ToDo: diffs FF69-FF70 #805

earthlng · 2019-09-21T16:27:50Z

FF70 is scheduled for release Oct. 22nd

FF70 release notes [when ready]
FF70 for developers
FF70 compatibility
FF70 security advisories

misc TODO's:

2610 FF70+ and ESR68.1.0+ svg.disabled no longer affects extensions - - a3611b7
2701 cookie behavior default changed it's name in the UI - 65dfad5

289 diffs ( 200 new, 52 gone, 37 different )

new in v70.0:

pref("media.peerconnection.ice.proxy_only_if_behind_proxy", false); - f0980b5 , 8f76d94
FYI:
- pref("security.identityblock.show_extended_validation", false);
- pref("security.secure_connection_icon_color_gray", true);
- pref("browser.urlbar.megabar", false);

removed, renamed or hidden in v70.0:

nothing to see here... move along

changed in v70.0:

pref("browser.messaging-system.whatsNewPanel.enabled", true); // prev: false - d5f297e
various hidden / default changes - ALL DONE - 539750d
- 0602 pref("network.dns.disablePrefetchFromHTTPS", true); no longer hidden, needs [DEFAULT] tag
- 1003 pref("browser.cache.memory.capacity", -1); no longer hidden
- 1273 pref("security.insecure_connection_icon.enabled", true); // prev: false
- 1273 pref("security.insecure_connection_icon.pbmode.enabled", true); // prev: false
- 2608 pref("devtools.webide.enabled", false); // prev: true
- 4002 pref("privacy.firstparty.isolate.block_post_message", false); no longer hidden
FYI: moved to the next diffs
- pref("network.http.sendOriginHeader", 2); // prev: 0

ignore

click me for details

==NEW

pref("browser.cache.cache_isolation", false);
pref("browser.contentblocking.customBlockList.preferences.ui.enabled", false);
pref("browser.contentblocking.report.cookie.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report");
pref("browser.contentblocking.report.cryptominer.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report");
pref("browser.contentblocking.report.fingerprinter.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report");
pref("browser.contentblocking.report.lockwise.enabled", true);
pref("browser.contentblocking.report.lockwise.how_it_works.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report");
pref("browser.contentblocking.report.lockwise.url", "https://lockwise.firefox.com/?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections");
pref("browser.contentblocking.report.manage_devices.url", "https://accounts.firefox.com/settings/clients");
pref("browser.contentblocking.report.monitor.enabled", true);
pref("browser.contentblocking.report.monitor.how_it_works.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/monitor-faq");
pref("browser.contentblocking.report.monitor.sign_in_url", "https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protections&email=");
pref("browser.contentblocking.report.monitor.url", "https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections");
pref("browser.contentblocking.report.proxy.enabled", false);
pref("browser.contentblocking.report.proxy_extension.url", "https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections");
pref("browser.contentblocking.report.social.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report");
pref("browser.contentblocking.report.tracker.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report");
pref("browser.fixup.typo.scheme", true);
pref("browser.messaging-system.fxatoolbarbadge.enabled", true);
pref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":true,\"type\":\"remote-settings\",\"bucket\":\"whats-new-panel\",\"updateCycleInMs\":3600000}");
pref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false);
pref("browser.search.separatePrivateDefault", false);
pref("browser.tabs.remote.force-paint", true);
pref("browser.tabs.remote.useCrossOriginEmbedderPolicy", false);
pref("content.cors.disable", false);
pref("content.notify.backoffcount", -1);
pref("content.notify.interval", 120000);
pref("content.notify.ontimer", true);
pref("content.sink.enable_perf_mode", 0);
pref("content.sink.event_probe_rate", 1);
pref("content.sink.initial_perf_time", 2000000);
pref("content.sink.interactive_deflect_count", 0);
pref("content.sink.interactive_parse_time", 3000);
pref("content.sink.interactive_time", 750000);
pref("content.sink.pending_event_mode", 0);
pref("content.sink.perf_deflect_count", 200);
pref("content.sink.perf_parse_time", 360000);
pref("device.sensors.test.events", false);
pref("devtools.browserconsole.input.editorWidth", 0);
pref("devtools.browsertoolbox.fission", false);
pref("devtools.connectpage.enabled", false);
pref("devtools.debugger.dom-mutation-breakpoints-visible", false);
pref("devtools.debugger.features.dom-mutation-breakpoints", true);
pref("devtools.debugger.features.inline-preview", false);
pref("devtools.debugger.features.overlay-step-buttons", false);
pref("devtools.netmonitor.features.search", false);
pref("devtools.netmonitor.panes-search-height", 450);
pref("devtools.netmonitor.panes-search-width", 550);
pref("devtools.netmonitor.ws.displayed-frames.limit", 500);
pref("devtools.netmonitor.ws.messageDataLimit", 100000);
pref("devtools.netmonitor.ws.visibleColumns", "[\"data\", \"time\"]");
pref("devtools.popup.disable_autohide", false);
pref("devtools.recordreplay.logging", false);
pref("devtools.recordreplay.loggingFull", false);
pref("devtools.storage.extensionStorage.enabled", true);
pref("devtools.toolbox.content-frame", true);
pref("devtools.toolbox.force-chrome-prefs", true);
pref("devtools.webconsole.input.editorOnboarding", true);
pref("devtools.webconsole.input.editorWidth", 0);
pref("dom.allow_XUL_XBL_for_file", false);
pref("dom.block_reload_from_resize_event_handler", true);
pref("dom.capture.enabled", false);
pref("dom.enable_window_print", true);
pref("dom.events.dataTransfer.protected.enabled", false);
pref("dom.events.user_interaction_interval", 5000);
pref("dom.forms.number.grouping", false);
pref("dom.ipc.cpows.log.enabled", false);
pref("dom.ipc.cpows.log.stack", false);
pref("dom.ipc.processPrelaunch.delayMs", 1000);
pref("dom.ipc.processPriorityManager.backgroundGracePeriodMS", 0);
pref("dom.ipc.processPriorityManager.backgroundPerceivableGracePeriodMS", 0);
pref("dom.ipc.processPriorityManager.testMode", false);
pref("dom.ipc.tabs.disabled", false);
pref("dom.largeAllocation.testing.allHttpLoads", false);
pref("dom.maxtouchpoints.testing.value", -1);
pref("dom.quotaManager.loadQuotaFromCache", true);
pref("dom.quotaManager.temporaryStorage.chunkSize", 10240);
pref("dom.quotaManager.temporaryStorage.fixedLimit", -1);
pref("dom.securecontext.whitelist_onions", false);
pref("dom.security.respect_document_nosniff", false);
pref("dom.storage.abort_on_sync_parent_to_child_messages", false);
pref("dom.testing.sync-content-blocking-notifications", false);
pref("dom.w3c_pointer_events.multiprocess.android.enabled", true);
pref("dom.webidl.test1", true);
pref("dom.webidl.test2", true);
pref("dom.webnotifications.allowcrossoriginiframe", false);
pref("dom.window.history.async", true);
pref("editor.password.mask_delay", -1);
pref("editor.password.testing.mask_delay", false);
pref("geo.timeout", 6000);
pref("gfx.blocklist.all", 0);
pref("gfx.core-animation.enabled", false);
pref("gfx.font_rendering.ahem_antialias_none", false);
pref("gfx.webrender.flip-sequential", false);
pref("gfx.webrender.triple-buffering.enabled", true);
pref("identity.fxaccounts.service.monitorLoginUrl", "https://monitor.firefox.com/");
pref("identity.fxaccounts.service.sendLoginUrl", "https://send.firefox.com/login/");
pref("idle_period.during_page_load.min", 12);
pref("idle_period.min", 3);
pref("javascript.options.blinterp", true);
pref("javascript.options.blinterp.threshold", 10);
pref("javascript.options.gc_delay", 4000);
pref("javascript.options.gc_delay.first", 10000);
pref("javascript.options.gc_delay.full", 60000);
pref("javascript.options.gc_delay.interslice", 100);
pref("javascript.options.mem.gc_avoid_interrupt_factor", 100);
pref("javascript.options.mem.gc_non_incremental_factor", 112);
pref("layers.compositing-tiles.height", 1024);
pref("layers.compositing-tiles.width", 1024);
pref("layers.d3d11.enable-blacklist", true);
pref("layout.css.aspect-ratio-number.enabled", false);
pref("layout.css.text-decoration-thickness.enabled", true);
pref("layout.css.use-counters-unimplemented.enabled", false);
pref("layout.framevisibility.amountscrollbeforeupdatehorizontal", 2);
pref("layout.framevisibility.amountscrollbeforeupdatevertical", 2);
pref("layout.reflow.synthMouseMove", true);
pref("layout.show_previous_page", true);
pref("layout.viewport_contains_no_contents_area", false);
pref("mathml.deprecated_style_attributes.disabled", false);
pref("mathml.legacy_number_syntax.disabled", true);
pref("mathml.mathsize_names.disabled", false);
pref("mathml.mathspace_names.disabled", false);
pref("mathml.mfrac_linethickness_names.disabled", false);
pref("mathml.nonzero_unitless_lengths.disabled", true);
pref("media.audioFocus.management", false);
pref("media.cloneElementVisually.testing", false);
pref("media.mediacapabilities.drop-threshold", 95);
pref("media.mediacapabilities.from-database", true);
pref("media.peerconnection.ice.obfuscate_host_addresses", false);
pref("media.peerconnection.mtransport_process", false);
pref("media.rdd-opus.enabled", false);
pref("media.rdd-wav.enabled", false);
pref("media.webrtc.net.force_disable_rtcp_reception", false);
pref("media.webrtc.platformencoder", false);
pref("network.dns.skipTRR-when-parental-control-enabled", true);
pref("network.http.altsvc.proxy_checks", true);
pref("network.http.referer.referrerLengthLimit", 4096);
pref("network.http.spdy.bug1556491", true);
pref("network.http.spdy.bug1563695", true);
pref("network.netlink.route.check.IPv4", "23.219.91.27");
pref("network.netlink.route.check.IPv6", "2a02:26f0:40::17db:5b1b");
pref("network.trr.request_timeout_mode_trronly_ms", 30000);
pref("network.trr.request_timeout_ms", 1500);
pref("page_load.deprioritization_period", 5000);
pref("permissions.desktop-notification.notNow.enabled", false);
pref("permissions.fullscreen.allowed", false);
pref("privacy.fuzzyfox.clockgrainus", 100);
pref("privacy.reduceTimerPrecision.unconditional", true);
pref("privacy.resistFingerprinting.target_video_res", 480);
pref("privacy.restrict3rdpartystorage.console.lazy", true);
pref("privacy.socialtracking.block_cookies.enabled", true);
pref("privacy.socialtracking.notification.counter", 0);
pref("privacy.socialtracking.notification.enabled", true);
pref("privacy.socialtracking.notification.lastShown", "0");
pref("privacy.socialtracking.notification.max", 2);
pref("privacy.socialtracking.notification.period.min", 172800000);
pref("privacy.socialtracking.notification.session.pageload.min", 4);
pref("security.aboutcertificate.enabled", false);
pref("security.all_resource_uri_content_accessible", false);
pref("security.allow_eval_in_parent_process", false);
pref("security.allow_eval_with_system_principal", false);
pref("security.block_Worker_with_wrong_mime", false);
pref("security.protectionspopup.recordEventTelemetry", true);
pref("security.remote_settings.crlite_filters.bucket", "security-state");
pref("security.remote_settings.crlite_filters.checked", 0);
pref("security.remote_settings.crlite_filters.collection", "cert-revocations");
pref("security.remote_settings.crlite_filters.enabled", false);
pref("security.remote_settings.crlite_filters.signer", "onecrl.content-signature.mozilla.org");
pref("security.sandbox.content.win32k-disable", false);
pref("security.tls.enable_delegated_credentials", false);
pref("services.common.log.logger.rest.request", "Debug");
pref("services.common.log.logger.rest.response", "Debug");
pref("services.common.log.logger.tokenserverclient", "Debug");
pref("signon.management.overrideURI", "about:logins?filter=%DOMAIN%");
pref("signon.management.page.breach-alerts.enabled", true);
pref("signon.management.page.breachAlertUrl", "https://monitor.firefox.com/breach-details/");
pref("signon.management.page.hideMobileFooter", false);
pref("signon.management.page.mobileAndroidURL", "https://app.adjust.com/6tteyjo?redirect=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dmozilla.lockbox&utm_campaign=Desktop&utm_adgroup=InProduct&utm_creative=");
pref("signon.management.page.mobileAppleURL", "https://app.adjust.com/6tteyjo?redirect=https%3A%2F%2Fitunes.apple.com%2Fapp%2Fid1314000270%3Fmt%3D8&utm_campaign=Desktop&utm_adgroup=InProduct&utm_creative=");
pref("toolkit.telemetry.geckoview.batchDurationMS", 5000);
pref("toolkit.telemetry.geckoview.streaming", false);
pref("toolkit.telemetry.ipcBatchTimeout", 2000);
pref("toolkit.telemetry.isGeckoViewMode", false);
pref("ui.scrolling.negate_wheel_scroll", false);
pref("urlclassifier.features.cryptomining.annotate.blacklistTables", "base-cryptomining-track-digest256");
pref("urlclassifier.features.cryptomining.annotate.whitelistTables", "mozstd-trackwhite-digest256");
pref("urlclassifier.features.fingerprinting.annotate.blacklistTables", "base-fingerprinting-track-digest256");
pref("urlclassifier.features.fingerprinting.annotate.whitelistTables", "mozstd-trackwhite-digest256");
pref("urlclassifier.features.socialtracking.annotate.blacklistTables", "social-tracking-protection-digest256,social-tracking-protection-facebook-digest256,social-tracking-protection-linkedin-digest256,social-tracking-protection-twitter-digest256");
pref("urlclassifier.features.socialtracking.annotate.whitelistTables", "mozstd-trackwhite-digest256");
pref("urlclassifier.features.socialtracking.blacklistTables", "social-tracking-protection-digest256,social-tracking-protection-facebook-digest256,social-tracking-protection-linkedin-digest256,social-tracking-protection-twitter-digest256");
pref("urlclassifier.features.socialtracking.whitelistTables", "mozstd-trackwhite-digest256");
pref("widget.disable-native-theme", false);

