Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToDo: diffs FF99-FF100 #1439

Closed
2 tasks done
earthlng opened this issue May 3, 2022 · 10 comments
Closed
2 tasks done

ToDo: diffs FF99-FF100 #1439

earthlng opened this issue May 3, 2022 · 10 comments
Labels
diffs enhancement task

Comments

@earthlng
Copy link
Contributor

earthlng commented May 3, 2022
edited by Thorin-Oakenpants

FF100 is scheduled for release May 3rd

FF100 release notes
FF100 for developers
FF100 security advisories

104 diffs ( 46 new, 36 gone, 22 different )

new in v100.0:

  • pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", false); - 1734328 - 6a3b8a0
  • FYI
    • pref("network.cookie.noPersistentStorage", false); - 1675829 - do not use: this is for internal use e.g. background update agent
    • pref("widget.windows.overlay-scrollbars.enabled", true); // fyi for visibility: fingerprinting

removed, renamed or hidden in v100.0:

  • 7009 - 1752621 - replaced by network.http2.http2* prefs - c278dd2
    • pref("network.http.spdy.enabled", true);
    • pref("network.http.spdy.enabled.deps", true);
    • pref("network.http.spdy.enabled.http2", true);
    • pref("network.http.spdy.websockets", true);

changed in v100.0:

  • 7016 pref("network.http.referer.disallowCrossSiteRelaxingDefault", true); // prev: false - 1734328
  • 1224 pref("security.pki.crlite_mode", 3); // prev: 1
  • FYI
    • pref("browser.contentblocking.features.strict", "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,lvl2,rp,rpTop,ocsp");
    • // prev: "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,lvl2,rp,ocsp"
    • New: rpTop - Restrict relaxing default referrer policy for top navigation
  • FYI
    • pref("intl.multilingual.aboutWelcome.languageMismatchEnabled", true); // prev: false - 1740067 1755519
    • pref("intl.multilingual.liveReload", true); // prev: false ... 22 years - 62174
    • pref("network.process.enabled", true); // prev: false FF66 1513057, FF100 1763207
    • pref("widget.gtk.overlay-scrollbars.enabled", true); // prev: false // // fyi for visibility: fingerprinting

ignore

click me for details

==NEW

pref("browser.history.wireframeAreaThreshold", 50);
pref("browser.promo.focus.disallowed_regions", "cn");
pref("browser.promo.focus.enabled", true);
pref("browser.shell.setDefaultPDFHandler.onlyReplaceBrowsers", true);
pref("dom.origin-trials.enabled", false);
pref("dom.origin-trials.test-key.enabled", false);
pref("editor.initialize_element_before_connect", true);
pref("extensions.formautofill.creditCards.heuristics.confidenceThreshold", "0.5");
pref("extensions.formautofill.creditCards.heuristics.mode", 0);
pref("extensions.InstallTrigger.enabled", true);
pref("extensions.InstallTriggerImpl.enabled", true);
pref("gfx.webgpu.force-enabled", false);
pref("gfx.webrender.dcomp-video-overlay-win-force-enabled", false);
pref("gfx.webrender.dcomp-video-vp-scaling-win", true);
pref("javascript.options.wasm_exceptions", true);
  // ^ https://github.com/WebAssembly/exception-handling
pref("layout.css.container-queries.enabled", false);
pref("layout.css.content-visibility.enabled", false);
  // ^ https://www.w3.org/TR/css-contain-2/#content-visibility
pref("layout.css.overflow-moz-hidden-unscrollable.enabled", true);
pref("layout.selectanchor", false);
pref("media.rdd-process.max-crashes", 2);
pref("media.webrtc.platformencoder.sw_mft", false);
pref("media.wmf.av1.enabled", true);
pref("media.wmf.no-copy-nv12-textures", false);
pref("network.dns.port_prefixed_qname_https_rr", false);
pref("network.http.http2.allow-push", true);
pref("network.http.http2.chunk-size", 16000);
pref("network.http.http2.coalesce-hostnames", true);
pref("network.http.http2.default-concurrent", 100);
pref("network.http.http2.default-hpack-buffer", 65536);
pref("network.http.http2.enable-hpack-dump", false);
pref("network.http.http2.enabled", true);
pref("network.http.http2.enabled.deps", true);
pref("network.http.http2.enforce-tls-profile", true);
pref("network.http.http2.persistent-settings", false);
pref("network.http.http2.ping-threshold", 58);
pref("network.http.http2.ping-timeout", 8);
pref("network.http.http2.pull-allowance", 12582912);
pref("network.http.http2.push-allowance", 131072);
pref("network.http.http2.send-buffer-size", 131072);
pref("network.http.http2.timeout", 170);
pref("network.http.http2.websockets", true);
pref("network.http.referer.disallowCrossSiteRelaxingDefault.pbmode.top_navigation", true);
pref("widget.windows.hide_cursor_when_typing", false);

