sticky: unofficial: extension breakage due to prefs

[Thorin-Oakenpants]

The information in here is user submitted and not verified by this repo (unless stated). I will also not maintain or update or clean up this thread. Have at it, it's ALL yours - just look at the readme first.

🔶 read me

I am not against information being shared if it helps end users, but I am not interested in maintaining any lists of extension issues to do with prefs or adding info to the user.js (except those extensions we recommend)

• This user.js does not have a monopoly on pref changes. Extension breakage information belongs with the developer/support site.
  • Sometimes they can code fixes / fallbacks / workarounds
  • Sometimes they can detect the issue and alert the user
  • At the very least they can add something to the help section
• It just isn't feasible (time constraints, sheer numbers, constant code changes)
• The user.js is already lengthy & bulky

Do not ask for troubleshooting in here (open a new issue if you really need help). Keep this thread clean and tidy, we only need confirmation that pref(s) X caused extension(s) Y to break in Z manner. Link back to any developer discussions if need be.

🔶 Use this format if you can

**pref(s)**: `prefname`
**extension(s)**: 
**breakage**: 
**site/support issue**: 
**comments**: 

[Thorin-Oakenpants]

pref(s): privacy.resistFingerprinting=true
extension(s): anything that uses canvas or depends on local time
breakage:

• canvas is blocked: 1412961 resolved fixed in FF61+ but 1453916 : still some issues

  • until then, you can open about:debugging>Add-ons, click the extension's manifest.url and on that page, right click >View Page Info>Permissions and set a canvas exception

• extensions also get UTC 0 spoofed time zone

site/support issue: N/A
comments: known and will be dealt with in time (pun intended)

• 1377744 time zone spoof + extensions
• 1450398 RFP + extensions

[Thorin-Oakenpants]

pref(s): security.OCSP.enabled=1 (this is FF's default value)
extension(s): Hoxx VPN Proxy and probably others
breakage: failure to use/log-in to VPN
site/support issue: #295
comments: security.OCSP.require may also be a factor in these sorts of cases. In the user.js we enforce a value of true, the default is false

[aesthicc]

pref(s): network.auth.subresource-http-auth-allow = 1
extension(s): Torrent Control
breakage: failed login
site/support issue: https://github.com/Mika-/torrent-control

[GitCurious]

pref(s): // user_pref("javascript.options.ion", false);
// user_pref("javascript.options.baselinejit", false);
extension(s): Ublock Origin
breakage: Significant delays opening pages when these are enabled
site/support issue: all
comments: I DO realise these are OFF by default but discovered by trial and error that these were responsible for the delays on Firefox since approx v.66.xx

[GIPeon]

pref(s): privacy.resistFingerprinting = true
extension(s): uBlock Origin (and probably any extensions using the Alt key in their options)
breakage: can't set shortcut keys in dashboard>settings (Alt+letter)
site/support issue: n/a
solution: Just flip privacy.resistFingerprinting to false, set your shortcut (e.g Alt + Z), flip RFP back to true. Now your zapper shortcut should work on pages loaded from now on.

^^ edited by 👖

Btw your troubleshooting tips and the script turned out to be very useful. I scratched my head quite some time trying to debug this, looking at possible console errors and stuff but nothing really pointed me in the RFP direction (or maybe my lack of experience, quite deep unfortunately, didn't allow me to find any correlation).

I take the chance to thank you all for all your commitment in this incredible work, very well done sirs! 🎩

[sshockley]

Having dom.storage.next_gen=true appears to break the Kee add-on. With it enabled, this shows in the debug panel for Kee:

Content Security Policy: Couldn’t parse invalid host 'wasm-eval'
UnknownError: The operation failed for reasons unrelated to the database itself and not covered by any other error code. ExtensionStorageIDB.jsm:831
    normalizeStorageError resource://gre/modules/ExtensionStorageIDB.jsm:831
    method chrome://extensions/content/child/ext-storage.js:273
    AsyncFunctionThrow self-hosted:678
Failed to persist storage for principal: moz-extension://a89a86d1-eb13-4bb1-a064-6a5651978d2d ExtensionStorageIDB.jsm:758
    callback resource://gre/modules/ExtensionStorageIDB.jsm:758

The add-on shows the red "OFF" splat and is greyed out. Setting dom.storage.next_gen=false fixes it.