==REMOVED or HIDDEN

pref("abc.def", true);
pref("apz.overscroll.spring_friction", "0.015");
pref("apz.overscroll.spring_stiffness", "0.0018");
pref("browser.cache.compression_level", 0);
pref("browser.cache.frecency_experiment", 0);
pref("browser.contentblocking.allowlist.annotations.enabled", true);
pref("browser.contentblocking.allowlist.storage.enabled", true);
pref("browser.contentblocking.introCount", 0);
pref("browser.contentblocking.introDelaySeconds", 1800);
pref("browser.contentblocking.maxIntroCount", 0);
pref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", true);
pref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", true);
pref("browser.contentblocking.reportBreakage.enabled", false);
pref("browser.contentblocking.trackingprotection.control-center.ui.enabled", true);
pref("browser.security.newcerterrorpage.mitm.enabled", true);
pref("browser.tabs.remote.useCrossOriginPolicy", false);
pref("browser.urlbar.quantumbar", true);
pref("devtools.aboutdebugging.new-enabled", true);
pref("devtools.debugger.features.windowless-workers", true);
pref("devtools.netmonitor.features.resizeColumns", true);
pref("devtools.netmonitor.ws.payload-preview-width", 550);
pref("devtools.onboarding.experiment", "off");
pref("devtools.onboarding.experiment.flipped", false);
pref("devtools.onboarding.telemetry.logged", false);
pref("devtools.webconsole.jsterm.codeMirror", true);
pref("dom.min_tracking_background_timeout_value", 4);
pref("dom.min_tracking_timeout_value", 4);
pref("dom.xhr.lowercase_header.enabled", true);
pref("gfx.font_ahem_antialias_none", false);
pref("gfx.webrender.dcomp-win-triple-buffering.enabled", true);
pref("ghi.jkl", true);
pref("javascript.options.bigint", true);
pref("javascript.options.mem.gc_allocation_threshold_factor", 90);
pref("javascript.options.mem.gc_allocation_threshold_factor_avoid_interrupt", 90);
pref("javascript.options.mem.high_water_mark", 128);
pref("javascript.options.unboxed_objects", false);
pref("layout.css.paint-order.enabled", true);
pref("layout.css.text-decoration-width.enabled", false);
pref("layout.float-fragments-inside-column.enabled", true);
pref("network.trr.request-timeout", 1500);
pref("plugin.persistentPermissionAlways.intervalInDays", 90);
pref("plugin.sessionPermissionNow.intervalInMinutes", 60);
pref("privacy.trackingprotection.cryptomining.annotate.enabled", true);
pref("privacy.trackingprotection.fingerprinting.annotate.enabled", true);
pref("privacy.trackingprotection.introURL", "https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/content-blocking/start/");
pref("privacy.trackingprotection.socialtracking.annotate.enabled", false);
pref("security.block_ftp_subresources", true);
pref("services.sync.prefs.sync.browser.contentblocking.introCount", true);
pref("services.sync.prefs.sync.privacy.trackingprotection.cryptomining.annotate.enabled", true);
pref("services.sync.prefs.sync.privacy.trackingprotection.fingerprinting.annotate.enabled", true);
pref("signon.management.page.faqURL", "https://lockwise.firefox.com/faq.html");
pref("signon.management.page.feedbackURL", "https://www.surveygizmo.com/s3/5036102/Lockwise-feedback?ver=%VERSION%");

==CHANGED

pref("apz.allow_immediate_handoff", false); // prev: true
pref("browser.contentblocking.features.strict", "tp,tpPrivate,cookieBehavior4,cm,fp,stp"); // prev: "tp,tpPrivate,cookieBehavior4,cm,fp"
pref("browser.in-content.dark-mode", true); // prev: false
pref("browser.newtabpage.activity-stream.discoverystream.enabled", true); // prev: false
pref("browser.safebrowsing.provider.mozilla.lists", "base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,ads-track-digest256,social-track-digest256,analytics-track-digest256,base-fingerprinting-track-digest256,content-fingerprinting-track-digest256,base-cryptomining-track-digest256,content-cryptomining-track-digest256,fanboyannoyance-ads-digest256,fanboysocial-ads-digest256,easylist-ads-digest256,easyprivacy-ads-digest256,adguard-ads-digest256,social-tracking-protection-digest256,social-tracking-protection-facebook-digest256,social-tracking-protection-linkedin-digest256,social-tracking-protection-twitter-digest256"); // prev: "base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,ads-track-digest256,social-track-digest256,analytics-track-digest256,base-fingerprinting-track-digest256,content-fingerprinting-track-digest256,base-cryptomining-track-digest256,content-cryptomining-track-digest256,fanboyannoyance-ads-digest256,fanboysocial-ads-digest256,easylist-ads-digest256,easyprivacy-ads-digest256,adguard-ads-digest256"
pref("devtools.debugger.component-visible", false); // prev: true
pref("devtools.debugger.event-listeners-visible", false); // prev: true
pref("devtools.debugger.expressions-visible", false); // prev: true
pref("devtools.debugger.features.async-stepping", false); // prev: true
pref("devtools.debugger.workers-visible", false); // prev: true
pref("devtools.debugger.xhr-breakpoints-visible", false); // prev: true
pref("devtools.inspector.inactive.css.enabled", true); // prev: false
pref("devtools.markup.mutationBreakpoints.enabled", true); // prev: false
pref("devtools.netmonitor.ws.payload-preview-height", 128); // prev: 450
pref("dom.ipc.cancel_content_js_when_navigating", true); // prev: false
pref("dom.script_loader.external_scripts.utf8_parsing.enabled", true); // prev: false
pref("dom.storage.next_gen", true); // prev: false
pref("dom.worker.script_loader.utf8_parsing.enabled", true); // prev: false
pref("extensions.getAddons.discovery.api_url", "https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%"); // prev: "https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%"
pref("javascript.options.baselinejit.threshold", 100); // prev: 10
pref("javascript.options.mem.gc_allocation_threshold_mb", 27); // prev: 30
pref("layout.css.devPixelsPerPx", "-1"); // prev: "-1.0"
pref("layout.css.shared-memory-ua-sheets.enabled", true); // prev: false
pref("layout.css.text-decoration-skip-ink.enabled", true); // prev: false
pref("layout.css.text-underline-offset.enabled", true); // prev: false
pref("media.mediasource.webm.enabled", true); // prev: false
pref("network.http.referer.defaultPolicy.trackers", 2); // prev: 3
pref("network.notify.IPv6", true); // prev: false
pref("signon.generation.available", true); // prev: false
pref("signon.generation.enabled", true); // prev: false
pref("signon.management.page.enabled", true); // prev: false
pref("urlclassifier.disallow_completions", "goog-downloadwhite-digest256,base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,goog-passwordwhite-proto,ads-track-digest256,social-track-digest256,analytics-track-digest256,base-fingerprinting-track-digest256,content-fingerprinting-track-digest256,base-cryptomining-track-digest256,content-cryptomining-track-digest256,fanboyannoyance-ads-digest256,fanboysocial-ads-digest256,easylist-ads-digest256,easyprivacy-ads-digest256,adguard-ads-digest256,social-tracking-protection-digest256,social-tracking-protection-facebook-digest256,social-tracking-protection-linkedin-digest256,social-tracking-protection-twitter-digest256"); // prev: "goog-downloadwhite-digest256,base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256,mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256,except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256,block-flashsubdoc-digest256,except-flashsubdoc-digest256,goog-passwordwhite-proto,ads-track-digest256,social-track-digest256,analytics-track-digest256,base-fingerprinting-track-digest256,content-fingerprinting-track-digest256,base-cryptomining-track-digest256,content-cryptomining-track-digest256,fanboyannoyance-ads-digest256,fanboysocial-ads-digest256,easylist-ads-digest256,easyprivacy-ads-digest256,adguard-ads-digest256"

