s83/user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-04-30 14:03:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
1910 commits 2 branches 109 tags 5 MiB
Commit graph

1910 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thorin-Oakenpants
b6805f1e65
get rid of 2803 2022-06-01 13:47:05 +00:00
Thorin-Oakenpants
1d92c40aaf
fixup RFP ambiguity 
- not clear that version doesn't start with 102
- not clear that version is also spoofed in headers
 2022-05-31 06:08:39 +00:00
Thorin-Oakenpants
539764fba8
remove all the TC stuff 2022-05-30 14:19:58 +00:00
Thorin-Oakenpants
13b6d8cccd
update RFP version spoofing 2022-05-27 18:05:50 +00:00
Thorin-Oakenpants
b800d59834
tweak DoH rollout info 2022-05-24 06:20:47 +00:00
Thorin-Oakenpants
38c403d23b
add ETP qps 
- https://bugzilla.mozilla.org/show_bug.cgi?id=1763660
- is default true in nightly, where I changed to standard, set pref as false, then switched to strict, and the pref auto flipped, so we should be good
 2022-05-18 02:01:57 +00:00
Thorin-Oakenpants
cb92b8e243
add 0903 ref link 
Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission
 2022-05-11 14:51:28 +00:00
Thorin-Oakenpants
3207478033
make 2803 inactive: thirdparty.sessionOnly 
reasons why
- third party cookies are NOT are not real ... they are partitioned to the first party (with dFPI)
- at the very least nonsecure is redundant
   - no one in this day and age is going to want the config of keeping all secure but not insecure, it doesn't make any sense: especially since 85% (from memory) of traffic from telemetry is secure, and 70+% of the top 1M sites are secure ( https://scotthelme.co.uk/top-1-million-analysis-november-2021/ shows almost 72% of the sites in the Top 1 Million now actively **_redirecting_** traffic to use HTTPS) - in other words, the reasons for keeping secure cookies (like banks, logins) but ditching the rest in the old days are over as being secure is not a distinction, but the norm
- we previously blocked all third party cookies, so this was never really used
- we then moved to lifetime pref = 2 (which makes everything session only), so again, this isn't really adding anything
- we sanitize on close (always have)
- we will be moving off lifetime pref (because deprecation), but we still sanitize on close
- when we move off lifetime pref, I think these prefs could cause issues with dFPI / sanitizing (wouldn't surprise me: they are old and outdated as a concept), and I think we're better off making them inactive

We could also remove them. If that's not enough to convince you, then I have no more words
 2022-05-10 15:03:36 +00:00
Thorin-Oakenpants
833ebf5bc2
fixup crlite mode default 2022-05-10 14:06:00 +00:00
Thorin-Oakenpants
134c282250
v101 2022-05-09 19:28:57 +00:00
Thorin-Oakenpants
ea139e3ef8
long standing defaults 
- FF79+ dom.targetBlankNoOpener.enabled - https://bugzilla.mozilla.org/show_bug.cgi?id=1522083
- FF86+ privacy.window.name.update.enabled - https://bugzilla.mozilla.org/show_bug.cgi?id=1685089
 2022-05-09 19:25:18 +00:00
Thorin-Oakenpants
d6b26e7558
v100 (#1423) 2022-05-09 18:49:38 +00:00
Thorin-Oakenpants
7ff46e02dd
v100 deprecated 
https://bugzilla.mozilla.org/1752621 - replaced with network.http.http2* prefs
 2022-05-05 23:33:44 +00:00
fabrizio
4ff931781a
Merge pull request #1419 from arkenfox/v99 
v99
 2022-04-09 09:45:45 +00:00
Thorin-Oakenpants
9aae0a62b0
tidy deprecated, misc RFP changes 2022-04-08 21:30:22 +00:00
Thorin-Oakenpants
eb98f06d69
security.csp.enable 
https://bugzilla.mozilla.org/1754301
 2022-04-08 21:28:16 +00:00
fxbrit
81561840a1 deprecate security.csp.enable 2022-04-08 11:43:39 +02:00
i-c-u-p
64bc683c3f
Made prefsCleaner.sh executable (#1416) 
Changed permissions of prefsCleaner.sh from 644 to 755 to be able to run it via "./prefsCleaner.sh" with out first executing "chmod +x prefsCleaner.sh".
