From c269040ff5cdf9a356307aa7f6df92ec4684841c Mon Sep 17 00:00:00 2001
From: BeatLink <beatlink@protonmail.com>
Date: Sat, 13 Jul 2019 21:13:34 -0500
Subject: Delete dev folder

---
 dev/debugging/debug-notes.log | 201 ------------------------------------------
 1 file changed, 201 deletions(-)
 delete mode 100644 dev/debugging/debug-notes.log

(limited to 'dev/debugging/debug-notes.log')

diff --git a/dev/debugging/debug-notes.log b/dev/debugging/debug-notes.log
deleted file mode 100644
index fd1f7e6..0000000
--- a/dev/debugging/debug-notes.log
+++ /dev/null
@@ -1,201 +0,0 @@
-========================================================================================================================
-Build Notes v2 :
-========================================================================================================================
-
-
-- Tor files to remove :
-
-    Classic removal plus
-    https-everywhere addon
-    profile.meek-http-helper...
-
-- Patching release :
-
-    >browser.omni.ja.chrome.browser.content.browser.preferences.in-content.privacy.origin (patch with winrar)
-    Tor : patch mozilla.cfg
-
-- Tor windows :
-
-    Install it to desktop then get the files
-    (Only the lnk file is a new file compared to compressed version)
-    remove lnk file
-    add link.vbs
-    add bat file
-
-- Tor mac :
-
-    Under mac, mount and extract all content to a folder
-    Copy by command .DS_Store (from dmg to folder)
-    run "codesign --remove-signature Tor\ Browser.app".
-    With disk utils, create a dmg from a folder (nocompression rw)
-    We are converting iso-dmg to dmg...
-
-========================================================================================================================
-JS Note & Debugging :
-========================================================================================================================
-
-// ----------
-// CSP Note :
-// ----------
-//
-// Syntax :
-// One or more sources can be allowed for the default-src policy:
-// Content-Security-Policy: default-src <source> <source>;
-// Content-Security-Policy: default-src <source>;
-//
-// default-src is a fallback for :
-// - child-src
-// - connect-src
-// - font-src
-// - frame-src
-// - img-src
-// - manifest-src
-// - media-src
-// - object-src
-// - prefetch-src
-// - script-src
-// - style-src
-// - worker-src
-//
-// <source> can be one of the following:
-//
-// 'none'
-// Refers to the empty set; that is, no URLs match. The single quotes are required.
-//
-// 'self'
-// Refers to the origin from which the protected document is being served,
-// including the same URL scheme and port number. You must include the single quotes.
-// Some browsers specifically exclude blob and filesystem from source directives.
-// Sites needing to allow these content types can specify them using the Data attribute.
-//
-// 'unsafe-inline'
-// Allows the use of inline resources, such as inline <script> elements, javascript:
-// URLs, inline event handlers, and inline <style> elements. You must include the single quotes.
-//
-// 'unsafe-eval'
-// Allows the use of eval() and similar methods for creating code from strings.
-// You must include the single quotes.
-//
-// <scheme-source>
-// A schema such as 'http:' or 'https:'. The colon is required, single quotes
-// shouldn't be used. You can also specify data schemas (not recommended).
-// - data:          Allows data: URIs to be used as a content source. This is insecure;
-//                  An attacker can also inject arbitrary data: URIs.
-//                  Use this sparingly and definitely not for scripts.
-// - mediastream:   Allows mediastream: URIs to be used as a content source.
-// - blob:          Allows blob: URIs to be used as a content source.
-// - filesystem:    Allows filesystem: URIs to be used as a content source.
-//
-// <host-source>
-// Internet hosts by name or IP address, as well as an optional URL scheme and/or port number.
-// The site's address may include an optional leading wildcard (the asterisk character, '*'),
-// and you may use a wildcard (again, '*') as the port number, indicating that all
-// legal ports are valid for the source.
-// Examples:
-// - http://*.example.com:      Matches all attempts to load from any subdomain of example.com using the http: URL scheme.
