Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToDo: diffs FF113-FF114 #1688

Closed
earthlng opened this issue Jul 9, 2023 · 12 comments
Closed

ToDo: diffs FF113-FF114 #1688

earthlng opened this issue Jul 9, 2023 · 12 comments
Labels
diffs enhancement task

Comments

@earthlng
Copy link
Contributor

earthlng commented Jul 9, 2023
edited by Thorin-Oakenpants

FF114 is scheduled for release Jun. 6th

FF114 release notes
FF114 for developers
FF114 security advisories

65 diffs ( 40 new, 12 gone, 13 different )

  • 4501 pref("privacy.resistFingerprinting.pbmode", false); - cecb833
  • FYI: these are FPP, ignore for now
    • pref("privacy.fingerprintingProtection", false);
    • pref("privacy.fingerprintingProtection.overrides", "");
    • pref("privacy.fingerprintingProtection.pbmode", false);
  • FYI
    • pref("media.peerconnection.ice.proxy_only_if_pbmode", false); - 1825826
    • pref("browser.urlbar.weather.ignoreVPN", false); // when weather featuregate gets turned on, we'll turn that off

removed, renamed or hidden in v114.0:

  • 1501 pref("extensions.formautofill.heuristics.enabled", true); - 1829670
  • 2816 pref("privacy.clearsitedata.cache.enabled", false); - 1821651
  • 4505 pref("privacy.resistFingerprinting.testGranularityMask", 0); - 1824235 pref remains but does nothing

ignore

click me for details

==NEW

pref("apz.rounded_external_scroll_offset", false);
pref("browser.device-migration.help-menu.hidden", false);
pref("browser.newtabpage.activity-stream.discoverystream.onboardingExperience.dismissed", false);
pref("browser.newtabpage.activity-stream.discoverystream.onboardingExperience.enabled", true);
pref("browser.newtabpage.activity-stream.discoverystream.region-bff-config", "FR,IT,ES");
pref("browser.urlbar.weather.minKeywordLength", 0);
pref("dom.enable_largest_contentful_paint", false);
pref("extensions.browser_style_mv3.same_as_mv2", true);
pref("extensions.browser_style_mv3.supported", true);
pref("fission.disableSessionHistoryInParent", false);
pref("gfx.webrender.flip-sequential", false);
pref("gfx.webrender.super-resolution.nvidia", false);
pref("gfx.webrender.svg-shapes", true);
pref("javascript.options.jithints", true);
pref("layout.css.import-supports.enabled", false);
pref("layout.css.inverted-colors.enabled", false);
pref("layout.css.text-transform.uppercase-eszett.enabled", false);
pref("media.gmp.decoder.decode_batch", false);
pref("media.gmp.decoder.multithreaded", false);
pref("mousewheel.scroll_series_timeout", 80);
pref("network.allow_redirect_to_data", false);
pref("network.cookie.fixup_on_db_load", true);
pref("network.trr_ui.show_fallback_warning_option", false);
pref("places.frecency.origins.alternative.featureGate", false);
pref("security.osclientcerts.assume_rsa_pss_support", true);
pref("security.webauthn.webauthn_enable_android_fido2.residentkey", false);
pref("signon.firefoxRelay.manage_url", "https://relay.firefox.com");
pref("svg.use-element.recursive-clone-limit", 8);
pref("svg.use-element.recursive-clone-limit.enabled", 2);
pref("threads.lower_mainthread_priority_in_background.enabled", false);
pref("timer.maximum_firing_delay_tolerance_ms", "0.0");
pref("timer.minimum_firing_delay_tolerance_ms", "1.0");
pref("widget.gtk.non-native-menu-styling", true);
pref("widget.windows.apply-dwm-resize-hack", 2);

