New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ToDo: diffs FF61-FF62 #463

Closed
earthlng opened this Issue Jul 11, 2018 · 42 comments

Comments

Projects
None yet
2 participants
@earthlng
Copy link
Member

earthlng commented Jul 11, 2018

FF62 is scheduled for release 5th Sept

FF62 Release notes
FF62 for developers
FF62 compatibility

120 diffs ( 51 new, 43 gone, 26 different )

new in v62.0:

  • pref("toolkit.winRegisterApplicationRestart", true); 603903 - 6717bc0
  • pref("extensions.systemAddon.update.enabled", true); 0505
  • pref("dom.clearSiteData.enabled", false); 1268889
    • added here for visibility, allows sites to clear site data when it detects it's in a bad state. It has nothing to do with FF's or your ability to control site data

removed, renamed or hidden in v62.0:

  • pref("browser.urlbar.autoFill.typed", true); - 1239708 - 776e32c
    • note: we REMOVED this from our user.js as it's already covered by browser.urlbar.autoFill
  • pref("plugin.state.java", 1); - c805dd8

changed in v62.0:


ignore

click me for details

==NEW

pref("browser.history_swipe_animation.disabled", false); // not privacy related
pref("browser.newtabpage.activity-stream.asrouterOnboardingCohort", 0);
pref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "https://accounts.firefox.com/");
pref("browser.newtabpage.activity-stream.improvesearch.noDefaultSearchTile", true);
pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);
pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "google");
pref("browser.newtabpage.activity-stream.section.highlights.rows", 2);
pref("browser.newtabpage.activity-stream.section.topstories.rows", 1);
pref("browser.safebrowsing.provider.mozilla.lists.base", "moz-std");
pref("browser.safebrowsing.provider.mozilla.lists.content", "moz-full");
pref("browser.security.newcerterrorpage.enabled", false);
pref("browser.sessionstore.resuming_after_os_restart", false);
pref("browser.tabs.multiselect", false);
pref("browser.tabs.remote.tabCacheSize", 0);
 // ^ temp(?) change due to (e10s) related issues
pref("devtools.debugger.pause-on-caught-exceptions", true);
pref("devtools.inspector.fonthighlighter.enabled", false);
pref("devtools.inspector.three-pane-first-run", true);
pref("dom.webcomponents.shadowdom.report_usage", false);
pref("devtools.webconsole.jsterm.codeMirror", false);
pref("dom.mutation-events.cssom.disabled", true);
pref("dom.serviceWorkers.parent_intercept", false);
pref("extensions.webextensions.ExtensionStorageIDB.enabled", false);
pref("gfx.webrender.debug.echo-driver-messages", false);
pref("gfx.webrender.debug.new-frame-indicator", false);
pref("gfx.webrender.debug.new-scene-indicator", false);
pref("gfx.webrender.program-binary-disk", true);
pref("io.activity.intervalMilliseconds", 0);
pref("layout.accessiblecaret.script_change_update_mode", 0);
 // ^ https://hg.mozilla.org/mozilla-central/rev/92022a209721pref("image.animated.resume-from-last-displayed", true);
pref("layout.css.property-append-only", false);
pref("layout.css.scrollbar-colors.enabled", false);
pref("layout.css.webkit-appearance.enabled", false);
pref("layout.css.xul-display-values.content.enabled", false);
pref("network.cookie.maxNumber", 3000);
pref("network.cookie.maxPerHost", 180);
pref("network.sts.poll_busy_wait_period", 50);
pref("network.sts.poll_busy_wait_period_timeout", 7);
pref("network.sts.pollable_event_timeout", 6);
pref("pdfjs.scrollModeOnLoad", 0);
pref("pdfjs.spreadModeOnLoad", 0);
pref("print.font-variations-as-paths", true);
pref("privacy.trackingprotection.storagerestriction.enabled", false);
pref("services.blocklist.addons.signer", "remote-settings.content-signature.mozilla.org");
pref("services.blocklist.gfx.signer", "remote-settings.content-signature.mozilla.org");
pref("services.blocklist.onecrl.signer", "onecrl.content-signature.mozilla.org");
pref("services.blocklist.pinning.signer", "pinning-preload.content-signature.mozilla.org");
pref("services.blocklist.plugins.signer", "remote-settings.content-signature.mozilla.org");

