Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ToDo: diffs FF117-FF118 #1730

Closed
earthlng opened this issue Sep 29, 2023 · 11 comments
Closed

ToDo: diffs FF117-FF118 #1730

earthlng opened this issue Sep 29, 2023 · 11 comments
Labels
diffs enhancement task

Comments

@earthlng
Copy link
Contributor

earthlng commented Sep 29, 2023
edited by Thorin-Oakenpants

FF118 is scheduled for release Sept. 26th

FF118 release notes
FF118 for developers
FF118 security advisories

94 diffs ( 36 new, 43 gone, 15 different )

new in v118.0:

  • 0807 pref("browser.urlbar.clipboard.featureGate", false); - fd5db3a
    • we'll evaluate active/inactive when it gets flipped to true
  • FYI
    • pref("privacy.partition.bloburl_per_partition_key", false); this get flipped in FF119 1854403
    • pref("layout.css.font-visibility", 3); - see FYI: future fingerprinting options #1716 (comment)
      • seems this pref is only useful for non RFP and non-FPP users as both RFP + FPP are hardcoded
    • pref("browser.urlbar.trimHttps", false);
      • tested as true. No big deal, saves some space, and we already use HoM and insecure sites get a padlock with a red stripe. Copying the url still copies the scheme. So it's not like we need to see https. AF will not add this, it is not a privacy issue, but you do you on your overrides
    • pref("browser.shopping.experience2023.active", true);
      • we'll nip this in the bug another way

removed, renamed or hidden in v118.0:

  • 1402 1847599
    • pref("layout.css.font-visibility.private", 3);
    • pref("layout.css.font-visibility.standard", 3);
    • pref("layout.css.font-visibility.trackingprotection", 3);
  • 2623 pref("permissions.delegation.enabled", true); 1697151

changed in v118.0:

  • 0806 pref("browser.urlbar.addons.featureGate", true); // prev: false fd5db3a
  • FYI
    • pref("browser.translations.enable", true); // prev: false - cool
    • pref("privacy.fingerprintingProtection.pbmode", true); // prev: false
      • immaterial: we are going to use RFP (or FPP in future) in all windows

ignore

click me for details

==NEW

pref("browser.download.force_save_internally_handled_attachments", false);
pref("browser.privatebrowsing.felt-privacy-v1", false);
pref("browser.sessionstore.closedTabsFromClosedWindows", false);
pref("browser.shopping.experience2023.ads.enabled", true);
pref("browser.toolbars.bookmarks.showInPrivateBrowsing", false);
pref("dom.event.keypress.dispatch_once_per_surrogate_pair", false);
pref("dom.event.keypress.key.allow_lone_surrogate", true);
pref("dom.storage_access.dont_grant_insecure_contexts", true);
pref("extensions.webapi.enabled", true);
pref("gfx.canvas.willreadfrequently.enabled", false);
pref("intl.icu4x.segmenter.enabled", false);
pref("javascript.options.mem.gc_parallel_marking_threshold_kb", 20000);
pref("layout.css.motion-path-url.enabled", false);
pref("layout.css.transform-box-content-stroke.enabled", false);
pref("media.ffvpx.opus.enabled", true);
pref("media.ffvpx.vorbis.enabled", true);
pref("media.ffvpx.wav.enabled", true);
pref("media.gmp.use-minimal-xpcom", false);
pref("media.gmp.use-native-event-processing", true);
pref("network.http.reject_NULs_in_response_header_values", true);
pref("network.http.strict_response_status_line_parsing", true);
pref("network.url.strict_data_url_base64_placement", true);
pref("privacy.bounceTrackingProtection.bounceTrackingActivationLifetimeSec", 3888000);
pref("privacy.bounceTrackingProtection.bounceTrackingGracePeriodSec", 3600);
pref("privacy.bounceTrackingProtection.bounceTrackingPurgeTimerPeriodSec", 3600);
pref("security.tls.grease_http3_enable", false);
pref("services.sync.prefs.sync.privacy.globalprivacycontrol.enabled", true);
pref("browser.urlbar.suggest.clipboard", true);
pref("browser.urlbar.suggest.trending", true);
pref("widget.swipe.page-size", "40.0");
pref("widget.swipe.pixel-size", "1100.0");

