ToDo: diffs FF77-FF78

[earthlng]

FF78 is scheduled for release June 30th

FF78 release notes [when ready]
FF78 for developers
FF78 compatibility
FF78 security advisories

---

other

• add ui.prefersReducedMotion=1 - 3d18af1
• FF76+: sort out 2200: dom.disable_window_open_feature - see 1507375, compat

100 diffs ( 63 new, 19 gone, 18 different )

new in v78.0:

• pref("browser.urlbar.suggest.topsites", true); - 618f7be
• pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 1); - 1a389c0
• pref("media.autoplay.blocking_policy", 0); - 77ecef8
• FYI
  • pref("network.dns.disabled", false);
  • pref("layout.css.font-visibility.level", 3); - not important; to be dealt with in font-visibility #970
  • pref("privacy.dynamic_firstparty.use_site", true); // changes OA key of dFPI to use sites instead of domains
  • pref("privacy.firstparty.isolate.use_site", false); // changes OA key of FPI to use sites instead of domains
  • pref("privacy.partition.network_state", false); // we want this to be true eventually as it covers a few things FPI missed

removed, renamed or hidden in v78.0:

• ALL DONE - 77ecef8
  • 2031 pref("media.autoplay.enabled.user-gestures-needed", true); - 1509933
  • 5000's pref("toolkit.cosmeticAnimations.enabled", true); - 1640501

changed in v78.0:

• defaults - 4be0a80
  • 1202 pref("security.tls.version.min", 3); // prev: 1
  • 1263 pref("security.ssl3.dhe_rsa_aes_128_sha", false); // prev: true
  • 1263 pref("security.ssl3.dhe_rsa_aes_256_sha", false); // prev: true
• 0105c pref("browser.newtabpage.activity-stream.feeds.section.topstories", true); // prev: false

---

ignore

click me for details

==NEW

pref("apz.allow_zooming_out", false);
pref("apz.windows.use_direct_manipulation", false);
pref("browser.aboutwelcome.overrideContent", "");
pref("browser.contentblocking.report.endpoint_url", "https://monitor.firefox.com/user/breach-stats?includeResolved=true");
pref("browser.contentblocking.report.monitor.home_page_url", "https://monitor.firefox.com/user/dashboard");
pref("browser.contentblocking.report.monitor.preferences_url", "https://monitor.firefox.com/user/preferences");
pref("browser.fixup.domainsuffixwhitelist.example", true);
pref("browser.fixup.domainsuffixwhitelist.internal", true);
pref("browser.fixup.domainsuffixwhitelist.invalid", true);
pref("browser.fixup.domainsuffixwhitelist.local", true);
pref("browser.fixup.domainsuffixwhitelist.localhost", true);
pref("browser.fixup.domainsuffixwhitelist.test", true);
pref("browser.fixup.fallback-to-https", true);
pref("browser.helperApps.showOpenOptionForPdfJS", true);
pref("browser.newtabpage.activity-stream.discoverystream.recs.personalized", false);
pref("browser.newtabpage.activity-stream.discoverystream.spocs.personalized", true);
pref("browser.newtabpage.activity-stream.feeds.system.topsites", true);
pref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
pref("browser.pdf.launchDefaultEdgeAsApp", true);
pref("browser.region.log", false);
pref("browser.region.network.scan", false);
pref("browser.region.network.url", "https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%");
pref("browser.region.timeout", 5000);
pref("browser.urlbar.richSuggestions.tail", false);
pref("devtools.accessibility.auto-init.enabled", false);
pref("devtools.netmonitor.features.serverSentEvents", false);
pref("doh-rollout.trr-selection.enabled", false);
pref("dom.quotaManager.storageName", "storage");
pref("gfx.webrender.quality.force-subpixel-aa-where-possible", false);
pref("identity.fxaccounts.useSessionTokensForOAuth", true);
pref("image.avif.use-dav1d", true);
pref("javascript.options.source_pragmas", true);
pref("javascript.options.wasm_multi_value", true);
pref("layers.recycle-allocator-rdd", true);
pref("layout.animation.prerender.viewport-ratio-limit", "1.125");
pref("layout.css.aspect-ratio.enabled", false);
pref("layout.css.file-chooser-button.enabled", false);
pref("layout.css.moz-focus-outer.enabled", true);
pref("layout.dynamic-toolbar-max-height", 0);
pref("media.cubeb.output_voice_routing", true);
pref("media.getusermedia.aecm_output_routing", 3);
pref("media.getusermedia.experimental_input_processing", false);
pref("media.peerconnection.video.use_rtx", false);
pref("network.http.sanitize-headers-in-logs", true);
pref("network.send_ODA_to_content_directly", true);
pref("pdfjs.handleOctetStream", true);
pref("privacy.rejectForeign.allowList", "");
pref("privacy.resistFingerprinting.randomDataOnCanvasExtract", true);
pref("security.allow_disjointed_external_uri_loads", false);
pref("security.allow_unsafe_parent_loads", false);
pref("security.cancel_non_local_loads_triggered_by_systemprincipal", false);
pref("security.osreauthenticator.blank_password", false);
pref("security.osreauthenticator.password_last_changed_hi", 0);
pref("security.osreauthenticator.password_last_changed_lo", 0);
pref("webextensions.storage.sync.kinto", true);