==REMOVED, RENAMED or HIDDEN

pref("browser.contentblocking.state-partitioning.mvp.ui.enabled", true);
pref("browser.sessionstore.max_write_failures", 5);
pref("devtools.enabled", true);
pref("devtools.theme.show-auto-theme-info", true);
pref("dom.events.asyncClipboard", true);
pref("dom.IntersectionObserver.enabled", true);
pref("dom.IntersectionObserverExplicitDocumentRoot.enabled", true);
pref("dom.ipc.processCount.webLargeAllocation", 10);
pref("dom.largeAllocation.forceEnable", false);
pref("dom.largeAllocationHeader.enabled", true);
pref("general.useragent.forceVersion100", false);
pref("general.useragent.handledVersionExperimentEnrollment", false);
pref("layout.css.moz-locale-dir.content.enabled", false);
pref("layout.css.moz-lwtheme.content.enabled", false);
pref("mathml.xlink.disabled", true);
pref("network.http.spdy.allow-push", true);
pref("network.http.spdy.chunk-size", 16000);
pref("network.http.spdy.coalesce-hostnames", true);
pref("network.http.spdy.default-concurrent", 100);
pref("network.http.spdy.default-hpack-buffer", 65536);
pref("network.http.spdy.enable-hpack-dump", false);
pref("network.http.spdy.enforce-tls-profile", true);
pref("network.http.spdy.persistent-settings", false);
pref("network.http.spdy.ping-threshold", 58);
pref("network.http.spdy.ping-timeout", 8);
pref("network.http.spdy.pull-allowance", 12582912);
pref("network.http.spdy.push-allowance", 131072);
pref("network.http.spdy.send-buffer-size", 131072);
pref("network.http.spdy.timeout", 170);
pref("security.onecrl.maximum_staleness_in_seconds", 108000);
pref("security.secure_connection_icon_color_gray", true);
pref("widget.windows.overlay_scrollbars.enabled", false);

==CHANGED

pref("browser.contentblocking.report.vpn_regions", "as,at,be,ca,ch,de,es,fi,fr,gb,gg,ie,im,io,it,je,mp,my,nl,nz,pr,se,sg,uk,um,us,vg,vi"); // prev: "at,be,ca,ch,de,fr,ie,it,my,nl,nz,sg,es,gb,us"
pref("browser.soft_reload.only_force_validate_top_level_document", true); // prev: false
  // ^ nice: https://bugzilla.mozilla.org/show_bug.cgi?id=1468476#c56
pref("browser.startup.upgradeDialog.enabled", true); // prev: false
pref("dom.streams.pipeTo.enabled", true); // prev: false
pref("dom.streams.readable_stream_default_controller.enabled", true); // prev: false
pref("dom.streams.readable_stream_default_reader.enabled", true); // prev: false
pref("dom.streams.writable_streams.enabled", true); // prev: false
  // ^ https://developer.mozilla.org/en-US/docs/Web/API/Streams_API
pref("extensions.formautofill.creditCards.supportedCountries", "US,CA,GB,FR,DE"); // prev: "US,CA,UK,FR,DE"
pref("gfx.offscreencanvas.domain-allowlist", "*.zoom.us,zoom.us"); // prev: "*.zoom.us"
pref("gfx.webrender.dcomp-video-overlay-win", true); // prev: false
pref("gfx.webrender.dcomp-video-yuv-overlay-win", true); // prev: false
pref("javascript.options.wasm_caching", false); // prev: true
pref("layout.css.grid-item-baxis-measurement.enabled", true); // prev: false
pref("media.ffmpeg.customized-buffer-allocation", true); // prev: false
pref("media.peerconnection.mtransport_process", true); // prev: false
@earthlng
Copy link
Contributor Author