==REMOVED, RENAMED or HIDDEN

pref("browser.tabs.remote.desktopbehavior", true);
pref("browser.uitour.themeOrigin", "https://addons.mozilla.org/%LOCALE%/firefox/themes/");
pref("canvas.capturestream.enabled", true);
pref("canvas.filters.enabled", true);
pref("canvas.focusring.enabled", true);
pref("canvas.path.enabled", true);
pref("devtools.storage.test.forceLegacyActors", false);
pref("dom.forms.enterkeyhint", true);
pref("dom.fullscreen.modal", true);
pref("dom.image-lazy-loading.enabled", true);
pref("dom.ipc.cancel_content_js_when_navigating", true);
pref("dom.script_loader.external_scripts.utf8_parsing.enabled", true);
pref("dom.shadowdom.slot.assign.enabled", true);
pref("dom.worker.script_loader.utf8_parsing.enabled", true);
pref("general.autoscroll.prevent_to_start.osKey", false);
pref("gfx.compositor.clearstate", false);
pref("javascript.options.experimental.enable_array_from_async", true);
pref("javascript.options.experimental.enable_change_array_by_copy", true);
pref("layout.css.font-size-adjust.basis.enabled", true);
pref("layout.css.nesting.enabled", true);
pref("layout.css.scroll-snap.proximity-threshold", 200);
pref("layout.css.zoom-transform-hack.enabled", false);
pref("mathml.error_message_layout_for_invalid_markup.disabled", true);
pref("mathml.legacy_maction_and_semantics_implementations.disabled", true);
pref("media.getusermedia.residual_echo_enabled", false);
pref("media.webrtc.debug.aec_dump_max_size", 4194304);
pref("mousewheel.enable_pixel_scrolling", true);
pref("mousewheel.with_win.action", 1);
pref("mousewheel.with_win.action.override_x", -1);
pref("mousewheel.with_win.delta_multiplier_x", 100);
pref("mousewheel.with_win.delta_multiplier_y", 100);
pref("mousewheel.with_win.delta_multiplier_z", 100);
pref("network.preload", true);
pref("print.cups.enum_dests_timeout_ms", 150);
pref("print.use_simplify_page", true);
pref("security.webauth.softtoken_counter", 0);
pref("toolkit.shopping.useOHTTP", false);
pref("ui.osk.require_win10", false);
pref("widget.swipe.whole-page-pixel-size", "1100.0");

==CHANGED

pref("browser.opaqueResponseBlocking", true); // prev: false
pref("browser.opaqueResponseBlocking.javascriptValidator", true); // prev: false
pref("browser.startup.upgradeDialog.enabled", false); // prev: true
pref("browser.translations.automaticallyPopup", true); // prev: false
pref("dom.textMetrics.emHeight.enabled", true); // prev: false
pref("extensions.browser_style_mv3.supported", false); // prev: true
pref("layout.css.abs-sign.enabled", true); // prev: false
pref("layout.css.exp.enabled", true); // prev: false
pref("layout.css.mod-rem.enabled", true); // prev: false
pref("layout.css.round.enabled", true); // prev: false
pref("toolkit.shopping.ohttpConfigURL", "https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs"); // prev: ""
pref("toolkit.shopping.ohttpRelayURL", "https://mozilla-ohttp-fakespot.fastly-edge.com/"); // prev: ""
@earthlng
Copy link
Contributor Author

some bugzilla tickets

  • browser.download.force_save_internally_handled_attachments
    Bug 1811830 - Add a preference to force downloading of attachments.

  • browser.opaqueResponseBlocking
    Bug 1851143 - Enable OpaqueResponseBlocking in all channels

  • browser.opaqueResponseBlocking.javascriptValidator
    Bug 1851143 - Enable OpaqueResponseBlocking in all channels

  • browser.privatebrowsing.felt-privacy-v1
    Bug 1846583 - remove pocket button and bookmarks bar from PBM.

  • browser.sessionstore.closedTabsFromClosedWindows
    Bug 1845836 - Include closed tabs from closed windows in fxview-next's recently closed tabs list.