==REMOVED or HIDDEN

pref("browser.urlbar.openViewOnFocus", true);
pref("devtools.responsive.touchGestureSimulation.enabled", false);
pref("dom.ipc.cpows.forbid-unsafe-from-browser", true);
pref("dom.ipc.cpows.log.enabled", false);
pref("dom.ipc.cpows.log.stack", false);
pref("dom.link.disabled_attribute.enabled", true);
pref("extensions.abuseReport.openDialog", true);
pref("geo.provider-country.network.scan", false);
pref("geo.provider-country.network.url", "https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%");
pref("gfx.webrender.quality.force-disable-sacrificing-subpixel-aa", false);
pref("layout.animation.prerender.viewport-ratio-limit-x", "1.125");
pref("layout.animation.prerender.viewport-ratio-limit-y", "1.125");
pref("layout.css.aspect-ratio-number.enabled", false);
pref("layout.css.moz-document.url-prefix-hack.enabled", true);
pref("media.navigator.audio.full_duplex", true);
pref("network.preload-experimental", false);
pref("permissions.postPrompt.animate", true);

==CHANGED

pref("app.update.url.manual", "https://www.mozilla.org/%LOCALE%/firefox/"); // prev: "https://www.mozilla.org/firefox/"
pref("apz.axis_lock.mode", 2); // prev: 0
pref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "{\"id\":\"messaging-experiments\",\"enabled\":true,\"type\":\"remote-experiments\",\"messageGroups\":[\"cfr\",\"whats-new-panel\",\"moments-page\",\"snippets\",\"cfr-fxa\",\"aboutwelcome\"],\"updateCycleInMs\":3600000}"); // prev: "{\"id\":\"messaging-experiments\",\"enabled\":true,\"type\":\"remote-experiments\",\"messageGroups\":[\"cfr\",\"whats-new-panel\",\"moments-page\",\"snippets\",\"cfr-fxa\"],\"updateCycleInMs\":3600000}"
pref("browser.newtabpage.activity-stream.discoverystream.isCollectionDismissible", true); // prev: false
pref("browser.newtabpage.activity-stream.discoverystream.region-layout-config", "US,CA,GB"); // prev: "US,CA"
pref("browser.newtabpage.activity-stream.discoverystream.region-stories-config", "US,DE,CA,GB"); // prev: "US,DE,CA"
pref("browser.search.modernConfig", true); // prev: false
pref("browser.urlbar.maxHistoricalSearchSuggestions", 2); // prev: 0
pref("dom.sidebar.enabled", false); // prev: true
pref("editor.truncate_user_pastes", true); // prev: false
pref("javascript.options.shared_memory", true); // prev: false
pref("layout.css.is-where-selectors.enabled", true); // prev: false
pref("network.trr.resolvers", "[{ \"name\": \"Cloudflare\", \"url\": \"https://mozilla.cloudflare-dns.com/dns-query\" },{ \"name\": \"NextDNS\", \"url\": \"https://firefox.dns.nextdns.io/\" }]"); // prev: "[{ \"name\": \"Cloudflare\", \"url\": \"https://mozilla.cloudflare-dns.com/dns-query\" },{ \"name\": \"NextDNS\", \"url\": \"https://trr.dns.nextdns.io/\" }]"
pref("toolkit.asyncshutdown.report_writes_after", 40000); // prev: 20000

[earthlng]

some bugzilla tickets

• apz.allow_zooming_out
  Bug 1627010 - Disallow user from zooming out past initial zoom on desktop.

• apz.axis_lock.mode
  Bug 1467380 - Default to sticky axis-lock.

• apz.windows.use_direct_manipulation
  Bug 1630912. Create the necessary direct manipulation objects.

