diff options
Diffstat (limited to 'librewolf/debian/librewolf_settings/docs/Changelog.md')
| -rw-r--r-- | librewolf/debian/librewolf_settings/docs/Changelog.md | 436 |
1 files changed, 436 insertions, 0 deletions
diff --git a/librewolf/debian/librewolf_settings/docs/Changelog.md b/librewolf/debian/librewolf_settings/docs/Changelog.md new file mode 100644 index 0000000..c43dc60 --- /dev/null +++ b/librewolf/debian/librewolf_settings/docs/Changelog.md @@ -0,0 +1,436 @@ +This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version. +Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config. + +## 4.0 + +**target commit**: 9003f029f8fe087cde5bb081d51ab82340948874 + +**base librewolf version**: 95.x + +**References**: +- [review webrtc](https://gitlab.com/librewolf-community/settings/-/issues/108). +- [stop disabling geo api](https://gitlab.com/librewolf-community/settings/-/issues/102). +- [deprecate RFP dark mode](https://gitlab.com/librewolf-community/browser/common/-/issues/56). +- `offlineApps` change in 3.1 did not respect exceptions, so revert it. +- uncomment prefs to enable CRL without OCSP fallback, although they will fully work only when [this issue is closed](https://gitlab.com/librewolf-community/browser/common/-/issues/57). +- we decided to force a larger new window size by default, to improve usability for RFP users while still keeping a rounded value. see [this comment](https://gitlab.com/librewolf-community/settings/-/issues/104#note_752186737). + +#### Added preferences +``` +defaultPref("privacy.window.maxInnerWidth", 1600); +defaultPref("privacy.window.maxInnerHeight", 900); +``` + +#### Removed preferences +``` +defaultPref("media.peerconnection.enabled", false); +lockPref("privacy.override_rfp_for_color_scheme", false); +defaultPref("geo.enabled", false); +defaultPref("permissions.default.geo", 2); +defaultPref("privacy.clearOnShutdown.offlineApps", true); +defaultPref("privacy.cpd.offlineApps", true); +``` + +#### Changed preferences +``` +defaultPref("security.remote_settings.crlite_filters.enabled", true); +defaultPref("security.pki.crlite_mode", 2); +``` + +## 3.2 + +**target commit**: 19e59813ed483de7ffc8a219da96eb18a942eb01 + +**base librewolf version**: 94.x + +**References**: +- block the new firefox suggests feature in full. +- enforce a sane value for manual sanitizing. + +**Notes**: the suggest prefs might be overkill, we should try to trim to the bare minimum in the next release. + +#### Added preferences +``` +lockPref("browser.urlbar.quicksuggest.enabled", false); // disable suggest and hide its ui +lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // disable suggestions from firefox +lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); // disable sponsored suggestions +lockPref("browser.urlbar.quicksuggest.dataCollection.enabled", false); // default +defaultPref("privacy.sanitize.timeSpan", 0); +``` +#### Changed preferences +``` +lockPref("browser.urlbar.quicksuggest.scenario", "history"); // prevent opt-in, doesn't work alone +``` + +## 3.1 + +**target commit**: 6844d4ad1c9ad8bb3ffdc29e0a607c21c0559da4 and 67e6a00b719ecd52782a724cd09a9f08fa4577c0 + +**base librewolf version**: 94.x + +**References**: +- the added prefs are all defense in depth. +- `drawInTitlebar` was causing errors for some users, the bug was reproduced. Linux users might experience a different toolbar behavior because of this change. +- the default value for scopes seems like a better choice than changing it. +- `offlineApps` can be safely cleared without using logins, in fact it was most likely cleared by other sanitazion techniques regardless. + +**Notes**: please notify users about the new website, thanks to @maltejur for helping with the migration. + +#### Added preferences +``` +defaultPref("webchannel.allowObject.urlWhitelist", ""); // remove webchannel whitelist +lockPref("toolkit.telemetry.coverage.opt-out", true); // hidden +defaultPref("privacy.cpd.offlineApps", true); // for consistency with clearOnShutdown prefs +``` + +#### Removed preferences +``` +defaultPref("extensions.autoDisableScopes", 11); // bring back to default +defaultPref("browser.tabs.drawInTitlebar", true); // bring