[tbb-commits] [tor-browser] 01/06: squash! Firefox preference overrides.

Thu Nov 17 13:07:45 UTC 2022

This is an automated email from the git hooks/post-receive script.

pierov pushed a commit to branch tor-browser-102.4.0esr-12.0-2
in repository tor-browser.

commit 10a60cd7c4d07d66c57c7aa53e08fff19979b06c
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Tue Nov 15 10:05:14 2022 +0100

    squash! Firefox preference overrides.
    
    Bug 40783: Review 000-tor-browser.js and 001-base-profile.js for 102
    
    We reviewed all the preferences we set for 102, and remove a few old
    ones. See the description of that issue to see all the preferences we
    believed were still valid for 102, and some brief description for the
    reasons to keep them.
---
 browser/app/profile/001-base-profile.js | 53 ++++++++++-----------------------
 1 file changed, 15 insertions(+), 38 deletions(-)

diff --git a/browser/app/profile/001-base-profile.js b/browser/app/profile/001-base-profile.js
index 0d344b55eca8..86684930e896 100644
--- a/browser/app/profile/001-base-profile.js
+++ b/browser/app/profile/001-base-profile.js
@@ -1,12 +1,11 @@
 // Preferences to harden Firefox's security and privacy
 // Do not edit this file.
 
-// Use the OS locale by default
+// Use the OS locale by default (tor-browser#17400)
 pref("intl.locale.requested", "");
 
 // Disable initial homepage notifications
 pref("browser.search.update", false);
-pref("browser.rights.3.shown", true);
 pref("startup.homepage_welcome_url", "");
 pref("startup.homepage_welcome_url.additional", "");
 
@@ -31,12 +30,6 @@ pref("app.update.promptWaitTime", 3600);
 pref("app.update.staging.enabled", false);
 #endif
 
-// Disable "Slow startup" warnings and associated disk history
-// (bug #13346)
-pref("browser.slowStartup.notificationDisabled", true);
-pref("browser.slowStartup.maxSamples", 0);
-pref("browser.slowStartup.samples", 0);
-
 // Disable the "Refresh" prompt that is displayed for stale profiles.
 pref("browser.disableResetPrompt", true);
 
@@ -47,9 +40,6 @@ pref("permissions.memory_only", true);
 pref("network.cookie.lifetimePolicy", 2);
 pref("security.nocertdb", true);
 
-// Enabled LSNG
-pref("dom.storage.next_gen", true);
-
 // Disk activity: TBB Directory Isolation
 pref("browser.download.useDownloadDir", false);
 pref("browser.download.manager.addToRecentDocs", false);
@@ -63,9 +53,8 @@ pref("browser.sessionstore.privacy_level", 2);
 pref("browser.privatebrowsing.forceMediaMemoryCache", true);
 pref("media.memory_cache_max_size", 16384);
 
-// Enable HTTPS-Only mode
+// Enable HTTPS-Only mode (tor-browser#19850)
 pref("dom.security.https_only_mode", true);
-pref("dom.security.https_only_mode.upgrade_onion", false);
 
 // Require Safe Negotiation ( https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/27719 )
 // Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a
@@ -167,7 +156,6 @@ pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
 
 // Disable about:newtab and "first run" experiments
 pref("messaging-system.rsexperimentloader.enabled", false);
-pref("trailhead.firstrun.branches", "");
 
 // [SETTING] General>Browsing>Recommend extensions as you browse (Bug #40700)
 pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // disable CFR [FF67+]
@@ -179,6 +167,8 @@ pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false
 pref("network.trr.resolvers", "");
 
 // Disable the /etc/hosts parser
+// If true, entries from /etc/hosts will be excluded **from TRR results**.
+// Vice-versa, if it is false, TRR will override any /etc/hosts customization.
 pref("network.trr.exclude-etc-hosts", false);
 
 // Disable crlite
@@ -186,11 +176,6 @@ pref("security.pki.crlite_mode", 0);
 
 // Disable website password breach alerts
 pref("signon.management.page.breach-alerts.enabled", false);
-pref("extensions.fxmonitor.enabled", false);
-
-// Remove mobile app tracking URLs
-pref("signon.management.page.mobileAndroidURL", "");
-pref("signon.management.page.mobileAppleURL", "");
 
 // Disable remote "password recipes"
 pref("signon.recipes.remoteRecipes.enabled", false);
@@ -222,15 +207,11 @@ pref("security.remote_settings.intermediates.enabled", false);
 pref("dom.use_components_shim", false);
 // Enable letterboxing
 pref("privacy.resistFingerprinting.letterboxing", true);
-// Disable network information API everywhere. It gets spoofed in bug 1372072
-// but, alas, the behavior is inconsistent across platforms, see:
-// https://trac.torproject.org/projects/tor/ticket/27268#comment:19. We should
-// not leak that difference if possible.
+// Enforce Network Information API as disabled
 pref("dom.netinfo.enabled", false);
 pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status
 pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
 pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
-pref("network.http.referer.hideOnionSource", true);
 // Bug 40463: Disable Windows SSO
 pref("network.http.windows-sso.enabled", false);
 // Bug 40383: Disable new PerformanceEventTiming
@@ -240,6 +221,7 @@ pref("dom.textMetrics.actualBoundingBox.enabled", false);
 pref("dom.textMetrics.baselines.enabled", false);
 pref("dom.textMetrics.emHeight.enabled", false);
 pref("dom.textMetrics.fontBoundingBox.enabled", false);
+// tor-browser#40424
 pref("pdfjs.enableScripting", false);
 pref("javascript.options.large_arraybuffers", false);
 // Bug 40057: Ensure system colors are not used for CSS4 colors
@@ -251,7 +233,7 @@ pref("privacy.partition.network_state", false); // Disable for now until audit
 pref("network.cookie.cookieBehavior", 1);
 pref("network.cookie.cookieBehavior.pbmode", 1);
 pref("network.predictor.enabled", false); // Temporarily disabled. See https://bugs.torproject.org/16633
-// Bug 40177: Make sure tracker cookie purging is disabled
+// Bug 40220: Make sure tracker cookie purging is disabled
 pref("privacy.purge_trackers.enabled", false);
 