• browser.aboutwelcome.overrideContent
  Bug 1637079 - Initial multi stage about:welcome layout

• browser.contentblocking.report.endpoint_url
  Bug 1624969 - Update monitor card in the protections dashboard.

• browser.contentblocking.report.monitor.home_page_url
  Bug 1624971 - Update Monitor card with new links.

• browser.contentblocking.report.monitor.preferences_url
  Bug 1624971 - Update Monitor card with new links.

• browser.fixup.domainsuffixwhitelist.example
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.domainsuffixwhitelist.internal
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.domainsuffixwhitelist.invalid
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.domainsuffixwhitelist.local
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.domainsuffixwhitelist.localhost
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.domainsuffixwhitelist.test
  Bug 1634650 - Add whitelisting of domain suffixes for URIFixup.

• browser.fixup.fallback-to-https
  Bug 1002724 - add pref for fallback to https.

• browser.helperApps.showOpenOptionForPdfJS
  Bug 1638682 - Enable the 'Show in Firefox' option in the Unknown Content Type dialog.
  Bug 773942 - Open PDFs using pdf.js in a new tab when the Preview option is selected from the Unknown Content Type dialog.
  Bug 773942 - Add a radio button to open the PDF in Firefox.

• browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments
  Bug 1636324 - Show messaging-experiments messages in AS router devtools
  Bug 1631456 - Create a CFR message loader for ExperimentAPI

• browser.newtabpage.activity-stream.discoverystream.isCollectionDismissible
  Bug 1642436 - Update default pref for collection dismiss.
  Bug 1618944 - Pref for collection dismiss

• browser.newtabpage.activity-stream.discoverystream.recs.personalized
  Bug 1645870 - individual newtab stories targeting prefs for spocs or recs.

• browser.newtabpage.activity-stream.discoverystream.region-layout-config
  Bug 1632574 - Turn Pocket stories on by default in GB.
  Bug 1613739 - Pref to switch story rows based on region

• browser.newtabpage.activity-stream.discoverystream.region-stories-config
  Bug 1632574 - Turn Pocket stories on by default in GB.
  Bug 1612984 - Enable regions that get stories via a pref

• browser.newtabpage.activity-stream.discoverystream.spocs.personalized
  Bug 1645870 - individual newtab stories targeting prefs for spocs or recs.

• browser.newtabpage.activity-stream.feeds.section.topstories
  Bug 1446276 - Separate pref for user set topstories and system set topstories.

• browser.pdf.launchDefaultEdgeAsApp
  Bug 1632277 - Part 1: Launch PDFs in app mode when default.

• browser.region.log
  Bug 1627538 - Extract getRegion into its own jsm

• browser.region.network.scan
  Bug 1627538 - Extract getRegion into its own jsm

• browser.region.network.url
  Bug 1627538 - Extract getRegion into its own jsm

• browser.region.timeout
  Bug 1627538 - Extract getRegion into its own jsm

• browser.search.modernConfig
  Bug 1635259 - Enable the modern search engine configuration on release.
  Bug 1613348 - Turn on the modern Search Service configuration for nightly builds.

• browser.urlbar.dnsResolveSingleWordsAfterSearch
  Bug 1642943 - Introduce a pref to control post-search DNS resolution of single word hosts.

• browser.urlbar.maxHistoricalSearchSuggestions
  Bug 1643475 - Enable form history / historical searches on 78 release and put them behind the same prefs as remote suggestions.
  Bug 1398416 - Part 3: Implement form history results.

• browser.urlbar.openViewOnFocus
  Bug 1627989 - Remove the browser.urlbar.openViewOnFocus pref.
  Bug 1617029 - Enable urlbar.update1.* prefs (quantumbar update 1) on Release.

• browser.urlbar.richSuggestions.tail
  Bug 1626897 - Part 2 - Add support for tail suggestions to SearchSuggestionsController.jsm.

• browser.urlbar.suggest.topsites
  Bug 1627858 - Add a user visible preference to disable Top Sites on focus.

• devtools.accessibility.auto-init.enabled
  Bug 1602075 - add an accessibility-panel-auto-init feature to control the panel auto enabling functionality.

• devtools.netmonitor.features.serverSentEvents
  Bug 1636420 - Connect SSE actor to the Message panel.

• devtools.responsive.touchGestureSimulation.enabled
  Bug 1623941 - Part 1: Use nsDOMWindowUtils' sendNativeTouchPoint for simulating touch events
  Bug 1489653 - Simulate double-tap gestures in RDM

• doh-rollout.trr-selection.enabled
  Bug 1642723 - Pref-off automatic TRR-selection by default.

