commit ac0820a5dc00e04fe14fc2a74ba75e590883293c
parent 83b6d64e67d663603ff9e52a5b6627d7927ba86f
Author: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Fri, 21 Jan 2022 03:48:06 +0000
add last bits about ETP Strict/dFPI, closes #1337
Diffstat:
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/user.js b/user.js
@@ -1,7 +1,7 @@
/******
* name: arkenfox user.js
-* date: 9 December 2021
-* version 96-alpha
+* date: 21 January 2021
+* version 96
* url: https://github.com/arkenfox/user.js
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
@@ -757,11 +757,18 @@ user_pref("extensions.postDownloadThirdPartyPrompt", false);
/*** [SECTION 2700]: ETP (ENHANCED TRACKING PROTECTION) ***/
user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!");
/* 2701: enable ETP Strict Mode [FF86+]
- * [NOTE] ETP Strict Mode enables Total Cookie Protection (TCP)
+ * ETP Strict Mode enables Total Cookie Protection (TCP)
+ * [NOTE] Adding site exceptions disables all ETP protections for that site and increases the risk of
+ * cross-site state tracking e.g. exceptions for SiteA and SiteB means PartyC on both sites is shared
* [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
* [SETTING] to add site exceptions: Urlbar>ETP Shield
* [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/
user_pref("browser.contentblocking.category", "strict");
+/* 2702: disable ETP web compat features [FF93+]
+ * [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants
+ * [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/
+ * [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12 ***/
+ // user_pref("privacy.antitracking.enableWebcompat", false);
/* 2710: enable state partitioning of service workers [FF96+] ***/
user_pref("privacy.partition.serviceWorkers", true);