back to default +``` + +#### Changed preferences +``` +defaultPref("privacy.clearOnShutdown.offlineApps", true); // can be cleared +defaultPref("app.support.baseURL", "https://librewolf.net/docs/faq/#"); +defaultPref("browser.search.searchEnginesURL", "https://librewolf.net/docs/faq/#how-do-i-add-a-search-engine"); +defaultPref("browser.geolocation.warning.infoURL", "https://librewolf.net/docs/faq/#how-do-i-enable-location-aware-browsing"); +defaultPref("app.feedback.baseURL", "https://librewolf.net/#questions"); +``` + +## 3.0 + +**target commit**: f0a2d5d70657cc87348282d6faaf72edff8bf304 and 4e0895a299ec99066f119d8ce1a2923fc91aa465 + +**base librewolf version**: 94.x + +**References**: +- as reported in #95 and discussed [here](https://gitlab.com/librewolf-community/browser/linux/-/issues/246) we are re-enabling TP by default, setting it to strict. +- the sponsored shortcuts in about:preferences#home were already locked, now they are properly hidden. +- enable fission as it is being [rolled out to stable](https://bugzilla.mozilla.org/show_bug.cgi?id=1732206). + +**Notes**: all the removed preferences were either related to disabling TP, or unecessary when using strict mode. as a result of this trimming the tracking protection section of the .cfg file doesn't need to exist anymore. + +#### Added preferences +``` +defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button from about:preferences#home +defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default +defaultPref("fission.autostart", true); // enable fission by default +``` + +#### Removed preferences +``` +lockPref("privacy.trackingprotection.enabled", false); +lockPref("privacy.trackingprotection.pbmode.enabled", false); +lockPref("privacy.trackingprotection.annotate_channels", false); +defaultPref("browser.safebrowsing.provider.mozilla.updateURL", ""); +defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); +defaultPref("privacy.trackingprotection.cryptomining.enabled", false); +defaultPref("privacy.trackingprotection.fingerprinting.enabled", false); +defaultPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false); +defaultPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false); +``` + +#### Changed preferences +``` +pref("browser.contentblocking.category", "strict"); +``` + +## 2.0 + +**target commit**: from 6451faa167568313e5ed065fcb3ee2bb76132063 to b17a1ed657e22ac61b4399699223d36724b842e7 + +**base librewolf version**: 92.x + +**References**: +- [web content can no longer access the battery api](https://bugzilla.mozilla.org/show_bug.cgi?id=1313580). +- http alternative services are [isolated by network partitioning and FPI](https://github.com/arkenfox/user.js/blob/269cf965bd51022ca69823f8f66a8e402280d856/user.js#L1350) and they are unchanged even in tor browser. from a security standpoint, the alternate service will need to provide the certificate of the origin in order to be considered trusthworthy. +- let the user decide what to manually clear, including the timespan. +- drm prefs have been trimmed as a quality of life improvement. the end result is the same, with less hassle for users who want to access drm-protected content. +- DNT header has been proved to not work and it is used to fingerprint. +- VR access is behind a prompt and, despite being unlikely, it could be fingerprinted. with all this on the table it's just not worth and overkill. +- vibrator API is so nieche that even tor does not change it. best to trim where possible. +- `extensions.getAddons.link.url"` is showed only when no extension is installed and it's not a bad suggestion to get addons from addons.mozilla.org so we can remove it. +- `browser.safebrowsing.downloads.remote.