earthlng commented May 3, 2022

some bugzilla tickets

  • browser.contentblocking.features.strict
    Bug 1734328 - Part 4: Add disallow relaxing referrer policies for top navigation to the ETP strict list.
    Bug 1664995 - Part 4: Enable OCSP partiitoning in strict mode.

  • browser.contentblocking.report.vpn_regions
    Bug 1759476 - Add Sweden and Finland to default list of VPN supported regions preference
    Bug 1747149 - Consolidate logic for when to show VPN promo and add BrowserUtils test
    Bug 1747149 - Consolidate logic for when to show VPN promo and add BrowserUtils tests

  • browser.contentblocking.state-partitioning.mvp.ui.enabled
    Bug 1685575 - Removing browser.contentblocking.state-partitioning.mvp.ui.enabled because it’s always set to true.

  • browser.history.wireframeAreaThreshold
    Bug 1749576 - Make the wireframe structure more space efficient and add a versioning member.

  • browser.promo.focus.disallowed_regions
    Bug 1760364 - implement shouldShowFocusPromo,

  • browser.promo.focus.enabled
    Bug 1760364 - implement shouldShowFocusPromo,

  • browser.sessionstore.max_write_failures
    Bug 1752853 - Stop using a worker to write session store.

  • browser.shell.setDefaultPDFHandler.onlyReplaceBrowsers
    Bug 1761504 - Add setDefaultPDFHandlerOnlyReplaceBrowsers Nimbus feature.

  • browser.soft_reload.only_force_validate_top_level_document
    Bug 1752558 - Enable browser.soft_reload.only_force_validate_top_level_document in all channels
    Bug 1752152 - Enable browser.soft_reload.only_force_validate_top_level_document in EARLY_BETA_OR_EARLIER

  • browser.startup.upgradeDialog.enabled
    Bug 1762263 - Add upgrade message on 100 major upgrade with single thank you (3 potential actions)
    Bug 1738073 - Remove Colorways onboarding when MR2 Colorways expire
    Bug 1740623 - Adjust MR2 upgrade spotlight content
    Bug 1740819 - Turn off MR2 onboarding in Fx95

  • devtools.theme.show-auto-theme-info
    Bug 1761356 - Remove devtools auto theme notification.
    Bug 1735359 - [devtools] Enable DevTools auto theme by default

  • dom.events.asyncClipboard
    Bug 1761978 - Get rid of pref dom.events.asyncClipboard;

  • dom.IntersectionObserver.enabled
    Bug 1760965 - Remove IntersectionObserver prefs that have been enabled by default for a long time.

  • dom.IntersectionObserverExplicitDocumentRoot.enabled
    Bug 1760965 - Remove IntersectionObserver prefs that have been enabled by default for a long time.

  • dom.ipc.processCount.webLargeAllocation
    Bug 1598759 - Remove support for Large-Allocation HTTP header.

  • dom.origin-trials.enabled
    Bug 1759421 - Disable origin trials for now.
    Bug 1756500 - Implement key verification for origin trials.

  • dom.origin-trials.test-key.enabled
    Bug 1759421 - Disable origin trials for now.
    Bug 1756500 - Implement key verification for origin trials.

  • dom.streams.pipeTo.enabled
    Bug 1759597 - Enable WritableStreams and pipeTo by default
    Bug 1734241 - Implement ReadableStream.pipeTo.