==REMOVED, RENAMED or HIDDEN

pref("browser.urlbar.searchEngagementTelemetry.enabled", false);
pref("dom.mozImageSmoothingEnabled.enabled", false);
pref("extensions.formautofill.section.enabled", true);
pref("fission.sessionHistoryInParent", false);
pref("layout.css.cascade-layers.enabled", true);
pref("privacy.resistFingerprintingLite", false);
pref("privacy.resistFingerprintingLite.overrides", "");
pref("privacy.trackingprotection.origin_telemetry.enabled", false);
pref("security.webauth.u2f", false);
pref("telemetry.origin_telemetry_test_mode.enabled", false);

==CHANGED

pref("app.update.background.messaging.targeting.snapshot.intervalSec", 3600); // prev: 1800
pref("browser.newtabpage.activity-stream.discoverystream.endpoints", "https://getpocket.cdn.mozilla.net/,https://firefox-api-proxy.cdn.mozilla.net/,https://spocs.getpocket.com/"); // prev: "https://getpocket.cdn.mozilla.net/,https://spocs.getpocket.com/"
pref("browser.newtabpage.activity-stream.discoverystream.region-spocs-config", "US,CA,DE,GB,FR,IT,ES"); // prev: "US,CA,DE,GB"
pref("browser.newtabpage.activity-stream.discoverystream.region-stories-block", ""); // prev: "FR"
pref("browser.newtabpage.activity-stream.discoverystream.region-stories-config", "US,DE,CA,GB,IE,CH,AT,BE,IN,FR,IT,ES"); // prev: "US,DE,CA,GB,IE,CH,AT,BE,IN"
pref("dom.workers.modules.enabled", true); // prev: false
pref("gfx.color_management.native_srgb", false); // prev: true
pref("layout.css.nan-inf.enabled", true); // prev: false
pref("media.getusermedia.camera.macavf.enabled", true); // prev: false
pref("media.videocontrols.picture-in-picture.urlbar-button.enabled", true); // prev: false
pref("network.webtransport.datagrams.enabled", true); // prev: false
pref("network.webtransport.enabled", true); // prev: false
pref("security.webauthn.ctap2", true); // prev: false
@earthlng
Copy link
Contributor Author

earthlng commented Jul 9, 2023

some bugzilla tickets

  • app.update.background.messaging.targeting.snapshot.intervalSec
    Bug 1825823 - reduce timer wake-ups caused by BackgroundUpdates.sys.mjs,

  • apz.rounded_external_scroll_offset
    Bug 1826452 - Use non-rounded external scroll offsets behind a pref.

  • browser.device-migration.help-menu.hidden
    Bug 1828114 - Add new help menu item for switching devices

  • browser.newtabpage.activity-stream.discoverystream.onboardingExperience.dismissed
    Bug 1812690 - Pocket newtab enabling onboarding experience for new users seeing the Pocket section for the first time.

  • browser.newtabpage.activity-stream.discoverystream.onboardingExperience.enabled
    Bug 1830913 - Pocket new tab turn on new regions.
    Bug 1812690 - Pocket newtab enabling onboarding experience for new users seeing the Pocket section for the first time.

  • browser.newtabpage.activity-stream.discoverystream.region-bff-config
    Bug 1812689 - Pocket newtab new regions implementation

  • browser.newtabpage.activity-stream.discoverystream.region-spocs-config
    Bug 1831378 - Pocket newtab turn on spoc pref for new regions.

  • browser.newtabpage.activity-stream.discoverystream.region-stories-block
    Bug 1814794 - Pocket newtab update stories region block list

  • browser.newtabpage.activity-stream.discoverystream.region-stories-config
    Bug 1830913 - Pocket new tab turn on new regions.

  • browser.urlbar.searchEngagementTelemetry.enabled
    Bug 1824253: Set enabling/disabling urlbar engagement telemetry via Server Knobs
    Bug 1797265: Implement the engagement event.

  • browser.urlbar.weather.ignoreVPN
    Bug 1831689 - Add a pref for the weather suggestion to ignore VPNs and fetch anyway.

  • browser.urlbar.weather.minKeywordLength
    Bug 1831657 - Implement the "Show less frequently" weather suggestion command.