The text was updated successfully, but these errors were encountered:

earthlng · 2019-09-21T16:28:34Z

some bugzilla tickets

abc.def
Bug 1565110 - Rename abc.def and ghi.jkl prefs as dom.webidl.test[12].
apz.allow_immediate_handoff
Bug 1528775 - Disable immediate handoff on all platforms.
Bug 1550422 - P24. Fix style of StaticPrefs.
apz.overscroll.spring_friction
Bug 1572633 - Remove apz.overscroll.spring_{stiffness,friction}.
apz.overscroll.spring_stiffness
Bug 1572633 - Remove apz.overscroll.spring_{stiffness,friction}.
Bug 1550422 - P24. Fix style of StaticPrefs.
browser.cache.cache_isolation
Bug 1536058 - Add Cache-Isolation behind a pref
browser.cache.compression_level
Bug 1562305 - Remove browser.cache.compression_level pref.
browser.cache.frecency_experiment
Bug 1572633 - Remove browser.cache.frecency_experiment.
browser.cache.memory.capacity
Bug 1562305 - Make browser.cache.memory.capacity a static pref.
browser.contentblocking.allowlist.annotations.enabled
Bug 1552643 - P1. Re-organise prefs in sections.
Bug 1571893 - Remove the prefs that can cause Gecko to stop honouring the Content Blocking allow list;
browser.contentblocking.allowlist.storage.enabled
Bug 1566836 - Respect the Content Blocking allow list for ETP interventions on all platforms;
Bug 1570434 - Add an API to toggle engagement event telemetry.
Bug 1552643 - P1. Re-organise prefs in sections.
Bug 1571893 - Remove the prefs that can cause Gecko to stop honouring the Content Blocking allow list;
browser.contentblocking.customBlockList.preferences.ui.enabled
Bug 1568900 - Hide "Change Block List" UI in Custom option of ETP
browser.contentblocking.features.strict
Bug 1566861 - Revise Tracking Protection Panel UI in Preferences
Bug 1543280 - Enable FP and CM in strict in all channel, enable FP and CM in standard for nightly and early beta.
Bug 1529517 - Add prefs for defining expected values in each content blocking category.
browser.contentblocking.introCount
Bug 1564367 - Remove the content blocking UI tour.
browser.contentblocking.introDelaySeconds
Bug 1564367 - Remove the content blocking UI tour.
Bug 1548626 - Delay showing the Privacy-UI onboarding by 30 min for new users.
browser.contentblocking.maxIntroCount
Bug 1564367 - Remove the content blocking UI tour.
Bug 1569542 - Disable Content Blocking UI tour in 69 / 68 ESR.
BUG 1448932 - Added: Prefs for tracking protection intro
browser.contentblocking.rejecttrackers.control-center.ui.enabled
Bug 1572139 - Enable sending UI notifications for ETP on mobile;
Bug 1572139 - Enable sending UI notifications for ETP on mobile.
Bug 1552643 - P1. Re-organise prefs in sections.
browser.contentblocking.rejecttrackers.reportBreakage.enabled
Bug 1566985 - Part 2: Remove unnecessary pref of the breakage report UI.
browser.contentblocking.report.cookie.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.cryptominer.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.fingerprinter.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.lockwise.enabled
Bug 1559421 - Report synced devices count on Lockwise card.
browser.contentblocking.report.lockwise.how_it_works.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.lockwise.url
Bug 1557050 - Add basic telemetry to protection report.
browser.contentblocking.report.manage_devices.url
Bug 1573593 - Show a link to account/device management next to the Lockwise "Syncing to X Devices" label
browser.contentblocking.report.monitor.enabled
Bug 1559422 - Create base Monitor card.
browser.contentblocking.report.monitor.how_it_works.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.monitor.sign_in_url
Bug 1573837 - Add utm_* params to the "View full report on Firefox Monitor" link.
browser.contentblocking.report.monitor.url
Bug 1573837 - Add utm_* params to the "View full report on Firefox Monitor" link.
Bug 1557050 - Add basic telemetry to protection report.
browser.contentblocking.report.proxy.enabled
Bug 1559428 - Create base Proxy card.
browser.contentblocking.report.proxy_extension.url
Bug 1559428 - Create base Proxy card.
browser.contentblocking.report.social.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.report.tracker.url
Bug 1569614 - Add SUMO content links.
browser.contentblocking.reportBreakage.enabled
Bug 1566985 - Part 2: Remove unnecessary pref of the breakage report UI.
browser.contentblocking.trackingprotection.control-center.ui.enabled
Bug 1572139 - Enable sending UI notifications for ETP on mobile;
browser.in-content.dark-mode
Bug 1565051 - Enable 'browser.in-content.dark-mode' by default and let it ride the trains.
Bug 1545029 - Flip 'browser.in-content.dark-mode' on by default in Nightly builds.
Bug 1519548 - Introduce dark mode in-content page preference.
browser.messaging-system.fxatoolbarbadge.enabled
Bug 1561547 - Use Messaging System to badge the FxA accounts toolbar button
browser.messaging-system.whatsNewPanel.enabled
Bug 1565555 - Set pref to enable What's New panel by default
Bug 1561307 - Add pref to enable/disable the What's New Panel feature
browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel
Bug 1575884 - Create a provider for the What's new message bucket
browser.safebrowsing.provider.mozilla.lists
Bug 1570805 - [stp] Turn on Social Tracking Protection Prefs,
Bug 1560597 - Safe Browsing supports downloading social tracking list.
browser.search.separatePrivateDefault
Bug 1572141 - Add nsISearchService.originalDefaultPrivateEngine to return the private browsing engine from the configuration.
browser.security.newcerterrorpage.mitm.enabled
Bug 1549609 Remove browser.security.newcerterrorpage.mitm.enabled pref
browser.tabs.remote.force-paint
Bug 1570212 - Convert browser.tabs.remote.force-paint to a static pref.
browser.tabs.remote.useCrossOriginEmbedderPolicy
Bug 1543068 - P1 Substitute Cross-Origin header with COEP
browser.tabs.remote.useCrossOriginPolicy
Bug 1552643 - P1. Re-organise prefs in sections.
Bug 1550422 - P13. Add Skip, Once and Live cached preference policy.
Bug 1543068 - P1 Substitute Cross-Origin header with COEP
browser.urlbar.megabar
Bug 1573581 - Add megabar pref.
browser.urlbar.quantumbar
Bug 1564787 - Remove quantumbar pref.
Bug 1557051 - Enable QuantumBar for release users.
Bug 1548031 - Enable the QuantumBar on Nightly and early Beta.
content.cors.disable
Bug 1570212 - Convert content.cors.disable to a static pref.
content.notify.backoffcount
Bug 1570082 - Convert content.notify.backoffcount to static pref.
content.notify.interval
Bug 1570082 - Convert content.notify.interval to static pref.
content.notify.ontimer
Bug 1570082 - Convert content.notify.ontimer to static pref and add content group to prefs groups.
content.sink.enable_perf_mode
Bug 1570082 - Convert content.sink.enable_perf_mode to static pref
content.sink.event_probe_rate
Bug 1570082 - Convert content.sink.event_probe_rate to static pref.
content.sink.initial_perf_time
Bug 1570082 - Convert content.sink.initial_perf_time to static pref.
content.sink.interactive_deflect_count
Bug 1570082 - Convert content.sink.*_deflect_count to static pref.
content.sink.interactive_parse_time
Bug 1570082 - Convert content.sink.*_parse_time to static pref.
content.sink.interactive_time
Bug 1570082 - Convert content.sink.interactive_time to static pref.
content.sink.pending_event_mode
Bug 1570082 - Convert content.sink.pending_event_mode to static pref.
content.sink.perf_deflect_count
Bug 1570082 - Convert content.sink.*_deflect_count to static pref.
content.sink.perf_parse_time
Bug 1570082 - Convert content.sink.*_parse_time to static pref.
device.sensors.test.events
Bug 1570212 - Convert device.sensors.test.events to a static pref.
devtools.aboutdebugging.new-enabled
Bug 1539461 - Remove the aboutdebugging.new-enabled preference
Bug 1553042 - Enable new about:debugging on all channels
Bug 1553028 - Fix the condition for enabling new aboutdebugging on DevEdition and Nightly
Bug 1553028 - Disable new about:debugging on Beta and Release channels
Bug 1518469 - Enable new about:debugging by default;r=ladybenko
Bug 1471795 - Part 1: Implement basis of 'This Firefox' page.
devtools.browserconsole.input.editorWidth
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1554877 - Make JsTerm editor resizable.
devtools.browsertoolbox.fission
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1569643 - Fix browser toolbox fission pref.
devtools.connectpage.enabled
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1539451 - Disable WebIDE and ConnectPage by default
devtools.debugger.features.dom-mutation-breakpoints
Bug 1576219 - Enable DOM Mutation Breakpoints
devtools.inspector.inactive.css.enabled
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1552116 - Move devtools.inspector.inactive.css.enabled to devtools shared preferences
Bug 1306054 - Display an indicator on properties with inactive CSS
devtools.markup.mutationBreakpoints.enabled
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1576219 - Enable DOM Mutation Breakpoints
Bug 1550030 - Part 1: Implement the DOM mutation breakpoint context menu items in the markup view.
devtools.netmonitor.features.resizeColumns
Bug 1558355 - Remove devtools.netmonitor.features.resizeColumns pref,
Bug 1533764 - enable pref for column resizer in Nightly;
Bug 1358414 - Introduce column resizer in request list;
devtools.netmonitor.features.search
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1559347 - Implement generic search across all resources.
devtools.netmonitor.panes-search-height
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1573493 - Search panel is missing two prefs.
devtools.netmonitor.panes-search-width
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1573493 - Search panel is missing two prefs.
devtools.netmonitor.ws.displayed-frames.limit
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1561631 - Limit number of displayed frames in WebSocket side panel.
devtools.netmonitor.ws.messageDataLimit
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
devtools.netmonitor.ws.payload-preview-height
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1555631 - WebSocket frame payload preview.
Bug 1559398 - Implement table and preview sections in WebSocket side panel.
devtools.netmonitor.ws.payload-preview-width
Bug 1555631 - WebSocket frame payload preview.
Bug 1559398 - Implement table and preview sections in WebSocket side panel.
devtools.netmonitor.ws.visibleColumns
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1561553 - WebSocket frame list should hide some columns by default.
devtools.popup.disable_autohide
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1569410 - Do not apply disable_autohide to DevTools HTML tooltips
devtools.recordreplay.logging
Bug 1575056 - Control record/replay logging with preference,
devtools.recordreplay.loggingFull
Bug 1575056 - Control record/replay logging with preference,
devtools.storage.extensionStorage.enabled
Bug 1542035 - Add read-only support for extension storage.local in addon debugger
devtools.toolbox.content-frame
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1539979 - Use a frame with type=content for DevTools frames
devtools.toolbox.force-chrome-prefs
Bug 1575766 - Use chrome preferences for DevTools documents
devtools.webconsole.input.editorOnboarding
Bug 1558417 - Add onboarding UI for Editor.
devtools.webconsole.input.editorWidth
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1554877 - Make JsTerm editor resizable.
devtools.webconsole.jsterm.codeMirror
Bug 1465149 - Remove old jsterm code.
Bug 1473805 - Enable CodeMirror JSTerm by default on all releases;r=nchevobbe
Bug 1470922 - Enable CodeMirror JSTerm on Nightly except for people using accessible technology;
Bug 1463409 - Add a preference to enable CodeMirror-powered jsterm;
devtools.webide.enabled
Bug 1572332 - Move non-debugger devtools prefs into all.js and firefox.js.
Bug 1539451 - Disable WebIDE and ConnectPage by default
dom.allow_XUL_XBL_for_file
Bug 1570212 - Convert dom.allow_XUL_XBL_for_file to a static pref.
dom.block_reload_from_resize_event_handler
Bug 1570566 - Don't block reloading during a resize event handler on Android and Nightly.
dom.capture.enabled
Bug 1553603 - Support "capture" attribute in Gecko and expose in GV.