*` are all controlled by the prefs already in the .cfg, which is the same approach taken by tor browser. +- graphite [is no longer as concerning](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+graphite) and blocking it is likely fingerprintable. +- the pdf prefs and the bookmark backup are not really relevant to librewolf. +- as reported [here](https://bugzilla.mozilla.org/show_bug.cgi?id=1606624) the shared memory pref is no longer needed, so we can switch it back to default. +- new tab page section now includes a new design and no longer an empty page. all the unnecessary preferences have been removed and users can also customize as the most essential ones have been unlocked. +- UI bug in tracking protection section is fixed. +- a bunch of dead links are fixed. +- for screensharing see [testing provided at this link](https://github.com/arkenfox/user.js/issues/1245) +- disable new firefox suggests feature + +**Notes** +Recent changes in the category `MISC > set librewolf support and releases urls` require to create a couple header for the landing page. + +#### Removed preferences +``` +defaultPref("general.warnOnAboutConfig", false); // deprecated +defaultPref("dom.battery.enabled", false); +lockPref("network.http.altsvc.enabled", false); +lockPref("network.http.altsvc.oe", false); +lockPref("signon.storeWhenAutocompleteOff", false); // we do not suggest lockwise in the first place +defaultPref("signon.management.page.breach-alerts.enabled", false); // no harm for lockwise users +defaultPref("signon.management.page.breachAlertUrl", ""); // no harm for lockwise users +defaultPref("privacy.history.custom", true); // redundant +defaultPref("privacy.cpd.cookies", false); +defaultPref("privacy.cpd.offlineApps", false); // default +defaultPref("privacy.sanitize.timeSpan", 0); +defaultPref("media.gmp-widevinecdm.visible", false); +defaultPref("media.gmp-widevinecdm.enabled", false); +defaultPref("privacy.donottrackheader.enabled", true); +defaultPref("dom.vr.enabled", false); +defaultPref("dom.vibrator.enabled", false); +defaultPref("dom.push.connection.enabled", false); // redundant +defaultPref("dom.security.https_only_mode_pbm", true); // redundant +defaultPref("security.tls.version.fallback-limit", 3); // default is for, no need to enforce further +lockPref("extensions.webextensions.identity.redirectDomain", ""); // outdated and unchanged even in tor +defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/ +defaultPref("extensions.getAddons.get.url", ""); // redundant +lockPref("extensions.getAddons.discovery.api_url", ""); // redundant +lockPref("webextensions.storage.sync.serverURL", ""); // sync not supported +lockPref("extensions.webservice.discoverURL", ""); // deprecated +defaultPref("xpinstall.signatures.devInfoURL", ""); // link to wiki page +lockPref("app.normandy.user_id", ""); // redundant +lockPref("app.normandy.shieldLearnMoreUrl", ""); // redundant +lockPref("security.mixed_content.block_active_content", true); // default +defaultPref("security.insecure_connection_text.pbmode.enabled", true); // redundant +lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false); +lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); +lockPref("gfx.font_rendering.graphite.enabled", false); // consider removing +defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); +defaultPref("pdfjs.enabledCache.state", false); +lockPref("remote.enabled", false); // removed in FF90 +lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); // redundant +defaultPref("browser.bookmarks.max_backups", 2); +defaultPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // unharmful +defaultPref("devtools.devices.url", ""); // unharmful +lockPref("media.decoder-doctor.new-issue-endpoint", ""); // redundant +lockPref("identity.sync.tokenserver.uri", ""); // redundant +defaultPref("accessibility.support.url", ""); // redundant +lockPref("browser.dictionaries.download.url", ""); // dictionaries are hidden already +lockPref("browser.uitour.themeOrigin", ""); // redundant +lockPref("toolkit.datacollection.infoURL", ""); // redundant +lockPref("identity.mobilepromo.android", ""); // redundant +lockPref("identity.mobilepromo.ios", ""); // redundant +defaultPref("identity.sendtabpromo.url", ""); // redundant +lockPref("datareporting.healthreport.infoURL", ""); // redundant +lockPref("browser.chrome.errorReporter.infoURL", ""); // redundant +lockPref("datareporting.policy.firstRunURL", ""); // redundant +lockPref("javascript.options.shared_memory", false); +lockPref("app.update.staging.enabled", false); // not relevant +lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0); // redundant +lockPref("network.connectivity-service.IPv6.url", "http://0.0.0.0"); // redundant +lockPref("network.connectivity-service.IPv4.url", "http://0.0.0.0"); // redundant +lockPref("network.connectivity-service.DNSv6.domain", ""); // redundant +lockPref("network.connectivity-service.DNSv4.domain", ""); // redundant +lockPref("browser.crashReports.unsubmittedCheck.enabled", false); // default +lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // default +lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false); +lockPref("browser.newtabpage.activity-stream.feeds.places", false); +lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false); +lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}"); +lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true); +lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", ""); +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false); +lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false); +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", ""); +defaultPref("dom.push.userAgentID", ""); // push notifications are already disabled +lockPref("services.settings.server", ""); // redundant with patches +lockPref("webchannel.allowObject.urlWhitelist", ""); // deprecated +defaultPref("media.getusermedia.browser.enabled", false); +defaultPref("media.getusermedia.screensharing.enabled", false); +defaultPref("media.getusermedia.audiocapture.enabled", false); +defaultPref("dom.storage.next_gen", true); // default from v92.0 +``` + +#### Added preferences +``` +defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location +// defaultPref("security.remote_settings.crlite_filters.enabled", true); +// defaultPref("security.pki.crlite_mode", 2); +pref("browser.urlbar.quicksuggest.scenario", ""); // disable firefox suggests and hide its UI +``` + +#### Commented preferences +``` +// pref("network.trr.mode", 2); // previously uncommented defaultPref with value 5 +// pref("network.trr.uri", "https://dns.quad9.net/dns-query"); // previously uncommented defaultPref with empty value +``` + +#### Changed preferences +previously empty, set to proper value +``` +defaultPref("network.trr.confirmationNS", "skip"); +defaultPref("browser.search.searchEnginesURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support#search"); +defaultPref("browser.geolocation.warning.infoURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support#location"); +defaultPref("app.feedback.baseURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support"); +defaultPref("app.releaseNotesURL", "https://gitlab.com/librewolf-community/browser"); +defaultPref("app.releaseNotesURL.aboutDialog", "https://gitlab.com/librewolf-community/browser"); +``` + +#### Unlocked preferences +``` +defaultPref("signon.rememberSignons", false); +defaultPref("signon.autofillForms", false); +defaultPref("signon.formlessCapture.enabled", false); +defaultPref("browser.urlbar.speculativeConnect.enabled", false); +defaultPref("browser.contentblocking.report.lockwise.enabled", false); +defaultPref("browser.contentblocking.report.monitor.enabled", false); +defaultPref("network.dns.disablePrefetch", true); +defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); +defaultPref("browser.startup.blankWindow", false); +defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); +defaultPref("extensions.systemAddon.update.enabled", false); +defaultPref("extensions.systemAddon.update.url", ""); +defaultPref("security.mixed_content.block_display_content", true); +defaultPref("security.insecure_connection_text.enabled", true); +defaultPref("gfx.font_rendering.opentype_svg.enabled", false); +defaultPref("browser.shell.shortcutFavicons", false); +defaultPref("network.gio.supported-protocols", ""); +defaultPref("network.IDN_show_punycode", true); +defaultPref("browser.shell.checkDefaultBrowser", false); +defaultPref("middlemouse.contentLoadURL", false); +defaultPref("browser.pagethumbnails.capturing_disabled", true); +defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true); +defaultPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); +defaultPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); +defaultPref("network.protocol-handler.external.ms-windows-store", false); +defaultPref("browser.newtab.preload", false); +defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); +defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); +defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false); +defaultPref("browser.safebrowsing.downloads.enabled", false); +``` + +## 