Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

about:networking#http page tracks visited sites #1771

Closed
element-wise opened this issue Nov 23, 2023 · 1 comment
Closed

about:networking#http page tracks visited sites #1771

element-wise opened this issue Nov 23, 2023 · 1 comment
Labels
invalid

Comments

@element-wise
Copy link

element-wise commented Nov 23, 2023
edited by Thorin-Oakenpants

馃煡 https://github.com/arkenfox/user.js/wiki/5.2-Troubleshooting

  • [x ] I have read the troubleshooting guide, done the checks and confirmed this is caused by arkenfox
    • unchecked issues may will be closed as invalid

馃煪 REQUIRED INFO

  • Browser version & OS: Firefox 119.0.1 & Ubuntu 22.04.3 LTS
  • Steps to Reproduce (STR): Set user_pref("places.history.enabled", false);
  • Expected result: about:networking#http page should be empty since browsing history is disabled
  • Actual result: about:networking#http lists sites that have been visited in current session
  • Console errors and warnings: N/A
  • Anything else you deem worth mentioning:

I've found that the only way to prevent about:networking#http from logging sites that I've visited is to use PB mode (private browsing), which may conflict with the statement under Index 5001 that users "can achieve [no "persistent" disk state] in normal mode". I've gone through StaticPrefList.yaml, hoping to find a relevant preference to modify, but I haven't had much success.

My modified preferences are the following:

