10); // previously: 4

• removed prefs from the user.js

user_pref("browser.search.reset.enabled", false);
user_pref("browser.search.reset.whitelist", "");

• commented out

user_pref("clipboard.autocopy", false);
user_pref("general.appname.override", "Netscape");
user_pref("general.appversion.override", "5.0 (Windows)");
user_pref("general.buildID.override", "20100101");
user_pref("general.oscpu.override", "Windows NT 6.1");
user_pref("general.platform.override", "Win32");
user_pref("privacy.cpd.downloads", true);

• deprecated
  • browser.usedOnWindows10.introURL
  • dom.battery.enabled (still exists but is no longer necessary in FF52+)
  • dom.mozTCPSocket.enabled (was never in the user.js)
  • dom.telephony.enabled
  • media.gmp-eme-adobe.autoupdate
  • media.gmp-eme-adobe.enabled
  • media.gmp-eme-adobe.visible
  • network.http.sendSecureXSiteReferrer

---

• plus we fixed some typos and other minor things
  => we're trying our best but grammar nazis are very welcome

• we also changed one of the URL-prefs so we can log all your browsing history
  => seriously, you should never use something like this without reading it from top to bottom
  => no seriously - don't worry - we would never do that (or would we?)

Thanks to everyone who contributed - we appreciate it a lot!

any and all help, suggestions, recommendations, links, tips and tricks, questions, thank you's or whathaveyou - signup/login and start typing