  • browser.shopping.experience2023.active
    Bug 1840156 - Shopping urlbar button

  • browser.shopping.experience2023.ads.enabled
    Bug 1848675 - Add pref for ads in shopping sidebar.

  • browser.startup.upgradeDialog.enabled
    Bug 1851878 - Turn off MR 2022 Upgrade Dialog
    Bug 1842243 - added sync for post-upgrade notification preference

  • browser.tabs.remote.desktopbehavior
    Bug 1843261 - Remove browser.tabs.remote.desktopbehavior pref

  • browser.toolbars.bookmarks.showInPrivateBrowsing
    Bug 1846583 - remove pocket button and bookmarks bar from PBM.

  • browser.translations.automaticallyPopup
    Bug 1849756 - Disable translations on Fx117 for the Nimbus holdout.
    Bug 1838665 - Automatically pop up the panel when a translation is available;

  • browser.translations.enable
    Bug 1849756 - Disable translations on Fx117 for the Nimbus holdout.
    Bug 1836503 - Fix the translations pref declaration to be Firefox Desktop only;
    Bug 1831963 - Enable the translations feature in Nightly and Early Beta;
    Bug 1805476 - Stub out an about:translations page with no real functionality;

  • browser.uitour.themeOrigin
    Bug 1837802 - Remove unused browser.uitour.themeOrigin pref

  • browser.urlbar.addons.featureGate
    Bug 1851940 - Enable addon suggestions by default with treatment B (no stars) for all Suggest users.
    Bug 1832474: Implement addon suggestions result menu

  • browser.urlbar.clipboard.featureGate
    Bug 1846028 - Add .featureGate pref to clipboard suggestion.

  • browser.urlbar.suggest.clipboard
    Bug 1846028 - Add .featureGate pref to clipboard suggestion.
    Bug 1842230 - URL bar suggested action for paste when clipboard contains valid URL.

  • browser.urlbar.suggest.trending
    Bug 1848048 - Add a result menu to disable trending results.

  • browser.urlbar.trimHttps
    Bug 1067293 - Omit "https://".r=dao

  • canvas.capturestream.enabled
    Bug 1842092 - Remove canvas.capturestream.enabled pref

  • canvas.filters.enabled
    Bug 1849522 - Remove canvas.filters.enabled pref

  • canvas.focusring.enabled
    Bug 1841604 - Remove canvas.focusring.enabled pref

  • canvas.path.enabled
    Bug 1841760 - Remove canvas.path.enabled pref

  • devtools.storage.test.forceLegacyActors
    Bug 1847285 - Remove unused devtools.storage.test.forceLegacyActors

  • dom.event.keypress.dispatch_once_per_surrogate_pair
    Bug 1840519 - Make typing surrogate pair behavior switchable with prefs

  • dom.event.keypress.key.allow_lone_surrogate
    Bug 1840519 - Make typing surrogate pair behavior switchable with prefs

  • dom.forms.enterkeyhint
    Bug 1842987 Remove dom.forms.enterkeyhint

  • dom.fullscreen.modal
    Bug 1844491 remove dom.fullscreen.modal pref

  • dom.image-lazy-loading.enabled
    Bug 1842984 Remove dom.image-lazy-loading.enabled

  • dom.ipc.cancel_content_js_when_navigating
    Bug 1842548 - Remove dom.ipc.cancel_content_js_when_navigating pref

  • dom.script_loader.external_scripts.utf8_parsing.enabled
    Bug 1842462 - Remove dom.script_loader.external_scripts.utf8_parsing.enabled and dom.worker.script_loader.utf8_parsing.enabled prefs

  • dom.shadowdom.slot.assign.enabled
    Bug 1849674 - Remove dom.shadowdom.slot.assign.enabled pref
    Bug 1844652 - Part 1: Enable dom.push.enabled in StaticPrefList

  • dom.storage_access.dont_grant_insecure_contexts
    Bug 1798407 - Restrict Storage Access API usage to within secure contexts. Set the Static Pref to pass all tests which use insecure contexts.