-// - mail.example.com:443:      Matches all attempts to access port 443 on mail.example.com.
-// - https://store.example.com: Matches all attempts to access store.example.com using https:.
-//
-// Sources :
-// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
-// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src
-
-// -----------------
-// Process Isolation
-// -----------------
-//
-// Pref : Separate process for protocol
-// defaultPref("extensions.webextensions.protocol.remote", true); //default true
-//
-// Pref : Separate process for protocol extension
-// defaultPref("extensions.webextensions.remote", false); //default true
-//
-// Process remote (separating process) can partially firewall extension by
-// denying access to some moz-extension (extension internal url like settings page)
-// but this is not reliable not usable for a purpose of firewalling
-// Setting this to false will break moz-extension URI loading
-// unless other process sandboxing and extension remoting prefs are changed.
-// Note, extensions.webextensions.protocol.remote=false is for
-// debugging purposes only. With process-level sandboxing, child
-// processes (specifically content and extension processes), will
-// not be able to load most moz-extension URI's when the pref is
-// set to false.
-
-// ------------------
-// Restricted Domains
-// ------------------
-//
-// "extensions.webextensions.restrictedDomains"
-//
-// gHacks set this to empty ""... this is list of blocked domain for ext.
-// Default value :
-// "accounts-static.cdn.mozilla.net,accounts.firefox.com,addons.cdn.mozilla.net,addons.mozilla.org,
-// api.accounts.firefox.com,content.cdn.mozilla.net,content.cdn.mozilla.net,discovery.
-// addons.mozilla.org,input.mozilla.org,install.mozilla.org,oauth.accounts.firefox.
-// com,profile.accounts.firefox.com,support.mozilla.org,sync.services.
-// mozilla.com,testpilot.firefox.com"
-//
-// Managed in
-// AddonManagerWebAPI.cpp
-// WebExtensionPolicy.cpp
-//
-// Check function (When fail directly return deny) :
-//
-// WebExtensionPolicy::IsRestrictedURI
-// - Check againt restrictedDomains             (false-allow)       domains->Contains
-// - Check if IsValidSite (deny access)         (false-allow)
-// --- Check if empty string                    --(false-allow)
-// --- Check https/http                         --(false-allow)
-// --- Check SSL                                --(false-allow)
-// --- Allow those domain directly              --(true---deny)
-//     "addons.mozilla.org"
-//     "discovery.addons.mozilla.org"
-//     "testpilot.firefox.com"
-// --- If pref "extensions.webapi.testing"      --(true---deny)
-//     is true, it allow access to other
-//     sites list
-// --- Return false                             --(false-allow)
-// - Return false                               (false-allow)
-
-// -----------------
-// Other Possibility
-// -----------------
-//
-// Other possibility (securefox extension) compare requests to url... filter etc...
-//
-// Other possibility... recompile and make it a native feature... (may be for futur version)
-// Just invert the code to be !domains->Contains and thus allow only listed domain
-//
-// Other hidden setting
-// int dom.ipc.keepProcessesAlive.extension //hidden settings
-//
-// Conclusion : patching binary "IsRestrictedURI" function OR build own version
-//              Durable solution is to rebuild... this feature is paused until futur versions
-//
-
-// ---------------------------------------
-// Pref : CSP Settings For Extensions I/II
-// ---------------------------------------
-//
-// Default Value : "
-// script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline';
-// object-src 'self' https://* moz-extension: blob: filesystem:;
-// "
-//
-// Default Deny Value : "
-// default-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline';
-// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline';
-// object-src 'self' moz-extension: blob: filesystem:;
-// "
-//
-// Strict Deny Value : "
-// default-src 'self' moz-extension: blob: filesystem:;
-// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline';
-// object-src 'self' moz-extension: blob: filesystem:;
-// "
-//
-// Super Strict Deny Value : "
-// default-src 'none';
-// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline';
-// object-src 'self' moz-extension: blob: filesystem:;
-// "
-- 
cgit