click me for details

user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.normandy.api_url", "");
user_pref("app.normandy.enabled", false);
user_pref("app.normandy.first_run", false);
user_pref("app.normandy.migrationsApplied", 12);
user_pref("app.shield.optoutstudies.enabled", false);
user_pref("app.update.auto", false);
user_pref("app.update.download.attempts", 0);
user_pref("app.update.elevate.attempts", 0);
user_pref("breakpad.reportURL", "");
user_pref("browser.aboutConfig.showWarning", false);
user_pref("browser.bookmarks.addedImportButton", true);
user_pref("browser.bookmarks.restore_default_bookmarks", false);
user_pref("browser.cache.disk.enable", false);
user_pref("browser.contentblocking.category", "custom");
user_pref("browser.contentblocking.report.hide_vpn_banner", true);
user_pref("browser.discovery.enabled", false);
user_pref("browser.download.alwaysOpenPanel", false);
user_pref("browser.download.always_ask_before_handling_new_types", true);
user_pref("browser.download.manager.addToRecentDocs", false);
user_pref("browser.download.panel.shown", true);
user_pref("browser.download.start_downloads_in_tmp_dir", true);
user_pref("browser.download.useDownloadDir", false);
user_pref("browser.download.viewableInternally.typeWasRegistered.avif", true);
user_pref("browser.download.viewableInternally.typeWasRegistered.webp", true);
user_pref("browser.engagement.ctrlTab.has-used", true);
user_pref("browser.engagement.downloads-button.has-used", true);
user_pref("browser.formfill.enable", false);
user_pref("browser.laterrun.bookkeeping.sessionCount", 29);
user_pref("browser.laterrun.enabled", true);
user_pref("browser.link.open_newwindow.restriction", 0);
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
user_pref("browser.migration.version", 140);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
user_pref("browser.newtabpage.activity-stream.default.sites", "");
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
user_pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
user_pref("browser.newtabpage.activity-stream.showSearch", false);
user_pref("browser.newtabpage.activity-stream.showSponsored", false);
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
user_pref("browser.newtabpage.enabled", false);
user_pref("browser.pagethumbnails.storage_version", 3);
user_pref("browser.ping-centre.telemetry", false);
user_pref("browser.places.speculativeConnect.enabled", false);
user_pref("browser.preferences.defaultPerformanceSettings.enabled", false);
user_pref("browser.privatebrowsing.forceMediaMemoryCache", true);
user_pref("browser.protections_panel.infoMessage.seen", true);
user_pref("browser.proton.toolbar.version", 3);
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
user_pref("browser.search.region", "US");
user_pref("browser.search.serpEventTelemetry.enabled", false);
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.sessionstore.closedTabsFromAllWindows", false);
user_pref("browser.sessionstore.closedTabsFromClosedWindows", false);
user_pref("browser.sessionstore.collect_session_storage", false);
user_pref("browser.sessionstore.collect_zoom", false);
user_pref("browser.sessionstore.privacy_level", 2);
user_pref("browser.sessionstore.resume_session_once", true);
user_pref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
user_pref("browser.shell.shortcutFavicons", false);
user_pref("browser.startup.couldRestoreSession.count", 1);
user_pref("browser.startup.homepage", "about:blank");
user_pref("browser.startup.homepage_override.mstone", "ignore");
user_pref("browser.startup.page", 0);
user_pref("browser.tabs.crashReporting.sendReport", false);
user_pref("browser.tabs.inTitlebar", 1);
user_pref("browser.tabs.searchclipboardfor.middleclick", false);
user_pref("browser.tabs.tabmanager.enabled", false);
user_pref("browser.toolbars.bookmarks.visibility", "never");
user_pref("browser.translations.enable", false);
user_pref("browser.uitour.enabled", false);
user_pref("browser.urlbar.addons.featureGate", false);
user_pref("browser.urlbar.mdn.featureGate", false);
user_pref("browser.urlbar.placeholderName", "DuckDuckGo");
user_pref("browser.urlbar.placeholderName.private", "DuckDuckGo");
user_pref("browser.urlbar.quicksuggest.migrationVersion", 2);
user_pref("browser.urlbar.quicksuggest.scenario", "offline");
user_pref("browser.urlbar.shortcuts.bookmarks", false);
user_pref("browser.urlbar.shortcuts.history", false);
user_pref("browser.urlbar.shortcuts.tabs", false);
user_pref("browser.urlbar.showSearchTerms.enabled", false);
user_pref("browser.urlbar.speculativeConnect.enabled", false);
user_pref("browser.urlbar.suggest.bookmark", false);
user_pref("browser.urlbar.suggest.engines", false);
user_pref("browser.urlbar.suggest.history", false);
user_pref("browser.urlbar.suggest.openpage", false);
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false);
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
user_pref("browser.urlbar.suggest.searches", false);
user_pref("browser.urlbar.suggest.topsites", false);