• dom.ipc.cpows.forbid-unsafe-from-browser
  Bug 1640967 - Remove cpows preferences.

• dom.link.disabled_attribute.enabled
  Bug 1640400 - Remove dom.link.disabled_attribute.enabled.

• dom.quotaManager.storageName
  Bug 1624802 - Add a pref for overriding storage name;

• dom.sidebar.enabled
  Bug 1632447 - Disable window.external/sidebar.AddSearchProvider by preference.

• editor.truncate_user_pastes
  Bug 1636855 - Enable editor.truncate_user_pastes even in Nightly channel.
  Bug 1636855 - Disallow to paste longer text than maxlength value except in Nightly channel and early Beta.
  Bug 1320229 - allow user pastes longer than input maxlength

• extensions.abuseReport.openDialog
  Bug 1614653 - Remove the extensions.abuseReports.openDialog pref and the related implementation and XUL elements from about:addons.
  Bug 1598079 - Turn abuseReport.openDialog on by default on all channels.

• geo.provider-country.network.scan
  Bug 1627538 - Extract getRegion into its own jsm
  Bug 1589618 - Move the implementation of the region fetch to NetworkGeolocationProvider to have it close to the wifi scanning code.

• geo.provider-country.network.url
  Bug 1627538 - Extract getRegion into its own jsm
  Bug 1589618 - Move the implementation of the region fetch to NetworkGeolocationProvider to have it close to the wifi scanning code.

• gfx.webrender.quality.force-disable-sacrificing-subpixel-aa
  Bug 1635610 - Enable per scroll root picture cache slices by default.

• gfx.webrender.quality.force-subpixel-aa-where-possible
  Bug 1635610 - Enable per scroll root picture cache slices by default.

• identity.fxaccounts.useSessionTokensForOAuth
  Bug 1632557 - Add pref and logic for direct use of session tokens to provision OAuth tokens

• image.avif.use-dav1d
  Bug 1639409 - AVIF (AV1 Image File Format): decode with dav1d.

• javascript.options.shared_memory
  Bug 1606624 - Ship SharedArrayBuffer (and atomics) to Release;

• javascript.options.source_pragmas
  Bug 1628853 - Expose a feature flag to enable/disable //# sourceXX= parsing.

• javascript.options.wasm_multi_value
  Bug 1620986 - Introduce run-time switch for multi-value.

• layers.recycle-allocator-rdd
  Bug 1645579 - Disable RecycleAllocator for RDD process when WebRender is disabled on Mac.

• layout.animation.prerender.viewport-ratio-limit
  Bug 1634616 - Calculate a perfect square based on the viewport size and rotate it to adjust the partial prerender area for rotation transforms.

• layout.animation.prerender.viewport-ratio-limit-x
  Bug 1634616 - Calculate a perfect square based on the viewport size and rotate it to adjust the partial prerender area for rotation transforms.

• layout.animation.prerender.viewport-ratio-limit-y
  Bug 1634616 - Calculate a perfect square based on the viewport size and rotate it to adjust the partial prerender area for rotation transforms.

• layout.css.aspect-ratio.enabled
  Bug 1635939 - Let aspect-ratio (css-sizing-4) support 'auto | <ratio>'.

• layout.css.aspect-ratio-number.enabled
  Bug 1635939 - Replace AspectRatio with computed::position::Ratio in media-queries.

• layout.css.file-chooser-button.enabled
  Bug 1635675 - Implement the ::file-chooser-button pseudo-element.

• layout.css.font-visibility.level
  Bug 1634677 - patch 1 - Add a pref to control visibility of different categories of installed font families.

• layout.css.is-where-selectors.enabled
  Bug 1632646 - Enable :is() and :where() in all release channels.
  Bug 1509418 - Enable the feature in Nightly.
  Bug 1629735 - Implement parsing / selector-matching for :is() and :where().

• layout.css.moz-document.url-prefix-hack.enabled
  Bug 1449753 - Remove the @-moz-document url-prefix() hack preference, enable it everywhere.

• layout.css.moz-focus-outer.enabled
  Bug 1636998 - Make ::-moz-focus-outer a no-op, and remove it on Nightly.

• layout.dynamic-toolbar-max-height
  Bug 1640223 - Expand the given size in ExpandHeightForViewportUnits by multiplying the 'vh value / visible area height'.