dom.enable_window_print
Bug 1571121 - Change Window.print() from using Func to Pref.
dom.events.dataTransfer.protected.enabled
Bug 1570212 - Convert dom.events.dataTransfer.protected.enabled to a static pref.
dom.events.user_interaction_interval
Bug 1575938 Convert dom/JSEnvironment GC timing constants to StaticPref
dom.forms.number.grouping
Bug 1573720 - Convert dom.forms.number.grouping to a static pref.
dom.ipc.cancel_content_js_when_navigating
Bug 1552643 - P1. Re-organise prefs in sections.
dom.ipc.cpows.log.enabled
Bug 1563996 - Make dom.ipc.cpows.log.{enabled,stack} static prefs.
dom.ipc.cpows.log.stack
Bug 1563996 - Make dom.ipc.cpows.log.{enabled,stack} static prefs.
dom.ipc.processPrelaunch.delayMs
Bug 1571544 - Convert dom.ipc.processPreLaunch.delayms to static pref.
dom.ipc.processPriorityManager.backgroundGracePeriodMS
Bug 1571544 - Convert two dom.ipc.processPriorityManager.* prefs to static prefs.
dom.ipc.processPriorityManager.backgroundPerceivableGracePeriodMS
Bug 1571544 - Convert two dom.ipc.processPriorityManager.* prefs to static prefs.
dom.ipc.processPriorityManager.testMode
Bug 1570212 - Convert three dom.ipc.* prefs into static prefs.
dom.ipc.tabs.disabled
Bug 1570212 - Convert three dom.ipc.* prefs into static prefs.
dom.largeAllocation.testing.allHttpLoads
Bug 1571544 - Convert dom.largeAllocation.testing.allHttpLoads to static pref.
dom.maxtouchpoints.testing.value
Bug 1539497, navigator.maxTouchPoints returns 0 in child process,
dom.min_tracking_background_timeout_value
Bug 1569004 - Remove dom.min_tracking_timeout_value and dom.min_tracking_background_timeout_value varcache prefs.
dom.min_tracking_timeout_value
Bug 1569004 - Remove dom.min_tracking_timeout_value and dom.min_tracking_background_timeout_value varcache prefs.
dom.quotaManager.loadQuotaFromCache
Bug 1563023 - Part 7: Implement caching functionality;
dom.quotaManager.temporaryStorage.chunkSize
Bug 1570212 - Convert dom.quotaManager.temporaryStorage.* to static prefs.
dom.quotaManager.temporaryStorage.fixedLimit
Bug 1570212 - Convert dom.quotaManager.temporaryStorage.* to static prefs.
dom.script_loader.external_scripts.utf8_parsing.enabled
Bug 1554362 - Add a preference to control whether external script data is accumulated as UTF-8 instead of UTF-16 (and if so, compiled as UTF-8 without inflating to UTF-16).
dom.securecontext.whitelist_onions
Bug 1570212 - Convert dom.securecontext.whitelist_onions to a static pref.
dom.security.respect_document_nosniff
Bug 1570658 - Add a Flag for Navigation-Nosniff
dom.storage.abort_on_sync_parent_to_child_messages
Bug 1574569 - Don't abort LocalStorage requests when a sync message from parent is detected;
dom.storage.next_gen
Bug 1570644 - Part 4: Disable LSNG in 69;
Bug 1570644 - Disable LSNG in 69;
Bug 1539835 - Flip pref on for LSNG for (non-early) Beta and Release;
dom.testing.sync-content-blocking-notifications
Bug 1570212 - Convert dom.testing.sync-content-blocking-notifications to a static pref.
dom.w3c_pointer_events.multiprocess.android.enabled
Bug 1507495, Enable Pointer events on GeckoView by default,
dom.webidl.test1
Bug 1565110 - Rename abc.def and ghi.jkl prefs as dom.webidl.test[12].
dom.webidl.test2
Bug 1565110 - Rename abc.def and ghi.jkl prefs as dom.webidl.test[12].
dom.webnotifications.allowcrossoriginiframe
Bug 1560741 - Part 1: Disallow notification permission requests from cross-origin iframes;
dom.window.history.async
Bug 1563587, Make history.back/forward/go asynchronous,
dom.worker.script_loader.utf8_parsing.enabled
Bug 1552643 - P1. Re-organise prefs in sections.
Bug 1553502 - Add a preference to (...eventually) control whether DOM worker scripts are compiled directly from UTF-8 without inflating.
dom.xhr.lowercase_header.enabled
Bug 1504344 - Remove the pref dom.xhr.lowercase_header.enabled;
editor.password.mask_delay
Bug 1548389 - part 6: Add automated tests for new API and rendering of password fields
editor.password.testing.mask_delay
Bug 1548389 - part 6: Add automated tests for new API and rendering of password fields
extensions.getAddons.discovery.api_url
Bug 1564731 - Pass distribution id as edition in the discopane api_url.
Bug 1546248 - Add discopane to about:addons HTML view
extensions.webcompat-reporter.enabled
Bug 1572590 - Indent conditionally-defined prefs in all.js.
geo.timeout
Bug 1570212 - Convert geo.timeout to a static pref.
gfx.blocklist.all
Bug 1552126 - Convert gfx.blocklist.all to a non-Skip pref.
Bug 1550422 - P24. Fix style of StaticPrefs.
gfx.core-animation.enabled
Bug 1574538 - Enable CoreAnimation by default.
Bug 1572590 - Indent conditionally-defined prefs in all.js.
Bug 1565668 - Add an off-by-default preference called gfx.core-animation.enabled.
gfx.font_ahem_antialias_none
Bug 1561792 - Rename the pref gfx.font_ahem_antialias_none to gfx.font_rendering.ahem_antialias_none to avoid the additional pref observer added in the previous patch.
Bug 1552643 - P1. Re-organise prefs in sections.
gfx.font_rendering.ahem_antialias_none
Bug 1561792 - Rename the pref gfx.font_ahem_antialias_none to gfx.font_rendering.ahem_antialias_none to avoid the additional pref observer added in the previous patch.
gfx.webrender.dcomp-win-triple-buffering.enabled
Bug 1567347 - Add option of using DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL without DirectComposition
gfx.webrender.flip-sequential
Bug 1572590 - Indent conditionally-defined prefs in all.js.
Bug 1567347 - Add option of using DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL without DirectComposition
gfx.webrender.triple-buffering.enabled
Bug 1572590 - Indent conditionally-defined prefs in all.js.
Bug 1567347 - Add option of using DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL without DirectComposition
ghi.jkl
Bug 1565110 - Rename abc.def and ghi.jkl prefs as dom.webidl.test[12].
identity.fxaccounts.service.monitorLoginUrl
Bug 1562006 - Update FxA toolbar menu for skyline
identity.fxaccounts.service.sendLoginUrl
Bug 1562006 - Update FxA toolbar menu for skyline
idle_period.during_page_load.min
Bug 1564724 - Tweak StaticPrefList.h.
Bug 1566573, Add prefs to control idle time limits,
idle_period.min
Bug 1564724 - Tweak StaticPrefList.h.
Bug 1566573, Add prefs to control idle time limits,
javascript.options.baselinejit.threshold
Bug 1565807 - Bump Baseline JIT threshold from 50 to 100.
Bug 1564017 part 7 - Enable the Baseline Interpreter in the browser.
javascript.options.bigint
Bug 1552643 - P1. Re-organise prefs in sections.
Bug 1570886 - Remove enableBigInt run-time flag
javascript.options.blinterp
Bug 1564017 part 7 - Enable the Baseline Interpreter in the browser.
Bug 1564017 part 6 - Add prefs to about:config.
javascript.options.blinterp.threshold
Bug 1564017 part 6 - Add prefs to about:config.
javascript.options.gc_delay
Bug 1575938 Convert dom/JSEnvironment GC timing constants to StaticPref
javascript.options.gc_delay.first
Bug 1575938 Convert dom/JSEnvironment GC timing constants to StaticPref
javascript.options.gc_delay.full
Bug 1575938 Convert dom/JSEnvironment GC timing constants to StaticPref
javascript.options.gc_delay.interslice
Bug 1575938 Convert dom/JSEnvironment GC timing constants to StaticPref
javascript.options.mem.gc_allocation_threshold_factor
Bug 1570905 - Rework the GC triggers to make the incremental trigger the default and the non-incremental trigger some factor of this
javascript.options.mem.gc_allocation_threshold_factor_avoid_interrupt
Bug 1570905 - Rework the GC triggers to make the incremental trigger the default and the non-incremental trigger some factor of this
javascript.options.mem.gc_allocation_threshold_mb
Bug 1570905 - Rework the GC triggers to make the incremental trigger the default and the non-incremental trigger some factor of this
javascript.options.mem.gc_avoid_interrupt_factor
Bug 1570905 - Rework the GC triggers to make the incremental trigger the default and the non-incremental trigger some factor of this
javascript.options.mem.gc_non_incremental_factor
Bug 1570905 - Rework the GC triggers to make the incremental trigger the default and the non-incremental trigger some factor of this
javascript.options.mem.high_water_mark
Bug 1569564 - Remove the original malloc counter infrastructure
javascript.options.unboxed_objects
Bug 1564349 part 1 - Convert Baseline/Ion/NativeRegExp prefs from ContextOptions to JitOptions.
layers.compositing-tiles.height
Bug 1491456 - Split the window into "compositing tiles" sized to 1024x1024.
layers.compositing-tiles.width
Bug 1491456 - Split the window into "compositing tiles" sized to 1024x1024.
layers.d3d11.enable-blacklist
Bug 1574327. Add a pref that we can use to disable d3d11 blacklist.
layout.css.aspect-ratio-number.enabled
Bug 1565562: Media Query - Enable single <number> and <number>/<number> for <aspect-ratio>.
layout.css.devPixelsPerPx
Bug 1573992 - Convert layout.css.devPixelsPerPx to static pref.
layout.css.paint-order.enabled
Bug 1437367 - Remove the layout.css.paint-order.enabled pref, this feature is always enabled.
Bug 1550422 - P24. Fix style of StaticPrefs.
layout.css.shared-memory-ua-sheets.enabled
Bug 1552643 - P1. Re-organise prefs in sections.
layout.css.text-decoration-skip-ink.enabled
Bug 1561131: Adding parsing support for text-decoration-skip-ink
layout.css.text-decoration-thickness.enabled
Bug 1567282: renamed text-decoration-width to text-decoration-thickness
layout.css.text-decoration-width.enabled
Bug 1555863 added text-decoration-width support to style system including mochitests and web platform tests
Bug 1567282: renamed text-decoration-width to text-decoration-thickness
layout.css.text-underline-offset.enabled
Bug 1555150: adding support for CSS text underline offset to the style system
layout.css.use-counters-unimplemented.enabled
Bug 1575062 - Support css use counters for unimplemented properties.
layout.float-fragments-inside-column.enabled
Bug 1571135 - Remove the preference that controls breaking floats inside columns.
layout.framevisibility.amountscrollbeforeupdatehorizontal
Bug 1571544 - Convert the two layout.framevisibility.amountscrollbeforeupdate* prefs to static prefs.
layout.framevisibility.amountscrollbeforeupdatevertical
Bug 1571544 - Convert the two layout.framevisibility.amountscrollbeforeupdate* prefs to static prefs.
layout.reflow.synthMouseMove
Bug 1570212 - Convert layout.reflow.synthMouseMove to a static pref.
layout.show_previous_page
Bug 1563996 - Make layout.show_previous_page a static pref.
layout.viewport_contains_no_contents_area
Bug 1508177 - Expand the minimum scale height even if the expanded area doesn't contain any contents.
mathml.deprecated_style_attributes.disabled
Bug 1548524 - Remove attributes deprecated from MathML3.
mathml.legacy_number_syntax.disabled
Bug 1575596 - MathML Lengths: Do not accept numbers ending with a dot.
mathml.mathsize_names.disabled
Bug 1548527 - Remove values "small", "normal", "big" values of the mathsize attribute.
mathml.mathspace_names.disabled
Bug 1574750 - Remove support for MathML length values thinmathspace, mediummathspace, thickmathspace, etc.
mathml.mfrac_linethickness_names.disabled
Bug 1548529 - Remove values "thin", "thick", "medium" values of mfrac@linethickness.
mathml.nonzero_unitless_lengths.disabled
Bug 1574749 - Remove support for nonzero unitless lengths.
media.audioFocus.management
Bug 1565689 - part3 : use static pref to control audio competing.
media.cloneElementVisually.testing
Bug 1570212 - Convert media.cloneElementVisually.testing to a static pref.
media.mediacapabilities.drop-threshold
Bug 1530996 - Use the benchmark class from MediaCapabilities.
media.mediacapabilities.from-database
Bug 1530996 - Use the benchmark class from MediaCapabilities.
media.mediasource.webm.enabled
Bug 1564466 - Make MediaSource not call Preferences::GetBool off-main-thread.
media.peerconnection.ice.obfuscate_host_addresses
Bug 1554976 - Add plumbing to enable/disable host address obfuscation;
media.peerconnection.ice.proxy_only_if_behind_proxy
Bug 1572590 - Indent conditionally-defined prefs in all.js.
Bug 1452713 - Update webRTCIPHandlingPolicy to match Chrome
media.peerconnection.mtransport_process