user_pref("browser.urlbar.trending.featureGate", false);
user_pref("browser.xul.error_pages.expert_bad_cert", true);
user_pref("captivedetect.canonicalURL", "");
user_pref("datareporting.healthreport.uploadEnabled", false);
user_pref("datareporting.policy.dataSubmissionEnabled", false);
user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 2);
user_pref("devtools.debugger.prefs-schema-version", 11);
user_pref("devtools.debugger.remote-enabled", false);
user_pref("devtools.everOpened", true);
user_pref("devtools.inspector.simple-highlighters.message-dismissed", false);
user_pref("devtools.netmonitor.msg.visibleColumns", "[\"data\",\"time\"]");
user_pref("devtools.toolbox.selectedTool", "netmonitor");
user_pref("devtools.toolsidebar-height.inspector", 350);
user_pref("devtools.toolsidebar-width.inspector", 376);
user_pref("devtools.toolsidebar-width.inspector.splitsidebar", 376);
user_pref("distribution.iniFile.exists.appversion", "119.0.1");
user_pref("distribution.iniFile.exists.value", false);
user_pref("doh-rollout.doneFirstRun", true);
user_pref("doh-rollout.home-region", "US");
user_pref("doh-rollout.mode", 2);
user_pref("doh-rollout.self-enabled", true);
user_pref("doh-rollout.uri", "https://mozilla.cloudflare-dns.com/dns-query");
user_pref("dom.disable_window_move_resize", true);
user_pref("dom.enable_performance", false);
user_pref("dom.enable_resource_timing", false);
user_pref("dom.forms.autocomplete.formautofill", true);
user_pref("dom.security.https_only_mode", true);
user_pref("dom.security.https_only_mode_ever_enabled", true);
user_pref("dom.security.https_only_mode_send_http_background_request", false);
user_pref("extensions.activeThemeID", "default-theme@mozilla.org");
user_pref("extensions.blocklist.pingCountVersion", -1);
user_pref("extensions.databaseSchema", 35);
user_pref("extensions.enabledScopes", 5);
user_pref("extensions.formautofill.addresses.enabled", false);
user_pref("extensions.formautofill.creditCards.enabled", false);
user_pref("extensions.getAddons.databaseSchema", 6);
user_pref("extensions.getAddons.showPane", false);
user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
user_pref("extensions.lastAppVersion", "119.0.1");
user_pref("extensions.lastPlatformVersion", "119.0.1");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true);
user_pref("extensions.pocket.enabled", false);
user_pref("extensions.postDownloadThirdPartyPrompt", false);
user_pref("extensions.quarantinedDomains.list", "autoatendimento.bb.com.br,ibpf.sicredi.com.br,ibpj.sicredi.com.br,internetbanking.caixa.gov.br,www.ib12.bradesco.com.br,www2.bancobrasil.com.br");
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
user_pref("extensions.ui.dictionary.hidden", true);
user_pref("extensions.ui.lastCategory", "addons://list/extension");
user_pref("extensions.ui.locale.hidden", true);
user_pref("extensions.ui.sitepermission.hidden", true);
user_pref("extensions.update.autoUpdateDefault", false);
user_pref("extensions.webcompat.enable_shims", true);
user_pref("extensions.webcompat.perform_injections", true);
user_pref("extensions.webcompat.perform_ua_overrides", true);
user_pref("full-screen-api.warning.timeout", 0);
user_pref("gecko.handlerService.defaultHandlersVersion", 1);
user_pref("general.smoothScroll", true);
user_pref("geo.enabled", false);
user_pref("geo.provider.ms-windows-location", false);
user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
user_pref("geo.provider.use_corelocation", false);
user_pref("geo.provider.use_geoclue", false);
user_pref("geo.provider.use_gpsd", false);
user_pref("intl.accept_languages", "en-US, en");
user_pref("javascript.use_us_english_locale", true);
user_pref("keyword.enabled", false);
user_pref("layers.acceleration.disabled", true);
user_pref("layout.css.prefers-reduced-transparency.enabled", true);
user_pref("layout.spellcheckDefault", 0);
user_pref("media.gmp.storage.version.observed", 1);
user_pref("media.hardware-video-decoding.enabled", false);
user_pref("media.hardwaremediakeys.enabled", false);
user_pref("media.memory_cache_max_size", 65536);
user_pref("media.peerconnection.ice.default_address_only", true);
user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
user_pref("media.video_stats.enabled", false);
user_pref("media.videocontrols.picture-in-picture.video-toggle.first-seen-secs", 1699220111);
user_pref("media.videocontrols.picture-in-picture.video-toggle.has-used", true);
user_pref("network.IDN_show_punycode", true);
user_pref("network.auth.subresource-http-auth-allow", 1);
user_pref("network.captive-portal-service.enabled", false);
user_pref("network.connectivity-service.enabled", false);
user_pref("network.cookie.cookieBehavior", 2);
user_pref("network.dns.disableIPv6", true);
user_pref("network.dns.disablePrefetch", true);
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
user_pref("network.dnsCacheEntries", 0);
user_pref("network.file.disable_unc_paths", true);
user_pref("network.gio.supported-protocols", "");
user_pref("network.http.rcwn.enabled", false);
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true);
