[tbb-commits] [tor-browser] 03/06: fixup! Firefox preference overrides.

gitolite role git at cupani.torproject.org
Thu Nov 17 13:07:47 UTC 2022 

This is an automated email from the git hooks/post-receive script.

pierov pushed a commit to branch tor-browser-102.4.0esr-12.0-2
in repository tor-browser.

commit 71f0c55b610b797a430c38ea10e7502fca765791
Author: Pier Angelo Vendrame <pierov at torproject.org>
AuthorDate: Tue Nov 15 15:41:12 2022 +0100

    fixup! Firefox preference overrides.
    
    Less trivial changes (e.g., defense in depth, or things that were not
    that obvious).
---
 browser/app/profile/001-base-profile.js | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/browser/app/profile/001-base-profile.js b/browser/app/profile/001-base-profile.js
index 86684930e896..038fb91a2c11 100644
--- a/browser/app/profile/001-base-profile.js
+++ b/browser/app/profile/001-base-profile.js
@@ -103,15 +103,23 @@ pref("datareporting.policy.dataSubmissionEnabled", false);
 // Make sure Unified Telemetry is really disabled, see: #18738.
 pref("toolkit.telemetry.unified", false);
 pref("toolkit.telemetry.enabled", false);
+pref("toolkit.telemetry.archive.enabled", false);
 pref("toolkit.telemetry.updatePing.enabled", false); // Make sure updater telemetry is disabled; see #25909.
 #ifdef XP_WIN
 // Defense-in-depth: ensure that the Windows default browser agent will
 // not ping Mozilla if it is somehow present (we omit it at build time).
 pref("default-browser-agent.enabled", false);
 #endif
-pref("identity.fxaccounts.enabled", false); // Disable sync by default
-pref("services.sync.engine.prefs", false); // Never sync prefs, addons, or tabs with other browsers
+// Disable sync by default
+pref("identity.fxaccounts.enabled", false);
+// Never sync with other browsers
 pref("services.sync.engine.addons", false);
+pref("services.sync.engine.addresses", false);
+pref("services.sync.engine.bookmarks", false);
+pref("services.sync.engine.creditcards", false);
+pref("services.sync.engine.history", false);
+pref("services.sync.engine.passwords", false);
+pref("services.sync.engine.prefs", false);
 pref("services.sync.engine.tabs", false);
 pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
 pref("browser.newtabpage.enabled", false);
@@ -145,6 +153,7 @@ pref("extensions.webcompat-reporter.enabled", false);
 // Disable use of WiFi location information
 pref("browser.region.network.scan", false);
 pref("browser.region.network.url", "");
+pref("browser.region.local-geocoding", false);
 // Bug 40083: Make sure Region.jsm fetching is disabled
 pref("browser.region.update.enabled", false);
 
@@ -156,6 +165,8 @@ pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
 
 // Disable about:newtab and "first run" experiments
 pref("messaging-system.rsexperimentloader.enabled", false);
+// true means that you are *not* opting out. See its usage in various file.
+pref("app.shield.optoutstudies.enabled", false);
 
 // [SETTING] General>Browsing>Recommend extensions as you browse (Bug #40700)
 pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // disable CFR [FF67+]
@@ -164,7 +175,7 @@ pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
 pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); // disable CFR [FF67+]
 
 // Clear the list of trusted recursive resolver services
-pref("network.trr.resolvers", "");
+pref("network.trr.default_provider_uri", "");
 
 // Disable the /etc/hosts parser
 // If true, entries from /etc/hosts will be excluded **from TRR results**.
@@ -185,6 +196,7 @@ pref("dom.serviceWorkers.enabled", false);
 pref("dom.push.enabled", false);
 
 // Fingerprinting
+pref("privacy.resistFingerprinting", true);
 pref("webgl.disable-fail-if-major-performance-caveat", true);
 pref("webgl.enable-webgl2", false);
 pref("browser.startup.homepage_override.buildID", "20100101");
@@ -192,7 +204,6 @@ pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in
 // Set video VP9 to 0 for everyone (bug 22548)
 pref("media.benchmark.vp9.threshold", 0);
 pref("dom.enable_resource_timing", false); // Bug 13024: To hell with this API
-pref("privacy.resistFingerprinting", true);
 pref("privacy.resistFingerprinting.block_mozAddonManager", true); // Bug 26114
 pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API
 pref("dom.webmidi.enabled", false); //  Bug 41398: Disable Web MIDI API
@@ -210,6 +221,7 @@ pref("privacy.resistFingerprinting.letterboxing", true);
 // Enforce Network Information API as disabled
 pref("dom.netinfo.enabled", false);
 pref("network.http.referer.defaultPolicy", 2); // Bug 32948: Make referer behavior consistent regardless of private browing mode status
+pref("network.http.referer.defaultPolicy.pbmode", 2);
 pref("network.http.referer.XOriginTrimmingPolicy", 2); // Bug 17228: Force trim referer to scheme+host+port in cross-origin requests
 pref("media.videocontrols.picture-in-picture.enabled", false); // Bug 40148: disable until audited in #40147
 // Bug 40463: Disable Windows SSO
@@ -237,6 +249,7 @@ pref("network.predictor.enabled", false); // Temporarily disabled. See https://b
 pref("privacy.purge_trackers.enabled", false);
 
 pref("network.dns.disablePrefetch", true);
+pref("network.dns.disablePrefetchFromHTTPS", true);
 pref("network.protocol-handler.external-default", false);
 pref("network.protocol-handler.external.mailto", false);
 pref("network.protocol-handler.external.news", false);

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the tbb-commits mailing list