Bug 1555792: Set the socket-process-isolation prefs to true on nightly.
Bug 1572590 - Indent conditionally-defined prefs in firefox.js.
media.rdd-opus.enabled
Bug 1560368 - add Opus decoding on RDD.
media.rdd-wav.enabled
Bug 1560366 - add WAV decoding on RDD.
media.webrtc.net.force_disable_rtcp_reception
Bug 1570212 - Convert media.webrtc.net.force_disable_rtcp_reception to a static pref.
media.webrtc.platformencoder
Bug 1568101 - part2 : use a static pref to control the feature.
network.dns.disablePrefetchFromHTTPS
Bug 1572505 - Convert network.dns.disablePrefetchFromHTTPS to static pref.
network.dns.skipTRR-when-parental-control-enabled
Bug 1570732 - Skip trr when parental control is enabled
network.http.altsvc.proxy_checks
Bug 1569224 - Part 2: Add a unit test for examining the alt-svc cache isolation for third-party trackers;
network.http.referer.defaultPolicy.trackers
Bug 1569996 - Enable setting the default referrer policy for third-party tracking resources to strict-origin-when-cross-origin when Enhanced Tracking Protection is turned on;
network.http.referer.referrerLengthLimit
Bug 1557346 - Limit referer header length
network.http.sendOriginHeader
Bug 1424076 - P1 send Origin headers for all eligible requests
network.http.spdy.bug1556491
Bug 1565518, emergency preferences to turn off individual bug fixes: 1563695, 1556491, 1562315,
network.http.spdy.bug1563695
Bug 1565518, emergency preferences to turn off individual bug fixes: 1563695, 1556491, 1562315,
network.notify.IPv6
Bug 1567616 - network id based on default gateway is wrong when VPN overrides default gateway by more specific routes
Bug 1572590 - Indent conditionally-defined prefs in all.js.
network.trr.request-timeout
Bug 1575780 - We need a long request's timeout for trronly mode.
page_load.deprioritization_period
Bug 1570797, Add a pref to control the time when certain tasks are deprioritized during page load,
permissions.desktop-notification.notNow.enabled
Bug 1570674 - Default to "Never Allow" for notification permission prompt denials.
permissions.fullscreen.allowed
Bug 1522120 - Remove permission prompts when entering full-screen and leave full-screen when a permission prompt is shown.
privacy.fuzzyfox.clockgrainus
Bug 1571544 - Convert privacy.fuzzyfox.clockgrainus to static pref.
privacy.reduceTimerPrecision.unconditional
Bug 1570212 - Clean up privacy.* static pref definitions.
Bug 1387894 - Resolve timer intermittents when reduceTimerPrecision is disabled.
privacy.resistFingerprinting.target_video_res
Bug 1570212 - Remove privacy.resistFingerprinting.* VarCache prefs.
privacy.restrict3rdpartystorage.console.lazy
Bug 1540117 - Part 2: Add a pref to allow turning off the lazy reporting off anti-tracking warnings to the web console;
privacy.socialtracking.block_cookies.enabled
Bug 1566961 - Integrate SocialTracking and ETP,
privacy.socialtracking.notification.counter
Bug 1567896 - Part 3: Implement social tracking protection doorhanger;
privacy.socialtracking.notification.enabled
Bug 1567896 - Part 3: Implement social tracking protection doorhanger;
privacy.socialtracking.notification.lastShown
Bug 1573109 - use string pref to avoid overflow;
privacy.socialtracking.notification.max
Bug 1570415 - change the max amount of times the STP doorhanger can be shown from 5 to 2 times;
Bug 1567896 - Part 3: Implement social tracking protection doorhanger;
privacy.socialtracking.notification.period.min
Bug 1567896 - Part 3: Implement social tracking protection doorhanger;
privacy.socialtracking.notification.session.pageload.min
Bug 1567896 - Part 3: Implement social tracking protection doorhanger;
privacy.trackingprotection.cryptomining.annotate.enabled
Bug 1570971 - Enable all the annotation URL-Classifier features and remove their prefs,
Bug 1552643 - P1. Re-organise prefs in sections.
privacy.trackingprotection.fingerprinting.annotate.enabled
Bug 1570971 - Enable all the annotation URL-Classifier features and remove their prefs,
Bug 1552643 - P1. Re-organise prefs in sections.
privacy.trackingprotection.introURL
Bug 1564367 - Remove the content blocking UI tour.
privacy.trackingprotection.socialtracking.annotate.enabled
Bug 1560040 - Introduce 2 new URL-Classifier features to annotate and block social trackers,
security.aboutcertificate.enabled
Bug 1572368 - Enables about:certificate by default.r=johannh
Bug 1560538 - Opens a new tab to show the certificate.
security.all_resource_uri_content_accessible
Bug 1570212 - Convert security.all_resource_uri_content_accessible to a static pref.
security.allow_eval_in_parent_process
Bug 1572590 - Indent conditionally-defined prefs in firefox.js.
Bug 1570738 - Record Telemetry if eval() is used in the Parent Process
security.allow_eval_with_system_principal
Bug 1567499 - Re-allow eval with system principal on Nightly while we investigate crashes.
Bug 1564527 - Enable AssertEvalNotUsingSystemPrincipal on Nightly builds
Bug 1560915 - Hardcode minimal eval()-whitelist for test files into eval()-assertion,
Bug 1572590 - Indent conditionally-defined prefs in firefox.js.
Bug 1567623 - Update AssertEvalNotUsingSystemPrincipal and re-enable it
security.block_ftp_subresources
Bug 1560699 - Download FTP resources instead of rendering them.
security.block_Worker_with_wrong_mime
Bug 1569122 - Use StaticPrefs for our MIME type script blocking prefs.
Bug 1523706 - Consider strictly enforcing MIME checks for Worker scripts.
security.identityblock.show_extended_validation
Bug 1572936 - Flip security.identityblock.show_extended_validation to false to hide the ev indicators in the identity block.
Bug 1572389 - Add pref to show normal lock icon for sites with EV (Extended Validation) certificates.
security.insecure_connection_icon.enabled
Bug 1562881 - Part 4: Showing the degraded UI for Http pages by default.
security.insecure_connection_icon.pbmode.enabled
Bug 1562881 - Part 4: Showing the degraded UI for Http pages by default.
security.protectionspopup.recordEventTelemetry
Bug 1560327 - [Protections Panel] Implement telemetry event recording.
security.remote_settings.crlite_filters.bucket
Bug 1571934 - Inline security-prefs.js into all.js.
bug 1563056 - download the most recent CRLite filter and all following incremental filters
security.remote_settings.crlite_filters.checked
Bug 1571934 - Inline security-prefs.js into all.js.
bug 1563056 - download the most recent CRLite filter and all following incremental filters
security.remote_settings.crlite_filters.collection
Bug 1571934 - Inline security-prefs.js into all.js.
bug 1563056 - download the most recent CRLite filter and all following incremental filters
security.remote_settings.crlite_filters.enabled
Bug 1572590 - Indent conditionally-defined prefs in all.js.
Bug 1571934 - Inline security-prefs.js into all.js.
bug 1563056 - download the most recent CRLite filter and all following incremental filters
security.remote_settings.crlite_filters.signer
Bug 1571934 - Inline security-prefs.js into all.js.
bug 1563056 - download the most recent CRLite filter and all following incremental filters
security.sandbox.content.win32k-disable
Bug 1572590 - Indent conditionally-defined prefs in StaticPrefList.yaml.
Bug 1569139: Add a static pref to enable win32k lockdown in the Windows content process sandbox policy.
security.secure_connection_icon_color_gray
Bug 1572675 - Switch to using the grey lock icon by default.
Bug 1568820 - Add a pref for making the lock icon gray.
security.tls.enable_delegated_credentials
Bug 1571934 - Inline security-prefs.js into all.js.
Bug 1562773 - Add a preference to enable Delegated Credentials in NSS
services.common.log.logger.rest.request
Bug 1572621 - Merge services-common.js into all.js.
services.common.log.logger.rest.response
Bug 1572621 - Merge services-common.js into all.js.
services.common.log.logger.tokenserverclient
Bug 1572621 - Merge services-common.js into all.js.
services.sync.prefs.sync.browser.contentblocking.introCount
Bug 1564367 - Remove the content blocking UI tour.
services.sync.prefs.sync.privacy.trackingprotection.cryptomining.annotate.enabled
Bug 1570971 - Enable all the annotation URL-Classifier features and remove their prefs,
services.sync.prefs.sync.privacy.trackingprotection.fingerprinting.annotate.enabled
Bug 1570971 - Enable all the annotation URL-Classifier features and remove their prefs,
signon.generation.available
Bug 1548381 - Add prefs to release and enable password generation.
Bug 1565407 - Enable password generation and make it available by default.
signon.generation.enabled
Bug 1548381 - Add prefs to release and enable password generation.
Bug 1565407 - Enable password generation and make it available by default.
signon.management.overrideURI
Bug 1560431 - Enable about:logins on Nightly channel.
signon.management.page.breach-alerts.enabled
Bug 1572118 - Actually enable about:logins breach-alerts by default
Bug 1572118 enable about:logins breach-alerts
Bug 1560431 - Add pref for breach alerts in about:logins and disable it by default.
signon.management.page.breachAlertUrl
Bug 1564539 - Add breach alerts to login items
signon.management.page.enabled
Bug 1560433 - Enable about:logins for release builds.
Bug 1560431 - Enable about:logins on Nightly channel.
Bug 1548463 - Base page for HTML-based login manager.
signon.management.page.faqURL
Bug 1567548 - Remove references to Lockwise FAQ page.
Bug 1550165 - Footer advertising links to Lockwise mobile apps.
Bug 1559549 - Add FAQ menuitem to the ellipsis menu in about:logins. ?jaws
signon.management.page.feedbackURL
Bug 1572569 - Replace 'Send Feedback' with 'Help' in the about:logins menu.
Bug 1550165 - Footer advertising links to Lockwise mobile apps.
Bug 1559549 - Add FAQ menuitem to the ellipsis menu in about:logins. ?jaws
signon.management.page.hideMobileFooter
Bug 1550165 - Footer advertising links to Lockwise mobile apps.
signon.management.page.mobileAndroidURL
Bug 1550165 - Footer advertising links to Lockwise mobile apps.
Bug 1550166 - Install on Mobile Device button in Ellipsis menu
signon.management.page.mobileAppleURL
Bug 1550165 - Footer advertising links to Lockwise mobile apps.
Bug 1550166 - Install on Mobile Device button in Ellipsis menu
toolkit.telemetry.geckoview.batchDurationMS
Bug 1566366 - Redirect GV Streaming Telemetry to a delegate
toolkit.telemetry.geckoview.streaming
Bug 1566352 - Support 'geckoview_streaming' product for Telemetry
toolkit.telemetry.ipcBatchTimeout
Bug 1570212 - Convert toolkit.telemetry.ipcBatchTimeout to a static pref.
toolkit.telemetry.isGeckoViewMode
Bug 1566352 - Support 'geckoview_streaming' product for Telemetry
ui.scrolling.negate_wheel_scroll
Bug 1573992 - Convert ui.scrolling.negate_wheel_scroll to static pref.
urlclassifier.disallow_completions
Bug 1570805 - [stp] Turn on Social Tracking Protection Prefs,
Bug 1560597 - Safe Browsing supports downloading social tracking list.
urlclassifier.features.cryptomining.annotate.blacklistTables
Bug 1564414 - Add Fingerprinting annotation and Cryptoming annotation tables to preference.
urlclassifier.features.cryptomining.annotate.whitelistTables
Bug 1564414 - Add Fingerprinting annotation and Cryptoming annotation tables to preference.
urlclassifier.features.fingerprinting.annotate.blacklistTables
Bug 1564414 - Add Fingerprinting annotation and Cryptoming annotation tables to preference.
urlclassifier.features.fingerprinting.annotate.whitelistTables
Bug 1564414 - Add Fingerprinting annotation and Cryptoming annotation tables to preference.
urlclassifier.features.socialtracking.annotate.blacklistTables
Bug 1573176 - Fix SafeBrowsing doesn't use correct preference name for social tracking and cryptoming.
urlclassifier.features.socialtracking.annotate.whitelistTables
Bug 1573176 - Fix SafeBrowsing doesn't use correct preference name for social tracking and cryptoming.
urlclassifier.features.socialtracking.blacklistTables
Bug 1570805 - [stp] Turn on Social Tracking Protection Prefs,
Bug 1560597 - Safe Browsing supports downloading social tracking list.
urlclassifier.features.socialtracking.whitelistTables
Bug 1560597 - Safe Browsing supports downloading social tracking list.
widget.disable-native-theme
Bug 1571544 - Convert mozilla.widget.disable-native-theme to static pref.

