commit b761a9dd32f79395b0fca183ad8fe45f7e99d26f
parent 0da2ecdb4df27360d059c7e4fd2e5c658caa2aab
Author: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date: Thu, 8 Jul 2021 07:08:38 +0000
4505: experimental RFP prefs
and tidy up all instances (eight) of "do not use": all caps, no asterisks, immediately after [warning]
Diffstat:
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/user.js b/user.js
@@ -786,7 +786,7 @@ user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
/* 1401: disable websites choosing fonts (0=block, 1=allow)
* This can limit most (but not all) JS font enumeration which is a high entropy fingerprinting vector
- * [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis (4620)
+ * [WARNING] DO NOT USE: in FF80+ RFP covers this, and non-RFP users should use font vis (4620)
* [SETTING] General>Language and Appearance>Fonts & Colors>Advanced>Allow pages to choose... ***/
// user_pref("browser.display.use_document_fonts", 0);
/* 1403: disable icon fonts (glyphs) and local fallback rendering
@@ -805,7 +805,7 @@ user_pref("gfx.font_rendering.graphite.enabled", false);
/* 1409: limit system font exposure to a whitelist [FF52+] [RESTART]
* If the whitelist is empty, then whitelisting is considered disabled and all fonts are allowed
* [NOTE] In FF81+ the whitelist **overrides** RFP's font visibility (see 4620)
- * [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis (4620)
+ * [WARNING] DO NOT USE: in FF80+ RFP covers this, and non-RFP users should use font vis (4620)
* [1] https://bugzilla.mozilla.org/1121643 ***/
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
@@ -1393,8 +1393,8 @@ user_pref("privacy.firstparty.isolate", true);
RFP covers a wide range of ongoing fingerprinting solutions.
It is an all-or-nothing buy in: you cannot pick and choose what parts you want
- [WARNING] Do NOT use extensions to alter RFP protected metrics
- [WARNING] Do NOT use prefs in section 4600 with RFP as they can interfere
+ [WARNING] DO NOT USE extensions to alter RFP protected metrics
+ [WARNING] DO NOT USE prefs in section 4600 with RFP as they can interfere
FF41+
418986 - limit window.screen & CSS media queries leaking identifiable info
@@ -1475,11 +1475,16 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDE
* "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000, 1600x900")
* [SETUP-WEB] This does NOT require RFP (see 4501) **for now**, so if you're not using 4501, or you are but
* dislike margins being applied, then flip this pref, keeping in mind that it is effectively fingerprintable
- * [WARNING] The dimension pref is only meant for testing, and we recommend you DO NOT USE it
+ * [WARNING] DO NOT USE: the dimension pref is only meant for testing
* [1] https://bugzilla.mozilla.org/1407366
* [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/
user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
// user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
+/* 4505: experimental RFP [FF91+]
+ * [WARNING] DO NOT USE unless testing, see [1] comment 12
+ * [1] https://bugzilla.mozilla.org/1635603 ***/
+ // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
+ // user_pref("privacy.resistFingerprinting.testGranularityMask", 0);
/* 4510: disable showing about:blank as soon as possible during startup [FF60+]
* When default true this no longer masks the RFP chrome resizing activity
* [1] https://bugzilla.mozilla.org/1448423 ***/
@@ -1489,7 +1494,7 @@ user_pref("browser.startup.blankWindow", false);
user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
/*** [SECTION 4600]: RFP ALTERNATIVES
- [WARNING] Do NOT use prefs in this section with RFP as they can interfere
+ [WARNING] DO NOT USE prefs in this section with RFP as they can interfere
***/
user_pref("_user.js.parrot", "4600 syntax error: the parrot's crossed the Jordan");
/* [SETUP-non-RFP] Non-RFP users replace the * with a slash on this line to enable these
