Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToDo: diffs FF100-FF101 #1461

Closed
earthlng opened this issue Jun 5, 2022 · 17 comments
Closed

ToDo: diffs FF100-FF101 #1461

earthlng opened this issue Jun 5, 2022 · 17 comments
Labels
diffs enhancement task

Comments

@earthlng
Copy link
Contributor

earthlng commented Jun 5, 2022
edited by Thorin-Oakenpants

FF101 is scheduled for release May 31st

FF101 release notes
FF101 for developers
FF101 security advisories

65 diffs ( 37 new, 13 gone, 15 different )

new in v101.0:

  • FYI
    • 2654 pref("browser.download.always_ask_before_handling_new_types", false); - 1747343
    • pref("dom.block_external_protocol_navigation_from_sandbox", false); - ships in FF102
    • pref("dom.enable_web_task_scheduling", false); - see this article
pref("browser.places.snapshots.expiration.days", 210);
pref("browser.places.snapshots.expiration.userManaged.days", 420);

changed in v101.0:

  • FYI
    • pref("privacy.restrict3rdpartystorage.expiration_redirect", 2592000); // prev: 900 (15mins) now 30 days
      • 1761207#c0

      • we give the full expiration time to other window open heuristics. So, keeping the expiration time of the redirect heuristic short doesn't really give us privacy benefits. Therefore, we should extend the expiration time as same as other heuristics

ignore

click me for details

==NEW

pref("browser.newtabpage.activity-stream.hideTopSitesWithSearchParam", "mfadid=adm");
pref("browser.snapshots.source.CommonReferrer", 3);
pref("browser.snapshots.source.Overlapping", 3);
pref("browser.urlbar.quicksuggest.blockingEnabled", false);
pref("browser.urlbar.quicksuggest.impressionCaps.nonSponsoredEnabled", false);
pref("browser.urlbar.quicksuggest.impressionCaps.sponsoredEnabled", false);
pref("browser.theme.colorway-closet", false);
pref("devtools.inspector.draggable_properties", true);
pref("dom.input.showPicker", true);
pref("dom.origin-trials.test-trial.state", 0);
pref("extensions.eventPages.enabled", false);
pref("extensions.manifestV3.enabled", false);
pref("fission.enforceBlocklistedPrefsInSubprocesses", false);
pref("fission.omitBlocklistedPrefsInSubprocesses", false);
pref("gfx.canvas.accelerated.profile-cache-miss-ratio", "0.66");
pref("gfx.canvas.accelerated.profile-fallback-ratio", "0.3");
pref("gfx.canvas.accelerated.profile-frames", 10);
pref("layout.accessiblecaret.magnifier.enabled", false);
pref("media.gmp-manager.checkContentSignature", true);
pref("media.utility-ffvpx.enabled", true);
pref("media.utility-opus.enabled", true);
pref("media.utility-process.enabled", false);
pref("media.utility-vorbis.enabled", true);
pref("media.utility-wav.enabled", true);
pref("media.utility-wmf.enabled", true);
pref("media.video.dropped_frame_stats.enabled", true);
pref("media.videocontrols.picture-in-picture.display-text-tracks.size", "medium");
pref("media.wmf.no-copy-nv12-textures-force-enabled", false);
pref("mozilla.widget.raise-on-setfocus", true);
pref("print.prefer_system_dialog", false);
pref("widget.swipe.whole-page-pixel-size", "1100.0");
pref("widget.transparent-windows", true);

==REMOVED, RENAMED or HIDDEN

pref("browser.flash-protected-mode-flip.done", false);
pref("browser.flash-protected-mode-flip.enable", false);
pref("browser.snapshots.score.InNavigation", 3);
pref("browser.snapshots.score.IsOverlappingVisit", 3);
pref("canvas.mozgetasfile.enabled", false);
pref("devtools.debugger.features.skip-pausing", true);
pref("dom.forms.datetime-local", true);
pref("dom.forms.datetime-local.widget", true);
pref("dom.input.dirpicker", false);
pref("dom.ipc.plugins.flash.disable-protected-mode", false);
pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", true);
pref("remote.force-local", true);
pref("security.pki.name_matching_mode", 3);