earthlng · 2019-10-03T11:21:22Z

moved from NEW to ignore:

all the browser.contentblocking.report.*.url prefs - links used in/around about:protections
browser.fixup.typo.scheme - fixes common scheme typos
javascript.options.*gc* - not messing with garbage collection timers/intervals

Thorin-Oakenpants · 2019-10-05T13:26:24Z

OT: 1576254 cool javascript.options.wasm_trustedprincipals (default true) ... so in FF71+ you can disable wasm (which we do: see 2426) but extensions like uBO/uM can still use it

Edit: and hopefully backported to ESR

earthlng · 2019-10-09T12:06:06Z

FYI: FF70+ (and ESR68.1.0+) will allow extensions to use SVG content regardless of whether the svg.disabled pref is toggled.

Maybe worthy of a NOTE (?)

earthlng · 2019-10-22T15:17:53Z

70.0 changes since 70.0b8

new

pref("browser.contentblocking.report.lockwise.url", "https://lockwise.firefox.com/?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections"); // "https://lockwise.firefox.com/" in FF70.0b8
pref("browser.contentblocking.report.proxy_extension.url", "https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections"); // "https://private-network.firefox.com/" in FF70.0b8
pref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false);
pref("devtools.debugger.features.inline-preview", false); // true in FF70.0b8
pref("devtools.storage.extensionStorage.enabled", true); // false in FF70.0b8
pref("dom.security.respect_document_nosniff", false); // true in FF70.0b8
pref("security.allow_eval_in_parent_process", false); // true in FF70.0b8
pref("security.allow_eval_with_system_principal", false); // true in FF70.0b8

removed

pref("plugin.persistentPermissionAlways.intervalInDays", 90);
pref("plugin.sessionPermissionNow.intervalInMinutes", 60);

changed

pref("app.releaseNotesURL", "https://www.mozilla.org/%LOCALE%/firefox/%VERSION%beta/releasenotes/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=whatsnew"); // prev: "https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=whatsnew"
~~pref("app.update.channel", "beta"); // prev: "release"~~
~~pref("app.update.url.details", "https://www.mozilla.org/%LOCALE%/firefox/beta/notes"); // prev: "https://www.mozilla.org/%LOCALE%/firefox/notes"~~
~~pref("app.update.url.manual", "https://www.mozilla.org/firefox/beta"); // prev: "https://www.mozilla.org/firefox/"~~
pref("browser.newtabpage.activity-stream.discoverystream.enabled", true); // prev: false
~~pref("extensions.webcompat-reporter.enabled", true); // prev: false~~
~~pref("toolkit.telemetry.enabled", true); // prev: false~~

EDIT : updated 1st post

earthlng · 2019-10-22T15:57:17Z

@Thorin-Oakenpants none of these pref changes landed in ESR. They still have their old values and/or are still hidden in ESR

earthlng · 2019-10-22T16:18:19Z

NEW prefs which we can ignore IMO:

browser.search.separatePrivateDefault
network.http.referer.referrerLengthLimit
2x network.trr.request_timeout_*
privacy.fuzzyfox.clockgrainus
security.all_resource_uri_content_accessible

👖 : done, and I added security.block_Worker_with_wrong_mime which gets flipped soon, and the AS engagementLabel

crssi · 2019-10-22T19:45:50Z

1270 seems to doesn't matter anymore... any setting will show broken padlock for unsecure site.

If someone wish to have an "old" green padlock instead of a new "gray": user_pref("security.secure_connection_icon_color_gray", false);

crssi · 2019-10-23T10:29:59Z

^^ If I delete that folder and create a file with the same name, then FF cannot create the folder and files in it... and YT still works at 1080p/Max (also 4K) resolution.