  • dom.streams.readable_stream_default_controller.enabled
    Bug 1759605 - Expose missing ReadableStream interfaces (as defined by WebIDL)
    Bug 1750284 - Rename stream feature exposure prefs

  • dom.streams.readable_stream_default_reader.enabled
    Bug 1759605 - Expose missing ReadableStream interfaces (as defined by WebIDL)
    Bug 1750284 - Rename stream feature exposure prefs

  • dom.streams.writable_streams.enabled
    Bug 1759597 - Enable WritableStreams and pipeTo by default

  • editor.initialize_element_before_connect
    Bug 1742933 - part 11: Create a pref to get back the traditional behavior

  • extensions.formautofill.creditCards.heuristics.confidenceThreshold
    Bug 1681985 - P5. Support calling fathom ruleset in both c++ and js

  • extensions.formautofill.creditCards.heuristics.mode
    Bug 1681985 - P5. Support calling fathom ruleset in both c++ and js

  • extensions.formautofill.creditCards.supportedCountries
    Bug 1762649 - Fix credit card supported countries to use 'GB' code instead of 'UK'.
    Bug 1745973 - Add UK, FR, DE to credit card autofill supported countries pref.
    Bug 1745248 - Allow each autofill feature to detect if it should be enabled depending on search region.

  • extensions.InstallTrigger.enabled
    Bug 1754441 - Add prefs to control InstallTrigger/InstallTriggerImpl visibility.

  • extensions.InstallTriggerImpl.enabled
    Bug 1754441 - Add prefs to control InstallTrigger/InstallTriggerImpl visibility.

  • general.useragent.forceVersion100
    Bug 1731523 - Part 2: Remove "Firefox 100" Nimbus experiment code.
    Bug 1748798 - Add 'forceVersion100' pref to make user testing of Firefox 100 UA string easier.

  • general.useragent.handledVersionExperimentEnrollment
    Bug 1731523 - Part 2: Remove "Firefox 100" Nimbus experiment code.
    Bug 1748798 - Add 'forceVersion100' pref to make user testing of Firefox 100 UA string easier.

  • gfx.offscreencanvas.domain-allowlist
    Bug 1763801 - Enable OffscreenCanvas on zoom.us without subdomains.
    Bug 1751721 - Add Zoom to the OffscreenCanvas domain allowlist and turn it on for users.

  • gfx.webgpu.force-enabled
    Bug 1760663 - Add blocklist support for WebGPU.

  • gfx.webrender.dcomp-video-overlay-win
    Bug 1760724 - Let video overlay ride the trains to release on intel GPU on Windows
    Bug 1758601 - Enable YUV video overlay on Window on nightly

  • gfx.webrender.dcomp-video-overlay-win-force-enabled
    Bug 1760724 - Let video overlay ride the trains to release on intel GPU on Windows

  • gfx.webrender.dcomp-video-vp-scaling-win
    Bug 1667303 - video scaling at VideoProcessor for overlay video if possible

  • gfx.webrender.dcomp-video-yuv-overlay-win
    Bug 1758601 - Enable YUV video overlay on Window on nightly

  • intl.multilingual.aboutWelcome.languageMismatchEnabled
    Bug 62174 - Enable preferences for live language reloading;
    Bug 62174 - Refactor and document the preferences for multi-lingual;
    Bug 1755519 - Add language switching to about:welcome;

  • intl.multilingual.liveReload
    Bug 62174 - Enable preferences for live language reloading;
    Bug 62174 - Refactor and document the preferences for multi-lingual;
    Bug 1740067 - Add live language reloading;

  • javascript.options.wasm_caching
    Bug 1762619 - wasm: Disable code caching.

  • javascript.options.wasm_exceptions
    Bug 1759217 - wasm: Let exception-handling ride the trains.
    Bug 1750040 - wasm: Enable wasm exception handling in nightly.

  • layout.css.container-queries.enabled
    Bug 1762088 - Implement parsing / serialization for container{,-type,-name} CSS properties.

  • layout.css.content-visibility.enabled
    Bug 1759130 - Add support for parsing the content-visibility property from the CSS Contain specification

  • layout.css.grid-item-baxis-measurement.enabled
    Bug 1732082 - Enable layout.css.grid-item-baxis-measurement.enabled in all channels
    Bug 1757025 - Enable layout.css.grid-item-baxis-measurement.enabled in EARLY_BETA_OR_EARLIER

  • layout.css.moz-locale-dir.content.enabled
    Bug 1760579 - layout.css.moz-locale-dir.content.enabled.