==CHANGED

pref("browser.startup.upgradeDialog.enabled", false); // prev: true
pref("dom.window.content.untrusted.enabled", false); // prev: true
  // ^ https://groups.google.com/g/mozilla.dev.platform/c/Tmbs-wFwHzo
pref("javascript.options.wasm_simd_avx", true); // prev: false
pref("layout.css.constructable-stylesheets.enabled", true); // prev: false
pref("layout.css.prefers-contrast.enabled", true); // prev: false
pref("media.videocontrols.picture-in-picture.audio-toggle.enabled", true); // prev: false
pref("media.videocontrols.picture-in-picture.display-text-tracks.enabled", true); // prev: false
pref("media.webrtc.platformencoder", false); // prev: true
pref("media.wmf.no-copy-nv12-textures", true); // prev: false
pref("network.http.http2.websockets", false); // prev: true
pref("remote.active-protocols", 3); // prev: 2
pref("security.sandbox.content.win32k-disable", true); // prev: false
pref("widget.swipe.success-threshold", "0.25"); // prev: "0.5"
pref("widget.windows.hide_cursor_when_typing", true); // prev: false
@earthlng
Copy link
Contributor Author

earthlng commented Jun 5, 2022

some bugzilla tickets

  • browser.download.always_ask_before_handling_new_types
    Bug 1747343 - Add pref to set default action for new mimetypes.

  • browser.flash-protected-mode-flip.done
    Bug 1762909 - Remove dead Adobe Flash hang code in BrowserGlue

  • browser.flash-protected-mode-flip.enable
    Bug 1762909 - Remove dead Adobe Flash hang code in BrowserGlue

  • browser.newtabpage.activity-stream.hideTopSitesWithSearchParam
    Bug 1768533 - Use the finalized query parameter when excluding AMP URLs from appearing as tiles on the new tab page.
    Bug 1768529 - Exclude URLs with a particular search param from appearing as tiles on the new-tab page.

  • browser.places.snapshots.expiration.days
    Bug 1763577 - MR2-426 - Implement initial snapshots expiration.

  • browser.places.snapshots.expiration.userManaged.days
    Bug 1763577 - MR2-426 - Implement initial snapshots expiration.

  • browser.snapshots.score.InNavigation
    Bug 1761932: Call recommendation sources in parallel and apply source-specific weights.
    Bug 1741868 - Add a scorer for scoring snapshots based on a relevancy score.

  • browser.snapshots.score.IsOverlappingVisit
    Bug 1761932: Call recommendation sources in parallel and apply source-specific weights.
    Bug 1741868 - Add a scorer for scoring snapshots based on a relevancy score.

  • browser.snapshots.source.CommonReferrer
    Bug 1761932: Call recommendation sources in parallel and apply source-specific weights.

  • browser.snapshots.source.Overlapping
    Bug 1761932: Call recommendation sources in parallel and apply source-specific weights.

  • browser.startup.upgradeDialog.enabled
    Bug 1763666 - Revert various changes back to before Fx100 onboarding
    Bug 1762263 - Add upgrade message on 100 major upgrade with single thank you (3 potential actions)
    Bug 1738073 - Remove Colorways onboarding when MR2 Colorways expire
    Bug 1740623 - Adjust MR2 upgrade spotlight content
    Bug 1740819 - Turn off MR2 onboarding in Fx95

  • browser.theme.colorway-closet
    Bug 1767010 - Introduce browser.theme.colorway-closet pref.

  • browser.urlbar.quicksuggest.blockingEnabled
    Bug 1761055 - Implement support for blocking usual non-best-match Firefox Suggest suggestions.

  • browser.urlbar.quicksuggest.impressionCaps.nonSponsoredEnabled
    Bug 1761052 - Implement remotely configurable frequency capping for Suggest suggestions.

  • browser.urlbar.quicksuggest.impressionCaps.sponsoredEnabled
    Bug 1761052 - Implement remotely configurable frequency capping for Suggest suggestions.

  • canvas.mozgetasfile.enabled
    Bug 1619574 - Remove HTMLCanvasElement::MozGetAsFile

  • devtools.inspector.draggable_properties
    Bug 1764077 - [devtools] Add an option to disable 'drag to update' feature in Rule View

  • dom.block_external_protocol_navigation_from_sandbox
    Bug 1735746 - Add a pref and limit external protocol sandbox blocking to Nightly.