  • dom.textMetrics.emHeight.enabled
    Bug 1841692 - patch 4 - Expose the TextMetrics.emHeight{Ascent,Descent} attributes for Canvas2D text.

  • dom.worker.script_loader.utf8_parsing.enabled
    Bug 1842462 - Remove dom.script_loader.external_scripts.utf8_parsing.enabled and dom.worker.script_loader.utf8_parsing.enabled prefs

  • extensions.browser_style_mv3.supported
    Bug 1830711 - Disable browser_style:true support in MV3
    Bug 1827910 - Show deprecation warnings for browser_style in MV3

  • extensions.webapi.enabled
    Bug 1822640 - Expose mozAddonManager on Android.

  • gfx.canvas.willreadfrequently.enabled
    Bug 1850056. Disable willReadFrequently on Windows until perf issues can be sorted out.

  • gfx.compositor.clearstate
    Bug 1843225 - Remove checks from gfxWindowsPlatform which are not needed on Windows 10+

  • intl.icu4x.segmenter.enabled
    Bug 1719535 - Part 11. Enable icu4x segmenter on Nightly.
    Bug 1719535 - Part 5. Add ICU4X based segmenter modules.

  • javascript.options.experimental.enable_array_from_async
    Bug 1843935 - Remove From Async command-line option and preference

  • javascript.options.experimental.enable_change_array_by_copy
    Bug 1826643 - Remove Change-Array-By-Copy preferences and command line switches

  • javascript.options.mem.gc_parallel_marking_threshold_kb
    Bug 1847567 - Add a browser pref for JSGC_PARALLEL_MARKING_THRESHOLD_KB and set it per platform

  • layout.css.abs-sign.enabled
    Bug 1814589 - Enable CSS Values 4 math functions by default
    Bug 1843527 - Move abs() function behind a pref.

  • layout.css.exp.enabled
    Bug 1814589 - Enable CSS Values 4 math functions by default

  • layout.css.font-size-adjust.basis.enabled
    Bug 1708240 - Remove the layout.css.font-size-adjust.basis.enabled pref, as this has been shipping by default for a couple years.

  • layout.css.font-visibility
    Bug 1847599: Simplify Font Visibility rules

  • layout.css.font-visibility.private
    Bug 1847599: Simplify Font Visibility rules

  • layout.css.font-visibility.standard
    Bug 1847599: Simplify Font Visibility rules

  • layout.css.font-visibility.trackingprotection
    Bug 1847599: Simplify Font Visibility rules

  • layout.css.mod-rem.enabled
    Bug 1814589 - Enable CSS Values 4 math functions by default

  • layout.css.motion-path-url.enabled
    Bug 1598158 - Support offset-path:url() in style.

  • layout.css.nesting.enabled
    Bug 1846251 - Make CSSStyleRule inherit from CSSGroupingRule.
    Bug 1840781 - [css-nesting] Enable by default.

  • layout.css.round.enabled
    Bug 1814589 - Enable CSS Values 4 math functions by default

  • layout.css.scroll-snap.proximity-threshold
    Bug 1766386 - Make scroll snap proximity threshold based on the snapport size rather than using a fixed preference value.

  • layout.css.transform-box-content-stroke.enabled
    Bug 1819464 - Part 2: Add content-box and stroke-box into transform-box in style.

  • layout.css.zoom-transform-hack.enabled
    Bug 1848639 - Remove zoom transform-based compat hack.

  • mathml.error_message_layout_for_invalid_markup.disabled
    Bug 1845707 - Remove preferences for invalid markup.

  • mathml.legacy_maction_and_semantics_implementations.disabled
    Bug 1788223 - Remove preferences for maction/semantics.

  • media.ffvpx.opus.enabled
    Bug 1828912 - Tell FFmpegAudioDecoder.cpp that it can now decode Opus.

  • media.ffvpx.vorbis.enabled
    Bug 1823953 - Control whether to decode vorbis using ffmpeg using a pref.

  • media.ffvpx.wav.enabled
    Bug 1823953 - Teach FFmpegAudioDecoder to now decode PCM.
    Bug 1823953 - Teach FFmpegAudioDecoder to now decode PCM.