Edit by Thorin: just delete the folder and set media.mediacapabilities.from-database = false

ghost · 2019-10-23T11:22:46Z

Ok. One more thing. I`m notice when user open site with a self-signed certificate FF phone to:

https://mitmdetection.services.mozilla.com/

You can check using this site:
https://bluebird-hd.org

It can be stopped:
security.certerrors.mitm.priming.enabled;false

May I find out why you still haven't added this to user.js?

claustromaniac · 2019-10-23T12:11:56Z

@Dragomir7 the purpose of that pref is to inform you of potential MitM attacks. The mechanism triggers only during cert-related errors, and Mozilla's servers receive almost no information whatsoever about you in the process. That does not qualify as "phoning home" IMO.

See #740 for more info (skip to this comment if you don't feel like reading everything).

earthlng · 2019-10-23T12:24:30Z

I don't find any mention of that in this repo: I searched for mitm.priming.enabled

I mentioned it here and actually proposed to disable it.

the purpose of that pref is to inform you of potential MitM attacks.

are you sure? I think this only covers local MITM like AV and things like that.

claustromaniac · 2019-10-23T12:44:55Z

I think this only covers local MITM like AV and things like that.

Yeah, attack or not, that's probably the main goal, but it also detects at least one specific type of MitM attack outside the local network (it's not 100% reliable).

But im alredy say what even old browser in which did not exist yet this pref, can alert user about self-signed certificate. The only objective of this pref is collecting data and sending to mozilla.

I speak with certain confidence because I looked at the source code at the time this was implemented (haven't looked at it since). As you said, leaving that pref enabled does not increase security, because cert errors are enough to cover that, but when priming triggers, it does not directly inform Mozilla of anything. They don't get to know what's the site in question or anything else. It's a ping.

claustromaniac · 2019-10-23T12:50:18Z

It's also worth mentioning that security.certerrors.mitm.auto_enable_enterprise_roots depends on priming.

claustromaniac · 2019-10-23T13:10:14Z

Just in case, I want to make clear that I'm neither for nor against adding this pref to the user.js (and I've never been). I just wanted to point out that priming does not leak unnecessary information.

earthlng · 2019-10-23T13:51:57Z

priming does not leak unnecessary information.

that's correct. It does not leak fe the visited site that triggered the error page in the 1st place as @Dragomir7 believes

but it also detects at least one specific type of MitM attack outside the local network

but this priming feature is not about "protection" and only about better information.

All it does is in some cases upgrade the UNSEC_ERROR message to a page informing you about a potential MITM. ie the MITM attempt would have already failed because otherwise you wouldn't get the error message in the 1st place.

https://bugzilla.mozilla.org/show_bug.cgi?id=1529643#c0:

Our current AV MitM detection works by listening to failed internal requests such as the update or blocklist pings and comparing the issuer certificates to those in certificate errors when loading content. If they match, we show a special error that should be much more helpful to users.

However, this method is lacking because the user's browser may not have triggered any internal requests at the time they view the certificate error.

ie the only reason why they added this ping feature is "because the user's browser may not have triggered any internal requests at the time they view the certificate error." and explicitly to help with their AV MITM detection ie local MITM

earthlng · 2019-10-23T13:58:32Z

but this priming feature is not about "protection" and only about better information.

oh nvm, you already acknowledged that "leaving that pref enabled does not increase security, because cert errors are enough to cover that"

earthlng · 2019-10-23T14:48:39Z

@crssi wrote:

1270 seems to doesn't matter anymore... any setting will show broken padlock for unsecure site.

1270 doesn't matter anymore because we enabled 1201 a while ago.

On that note, AFAICT the title of 1201 is actually incorrect because that pref is about "negotiation" not re-negotiation and the note about % of servers not supporting secure renegotiation therefore probably irrelevant ...

https://wiki.mozilla.org/Security:Renegotiation:

Negotiation refers to the initial handshake between client and server.

Renegotiation refers to an attempt to repeat the negotiation on an existing connection.

and under https://wiki.mozilla.org/Security:Renegotiation#security.ssl.require_safe_negotiation:

This pref controls the behaviour during the initial negotiation between client and server.

If set to true, a Mozilla client will reject all connection attempts to servers that are still using the old SSL/TLS protocol and which might be vulnerable to the attack.

crssi · 2019-10-23T17:57:22Z

@earthlng

1270 doesn't matter anymore because we enabled 1201 a while ago.

Hmmm... in my overrides I have 1201 set to false and it still doesn't matter from GUI point of view... talking about padlock icon, not saying whats behind-the-scene, since as a noob I really don't have a clue. 😉

Thorin-Oakenpants · 2019-11-08T18:14:25Z

I added browser.messaging-system.whatsNewPanel.enabled to 5000s, which I tidied up a little to reflect that these prefs don't just disable a feature, but also hide their icons and menus. e.g. for this pref it also gets rid of the What's New menu in the hamburger

I put it as [FF70+] even though it already existed, since that's when it first showed up in the interface. If you want to make it technically correct, feel free to confirm the actual release (I suspect it was 69?) - @earthlng

rusty-snake · 2019-11-09T19:17:11Z

Both can/should be ignored.

pref("media.peerconnection.mtransport_process", false);

https://dxr.mozilla.org/mozilla-central/source/browser/app/profile/firefox.js#1687-1692

pref("widget.disable-native-theme", false);

Setting this to true cause strange issue for me, like no window close button.

Thorin-Oakenpants · 2019-11-09T22:52:20Z

Yeah, I left it there to remind me about fingerprinting widgets, which is already a known issue, and I already have something in the pipeline (as does Mozilla)

Edit: also moved network.http.altsvc.proxy_checks to ignore

1569224 - Part 2: Add a unit test for examining the alt-svc cache isolation for third-party trackers;

Thorin-Oakenpants · 2019-11-19T07:12:26Z

browser.newtabpage.activity-stream.discoverystream.enabled

added in FF69 (false), flipped true in FF70

https://dxr.mozilla.org/mozilla-central/source/browser/components/newtab/docs/v2-system-addon/preferences.md#117-129

When this is set to true the Discovery Stream experience will show up if enabled is also true on browser.newtabpage.activity-stream.discoverystream.config. Otherwise the old Activity Stream experience will be shown.

// These prefs control if Discovery Stream is enabled.
#ifdef NIGHTLY_BUILD
pref("browser.newtabpage.activity-stream.discoverystream.enabled", true);
#else
pref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
#endif
pref("browser.newtabpage.activity-stream.discoverystream.hardcoded-basic-layout", false);
pref("browser.newtabpage.activity-stream.discoverystream.spocs-endpoint", "");

https://bugzilla.mozilla.org/show_bug.cgi?id=1573930#c6 shows the affects of toggling the prefs

So AFAICT, this has no affect on whether or not anything is displayed or not, that's still the checkboxes and relative prefs in the UI. And it won't even be used if you don't use AS as a landing page: which is what I said here

So moving to ignore

Thorin-Oakenpants · 2019-11-19T07:36:32Z

I have NFI about get, head or cors: so someone else will have to decide without explaining (earthlng) or explain it to me (anyone else) why this can be ignored or why it should be added at what value and what state (active/inactive). Otherwise I cannot move forward with closing this ticket (edit: unless I stick it on the sticky issue of items to investigate, or move it to the next diffs)

// FF59+
// Include an origin header on non-GET and non-HEAD requests regardless of CORS
// 0=never send, 1=send when same-origin only, 2=always send
pref("network.http.sendOriginHeader", 2); // prev: 0

sources

Thorin-Oakenpants · 2019-11-19T07:40:09Z

crssi

1270 seems to doesn't matter anymore... any setting will show broken padlock for unsecure site.

earthlng

1270 doesn't matter anymore because we enabled 1201 a while ago

So I can remove 1270 then?

crssi · 2019-11-19T08:05:58Z

I would say yes, but I guess you are asking @earthlng. 😄

Thorin-Oakenpants · 2019-11-19T08:22:32Z

I'm asking anybody

Mozilla (like Chrome) is changing from highlighting secure sites, to highlighting insecure sites - e.g no padlock = good, padlock = bad. Not sure on the rollout of that stuff and its not worth looking up, TBH.

So all I really need to do is a test, on both ESR68 and FF68. That's with 1270 and 1201 both inactive and at default. So I want a test page. Either someone does the tests for me, or gives me a test page to trigger the "red padlock" in 1270

crssi · 2019-11-19T08:32:26Z

On FF 70 the "red padlock" is triggered in any case on HTTP site. Try http://http.badssl.com/.
~~I wouldn't know for FF68 or ESR68~~.

UPDATE: That is not the case for FF 68.2 and ESR68.2 (portable) vanilla... "red padlock" is not triggered on http://http.badssl.com/.

Thorin-Oakenpants · 2019-11-19T09:08:12Z

... is triggered in any case on HTTP site ...

but we need to explicitly test for the case in 1201 .. and I don't fully understand the whole (re)negotiation thing - but doesn't it still mean you end up with HTTPS (no need to answer).

The thing is it might be impossible to find a working test. And we'd only keep 1270 as a fallback (if it actually does something: hence the required test) in case someone flipped 1201

/* 1201: disable old SSL/TLS "insecure" negotiation (vulnerable to a MiTM attack)
 * [1] https://wiki.mozilla.org/Security:Renegotiation ***/
user_pref("security.ssl.require_safe_negotiation", true);

/* 1270: display warning (red padlock) for "broken security" (see 1201)
 * [1] https://wiki.mozilla.org/Security:Renegotiation ***/
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);

crssi · 2019-11-19T09:12:11Z

Sure, as said before, I am seeing this from UI perspective only. There must/might be something more behind-the-scene.

rusty-snake · 2019-11-19T11:38:45Z

network.http.sendOriginHeader

Sound related to @claustromaniac Extension.

https://addons.mozilla.org/de/firefox/addon/privacy-oriented-origin-policy/
https://github.com/claustromaniac/poop

earthlng · 2019-11-19T12:44:26Z

testpage for 1201 + 1270: https://secure.brightcove.com/

keep 1270 as a fallback ... in case someone flipped 1201

SGTM. Maybe add a note to 1270 that there's this bug: warning padlock not indicated for subresources on a secure page

The red padlock on http sites that @crssi is talking about is probably due to security.insecure_connection_icon.enabled which they enabled by default in FF70

crssi · 2019-11-19T12:51:07Z

The red padlock on http sites that @crssi is talking about is probably due to security.insecure_connection_icon.enabled which they enabled by default in FF70

Thats it 👍

Thorin-Oakenpants · 2019-11-19T13:18:41Z

same behavior on ESR68, FF68, FF70, FF72

about:config: security.ssl*negotiation
test page: https://secure.brightcove.com/

A: both false (FF default) = green padlock
B: both true (our default) = connection failed -> internal page (no padlock)
C: 1201 true, 1270 false = connection failed -> internal page (no padlock)
D: 1201 false, 1270 true = grey padlock with a yellow warning triangle = "Not Secure: this page uses weak encryption"

OK, my mind is zonked, but I'll try (correct me if I fuck up)

in order to not block pages but warn the user, both need to be true = an improvement on FF's green padlock. If we remove 1270 (show padlock), then the connection fails which is not the result we were testing for

So: in order to make it simpler, we could merge 1270 into 1201. And we can fix up the description and add the bugzilla about subresources. Does anyone want to have a stab at that while I take a break?

earthlng · 2019-11-19T15:08:57Z

in order to not block pages but warn the user, both need to be true

in order to not block pages (or subresources in some cases), 1201 would need to be false.