 2022-04-08 07:03:43 +00:00
earthlng
b4225baaf2
Update updater.sh 2022-03-19 07:47:46 +00:00
matthias-z
e00497fd51
Fix newline issue when downloading files in updater.sh (#1397) 2022-03-19 07:46:08 +00:00
Thorin-Oakenpants
d9af90d05f
v98 (#1372) 2022-03-10 00:44:10 +00:00
Thorin-Oakenpants
0d83307b14
Update troubleshooting-help.md 2022-02-27 10:44:04 +00:00
Thorin-Oakenpants
4f3f789f28
Add files via upload 2022-02-25 23:15:01 +13:00
Thorin-Oakenpants
6b6ed86b6c
Update troubleshooting-help.md 2022-02-24 00:26:15 +00:00
Thorin-Oakenpants
382b9181df
Add files via upload 2022-02-20 19:00:32 +13:00
Thorin-Oakenpants
ba052105de
Add files via upload 2022-02-14 05:38:13 +13:00
Thorin-Oakenpants
4bd17611df
Update troubleshooting-help.md 2022-02-13 13:11:55 +00:00
Thorin-Oakenpants
41468d0d0b
Update troubleshooting-help.md 2022-02-13 13:11:26 +00:00
Thorin-Oakenpants
a98b73c64e
v97 (#1346) 2022-02-13 11:15:00 +00:00
Thorin-Oakenpants
58e2618b9d
dom.securecontext.whitelist_onions 
replaced by dom.securecontext.allowlist_onions - https://bugzilla.mozilla.org/1744006
 2022-02-09 20:00:43 +00:00
Thorin-Oakenpants
d61da93aad
Update troubleshooting-help.md 2022-02-06 15:30:25 +00:00
Thorin-Oakenpants
562127be87
Update troubleshooting-help.md 2022-02-06 15:27:50 +00:00
xfzv
917e3fe1aa
Update wiki link for updater options (#1364) 2022-02-06 12:23:20 +00:00
Thorin-Oakenpants
89bee0e361
Add files via upload 2022-01-31 03:08:22 +13:00
Thorin-Oakenpants
4c74f1bffb
Update README.md 2022-01-30 08:53:08 +00:00
Thorin-Oakenpants
0d9de9174a
Update README.md 2022-01-30 03:23:06 +00:00
Thorin-Oakenpants
45043537d8
Update README.md 2022-01-30 03:20:59 +00:00
Thorin-Oakenpants
cc7ca9d0fa
cleanup dead images (#1353) 2022-01-29 05:24:41 +00:00
fabrizio
10044fcaf7
typos #1342 (#1343) 2022-01-22 01:49:48 +00:00
Thorin-Oakenpants
ac0820a5dc
add last bits about ETP Strict/dFPI, closes #1337 2022-01-21 03:48:06 +00:00
Thorin-Oakenpants
83b6d64e67
security.insecure_connection_text.enabled 
AF has been using HTTPS-Only mode since v84, the interstitial is more than ample, padlock is still marked as insecure
 2022-01-16 02:36:08 +00:00
Thorin-Oakenpants
b5bf2ee017
oophs, add removed item from last commit to 6050 2022-01-16 02:34:21 +00:00
Thorin-Oakenpants
09d62d2302
remove 1273: "not Secure" text on insecure sites 
AF has been using HTTPS-Only mode since v84, the interstitial is more than ample, padlock is still marked as insecure
 2022-01-16 02:31:57 +00:00
Thorin-Oakenpants
7a4676fe2d
make 1601 setup tag more explicit, closes #1326 2022-01-15 05:25:11 +00:00
Thorin-Oakenpants
bc2aba3829
move last update pref to personal 2022-01-12 05:25:31 +00:00
Thorin-Oakenpants
926a2d4ac8
v96 deprecated, #1325 
also tidy the description to reflect that the setting is hidden
 2022-01-12 05:09:17 +00:00
Thorin-Oakenpants
ab7380c93b
HoM: tweak background request info 2022-01-11 09:21:37 +00:00
Thorin-Oakenpants
06b8d8bfa3
move 0362 to don't touch 2022-01-07 17:29:26 +00:00
Thorin-Oakenpants
7016c2050d
move TLS 1.0/1.1 downgrades to don't bother 
https://bugzilla.mozilla.org/show_bug.cgi?id=1745678
 2021-12-30 03:15:56 +00:00
Thorin-Oakenpants
2787da7f90
Update README.md 2021-12-24 06:04:38 +00:00