  • media.getusermedia.residual_echo_enabled
    Bug 1779498 - Remove config for the residual echo detector.

  • media.gmp.use-minimal-xpcom
    Bug 1845946 - Part 3. Use NS_InitMinimalXPCOM with the GMP process.

  • media.gmp.use-native-event-processing
    Bug 1845946 - Part 3. Use NS_InitMinimalXPCOM with the GMP process.

  • media.webrtc.debug.aec_dump_max_size
    Bug 1847833 - pref 'media.webrtc.debug.aec_dump_max_size' is no longer used.

  • mousewheel.enable_pixel_scrolling
    Bug 1846468 - Remove mousewheel.enable_pixel_scrolling declaration on Windows

  • network.http.reject_NULs_in_response_header_values
    Bug 1453318 - Disallow responses when a response header value contains 0x00;

  • network.http.strict_response_status_line_parsing
    Bug 1687903 - Enable stricter HTTP response status line parsing;

  • network.preload
    Bug 1847811 - Remove network.preload pref.

  • network.url.strict_data_url_base64_placement
    Bug 1848903 - only allow ;base64 right before the comma in a data URL;

  • permissions.delegation.enabled
    Bug 1697151 - Remove permissions.delegation.enabled pref

  • print.cups.enum_dests_timeout_ms
    Bug 1837898 - Remove unused print.cups.enum_dests_timeout_ms pref

  • print.use_simplify_page
    Bug 1773058 - Remove print.use_simplify_page pref

  • privacy.bounceTrackingProtection.bounceTrackingActivationLifetimeSec
    Bug 1839917 - Add bounce tracking timer algorithm.

  • privacy.bounceTrackingProtection.bounceTrackingGracePeriodSec
    Bug 1839917 - Add bounce tracking timer algorithm.

  • privacy.bounceTrackingProtection.bounceTrackingPurgeTimerPeriodSec
    Bug 1839917 - Add bounce tracking timer algorithm.

  • privacy.fingerprintingProtection.pbmode
    Bug 1824235: Remove testGranularityMask from RFP and rename RFPLite
    Bug 1834622 - Enable fingerprinting protection in private windows in Nightly.

  • privacy.partition.bloburl_per_partition_key
    Bug 1843152 - Created pref privacy.partition.bloburl_per_double_partition_key.

  • security.tls.grease_http3_enable
    Bug 1844387 - Turn off greasing in HTTP3 connections

  • security.webauth.softtoken_counter
    Bug 1838938 - Remove U2FSoftTokenTransport.
    Bug 1813982 - XPCOM interface to authenticator-rs.

  • services.sync.prefs.sync.privacy.globalprivacycontrol.enabled
    Bug 1830623, part 2 - Add UI in about:preferences for GPC -

  • toolkit.shopping.ohttpConfigURL
    Bug 1846732 - switch OHTTP URLs to prod,
    Bug 1846734 - land staging shopping OHTTP endpoints in prefs,
    Bug 1843067 - provide an option for using OHTTP in shopping sidebar,

  • toolkit.shopping.ohttpRelayURL
    Bug 1846732 - switch OHTTP URLs to prod,
    Bug 1846953 - update staging OHTTP shopping endpoint,
    Bug 1846734 - land staging shopping OHTTP endpoints in prefs,
    Bug 1843067 - provide an option for using OHTTP in shopping sidebar,

  • toolkit.shopping.useOHTTP
    Bug 1847047 - move OHTTP prefs to a separate nimbus feature, enable by default,
    Bug 1843067 - provide an option for using OHTTP in shopping sidebar,

  • ui.osk.require_win10
    Bug 1846476 - Remove ui.osk.require_win10 pref

  • widget.swipe.page-size
    Bug 1846581 - Deal with pixel-based and page-based units separately in the swipe tracker.

  • widget.swipe.pixel-size
    Bug 1846581 - Deal with pixel-based and page-based units separately in the swipe tracker.

  • widget.swipe.whole-page-pixel-size
    Bug 1846581 - Deal with pixel-based and page-based units separately in the swipe tracker.

