[tbb-bugs] #19048 [Applications/Tor Browser]: Review Firefox Developer Docs and Undocumented bugs since FF45esr

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 21 10:52:13 UTC 2017

#19048: Review Firefox Developer Docs and Undocumented bugs since FF45esr
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-7.0-must,              |  Actual Points:
  TorBrowserTeam201703, GeorgKoppen201703        |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4

Comment (by gk):

 Replying to [comment:26 mcs]:
 > Here are the items that Kathy and I found for Firefox 52:
 > a) As I mentioned in comment:4, captive portal detection is enabled in
 FF52. It won't be useful over Tor, so we should disable it via `network
 .captive-portal-service.enabled = false`. I thought we already had a
 ticket for this, but I cannot find it.
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1313706


 > b) MediaError has gained a message property that may include system
 > information. We should make sure it does not provide fingerprintable
 > about the user's computer.
 >  https://developer.mozilla.org/en-US/docs/Web/API/MediaError
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1322606

 This is #21792.

 > c) Kathy and I don't fully understand what was done in the following bug
 > how it affects our use of the --disable-eme configure flag:
 >   https://bugzilla.mozilla.org/show_bug.cgi?id=1300654
 > Maybe the difference is that now the framework that supports EME is
 > built and --disable-eme only skips building the bundled providers?

 Yeah, I had a similar impression. I'll make a note in #16285.

 > d) The CustomElementRegistry.get() method of the Web Components API has
 been implemented. It looks like all of the custom element features are
 disabled via `dom.webcomponents.customelements.enabled = false`, but
 eventually we should make sure that these APIs do not introduce any
 linkability problems
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1275838

 I opened #21793.

 > e) A note related to e10s: use of accessibility tools is no longer a
 reason to disable e10s (it was for Firefox 48-51, as I noted in
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1312100
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1310788
 >  https://bugzilla.mozilla.org/show_bug.cgi?id=1322606

 The last link is probably a copy-and-paste error? In any case, it seems
 the a11y+e10s support got at least backed out for Windows again:

 Additionally, I have

 f) We want to clear preloaded state (dynamic pins) in SiteSecurityService
 as well on `New Identity`
 (https://bugzilla.mozilla.org/show_bug.cgi?id=1306471) which is #21794.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19048#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list