This started with FF83, but I'm not sure if that's coincidence.

[Thorin-Oakenpants]

This started with FF83, but I'm not sure if that's coincidence

I only added it to the user.js in the 11 days ago, so not a coincidence

Have you spoken to the extension developer? What happens if you try the extension in a new profile and add some data? When I get time I'll see what I can test, but some legwork from the dev would be helpful

[rubaboo]

pref(s): privacy.firstparty.isolate= true
extension(s): Pinboard WebExtension
breakage: "Save tab set" not producing a list of windows and tabs
comments: "Save tab set" opens a new tab to https://pinboard.in website (login required, unfortunately) populated with a list of all windows and tabs I have in the session. This works on a new profile but the moment I add arkenfox/user.js to the profile and restart, the page is not populated anymore. Any hints on which particular preferences could be causing this are appreciated.

EDIT 1: Found what seems to be a related issue at Pnboad WebExtension support. Looks like the problem might be caused by privacy.firstparty.isolate=true. Wondering if it's possible to keep this switch true but tweak any of the other 3 related prefs to get the "Save tab set" working on pinboard.in.

[Thorin-Oakenpants]

tweak any of the other 3 related prefs

If you mean the ones that are commented out in section 4000, then no. They will do nothing if privacy.firstparty.isolate = false

[rubaboo]

tweak any of the other 3 related prefs

If you mean the ones that are commented out in section 4000, then no. They will do nothing if privacy.firstparty.isolate = false

I understand, that's why I specifically said "Wondering if it's possible to keep this switch true but tweak any of the other 3 related prefs to get the "Save tab set" working on pinboard.in.". Yes, I did mean the ones that are commented out in section 4000. I have since played with those and nothing would help other than turning off the master switch (privacy.firstparty.isolate = false).

[Thorin-Oakenpants]

OK, sorry. Haven't had my beersies today :) You could try with privacy.firstparty.isolate.restrict_opener_access as false but AFAIK it hasn't ever really done anything and Moz (tom ritter) wanted to rip it out

edit: BTW, do you get any error messages in the console: might help upstream

[rubaboo]

The only error is in the chrome console (Browser Toolbox):

Promise rejected after context unloaded: Actor 'Conduits' destroyed before query 'RuntimeMessage' was resolved
popup_menu.js:7
    <anonymous> moz-extension://dc93e56f-ce5c-40f9-9865-367cbf028d44/popup_menu.js:7

EDIT: That must be unrelated, it shows up either way, whether "Save tab set" is working (privacy.firstparty.isolate=false) or not working (privacy.firstparty.isolate=true).

[gapop]

@rubaboo , yes, that console error is almost certainly unrelated.

[Youngblood50]

Following pref: dom.w3c_pointer_events.enabled = false

also breaks firefox "picture in picture" mode button. PIP still works with right clicking on a video, then selecting pip

[crssi]

Following pref: dom.w3c_pointer_events.enabled = false

also breaks firefox "picture in picture" mode

Does it? I have no issues with PIP.
Could you be so kind and write STR (Steps To Reproduce)?

Cheers

[Youngblood50]

Following pref: dom.w3c_pointer_events.enabled = false
also breaks firefox "picture in picture" mode

Does it? I have no issues with PIP.
Could you be so kind and write STR (Steps To Reproduce)?

Cheers

I just tested this with several new profiles: If this is the only option present in user.js, the pip button appears in videos but when you try and click on it nothing happens. What you can do to reproduce this is to create a fresh new profile, start it and then set this setting in about:config

UPDATE: It only breaks the button to initialize pip, right clicking on a video and then selecting pip still works with "dom.w3c_pointer_events.enabled = false"

[crssi]

Ahhh... sorry, my bad and you are right.
I was confused, since arkenfox_user.js doesn't touch that pref.