• media.autoplay.blocking_policy
  Bug 1509933 - part1 : add new pref 'media.autoplay.blocking_policy'.

• media.autoplay.enabled.user-gestures-needed
  Bug 1509933 - part1 : add new pref 'media.autoplay.blocking_policy'.

• media.cubeb.output_voice_routing
  Bug 1626081 - Add a pref to disable the audio output stream routing on Android.

• media.getusermedia.aecm_output_routing
  Bug 1626081 - Set and add a way to change the default routing mode for echo cancellation on mobile.

• media.getusermedia.experimental_input_processing
  Bug 1628779 - Pass the audio rountrip latency to the echo canceller, and disable extended filter and delay agnostic AEC, on macOS Nightly.

• media.navigator.audio.full_duplex
  Bug 1638832 - Remove unused full duplex code

• media.peerconnection.video.use_rtx
  Bug 1638758 - Turn off just-added media.peerconnection.video.use_rtx in nightly.
  Bug 1632489 - Enable rtx for early beta or earlier;
  acked out 4 changesets (bug 1632489) for android crashes at test_peerConnection_maxFsConstraint.html. CLOSED TREE
  Bug 1164187 - Add pref for rtx;

• network.dns.disabled
  Bug 1636411 - Allow disabling DNS resolution via pref

• network.http.sanitize-headers-in-logs
  Bug 1642318 - network.http.sanitize-headers-in-logs should be RelaxedAtomicBool
  Bug 1637727 - convert network.http.sanitize-headers-in-logs to a StaticPref.

• network.send_ODA_to_content_directly
  Bug 1623380 - Send ODA directly to content process

• network.trr.resolvers
  Bug 1644444 - Update NextDNS endpoint URL and migrate pref values.
  Bug 1588647 - [trr] Add NextDNS to list of TRR providers

• pdfjs.handleOctetStream
  Bug 1633270 - view application/octet-stream PDFs in PDF.JS and add a pref to turn this off,

• permissions.postPrompt.animate
  Bug 1636112 - Make post-prompt animation obey prefers-reduced-motion.

• privacy.dynamic_firstparty.use_site
  Bug 1637516 - part 2: make first-party domain support site;

• privacy.firstparty.isolate.use_site
  Bug 1637516 - part 2: make first-party domain support site;

• privacy.partition.network_state
  Bug 1639247 - Isolate DNS cache per first-party when privacy.partition.network_state is set to true - part 1 - new pref,

• privacy.rejectForeign.allowList
  Bug 1635050 - Implement a whitelist system for cookieBehavior REJECT_FOREIGN with exceptions,

• privacy.resistFingerprinting.randomDataOnCanvasExtract
  Bug 1638211 - Make privacy.resistFingerprinting.randomDataOnCanvasExtract a RelaxedAtomicBool
  Bug 1621433 - In RFP mode, turn canvas image extraction into a random 'poison pill' for fingerprinters

• security.allow_disjointed_external_uri_loads
  Bug 1606797 - do not allow navigating to external URIs in cross-origin disjoint browsing contexts,

• security.allow_unsafe_parent_loads
  Bug 1637869 - P4. Access pref via staticpref.

• security.cancel_non_local_loads_triggered_by_systemprincipal
  Bug 1613609 - prototype patch with whitelist for sysrequest

• security.osreauthenticator.blank_password
  Bug 1633090 - Cache the result of the empty password checks.

• security.osreauthenticator.password_last_changed_hi
  Bug 1633090 - Cache the result of the empty password checks.

• security.osreauthenticator.password_last_changed_lo
  Bug 1633090 - Cache the result of the empty password checks.

• security.ssl3.dhe_rsa_aes_128_sha
  Bug 1496639 - Disable DHE ciphers by default.

• security.ssl3.dhe_rsa_aes_256_sha
  Bug 1496639 - Disable DHE ciphers by default.

• security.tls.version.min
  Bug 1643229 - Disable TLS 1.0 in release channels,
  Bug 1626495 - Re-enable TLS 1.0 for release,
  Bug 1623536 - Re-enable TLS 1.0,
  Bug 1606734 - Disable TLS 1.0 and 1.1 by default,

• toolkit.asyncshutdown.report_writes_after
  Bug 1610134: Part 2: Increase timeout pref that turns on late write checking
  Bug 1610134: Part 1: add timeout pref that turns on late write checking to see if it's possible to crash browser earlier.

• toolkit.cosmeticAnimations.enabled
  Bug 1640501 - Remove toolkit.cosmeticAnimations.enabled from all.js.