  • dom.enable_largest_contentful_paint
    Bug 1830794 - Add the WebIDL support for LargestContentfulPaint

  • dom.mozImageSmoothingEnabled.enabled
    Bug 1228850 - Remove mozImageSmoothingEnabled.
    Bug 1822955 - Disable mozImageSmoothingEnabled by default.

  • dom.workers.modules.enabled
    Bug 1812591 - Ship Module Workers;

  • extensions.browser_style_mv3.same_as_mv2
    Bug 1827910 - Show deprecation warnings for browser_style in MV3

  • extensions.browser_style_mv3.supported
    Bug 1827910 - Show deprecation warnings for browser_style in MV3

  • extensions.formautofill.heuristics.enabled
    Bug 1829670 - Some code refactoring in FormAutofillHandler

  • extensions.formautofill.section.enabled
    Bug 1829670 - Some code refactoring in FormAutofillHandler

  • fission.disableSessionHistoryInParent
    Bug 1804140 - Enable SHIP by default on desktop, whether or not Fission is disabled.

  • fission.sessionHistoryInParent
    Bug 1804140 - Enable SHIP by default on desktop, whether or not Fission is disabled.

  • gfx.color_management.native_srgb
    Bug 1832215 - Use display-color-profile by default on Windows. (again)

  • gfx.webrender.flip-sequential
    Bug 1830792 - [1/4] Revert default to DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL
    Bug 1830792 - Revert default to DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL.
    Bug 1820066 [3/3] - Default to DXGI_SWAP_EFFECT_FLIP_SEQUENTIAL on Win10+

  • gfx.webrender.super-resolution.nvidia
    Bug 1823135 - Initial support for NVIDIA RTX Video Super Resolution

  • gfx.webrender.svg-shapes
    Bug 1814398 - SVGImageElement should not derive from SVGGeometryElement
    Bug 1818157: Backout changeset 510d250fd545 (bug 1814398) and e44b3ab61ae4 (bug 1817212) for introducing a performance regression. CLOSED TREE

  • javascript.options.jithints
    Bug 1831572: Enable javascript.options.jithints pref for all channels.
    Bug 1829547: Remove nightly ifdef guards for the jit hints cache and toggle the static pref based on the build instead.
    Bug 1824772: part 1 - Add jit option and static pref to toggle eager baseline hints.

  • layout.css.cascade-layers.enabled
    Bug 1828183 - Remove cascade layers pref.

  • layout.css.import-supports.enabled
    Bug 1427715 - Implement supports() syntax for @import rules

  • layout.css.inverted-colors.enabled
    Bug 1794628 - Implement inverted-colors media feature

  • layout.css.nan-inf.enabled
    Bug 1830759 - Enable CSS inf/nan by default

  • layout.css.text-transform.uppercase-eszett.enabled
    Bug 1697980 - Implement new uppercase mapping of eszett (U+00DF) to U+1E9E, but preffed-off by default due to inconsistent font support.

  • media.getusermedia.camera.macavf.enabled
    Bug 1806604 - Enable VideoCaptureAvFoundation by default.

  • media.gmp.decoder.decode_batch
    Bug 1827703 - Improve integration with OpenH264 decoder.

  • media.gmp.decoder.multithreaded
    Bug 1827703 - Improve integration with OpenH264 decoder.

  • media.peerconnection.ice.proxy_only_if_pbmode
    Bug 1825826: Create a PBM-only pref for ice.proxy_only

  • media.videocontrols.picture-in-picture.urlbar-button.enabled
    Bug 1821725 - Enable PiP urlbar button.
    Bug 1811318 - Urlbar entry point for PiP.