user_pref("network.http.speculative-parallel-limit", 0);
user_pref("network.preconnect", false);
user_pref("network.predictor.enabled", false);
user_pref("network.prefetch-next", false);
user_pref("network.proxy.socks_remote_dns", true);
user_pref("pdfjs.enableScripting", false);
user_pref("pdfjs.enabledCache.state", true);
user_pref("pdfjs.migrationVersion", 2);
user_pref("permissions.manager.defaultsUrl", "");
user_pref("places.history.enabled", false);
user_pref("pref.privacy.disable_button.cookie_exceptions", false);
user_pref("privacy.annotate_channels.strict_list.enabled", true);
user_pref("privacy.clearOnShutdown.offlineApps", true);
user_pref("privacy.clearOnShutdown.openWindows", true);
user_pref("privacy.cpd.cookies", false);
user_pref("privacy.donottrackheader.enabled", true);
user_pref("privacy.fingerprintingProtection", true);
user_pref("privacy.history.custom", true);
user_pref("privacy.partition.network_state.ocsp_cache", true);
user_pref("privacy.purge_trackers.date_in_cookie_database", "0");
user_pref("privacy.query_stripping.enabled", true);
user_pref("privacy.query_stripping.enabled.pbmode", true);
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
user_pref("privacy.sanitize.pending", "[{\"id\":\"shutdown\",\"itemsToClear\":[\"cache\",\"cookies\",\"offlineApps\",\"history\",\"formdata\",\"downloads\",\"sessions\",\"openWindows\"],\"options\":{}},{\"id\":\"newtab-container\",\"itemsToClear\":[],\"options\":{}}]");
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
user_pref("privacy.sanitize.timeSpan", 0);
user_pref("privacy.trackingprotection.emailtracking.enabled", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
user_pref("privacy.userContext.enabled", true);
user_pref("privacy.userContext.extension", "@testpilot-containers");
user_pref("privacy.userContext.ui.enabled", true);
user_pref("security.OCSP.require", true);
user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.nocertdb", true);
user_pref("security.pki.crlite_mode", 2);
user_pref("security.remote_settings.crlite_filters.enabled", true);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.tls.enable_0rtt_data", false);
user_pref("services.sync.clients.lastSync", "0");
user_pref("services.sync.declinedEngines", "");
user_pref("services.sync.engine.addresses.available", true);
user_pref("services.sync.globalScore", 0);
user_pref("services.sync.nextSync", 0);
user_pref("signon.autofillForms", false);
user_pref("signon.formlessCapture.enabled", false);
user_pref("signon.rememberSignons", false);
user_pref("storage.vacuum.last.index", 2);
user_pref("toolkit.coverage.endpoint.base", "");
user_pref("toolkit.coverage.opt-out", true);
user_pref("toolkit.telemetry.archive.enabled", false);
user_pref("toolkit.telemetry.bhrPing.enabled", false);
user_pref("toolkit.telemetry.coverage.opt-out", true);
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
user_pref("toolkit.telemetry.newProfilePing.enabled", false);
user_pref("toolkit.telemetry.pioneer-new-studies-available", false);
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
user_pref("toolkit.telemetry.server", "data:,");
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
user_pref("toolkit.telemetry.unified", false);
user_pref("toolkit.telemetry.updatePing.enabled", false);
user_pref("toolkit.winRegisterApplicationRestart", false);
user_pref("trailhead.firstrun.didSeeAboutWelcome", true);
user_pref("ui.key.menuAccessKey", 0);
user_pref("ui.prefersReducedMotion", 1);
user_pref("webchannel.allowObject.urlWhitelist", "");
user_pref("webgl.disabled", true);```

---

</p></details>
@Thorin-Oakenpants
Copy link
Contributor 

 * [NOTE] The P in PB mode can be misleading: it means no "persistent" disk state such as history,
 * caches, searches, cookies, localStorage, IndexedDB etc (which you can achieve in normal mode).
 * In fact, PB mode limits or removes the ability to control some of these, and you need to quit
 * Firefox to clear them.

so the note refers to site data - and some items are orthoganal, such as history (which we also clear). But totally avoiding disk state for the entire app is impossible and even Tor Browser don't claim to (well, the docs are going to be rewritten) because apps can't fully control the OS.

anyway, PB mode does do some things differently - i.e in some cases avoiding disk entirely by using memory - or writing to disk encrypted with a session-only memory-only key (and cleaning up on close and handling ungraceful exits - i.e cleanup on start). I'm not 100% sure what PB mode does with history (from a quick look it's not recorded, but back/forward still works and closed tabs are recorded, just not history - weird: there are lots of gaps in this area)

But no-one has ever claimed to prevent per-session data - and we sanitize history on close. So I'm not sure what it is you are trying to protect from - your threat model sounds like you should just use Tor Browser or Mullvad Browser

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Thorin-Oakenpants @element-wise