• webextensions.storage.sync.kinto
  Bug 1623245 - A new browser.storage.sync local storage implementation, pref'd off.
  Bug 1642271 - don't sync the webextensions.storage.sync.kinto preference.
  Bug 1635352 (part 1) - Add a new bridged extension-storage engine.

[Thorin-Oakenpants]

@earthlng why was this pulled out for action? sorry, I haven't looked at it yet

pref("browser.urlbar.suggest.topsites", true);

---

the rest: anyone who wants to do some homework, dig in

1. pref("browser.fixup.fallback-to-https", true);
2. pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 1);
3. pref("layout.css.font-visibility.level", 3);
4. pref("network.dns.disabled", false);
5. pref("privacy.dynamic_firstparty.use_site", true);
6. pref("privacy.firstparty.isolate.use_site", false);
7. pref("privacy.partition.network_state", false);

how does this sound?

• 1 sounds good at default -> ignore?
• 2 i need to refresh, but I think we want to change this so single words do not search
• 3 NFI, I was just intrigued what it means
• 4 ?
• 5+6+7: leave them alone for Mozilla to set
  • : I'm not even sure what all of that means: part of some new isolation/ disk separation / memory thing / fission / dFPI / FPI

[geeknik]

* `2` i need to refresh, but I think we want to change this so single words do not search

Leaving it set to 1 uses internal Firefox heuristics to determine whether the word gets resolved or not, setting it to 2 will always resolve the single word and setting to 0 will never resolve the single word.

[ghost]

I suggest something like this:

/* 0850a: disable location bar suggestion types
 * [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest ***/
   // user_pref("browser.urlbar.suggest.history", false);
   // user_pref("browser.urlbar.suggest.bookmark", false);
   // user_pref("browser.urlbar.suggest.openpage", false);
   // user_pref("browser.urlbar.suggest.topsites", false); // [FF78+]

Personally I have the last line uncommented.

Edit: Sorry, my bad. Should have checked it before posting. Search engine keywords work no matter what.
Eidt 2: The above deals with the visibility of the topsites. However there's also "browser.newtabpage.activity-stream.feeds.system.topsites". We probably need to deal with that, too. :(

[rusty-snake]

3:

# Visibility level of font families available to CSS font-matching:
#   1 - only base system fonts
#   2 - also fonts from optional language packs
#   3 - also user-installed fonts

Source: https://dxr.mozilla.org/mozilla-central/source/modules/libpref/init/StaticPrefList.yaml#5753

4: leave false. It disables DNS queries to upstream server i.e. you can use the internet.

[ghost]

@Thorin-Oakenpants
I edited my posts above before you commited yesterday but seemingly you didn't see it early enough. Sorry for that!

I also read the code for browser.urlbar.dnsResolveSingleWordsAfterSearch. Currently there's no heuristic at all (bug 1642623), i.e. 1=2='always resolve' for now. In the future they want to check the user's host file or if DOH is used, etc.

[ghost]

I just mentioned DoH and host file checking because Mozilla plans including it in the heuristic they want to implement for browser.urlbar.dnsResolveSingleWordsAfterSearch in future versions. In other words, another suggestion:

/* 07XX: DNS: resolve single words after search [FF78+]
 * Necessary if you need to connect to local networks with single word names but also leaks the input to your DNS-provider
 * 0=never, 1=heuristic (default), 2=always
 * (For FF78 1 and 2 are the same and always resolve but that will change in future versions)
 * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1642623
   // user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);

[earthlng]

OMG YES! no expanding urlbar anymore in FF78 with ui.prefersReducedMotion=1! Hallelujah! Thank you black Jesus :)

[earthlng]

• 1 sounds good at default -> ignore?

yes.

browser.urlbar.dnsResolveSingleWordsAfterSearch fits better in 0800 than 0700 IMO. I wonder if we really need this though when we already have keyword.enabled=false ? @guser-sudo, do you know?
Either way, we should probably add it just in case (active with value 0).

AFAIK 5 + 6 control what's used as the origin attribute for 1st-party isolation. dFPI will now use "site" whereas FPI will remain just domain. A bit weird that they use different OAs but I guess it's best to not mess with it at this point because IDK if all the things isolated by FPI will still work with "site" instead of domain.