1.6 + +**target commit**: 192f51abe21e9aeb9b01d396079e9b8533cab7bb + +**base librewolf version**: 91.x + +**References**: +- [reasoning on webgl2](https://github.com/arkenfox/user.js/commit/41c3c0ec26ef4392169fa1d04fd5783ac03bfc8e) from arkenfox's maintainer, basically disabling webgl is enough for those who don't need it. users who want it have one less pref to change. + +#### Removed preferences +``` +defaultPref("dom.targetBlankNoOpener.enabled", true); // default since v79.0 +defaultPref("webgl.enable-webgl2", false); +lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // default +``` + +## 1.5 + +**target commit**: 23d1bff4f4ae3456df8e50e67f657ea6288eef29 + +**base librewolf version**: 91.x + +**References**: +- [comment](https://github.com/arkenfox/user.js/commit/3bb9fc713f141d794fc4adfb38d3fcf86c9307ab#commitcomment-53916786) from arkenfox's maintainer regarding tls version pref +- [mozilla update service](https://support.mozilla.org/en-US/kb/enable-background-updates-firefox-windows) +- extension firewall has been revisited + +#### Removed preferences +``` +lockPref("security.dialog_enable_delay", 700); // default 1000, no need to enforce this +``` + +#### Added preferences +``` +defaultPref("app.update.background.scheduling.enabled", false); // Win specific update service +defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference +// defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';"); +``` + +#### Changed preferences +``` +// defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';"); +``` + +## 1.4 +**target commit**: 2e21db4c3018321a077d9af2ec44b29675c57adf + +**base librewolf version**: 90.x + +#### Removed preferences +``` +lockPref("security.tls.version.enable-deprecated", false); // default +``` + +## 1.3 +**target commit**: 60e75e30c6018a5c909a2f00f40831ed3f1948a6 + +**base librewolf version**: 90.x + +#### Added preferences +``` +defaultPref("network.http.windows-sso.enabled", false); +``` + +#### Removed preferences +``` +lockPref("browser.cache.offline.storage.enable", false); // pref does not exist anymore as it became default behavior +``` + +## 1.2 +**target commit**: 294724fae38ffa4ebcf6dfb0854787fb7022d1e6 + +**base librewolf version**: 89.x + +**References**: +- issue [#65](https://gitlab.com/librewolf-community/settings/-/issues/65) from settings +- issue [#22](https://gitlab.com/librewolf-community/browser/common/-/issues/22) from common + +#### Removed preferences +``` +defaultPref("dom.webaudio.enabled", false); +defaultPref("media.navigator.enabled", false); +``` + +#### Changed preferences +``` +defaultPref("app.support.baseURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support#"); +``` + +## 1.1 +**target commit**: cf0a2cc88acdbc51b138228353a0d7c9ea0db7c3 + +**base librewolf version**: 89.x + +**References**: +- issue [#54](https://gitlab.com/librewolf-community/settings/-/issues/54) from settings +- merge request [#5](https://gitlab.com/librewolf-community/browser/common/-/merge_requests/5) from common + +#### Removed preferences +``` +defaultPref("security.OCSP.require", false); // default value +defaultPref("extensions.update.url", ""); +defaultPref("extensions.update.background.url", ""); +defaultPref("extensions.getAddons.search.browseURL", ""); +``` + +#### Changed preferences +``` +defaultPref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); +``` + +#### Added preferences +``` +lockPref("privacy.override_rfp_for_color_scheme", false); +``` + + +## 1.0 +**target commit**: 2b8dc4ac6d7fb6fdf8f172d04c27912098268257 + +**base librewolf version**: 89.x + +This is the initial release from which we start tagging and versioning settings. For previous changes see +[here](https://gitlab.com/librewolf-community/settings/-/blob/master/docs/changelog-legacy.md).
\ No newline at end of file |