  • dom.enable_web_task_scheduling
    Bug 1734997 - Prototype the Prioritized Task Scheduling API

  • dom.forms.datetime-local
    Bug 1766395 - Remove dom.forms.datetime-local prefs.

  • dom.forms.datetime-local.widget
    Bug 1766395 - Remove dom.forms.datetime-local prefs.

  • dom.input.dirpicker
    Bug 1760560 - Remove directory upload API;

  • dom.input.showPicker
    Bug 1745005 - Add showPicker() to <input> elements.

  • dom.ipc.plugins.flash.disable-protected-mode
    Bug 1762909 - Remove dead Adobe Flash hang code in BrowserGlue

  • dom.ipc.plugins.flash.subprocess.crashreporter.enabled
    Bug 1762909 - Remove dead Adobe Flash hang code in BrowserGlue

  • dom.origin-trials.test-trial.state
    Bug 1766691 - Add a pref per origin trial.

  • dom.window.content.untrusted.enabled
    Bug 1764339 - Turn dom.window.content.untrusted.enabled off on release.

  • extensions.eventPages.enabled
    Bug 1765316 - Explicitly set 'extensions.manifestV3.enabled' and 'extensions.eventPages.enabled' to false at toolkit level.

  • extensions.manifestV3.enabled
    Bug 1765316 - Explicitly set 'extensions.manifestV3.enabled' and 'extensions.eventPages.enabled' to false at toolkit level.

  • fission.enforceBlocklistedPrefsInSubprocesses
    Bug 1752332: Add preferences that control whether we send user data and/or crash

  • fission.omitBlocklistedPrefsInSubprocesses
    Bug 1752332: Add preferences that control whether we send user data and/or crash

  • gfx.canvas.accelerated.profile-cache-miss-ratio
    Bug 1762523 - Add performance profiling to DrawTargetWebgl.

  • gfx.canvas.accelerated.profile-fallback-ratio
    Bug 1762523 - Add performance profiling to DrawTargetWebgl.

  • gfx.canvas.accelerated.profile-frames
    Bug 1762523 - Add performance profiling to DrawTargetWebgl.

  • javascript.options.wasm_simd_avx
    Bug 1708743 - Enable AVX support by default in release.
    Bug 1759909 - Enable AVX support for Wasm SIMD by default in Nightly.

  • layout.accessiblecaret.magnifier.enabled
    Bug 1639087 - Add dragcaret event by accessible caret.

  • layout.css.constructable-stylesheets.enabled
    Bug 1644102 - Turn on constructable stylesheets by default.

  • layout.css.prefers-contrast.enabled
    Bug 1656363 - Implement prefers-contrast: custom and let prefers-contrast ride the trains.

  • media.gmp-manager.checkContentSignature
    Bug 1760527 - Use content signature instead of cert pinning everywhere for GMP updates.
    Bug 1714621 - Add functionality to verify GMP's update xml content signatures.

  • media.utility-ffvpx.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.utility-opus.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.utility-process.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.utility-vorbis.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.utility-wav.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.utility-wmf.enabled
    Bug 1755316 - Perform audio decoding on PUtilityAudioDecoder

  • media.video.dropped_frame_stats.enabled
    Bug 1762966 - Add a pref to force the number of dropped frames to 0.

  • media.videocontrols.picture-in-picture.audio-toggle.enabled
    Bug 1682117 - enable PiP mute toggle in release.

  • media.videocontrols.picture-in-picture.display-text-tracks.enabled
    Bug 1767464 - Enable PIP captions on all channels.
    Bug 1759724 - Enable PIP text tracks by default for nightly.
    Bug 1748884 - add PIP support for WebVTT supported videos

  • media.videocontrols.picture-in-picture.display-text-tracks.size
    Bug 1757219 - Add small, medium, and large font sizes for PiP subtitles.

  • media.webrtc.platformencoder
    Bug 1766311. Disable hardware encoders on non-Android.
    Bug 1741244 - p1: support software MFT video encoders.