  • layout.css.moz-lwtheme.content.enabled
    Bug 1760342 - Remove :-moz-lwtheme-{brighttext,darktext}.

  • layout.css.overflow-moz-hidden-unscrollable.enabled
    Bug 1760734 - Put overflow: -moz-hidden-unscrollable behind a pref on Nightly.

  • layout.selectanchor
    Bug 277178 - Move focus to a fragment identifier (#fragment) if it's focusable.

  • mathml.xlink.disabled
    Bug 1762109 - Make the XLink setup a bit saner.

  • media.ffmpeg.customized-buffer-allocation
    Bug 1757436 - turn on the pref 'media.ffmpeg.customized-buffer-allocation' by default.

  • media.peerconnection.mtransport_process
    Bug 1763207: Enable webrtc socket process by default on release.

  • media.rdd-process.max-crashes
    Bug 1761942 [RDD] Limit maximal number of RDD process restarts

  • media.webrtc.platformencoder.sw_mft
    Bug 1741244 - p1: support software MFT video encoders.

  • media.wmf.av1.enabled
    Bug 1652945 - Added support for the Windows Media Foundation AV1 decoder for hardware decoding.

  • media.wmf.no-copy-nv12-textures
    Bug 1723207 - Avoid copying hardware decoded video data if possible on Windows

  • network.cookie.noPersistentStorage
    Bug 1675829 - Allow disabling the cookie database in the profile with network.cookie.noPersistentStorage.

  • network.dns.port_prefixed_qname_https_rr
    Bug 1755902 - P2: Support port-prefixed query for HTTPS RR,

  • network.http.http2.allow-push
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.http2.default-concurrent
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.http2.default-hpack-buffer
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.http2.enabled
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.http2.push-allowance
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.referer.disallowCrossSiteRelaxingDefault
    Bug 1761826 - Enable disallowing relaxing referrer policies.
    Bug 1734328 - Part 1: Add prefs to control whether we ignore the less restricted referrer policies for top navigations.
    Bug 1727505 - Part 1: Enable restrict relaxing default referrer policy in ETP strict mode and private browsing mode.

  • network.http.referer.disallowCrossSiteRelaxingDefault.pbmode.top_navigation
    Bug 1734328 - Part 1: Add prefs to control whether we ignore the less restricted referrer policies for top navigations.

  • network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation
    Bug 1734328 - Part 1: Add prefs to control whether we ignore the less restricted referrer policies for top navigations.

  • network.http.spdy.allow-push
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.chunk-size
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.coalesce-hostnames
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.default-concurrent
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.default-hpack-buffer
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.enabled
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.enabled.deps
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.enabled.http2
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.enable-hpack-dump
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.enforce-tls-profile
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.persistent-settings
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.ping-threshold
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.ping-timeout
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.pull-allowance
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.push-allowance
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.send-buffer-size
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.timeout
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • network.http.spdy.websockets
    Bug 1752621 - Improve http/2 prefs: changing spdy prefs to http2, making them static prefs and updating the tests.

  • security.onecrl.maximum_staleness_in_seconds
    Bug 1735386 - adjust revocation checking for EV certificate intermediates to match Baseline Requirements

  • security.pki.crlite_mode
    Bug 1761109 - Make check-revocations mode the default CRLite mode.
    Bug 1747320 - Only query CRLite on covered certificates.
    Bug 1683525 - set CRLite back to telemetry-only mode

  • security.secure_connection_icon_color_gray
    Bug 1756609 - Remove security.secure_connection_icon_color_gray pref.

  • widget.gtk.overlay-scrollbars.enabled
    Bug 1761690 - Let overlay scrollbars on GTK ride the trains.
    Bug 1755457 - Fix build bustage related to StaticPrefList.yaml.
    Bug 1147847 - Enable GTK overlay scrollbars on Nightly and Early Beta.
    Bug 1147847 - Allow users to enable overlay scrollbars on Linux from about:preferences.