 pref("network.dns.disablePrefetch", true);
@@ -289,8 +271,8 @@ pref("network.http.http2.default-hpack-buffer", 65536, locked);
 pref("network.http.http2.websockets", false, locked);
 pref("network.http.http2.enable-hpack-dump", false, locked);
 
-// Make sure we don't have any GIO supported protocols (defense in depth
-// measure)
+// tor-browser#23044: Make sure we don't have any GIO supported protocols
+// (defense in depth measure)
 pref("network.gio.supported-protocols", "");
 pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
 // Disables media devices but only if `media.peerconnection.enabled` is set to
@@ -300,6 +282,7 @@ pref("media.navigator.enabled", false);
 // We make sure they don't show up on the Add-on panel and confuse users.
 // And the external update/donwload server must not get pinged. We apply a
 // clever solution for https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769716.
+// See tor-browser#15910.
 pref("media.gmp-provider.enabled", false);
 pref("media.gmp-manager.url.override", "data:text/plain,");
 // Since ESR52 it is not enough anymore to block pinging the GMP update/download
@@ -315,10 +298,6 @@ pref("media.gmp-widevinecdm.visible", false);
 pref("media.gmp-widevinecdm.enabled", false);
 pref("media.eme.enabled", false);
 pref("media.mediadrm-widevinecdm.visible", false);
-// WebIDE can bypass proxy settings for remote debugging. It also downloads
-// some additional addons that we have not reviewed. Turn all that off.
-pref("devtools.webide.autoinstallADBExtension", false);
-pref("devtools.webide.enabled", false);
 // The in-browser debugger for debugging chrome code is not coping with our
 // restrictive DNS look-up policy. We use "127.0.0.1" instead of "localhost" as
 // a workaround. See bug 16523 for more details.
@@ -326,7 +305,7 @@ pref("devtools.debugger.chrome-debugging-host", "127.0.0.1");
 // Disable using UNC paths (bug 26424 and Mozilla's bug 1413868)
 pref("network.file.disable_unc_paths", true);
 // Enhance our treatment of file:// to avoid proxy bypasses (see Mozilla's bug
-// 1412081)
+// 1412081 and CVE-2017-16541)
 pref("network.file.path_blacklist", "/net");
 
 // Security slider
@@ -338,19 +317,18 @@ pref("svg.context-properties.content.allowed-domains", "");
 
 // Network and performance
 pref("security.ssl.enable_false_start", true);
-pref("network.http.connection-retry-timeout", 0);
+// tor-browser#18945
 pref("network.manage-offline-status", false);
 // No need to leak things to Mozilla, see bug 21790 and tor-browser#40322
 pref("network.captive-portal-service.enabled", false);
 pref("network.connectivity-service.enabled", false);
 // As a "defense in depth" measure, configure an empty push server URL (the
 // DOM Push features are disabled by default via other prefs).
+// See tor-browser#18801.
 pref("dom.push.serverURL", "");
 
 // Extension support
 pref("extensions.autoDisableScopes", 0);
-pref("extensions.bootstrappedAddons", "{}");
-pref("extensions.checkCompatibility.4.*", false);
 pref("extensions.databaseSchema", 3);
 pref("extensions.enabledScopes", 5); // AddonManager.SCOPE_PROFILE=1 | AddonManager.SCOPE_APPLICATION=4
 pref("extensions.pendingOperations", false);
@@ -360,6 +338,7 @@ pref("extensions.pendingOperations", false);
 pref("extensions.getAddons.showPane", false);
 pref("extensions.htmlaboutaddons.recommendations.enabled", false);
 // Bug 26114: Allow NoScript to access addons.mozilla.org etc.
+// TODO: Audit again (tor-browser#41445)
 pref("extensions.webextensions.restrictedDomains", "");
 // Don't give Mozilla-recommended third-party extensions special privileges.
 pref("extensions.postDownloadThirdPartyPrompt", false);
@@ -398,11 +377,9 @@ pref("browser.share_menu.allow", false, locked);
 
 // Disable special URL bar behaviors
 pref("browser.urlbar.suggest.topsites", false);
-pref("browser.urlbar.update1.interventions", false);
-pref("browser.urlbar.update1.searchTips", false);
 
 // Skip checking omni.ja and other files for corruption since the result
-// is only reported via telemetry (which is disabled).
+// is only reported via telemetry (which is disabled). See tor-browser#40048.
 pref("corroborator.enabled", false);
 
 // Onboarding.

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