  • media.wmf.no-copy-nv12-textures
    Bug 1763280 - Enable avoid copying hardware decoded video on intel GPU on Window on nightly
    Bug 1723207 - Avoid copying hardware decoded video data if possible on Windows

  • media.wmf.no-copy-nv12-textures-force-enabled
    Bug 1763280 - Enable avoid copying hardware decoded video on intel GPU on Window on nightly

  • mozilla.widget.raise-on-setfocus
    Bug 1758158 - nsWindow's initialize_prefs should use static prefs instead.

  • network.http.http2.websockets
    Bug 1727995 - Disable websocket over h2,

  • print.prefer_system_dialog
    Bug 1712104 p2 - Support printing directly via the system print dialog.

  • privacy.restrict3rdpartystorage.expiration_redirect
    Bug 1761207 - Extend the expiration time of the storage access permission given by the redirect heuristic.

  • remote.active-protocols
    Bug 1753997 - [remote] Enable WebDriver BiDi on all channels.
    Bug 1712902 - [remote] Conditionally enable WebDriver Bidi on Nightly channel only.
    Bug 1693993 - [marionette] Move Marionette server code to /remote/marionette.

  • remote.force-local
    Bug 1759998 - [remote] Only accept system-local loopback WebSocket connections for clients.

  • security.pki.name_matching_mode
    Bug 1691122 - Remove subject common name fallback support in CertVerifier.

  • security.sandbox.content.win32k-disable
    Bug 1767999: Re-enable Win32k Lockdown by default.
    Bug 1766033: Change win32k lockdown default to @IS_EARLY_BETA_OR_EARLIER@ to allow for staged rollout.
    Bug 1759168: Enable win32k lockdown for content processes by default.
    Bug 1750742 - Enable Win32k Lockdown by default in Nightly

  • widget.swipe.success-threshold
    Bug 1753146 - Add preferences for tweaking swipe gestures.

  • widget.swipe.whole-page-pixel-size
    Bug 1757928. Make the swipe events sent by SwipeTracker have the same scale.

  • widget.transparent-windows
    Bug 1758158 - nsWindow's initialize_prefs should use static prefs instead.

  • widget.windows.hide_cursor_when_typing
    Bug 1759558: Enable widget.windows.hide_cursor_when_typing by default
    Bug 1757463: Support "Hide pointer while typing" on Windows

@fxbrit
Copy link
Collaborator

fxbrit commented Jun 5, 2022 

pref("browser.download.always_ask_before_handling_new_types", false);

reminder from #1370, it landed.

pref("layout.css.constructable-stylesheets.enabled", true); // prev: false

https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-contrast.
could be interesting for fping, prefers-contrast: no-preference is the default.

pref("security.sandbox.content.win32k-disable", true); // prev: false

👀 🎉

@Thorin-Oakenpants
Copy link
Contributor

could be interesting for fping, prefers-contrast: no-preference is the default.

RFP won't touch this as it's an accessibility feature

@Thorin-Oakenpants
Copy link
Contributor

At quick glance, there are only about two things I want to check. I will get to it in the next few days.

There's nothing major here that is urgent or a need to push v101 as fast as possible - the lifetime cookie pref deprecation and migration code has been pushed back to 103, so looks like we can wait until 102 (which is also ESR) to make changes there (not looking forward to it, the UI is a mess)

@bigdiff
Copy link

bigdiff commented Jun 10, 2022
edited by Thorin-Oakenpants

I just checked this blog post it mentions this as an option in firefox v102.

But I was able to enable it in my stable version of firefox (v101.0.1) don't know if you can add it for the next update to the user.js?

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Jun 10, 2022
edited

don't know if you can add it for the next update to the user.js

no, it's not important

Readers should already be using uBO and added filters .. as per the WIKI, and for years prior to removeparam users were advised to use ClearURLs

Also, it requires flipping a pref that is controlled by ETP Strict runtime, so I refuse to change that. It will be default true (with ETP strict) and used when 102 is released (with arkenfox's ETP strict mode)

also, the filter list is tiny - don't get me wrong, that (and Brave's slightly bigger list) hit some of the most common offenders with no breakage, but the best solution is uBO's filters

it is also under #1457 where I will add an expanded list pref in 102 for documentation purposes and I guess people who DON'T READ THE WIKI (although to be fair, I would prefer to just let those people go to hell)

@bigdiff
Copy link

bigdiff commented Jun 10, 2022

Didn't know ublockorigin supported such feature tbh and I still get ?utm at the end of links but I'll check the optional filters.