  • mousewheel.scroll_series_timeout
    Bug 1806591: Consume wheel event as long as being able to handle the event as the same series

  • network.allow_redirect_to_data
    Bug 1691658 - block http redirects to data: protocol,

  • network.cookie.fixup_on_db_load
    Bug 1828126 - Add a mechanism to fix cookies with invalid future createdAt timestamp

  • network.trr_ui.show_fallback_warning_option
    Bug 1610741 - DoH setting UI

  • network.webtransport.datagrams.enabled
    Bug 1831073: Enable WebTransport
    Bug 1818754: Enable WebTransport by default

  • network.webtransport.enabled
    Bug 1831073: Enable WebTransport
    Bug 1818754: Enable WebTransport by default

  • places.frecency.origins.alternative.featureGate
    Bug 1823450 - Introduce code to recalculate alternative frecency for origins.

  • privacy.clearsitedata.cache.enabled
    Bug 1821651 - remove privacy.clearsitedata.cache.enabled from code base.

  • privacy.fingerprintingProtection
    Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite

  • privacy.fingerprintingProtection.pbmode
    Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite

  • privacy.resistFingerprinting.pbmode
    Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite

  • privacy.resistFingerprintingLite
    Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite
    Bug 1815307: Lay the groundwork for the IsRFPEnabledFor function

  • privacy.trackingprotection.origin_telemetry.enabled
    Bug 1830161 - Remove remaining references to Origin Telemetry.

  • security.osclientcerts.assume_rsa_pss_support
    Bug 1828968 - osclientcerts: make RSA-PSS support configurable via pref

  • security.webauth.u2f
    Bug 1737205 - remove the legacy U2F javascript API.
    Bug 1814487 - Pause rollout of CTAP2 support in 113.
    Bug 1814487 - Pause rollout of CTAP2 support in 112.
    Bug 1814487 - Enable CTAP2 support.

  • security.webauthn.ctap2
    Bug 1828215 - Remove U2FHIDTokenManager.
    Bug 1814487 - Pause rollout of CTAP2 support in 113.
    Bug 1814487 - Pause rollout of CTAP2 support in 112.
    Bug 1814487 - Enable CTAP2 support.

  • security.webauthn.webauthn_enable_android_fido2.residentkey
    Bug 1554397 - Implement residentKey support on GeckoView.

  • signon.firefoxRelay.manage_url
    Bug 1828524 - [Relay] Manage masks button leads to SUMO instead of relay.firefox.com

  • svg.use-element.recursive-clone-limit
    Bug 1827960 - Add a <svg:use> recursion limit in the parent process.

  • svg.use-element.recursive-clone-limit.enabled
    Bug 1827960 - Add a <svg:use> recursion limit in the parent process.

  • telemetry.origin_telemetry_test_mode.enabled
    Bug 1830161 - Remove remaining references to Origin Telemetry.

  • threads.lower_mainthread_priority_in_background.enabled
    Bug 1805932 - Put the main thread in the background when the ProcessPriorityManager sets background priority.

  • timer.maximum_firing_delay_tolerance_ms
    Bug 1830139 - Increased the maximum timer delay from 100ms to 10000ms
    Bug 1783405 - Longer duration timers can have longer firing delays
    Bug 1783405 - Don't wake up in AddTimer() if the currently-scheduled wake-up time can work

  • timer.minimum_firing_delay_tolerance_ms
    Bug 1783405 - Longer duration timers can have longer firing delays
    Bug 1783405 - Don't wake up in AddTimer() if the currently-scheduled wake-up time can work

  • widget.gtk.non-native-menu-styling
    Bug 1828413 - Use more non-native rendering of menus.

  • widget.windows.apply-dwm-resize-hack
    Bug 1830792 - [4/4] Flicker-resize the window on first fullscreen entry

@Jee-Hex
Copy link

Jee-Hex commented Jul 10, 2023

Not that it really matters, but RFP no longer seem to apply to extensions (and their outgoing connections) in 114+. Should we stick a warning somewhere reminding users to vet the code of any random extension they might have installed?