Thorin-Oakenpants · 2019-11-19T15:30:15Z

OK, my mind is zonked, but I'll try (correct me if I fuck up)

yup, completely fucked that up. I knew it, I could feel myself getting totally exhausted and not thinking straight trying to match pref numbers to pref names to defaults to what we have

Meanwhile - what do you think if we merge 1270 into 1201 - thumbs up if you agree: I'll do a PR tomorrow after a sleep - @earthlng

earthlng · 2019-11-19T16:01:27Z

yeah, do a PR and we can take it from there. But please, no hurry! like, don't close it if I don't respond in a timely manner etc ;)
It's a general enhancement and doesn't have to block finishing this diff

Thorin-Oakenpants · 2019-11-22T05:03:07Z

I can't make any headway with these: too many variables and I do not know enough about WebRTC (i.e, I know nothing)

/* 2002: limit WebRTC IP leaks if using WebRTC
 * [TEST] https://browserleaks.com/webrtc
 * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1189041,1297416
 * [2] https://wiki.mozilla.org/Media/WebRTC/Privacy ***/
user_pref("media.peerconnection.ice.default_address_only", true);
user_pref("media.peerconnection.ice.no_host", true); // [FF51+]

pref("media.peerconnection.ice.obfuscate_host_addresses", false);

This only enables mDNS on OS X for now. Some versions of Windows lack mDNS support, there are some oddities with resolving IPv6 addresses on Linux, and Android has not yet been tested. All of these will be addressed in follow on bugs.

I think/hoope this will get flipped when they iron out the bugs - but if they don't then we'll never pick up on this pref again? The pref name looks like it should be true from a privacy standpoint

pref("media.peerconnection.ice.proxy_only_if_behind_proxy", false);

I read it, twice, and am still none the wiser. I think it can be ignored

crssi · 2019-11-22T08:15:50Z

When you mention WebRTC... I don't know why not leave 2001 at default (true)?
In that case I couldn't find leakage of local IP over some VPNs when both at 2002 are set to true... I always got only the public IP "leakage", which is not really a leakage.
In case that there is a private IP leakage over VPN, then the VPN provider must be changed 😉.

And thank you @Thorin-Oakenpants and @earthlng for your hard work... I really love you guys ❤️ .

earthlng · 2019-11-22T13:47:58Z

re: media.peerconnection.ice.proxy_only_if_behind_proxy

these are the WE API values for controlling this WebRTC thing:

"default"
"default_public_and_private_interfaces"
"default_public_interface_only"
"disable_non_proxied_udp"
"proxy_only"

you can the see the prefs+values associated with each setting here.

1452713#c32:

The canonical explanation of these modes is in ietf-rtcweb-ip-handling. default, default_public_and_private_interfaces, default_public_interface_only and disable_non_proxied_udp map to mode 1, mode 2, mode 3 and mode 4, respectively.

1452713#c23 explains disable_non_proxied_udp prior and after the fix in 1452713.
As I understand it, disable_non_proxied_udp used to actually be "proxy_only" which offered the best privacy but didn't work if no proxy was used:

proxy_only is our old version of mode 4, prior to this bug, that was not entirely up to spec in that it disallows any peer connection from connecting if a proxy is not set. There's still some value in this mode, since it's the only mode that guarantees that no ip addresses leak to remote peer or application, regardless of other settings (proxy).

The new disable_non_proxied_udp is a better version of default_public_interface_only that works with or without a proxy AND with the added benefit of when a proxy is used it's equivalent to proxy_only.
And I think that's where we want to be and therefore we should add media.peerconnection.ice.proxy_only_if_behind_proxy=true to 2002. Maybe also adding the link to the spec modes and note that our setting matches mode 4

They also mention uBlockOrigin in that bugzilla and uBO currently uses disable_non_proxied_udp in Chrom(e|ium) and default_public_interface_only for Firefox. (see source)

Firefox currently works differently, use default_public_interface_only for now.

emphasis mine. I think after 1452713 ie FF70+, @gorhill can now use disable_non_proxied_udp for FF as well since their main goal in 1452713 was apparently "functional equivalency to Chrome" and because disable_non_proxied_udp is now a better version of default_public_interface_only

earthlng · 2019-11-22T14:24:11Z

re: media.peerconnection.ice.obfuscate_host_addresses

2002 already has "no_host" and thus I don't think "obfuscate_host_addresses" really matters.
With no hosts there's presumably nothing to obfuscate.

Thorin-Oakenpants · 2019-11-22T15:10:32Z

I'll just defer that to you, go ahead and commit it

@crssi

we disable WebRTC because

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1375122,1314443,1466148,959893,1338006

crssi · 2019-11-23T16:47:39Z

I'll just defer that to you, go ahead and commit it

Thank you. Need to learn how to do it. But first I will read all bugzillas.

Thorin-Oakenpants · 2019-11-24T05:09:03Z

I'll just defer that to you, go ahead and commit it

That was for earthlng, the @crssi was for the subsequent message

crssi · 2019-11-24T14:00:42Z

OK, never-mind, did some tests anyway.

FF 70.0.1 plan vanilla + latest user.js + media.peerconnection.enable = true

The following tests:
https://mozilla.github.io/webrtc-landing/stun_test.html
https://bric.lepus.uberspace.de/ff28Fail.html
https://diafygi.github.io/webrtc-ips/
https://browserleaks.com/webrtc

does not leak internal IP, but the deviceId stays the same for a session until restart.
DeviceId is somehow tied to cookie controlled storage, which is cleared by user.js on restart.
When cookies are cleared manually within a session, the deviceId changes.
Also TC + Auto mode deals with that.

earthlng added enhancement task diffs labels Sep 21, 2019

earthlng changed the title ~~ToDo: diffs FF69-FF70b8~~ ToDo: diffs FF69-FF70 Oct 22, 2019

This comment has been minimized.

Sign in to view

Thorin-Oakenpants mentioned this issue Oct 23, 2019

FF70 + VP9 #819

Closed

This comment has been minimized.

Sign in to view

Thorin-Oakenpants mentioned this issue Nov 22, 2019

spring cleaning / fixups #840

Closed

9 tasks

Thorin-Oakenpants closed this as completed Nov 24, 2019

earthlng mentioned this issue Nov 28, 2019

changelog: v70-beta #853

Closed

Thorin-Oakenpants mentioned this issue Apr 30, 2020

✨ Feature Suggestion | WebRTC info box / wiki / something near the VoIP section about profiles/users privacytools/privacytools.io#1815

Closed

ToDo: diffs FF69-FF70 #805

ToDo: diffs FF69-FF70 #805

Comments

earthlng commented Sep 21, 2019 • edited by Thorin-Oakenpants Loading

new in v70.0:

removed, renamed or hidden in v70.0:

changed in v70.0:

ignore

earthlng commented Sep 21, 2019

earthlng commented Oct 3, 2019

Thorin-Oakenpants commented Oct 5, 2019 • edited Loading

earthlng commented Oct 9, 2019

earthlng commented Oct 22, 2019 • edited Loading

new

removed

changed

earthlng commented Oct 22, 2019

earthlng commented Oct 22, 2019 • edited by Thorin-Oakenpants Loading

crssi commented Oct 22, 2019

This comment has been minimized.

crssi commented Oct 23, 2019 • edited by Thorin-Oakenpants Loading

This comment has been minimized.

ghost commented Oct 23, 2019 • edited by ghost Loading

This comment has been minimized.

claustromaniac commented Oct 23, 2019

earthlng commented Oct 23, 2019

This comment has been minimized.

claustromaniac commented Oct 23, 2019 • edited Loading

claustromaniac commented Oct 23, 2019

claustromaniac commented Oct 23, 2019 • edited Loading

earthlng commented Oct 23, 2019

earthlng commented Oct 23, 2019

earthlng commented Oct 23, 2019

This comment has been minimized.

This comment has been minimized.

crssi commented Oct 23, 2019

Thorin-Oakenpants commented Nov 8, 2019

rusty-snake commented Nov 9, 2019

Thorin-Oakenpants commented Nov 9, 2019 • edited Loading

Thorin-Oakenpants commented Nov 19, 2019

Thorin-Oakenpants commented Nov 19, 2019 • edited Loading

Thorin-Oakenpants commented Nov 19, 2019

crssi commented Nov 19, 2019

Thorin-Oakenpants commented Nov 19, 2019

crssi commented Nov 19, 2019 • edited Loading

Thorin-Oakenpants commented Nov 19, 2019

crssi commented Nov 19, 2019

rusty-snake commented Nov 19, 2019

earthlng commented Nov 19, 2019

crssi commented Nov 19, 2019

Thorin-Oakenpants commented Nov 19, 2019

earthlng commented Nov 19, 2019

Thorin-Oakenpants commented Nov 19, 2019

earthlng commented Nov 19, 2019

Thorin-Oakenpants commented Nov 22, 2019

crssi commented Nov 22, 2019

earthlng commented Nov 22, 2019

earthlng commented Nov 22, 2019

Thorin-Oakenpants commented Nov 22, 2019 • edited Loading

crssi commented Nov 23, 2019

Thorin-Oakenpants commented Nov 24, 2019

crssi commented Nov 24, 2019

earthlng commented Sep 21, 2019 •

edited by Thorin-Oakenpants

Loading

Thorin-Oakenpants commented Oct 5, 2019 •

edited

Loading

earthlng commented Oct 22, 2019 •

edited

Loading

earthlng commented Oct 22, 2019 •

edited by Thorin-Oakenpants

Loading

crssi commented Oct 23, 2019 •

edited by Thorin-Oakenpants

Loading

ghost commented Oct 23, 2019 •

edited by ghost

Loading

claustromaniac commented Oct 23, 2019 •

edited

Loading

claustromaniac commented Oct 23, 2019 •

edited

Loading

Thorin-Oakenpants commented Nov 9, 2019 •

edited

Loading

Thorin-Oakenpants commented Nov 19, 2019 •

edited

Loading

crssi commented Nov 19, 2019 •

edited

Loading

Thorin-Oakenpants commented Nov 22, 2019 •

edited

Loading