[earthlng]

FYI: layout.css.font-variations.enabled is locked

is that related to layout.css.font-visibility.level at all?

layout.css.font-visibility.level looks nice at first glance but doesn't it just add another vector to detect locale?
Like, fe on my system the arabic fonts are "hidden" in my OS and font-visibility.level=1 would make them not accessible for CSS anymore but someone with an en-US FF (spoofed or not) on an OS in arabic would have those fonts exposed in the list. I don't see how this improves privacy TBH

[geeknik]

layout.css.font-variations.enabled is related to https://developer.mozilla.org/en-US/docs/Web/CSS/font-variation-settings. Not sure it figures into any privacy related stuff..

[ghost]

browser.urlbar.dnsResolveSingleWordsAfterSearch fits better in 0800 than 0700 IMO. I wonder if we really need this though when we already have keyword.enabled=false ? @guser-sudo, do you know?
Either way, we should probably add it just in case (active with value 0).

I monitored my DNS-traffic: keyword.enabled=false still causes a DNS-lookup, browser.urlbar.dnsResolveSingleWordsAfterSearch=0 does not.

[earthlng]

Thanks for testing @guser-sudo!

keyword.enabled=false still causes a DNS-lookup,

yeah but isn't that because it tries to access that "keyword" as a hostname? Unless you previously accessed that hostname and therefore still have it in your MAC or DNS cache, that access would necessarily require a dns lookup, right?

ie, with keyword.enabled=false, when I enter "pants" in the urlbar it'll try to access http://pants/.
I don't think there's any way to stop that.

So, as I understand it, dnsResolveSingleWordsAfterSearch=0 only makes sense with keyword.enabled=true ie you always want to search for single words and never try to resolve it as a hostname.

[earthlng]

what does heuristics actually mean?

they haven't decided yet. https://bugzilla.mozilla.org/show_bug.cgi?id=1642623#c8 lists some of their ideas atm:

• user is using DOH
• /etc/hosts only contains localhost
• no policies are in use
• the computer is not enrolled in a domain

[ghost]

@earthlng
Yes, with keyword.enabled=false the default setting browser.urlbar.dnsResolveSingleWordsAfterSearch=1 is sufficient which should prevent (hopefully most) typos from being externally resolved when the heuristic has landed.

[ghost]

@Thorin-Oakenpants
That pref seems to be the AS of browser.urlbar.suggest.topsites. They do almost the same however I don't know the exact differences. Still investigating if both are needed or only one of them.

What happened to the browser.urlbar.dnsResolveSingleWordsAfterSearch comments?

[earthlng]

maybe something like this for dnsResolveSingleWordsAfterSearch:

/* 0811: disable location bar leaking single words to DNS provider when keywords (0801) are enabled [FF78+]
 * 0=never resolve single words, 1=heuristic (default), 2=always resolve
 * (For FF78 value 1 and 2 are the same and always resolve but that will change in future versions)
 * [1] https://bugzilla.mozilla.org/1642623 ***/
user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);

IDK if we need to explain more than that, fe that with keywords disabled all single words are treated as hostnames and could "leak" (unless you have them in your hosts file (and don't use DOH because DOH currently doesn't check hosts)).

We can also add network.dns.disabled as optional defense-in-depth to prevent any potential DNS leaks for proxy/tor users.

[ghost]

Firefox 78.0.1 with no proxy here. I tested setting network.dns.disabled to true and I wasn't surprised more than that with the effect : no connection.
My understanding of English is sometimes approximate so if my above comment initiates hilarity I won't feel excessively ashamed!

[crssi]

Did anyone noticed the DNS leak when dnsResolveSingleWordsAfterSearch = 1?
I do use keyword.enabled = true and no single word DNS leak is visible here.

[ghost]

@crssi
Yes, I can see it when logging my DNS queries.
It happens after a single word search like 'cat' when firefox asks you if you want to open http://cat instead.

[ghost]

@Thorin-Oakenpants wrote above, concerning network.dns.disabled

If we add network.dns.disabled it would be inactive, but I wondering what other use cases it has: e.g. VPNs with their own DNS servers. What about if you use DoH? So it's basically an off switch if the any DNS alternatives fails. But I'm struggling to think of any other use cases.

I linger as well to understand this setting's pertinence. No VPN here and no FF TRR, DNS is resolved with DNSCrypt-proxy (hence its own DNS servers). Maybe makes sense with FF's DoH (TRR)? I'm really looking forwards to understand why/where the setting is useful.

[ghost]

I just turned on browser.fixup.alternate.enabled for testing but it doesn't work and always causes a search instead. Am I missing something or is it broken?

[crssi]

@guser-sudo
I see what you mean, but there is no such query here... In wireshark I can see only request for a search on DDG.
Will try to find out today afternoon what I have different in setup.
Will report back later.