[rusty-snake]

https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/33577

[khius]

I need help figuring out which preference breaks the extension raindrop.io from signing in.

[rusty-snake]

Did you tested

user.js/user.js

Line 952 in f8932dc

user_pref("privacy.firstparty.isolate", true);

[khius]

Oh, that was easy! It worked! I am wondering if there is a workaround to keep "privacy.firstparty.isolate" to true an make this extension functional? Thanks btw

[rusty-snake]

This needs to be fixed on their end.

Btw does anybody know if dFPI can break such extensions (extensions not aware of FPI) too?

[Thorin-Oakenpants]

extensions were recent given a read-only access to dFPI via privacy API

[rusty-snake]

But if they don't use it they will break, right?

[Thorin-Oakenpants]

^ soz, went and found the ticket I had in mind, it was for GPC - https://bugzilla.mozilla.org/show_bug.cgi?id=1735372

[rusty-snake]

If anyone cares:

• FPI: privacy.websites.firstPartyIsolate == true
• dFPI: privacy.websites.cookieConfig.behavior == "reject_trackers_and_partition_foreign"

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/privacy/websites

---

@khius you can use TC in automatic mode to get a similar isolation as with FPI.

[khius]

@rusty-snake I set privacy.websites.firstPartyIsolate == false, I installed TC with Isolation global, I excluded in TC raindrop.io and subdomains from Isolation, I allowed cookies in FF settings from raindrop.io and subdomains but the extension is not working. Once I disable TC it works again. I don't know what I am missing.

[rusty-snake]

• TC: How did you setup isolation?
• TC: How did you setup exceptions?
• Ctrl-Shift-Del, go on about:networking make sure it is empty, do raindrop.io, reload about:networking, which addresses show up? Are all of them excluded?
• privacy.websites.firstPartyIsolate is a WebExt API.

edit: fix keyboard shortcut

[powerman]

* Ctrl-Alt-Del, go on `about:networking` make sure it is empty, do raindrop.io, reload `about:networking`, which addresses show up? Are all of them excluded?

You just caught me - for a second I believed FF actually set some binding for Ctrl-Alt-Del! 🤣

[rusty-snake]

Arrrg. I meant Ctrl-Shift-Entf.

[khius]

@rusty-snake
TC: How did you setup isolation?
Automatic Mode
TC: How did you setup exceptions?

go on about:networking make sure it is empty, do raindrop.io, reload about:networking, which addresses show up? Are all of them excluded?
These are the addresses that shows in about:networking

But it's still not working 😬

[rusty-snake]

TC: How did you setup isolation?
Automatic Mode

That's not isolation that's automatic mode. Isolation is configured under "isolation" (not "general"). To setup isolation it is IMHO the best to "Isolation > Global > Navigation > Different from Tab Domain & Subdomain". (Don't get me wrong automatic mode is useful and should be used in addition).

If you are interested what I do: https://codeberg.org/rusty-snake/firefox-config/src/branch/main/LOG.md

How did you setup exceptions?

This exceptions are only for isolation but not from automatic mode. Try to add the raindrop domains (the ocsp isn't necessary and the couldfront domain is maybe from firefox itself) under "Advanced > Ignoring requests to"

[khius]

Thank you @rusty-snake! now it's working! I left Automatic Mode ON and added under "Advanced > Ignoring requests to" the raindrop.io domains and subdomains. I set up "Isolation > Global > Navigation > Different from Tab Domain & Subdomain" as suggested and it's working fine.

[NylaTheWolf]

@rusty-snake @khius Funny, I was literally just about to comment about the exact same issue with first party isolation and Raindrop.io! I'll be sure to try that workaround when I get home!

For what it's worth, I did email the dev about it a few days ago about the issue and he added it to the troubleshooting pages.

[rusty-snake]

Be sure that privacy.firstparty.isolate is disabled

TBH they should fix this in their code (IDK how long this suggestions is there (no site histroy), so maybe they are already working on a fix and this is only a interim suggestion).

[ghost]

removed: do not suggest turning off RFP just so you can get dark web sites