@Thorin-Oakenpants
Copy link
Contributor

As per OP, which I edited 4 hrs ago

  • 4505 pref("privacy.resistFingerprinting.testGranularityMask", 0); - 1824235 pref remains but does nothing
  • also see PR commit 9a7d54d over a month ago

no need for a warning - the pref was labelled experimental and we do not recommend any extensions that would be affected

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Jul 10, 2023
edited

https://phabricator.services.mozilla.com/D174014

bool isExemptDomain = false;
  // Exclude internal schemes and web extensions
  if (aURI->SchemeIs("about") || aURI->SchemeIs("chrome") ||
      aURI->SchemeIs("resource") || aURI->SchemeIs("view-source") ||
      aURI->SchemeIs("moz-extension")) {
    return false;
  }

extensions should be exempt. Can you elaborate on why you think they are not exempted - @Jee-Hex

edit: tom ritter said it's possible there's a hole in the extension-exempting logic, so test in Nightly

@atomGit
Copy link

atomGit commented Jul 10, 2023

is there any info on privacy.fingerprintingProtection? is it for non-RFP users?

@Thorin-Oakenpants
Copy link
Contributor

I wrote something about it at #1661 (comment)

@Jee-Hex
Copy link

Jee-Hex commented Jul 11, 2023

extensions should be exempt.

That's what I meant– extensions are now exempted from RFP by default (not that you can override them AFAIK) and some users may not have expected that when they turned RFP on.

@Thorin-Oakenpants
Copy link
Contributor

ahh ok, and no, no warning needed - users should be vetting extensions anyway, and we only recommend a tiny few

@Thorin-Oakenpants
Copy link
Contributor

I just did a little test drive in FF115 with privacy.resistFingerprinting.pbmode, seems to work as advertised

so privacy.resistFingerprinting false and privacy.resistFingerprinting.pbmode true ... starting in normal mode .. new PB window sticks to new window sizes and applies all the RFP protections

I think there are better solutions/configs coming, but maybe someone would like non RFP in normal mode (maybe use CanvasBlocker for some subtle canvas rando), and RFP in PB mode

@Thorin-Oakenpants
Copy link
Contributor

@rusty-snake

so network.trr_ui.show_fallback_warning_option true adds some extra UI

  • 1doh-default
  • 2doh-increased

the checkbox is for the pref network.trr.display_fallback_warning

Is this worth exposing, or should we just wait? Should we add network.trr.display_fallback_warning ?

I'm open to a little more DoH stuff being added now it's been twenty years since the last kerfuffle and it's matured - note we can do it next release, so we don't have to hold this one up - please advise

@rusty-snake
Copy link
Contributor

How does the warning look like IDK (tested it now) and IDC yet.
When is it shown

  • if you use mode 2 (opportunistic mode) or 0 (rollout; maybe, did not tested).
  • and if the canary domain is blocked
    • Actually if any heuristic from network.trr.fallback_warning_heuristic_list triggers. But there is only canary in it ATM.
      Was wrong on that point, there are other ways too.

On the opposite this means it is not shown if you use mode 3 (strict mode). This mode has it's own warning.

If you want to actively use DoH, you should use mode 3 like you should use https_only rather than https_first.

Mode 3 has site-exceptions with a nice UI on the error page. Unlike mode 2 + warning pref which has https://bugzilla.mozilla.org/show_bug.cgi?id=1833828.

TL;DR: Until https://bugzilla.mozilla.org/show_bug.cgi?id=1833828 is fixed, no. After that recommending mode 3 + site-exceptions is still better IMHO.

@rusty-snake
Copy link
Contributor

I'm open to a little more DoH stuff being added now

FWIW https://codeberg.org/rusty-snake/firefox-config/src/commit/fa47a46877db42af83bd91d52aa57301a793af4c/assets/user-overrides.js#L51-L56

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Jul 23, 2023
Closed
@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Jul 26, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
diffs enhancement task
Milestone
No milestone
Development

No branches or pull requests
5 participants
@atomGit @Thorin-Oakenpants @earthlng @rusty-snake @Jee-Hex