[ghost]

* [NOTE] disabling location bar search also has the same effect (see 0801)

I wouldn't call it the same effect: It prevents the search and does a DNS lookup because you probably want to reach a local resource.
browser.urlbar.dnsResolveSingleWordsAfterSearch decides whether after a search you want to be given the opportunity to reach a local resource instead.

[earthlng]

I read that as you can only disable the single dns leak if you also have 0801 enabled

that's exactly how it's meant to be read :)

type "pants" and hit enter and it just goes straight to an error page.

yeah but after it tried to resolve pants ie dns leak

@crssi are you sure you didn't send the single word to your search engine ie something like "d word"? The leak only happens if you enter a single word without a search-engine keyword/letter

[crssi]

I never use search-engine keyword/letter.

[crssi]

I have build a new profile from scratch. And everything is as you say and cannot reproduce.
I must have done something in my work profile that I am not aware off, since there I have no leakage and the browser.urlbar.dnsResolveSingleWordsAfterSearch = 1.... it is strange, but in is just part of my fckedup profile.
Will try to get to the bottom of it later, just out of curiosity.

Update: Forget I have written anything, just can't reproduce anymore and I have no clue why is that.

[ghost]

• [a] keyword true, dns = 1/2 (FF defaults): search and resolve single word; FF shows the search results and asks you if you want to open http://single_word (probably a local resource)
• [b] keyword true, dns = 0: search only

[earthlng]

this is what the prompt looks like:

But the prompt only shows up if the DNS lookup actually found a host with that name. That's why I used localhost.

The way I tested it was a new fresh profile with the latest user.js, (optional: change default search engine to the builtin DDG), then in about:config change keyword.enabled to true and set browser.fixup.domainwhitelist.localhost to false.

This is just to illustrate the prompt though - the DNS leak doesn't really happen here because localhost is in everyone's hosts file and that's looked up prior to any remote DNS lookup. (unless you use FF's DoH!)

With that test environment now in place you can test when (or not) the prompt shows up, ie search buttons etc. If it doesn't show up it most likely means the DNS lookup didn't happen but I haven't verified that with wireshark or similar. BUT just make sure you never click the "Yes, take me to ..." button because that will set a pref and mess up further testing!

In my test it apparently didn't try a DNS lookup when I clicked one of the one-off search buttons to trigger the search nor when I used a search-engine keyword/letter.

FYI secretplace,com is considered a single word too. Probably everything without a space is a single word.

I hope this helps

[Thorin-Oakenpants]

Does anyone care about adding

• network.dns.disabled

Does anyone care about adding these as true, now we know what they do (inactive)

• privacy.partition.network_state
• privacy.firstparty.isolate.use_site

---

Does anyone care about 2200

• if anything has really actually changed then it would be nice to get into 78 since it's ESR
• dom.disable_window_open_feature - see 1507375, compat

I tried doing various tests here, and I have my own tests, and I just don't get it. I can still remove all those items: menubar, personalbar and toolbar (but I can't add them?). I also got some really whacked out results, where I loaded the test in a popup and the changes were being applied to the parent window (and I could show/hide things like the menu, toolbar etc)

I just don't know if I can be fucked dealing with this mess

[rusty-snake]

Does anyone care about

network.dns.disabled: No
privacy.partition.network_state: IDK what it does, the onlything I found was the linked ticket.

/* 400x: Isolate DNS cache per first-party [FF78+] ***/
   // user_pref("privacy.partition.network_state", true);

privacy.firstparty.isolate.use_site: I do some testing

/* 400x: Isolate by site and not by domain [FF78+] ***/
   // user_pref("privacy.firstparty.isolate.use_site", true);

[Thorin-Oakenpants]

privacy.partition.network_state: IDK what it does, the only thing I found was the linked ticket

It is being used to isolate some things that FPI didn't. Maybe they'll even move things to use this so it's simpler from an engineering point of view. Here is the meta ticket

FPI was going to isolate font cache (pretty sure this is the graphics card cache) - that was 1560580, but this has been dropped and instead is covered with privacy.partition.network_state (see 1647732) , but that's not until FF80

"Network" being distinct from web content : "This leaves storage, permissions, cookie jars etc alone but isolates cached and network stuff by site. Nothing that should be observable to a website (except through side channels.)"

---

We certainly don't need to add any of these for this release, but probably will at some point. And at that point when they are ready to use (bugs), they will most likely be flipped