  • widget.windows.hide_cursor_when_typing
    Bug 1757463: Support "Hide pointer while typing" on Windows

  • widget.windows.overlay_scrollbars.enabled
    Bug 1761690 - Let Windows 11 overlay scrollbars ride the trains.
    Bug 1757647 - Implement Windows 11 overlay scrollbars.

  • widget.windows.overlay-scrollbars.enabled
    Bug 1761690 - Let Windows 11 overlay scrollbars ride the trains.

@rusty-snake
Copy link
Contributor

rusty-snake commented May 3, 2022
edited by Thorin-Oakenpants

edited for readability

pref("browser.contentblocking.features.strict",
   "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,lvl2,rp,rpTop,ocsp");
// prev: "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,lvl2,rp,ocsp"

New: rpTop
Description: Restrict relaxing default referrer policy for top navigation

@fxbrit
Copy link
Collaborator

fxbrit commented May 3, 2022 

pref("security.pki.crlite_mode", 3); // prev: 1

finally crlite is a default for everyone (🥳) plus they're doing double checks to avoid false positives, maybe worth uniforming in AF as well?

pref("intl.multilingual.liveReload", true); // prev: false

more good stuff.

@Thorin-Oakenpants
Copy link
Contributor

maybe worth uniforming in AF as well?

uniforming? I am more than happy to stick with mode 2. Plus FF101 now sanitizes entries older than 10 days.

@fxbrit
Copy link
Collaborator

fxbrit commented May 3, 2022

I am more than happy to stick with mode 2.

why tho? it would be one less flip and it's doing double checks on revoked certs only. there's also possibly some usability to gain here but I guess false positives are kinda rare, so that doesn't count much.

@Thorin-Oakenpants
Copy link
Contributor

so it doesn't count much, good, we're in agreement.

Is it doing "double revoked checks" - I mean if it's not revoked in crlite, in mode 2 does it fall back to OSCP to check it? You're the network nerd ... test it for us

And if crlite returns revoked, does this not save contacting an OSCP (which can be a privacy gain IMO)?

@fxbrit
Copy link
Collaborator

fxbrit commented May 3, 2022
edited

I mean if it's not revoked in crlite, in mode 2 does it fall back to OSCP to check it?

nope, mode 2 and 3 do not fall back to ocsp if crlite can verify that the website is good (meaning it covers the entry and the cert is not revoked).

And if crlite returns revoked, does this not save contacting an OSCP (which can be a privacy gain IMO)?

yes, but since there were some issues with certs that appeared revoked in crlite when they actually weren't (1683525#c21), they decided to go for cooperation to keep privacy and speed for most checks, while keeping usability for the corner cases.

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented May 3, 2022
edited

^ "but I guess false positives are kinda rare, so that doesn't count much"

make up your mind :) I am happy with mode 2. This is right up AF's alley ... improved privacy gain (by removing a third party, but unlikely that it's being used against you) vs some possible breakage (not seen any yet) and it reduces all those OSCP errors people get when the observatory is down or their ISP is an ass (or whatever it is that triggers that shit) - because we hard fail

@Thorin-Oakenpants
Copy link
Contributor

bugzillas for network.process.enabled added as FYI

@earthlng in case you want to tweak your data grabbing script, you got the pref flip but there was no bugzilla listed - IDK what/how you parse - patch = https://phabricator.services.mozilla.com/D142988

@Thorin-Oakenpants
Copy link
Contributor

FYI: marked for visibility + fingerprinting

  • widget.windows.overlay-scrollbars.enabled
  • widget.gtk.overlay-scrollbars.enabled

note: there is also an old macOS pref which can be forced or respect OS settings. And of course android uses overlay scrollbars

not exactly the right prefs (at least on windows), and we can await RFP to enforce overlay scrollbars on all platforms - mainly to reduce the plethora of results on linux - I think the pref to use is ui.useOverlayScrollbars

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue May 9, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
diffs enhancement task
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Thorin-Oakenpants @earthlng @fxbrit @rusty-snake