Most wikis are out-of-date or contain incorrect information because "things change quickly" so I just ignore them. but if there is a way to subscribe to changes to the wiki I would definitely want to know!

@Thorin-Oakenpants
Copy link
Contributor

so I just ignore them

then why bother ever reading anything .. just wing it forever and then ask questions of everyone

@bigdiff
Copy link

bigdiff commented Jun 10, 2022

I don't enable any additional filter-lists because that's what is recommended by the ublockorigin developers and maintainer to minimize site breakage. Usually fliter-list are not well maintained and become out-of-date; so they cause various level breakage

@remyabel2
Copy link

Didn't know ublockorigin supported such feature tbh and I still get ?utm at the end of links but I'll check the optional filters.

You need the Actually Legitimate URL Shortener Tool filter.

Most wikis are out-of-date or contain incorrect information because "things change quickly" so I just ignore them. but if there is a way to subscribe to changes to the wiki I would definitely want to know!

git clone https://github.com/arkenfox/user.js.wiki.git
crontab -e
0 */6 * * * git -C user.js.wiki pull

@bigdiff
Copy link

bigdiff commented Jun 10, 2022 

git clone https://github.com/arkenfox/user.js.wiki.git
crontab -e
0 */6 * * * git -C user.js.wiki pull

thanks! that's helpful
found out that https://github.com/arkenfox/user.js/wiki.atom also exists. but don't know if it is page creation only or also updates.

@Thorin-Oakenpants
Copy link
Contributor

because that's what is recommended by the ublockorigin developers

they're all (filter list people as well) are not in the privacy business - they are in the content blocking business (it just so happens that a lot of shit being blocked improves privacy, i.e there is a large overlap) - there's a big difference. TBH, most blocking is immaterial to privacy ever since FPI started - but there are other benefits, such as reduced attack surface, perf, visual BS removed etc

Be smart, be like pants .. READ THE WIKI

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Jun 12, 2022
edited

still trying to work out what snapshots are

Also see MR2-426 - I don't have a login and I doubt I could (probably limited access?)

According to the few tickets, it's to do with Places and Bookmarks and History

I'm just very weary wary of this 210 and 420 days before expiration

edit: ATTACK of the homonym!!! I am weary as well, though, in my defence

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Jun 12, 2022
Closed
@rusty-snake
Copy link
Contributor

I guess it's this:

Screenshot_2022-06-12_14-07-45 png-fs8

@Thorin-Oakenpants
Copy link
Contributor

hmm, I have nothing in there in my Nightly (history is enabled, but I sanitize on close)

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Jun 12, 2022
Closed
@rusty-snake
Copy link
Contributor

rusty-snake commented Jun 13, 2022
edited

For me: places.history.enabled=false+privacy.clearOnShutdown.history=false (same reasons as in #1471)

These snapshots only contain bookmarks AFAICTY and are strored in bookmarkbackups/bookmarks-<DATE>_<COUNTER>_<HASH?>.jsonlz4. IDK how firefox behaves if you enabled history.

@stephenhawk8054
Copy link

I don't enable any additional filter-lists because that's what is recommended by the ublockorigin developers and maintainer to minimize site breakage. Usually fliter-list are not well maintained and become out-of-date; so they cause various level breakage

Actually it's because uBO is used by both privacy focused and non-privacy focused people, so maintainers have to balance between privacy and breakages, and as maintainers cannot know if users/reporters are normal users or whom that understand about why there are breakages, they can only recommend default settings. If you don't mind breakages and you are willing to learn about fixing breakages, you can totally enhance privacy by setting up further than default settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
diffs enhancement task
Milestone
No milestone
Development

No branches or pull requests
7 participants
@Thorin-Oakenpants @earthlng @fxbrit @rusty-snake @stephenhawk8054 @remyabel2 @bigdiff