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Sep 30, 2023
edited

so I don't lose it

  • 1836260 [meta] shopping
  • added in FF116
    // user_pref("browser.shopping.experience2023.enabled", false); // [FF116+]

@Thorin-Oakenpants
Copy link
Contributor

I don't understand this shopping thing at all (and I don't want to), I just want to kill it. Why is it called 2023? Why is it called an experiment? Are we already exempt (I doubt it, this seems similar to DoH rollout)? Is this limited to certain websites? Is this limited to certain regions? How is it rolled out?

IDK, I just want to kill it

https://bugzilla.mozilla.org/show_bug.cgi?id=1836740 Set up opt-in pref for 2023 shopping experiment
https://bugzilla.mozilla.org/show_bug.cgi?id=1836751 Add settings/preferences UI for the opt-in to 2023 shopping experience

they keep calling it 2023 and experiment

this pref browser.shopping.experience2023.enabled FF116 was to toggle the experiment

this pref browser.shopping.experience2023.optedIn FF117 is a nothing burger and is simply the state of the optIn (default false)

how do we kill this thing - I'm tired - anyone else feel free to help

@Thorin-Oakenpants
Copy link
Contributor

https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0

my head is spinning

@c3d1c06c-bf26-477e-b0eb-c50ef4477ba6
Copy link

Does this help?

// Enable new experimental shopping features. This is solely intended as a
// rollout/"emergency stop" button - it will go away once the feature has
// rolled out. There will be separate controls for user opt-in/opt-out.
pref("browser.shopping.experience2023.enabled", false);

// Ternary int-valued pref indicating if the user has opted into the new
// experimental shopping feature.
// 0 means the user has not opted in or out.
// 1 means the user has opted in.
// 2 means the user has opted out.
pref("browser.shopping.experience2023.optedIn", 0);

@Thorin-Oakenpants
Copy link
Contributor

Does this help?

IDK. I already gathered all as much, but I fail to see how it "works". The optIn value doesn't matter if we can never reach it (but a value of 2 couldn't hurt - but it's likely to be a runtime value trigger by the rollout - I do not want to rely on this pref). We want to ensure we are never part of the "experiment" - but this a rollout for all, and the experiment is temporary. Honestly, at this point IDCare and maybe we can just ignore it until it becomes a problem

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Oct 2, 2023
edited

I think at this stage, we just want to add browser.shopping.experience2023.enabled = false so we are not part of the initial experiment, but I need/want someone else to confirm, help

edit: and that pref is still default false - maybe the rollout flips it? IDK. Where is the master switch?

@fxbrit
Copy link
Collaborator

fxbrit commented Oct 2, 2023

I think so, it's in the nimbus manifest and there's mention of an onboarding UI so it is probably the usual staged rollout and then the prefs will be removed and replaced by something else. so we can use the 2023 one for now and then once a master switch exists we replace it.

@Thorin-Oakenpants
Copy link
Contributor

Thorin-Oakenpants commented Oct 3, 2023
edited

fuck, send cocaine and hookers, quick stat ... it's experience not experiment. At least that clears that up for me

edit: doesn't help that they also use the word experiment in bugzilla comments

@Thorin-Oakenpants
Copy link
Contributor

this sums it up

https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0

browser.shopping.experience2023.enabled pref, which simply puts a user in the experimental population that might be shown the experience

so that should be good enough, and it also explains why it's not flipped because shopping is definitely not ready. I also wonder if opting out of studies/experiments etc covers this, but fuck it, what's one more pref

@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Oct 18, 2023
Closed
@Thorin-Oakenpants Thorin-Oakenpants mentioned this issue Oct 31, 2023
Closed
@trytomakeyouprivate
Copy link

exempt

so afaik: This shopping experience thing only works on certain Websites like Amazon, only in the US.

There is little information on it, and if it is privacy preserving. In general its a feature to find the cheapest price of a product, maybe over time. I suppose it uses some kind of database and maybe even an online service.

Agreeing that unless there is more info on it, and its not in beta anymore, it should be disabled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
diffs enhancement task
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Thorin-Oakenpants @earthlng @fxbrit @trytomakeyouprivate @c3d1c06c-bf26-477e-b0eb-c50ef4477ba6