From b8f42fb200bfce11edbee15a0d267d2d6ea32821 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 12 Dec 2021 15:20:45 +0000 Subject: [PATCH 1/3] update 0704: GIO, closes #1050 https://bugzilla.mozilla.org/show_bug.cgi?id=1666725 --- user.js | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/user.js b/user.js index bdaf4983..3a406943 100644 --- a/user.js +++ b/user.js @@ -313,12 +313,11 @@ user_pref("network.proxy.socks_remote_dns", true); * [SETUP-CHROME] Can break extensions for profiles on network shares * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/ user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF] -/* 0704: disable GIO as a potential proxy bypass vector [FF60+] +/* 0704: disable GIO as a potential proxy bypass vector * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda, - * gphoto2, trash, etc. By default only smb and sftp protocols are accepted so far (as of FF64) - * [1] https://bugzilla.mozilla.org/1433507 - * [2] https://en.wikipedia.org/wiki/GVfs - * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/ + * gphoto2, trash, etc. By default only sftp protocols are accepted so far (as of FF87) + * [1] https://en.wikipedia.org/wiki/GVfs + * [2] https://en.wikipedia.org/wiki/GIO_(software) ***/ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] /* 0705: disable proxy direct failover for system requests [FF91+] * [WARNING] Default true is a security feature against malicious extensions [1] From 8c538beec6210ab3562169cfba33c8ba422f11ed Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 12 Dec 2021 15:24:10 +0000 Subject: [PATCH 2/3] grammar --- user.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/user.js b/user.js index 3a406943..96ec3a5b 100644 --- a/user.js +++ b/user.js @@ -314,8 +314,8 @@ user_pref("network.proxy.socks_remote_dns", true); * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/ user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF] /* 0704: disable GIO as a potential proxy bypass vector - * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda, - * gphoto2, trash, etc. By default only sftp protocols are accepted so far (as of FF87) + * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, + * dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+) * [1] https://en.wikipedia.org/wiki/GVfs * [2] https://en.wikipedia.org/wiki/GIO_(software) ***/ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] From 6ed14beb503249f1fb475f27eff1f87660ac4c94 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 12 Dec 2021 15:40:46 +0000 Subject: [PATCH 3/3] add back bugzilla in hindsight it has handy info, not because it has anything to do with the pref --- user.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/user.js b/user.js index 96ec3a5b..770fb3c3 100644 --- a/user.js +++ b/user.js @@ -316,8 +316,9 @@ user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF] /* 0704: disable GIO as a potential proxy bypass vector * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, * dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+) - * [1] https://en.wikipedia.org/wiki/GVfs - * [2] https://en.wikipedia.org/wiki/GIO_(software) ***/ + * [1] https://bugzilla.mozilla.org/1433507 + * [2] https://en.wikipedia.org/wiki/GVfs + * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] /* 0705: disable proxy direct failover for system requests [FF91+] * [WARNING] Default true is a security feature against malicious extensions [1]