==REMOVED or HIDDEN

pref("browser.EULA.version", 3);
pref("browser.rights.3.shown", false);
pref("browser.rights.version", 3);
pref("browser.safebrowsing.provider.mozilla.lists.base.description", "mozstdDesc");
pref("browser.safebrowsing.provider.mozilla.lists.base.name", "mozstdName");
pref("browser.safebrowsing.provider.mozilla.lists.content.description", "mozfullDesc2");
pref("browser.safebrowsing.provider.mozilla.lists.content.name", "mozfullName");
pref("browser.search.defaultenginename", "chrome://browser-region/locale/region.properties");
pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=Google");
pref("browser.search.order.1", "chrome://browser-region/locale/region.properties");
pref("browser.search.order.2", "chrome://browser-region/locale/region.properties");
pref("browser.search.order.3", "chrome://browser-region/locale/region.properties");
pref("browser.search.order.US.1", "data:text/plain,browser.search.order.US.1=Google");
pref("browser.search.order.US.2", "data:text/plain,browser.search.order.US.2=Bing");
pref("browser.snapshots.limit", 0);
pref("devtools.devedition.promo.enabled", false);
pref("devtools.devedition.promo.shown", false);
pref("devtools.devedition.promo.url", "https://www.mozilla.org/firefox/developer/?utm_source=firefox-dev-tools&utm_medium=firefox-browser&utm_content=betadoorhanger");
pref("devtools.inspector.three-pane-toggle", false);
pref("devtools.telemetry.tools.opened.version", "{}");
pref("devtools.toolbar.enabled", true);
pref("devtools.toolbar.visible", false);
pref("devtools.webconsole.autoMultiline", true);
pref("extensions.geckoProfiler.symbols.url", "http://symbols.mozilla.org/");
pref("extensions.minCompatibleAppVersion", "4.0");
pref("extensions.minCompatiblePlatformVersion", "2.0");
pref("gfx.webrender.all", false);
pref("gfx.webrender.enabled", false);
pref("gfx.webrender.hit-test", true);
pref("hangmonitor.timeout", 0);
pref("image.mem.max_decoded_image_kb", 256000);
pref("javascript.options.array_prototype_values", true);
pref("layout.accessiblecaret.allow_script_change_updates", false);
pref("layout.css.getPropertyCSSValue.enabled", false);
pref("layout.css.text-combine-upright-digits.enabled", false);
pref("layout.event-regions.enabled", false);
pref("network.activity.intervalMilliseconds", 0);
pref("network.dir.format", 2);
pref("plugin.java.mime", "application/x-java-vm");
pref("security.allow_chrome_frames_inside_content", false);
pref("security.OCSP.GET.enabled", false);

==CHANGED

pref("apz.android.chrome_fling_physics.enabled", true); // prev: false
pref("browser.cache.disk.max_chunks_memory_usage", 40960); // prev: 10240
pref("browser.cache.disk.max_priority_chunks_memory_usage", 40960); // prev: 10240
pref("device.sensors.ambientLight.enabled", false); // prev: true
pref("device.sensors.proximity.enabled", false); // prev: true
pref("devtools.debugger.ignore-caught-exceptions", true); // prev: false
pref("devtools.inspector.show-three-pane-tooltip", true); // prev: false
pref("devtools.inspector.three-pane-enabled", true); // prev: false
pref("devtools.new-animationinspector.enabled", true); // prev: false
pref("devtools.toolbox.previousHost", "right"); // prev: "side"
pref("dom.ipc.plugins.sandbox-level.flash", 3); // prev: 2
pref("dom.registerContentHandler.enabled", false); // prev: true
pref("dom.registerProtocolHandler.insecure.enabled", false); // prev: true
pref("extensions.geckoProfiler.getSymbolRules", "localBreakpad,dump_syms.exe"); // prev: "localBreakpad,remoteBreakpad,dump_syms.exe"
pref("gfx.webrender.async-scene-build", true); // prev: 2
pref("image.animated.decode-on-demand.threshold-kb", 20480); // prev: 4194303
pref("layers.enable-tiles-if-skia-pomtp", true); // prev: false
pref("layout.css.shape-outside.enabled", true); // prev: false
pref("layout.display-list.retain", true); // prev: false
pref("network.http.throttle.version", 1); // prev: 2
pref("network.trr.blacklist-duration", 60); // prev: 1200
pref("security.pki.name_matching_mode", 3); // prev: 1

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Jul 11, 2018

some bugzilla tickets

  • apz.android.chrome_fling_physics.enabled
    Bug 1460206 - Let the new Android fling physics ride the trains.
    Bug 1459293 - Enable new Android fling physics on the Nightly channel.
    Bug 1448439 - Add a pref to get APZ to use the Chrome fling physics on Android.

  • browser.cache.disk.max_chunks_memory_usage
    Bug 1457084 - Increase max chunk memory usage limit,

  • browser.cache.disk.max_priority_chunks_memory_usage
    Bug 1457084 - Increase max chunk memory usage limit,

  • browser.cache.offline.insecure.enable
    Bug 1460478 - Remove support for AppCache in stable.

  • browser.EULA.version
    Bug 1409054 - Remove code from the old about:home.

  • browser.history_swipe_animation.disabled
    Bug 860493: Add pref to disable history swipe animations.

  • browser.rights.3.shown
    Bug 1409054 - Remove code from the old about:home.

  • browser.rights.version
    Bug 1409054 - Remove code from the old about:home.

  • browser.safebrowsing.provider.mozilla.lists.base
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.safebrowsing.provider.mozilla.lists.base.description
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.safebrowsing.provider.mozilla.lists.base.name
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.safebrowsing.provider.mozilla.lists.content
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.safebrowsing.provider.mozilla.lists.content.description
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.safebrowsing.provider.mozilla.lists.content.name
    Bug 1457021 - Migrate the JS of Preferences::Blocklists to Fluent.

  • browser.search.defaultenginename
    Bug 1352539 - Move default search engine to list.json.
    Bug 1417678 - New search defaults for browser and mobile.

  • browser.search.defaultenginename.US
    Bug 1352539 - Move default search engine to list.json.
    Bug 1417678 - New search defaults for browser and mobile.

  • browser.search.order.1
    Bug 1461345 - Move browser.search.order to list.json.

  • browser.search.order.2
    Bug 1461345 - Move browser.search.order to list.json.

  • browser.search.order.3
    Bug 1461345 - Move browser.search.order to list.json.

  • browser.search.order.US.1
    Bug 1461345 - Move browser.search.order to list.json.
    Bug 1417678 - New search defaults for browser and mobile.

  • browser.search.order.US.2
    Bug 1461345 - Move browser.search.order to list.json.
    Bug 1442738 - Update default search config.
    Bug 1417678 - New search defaults for browser and mobile.

  • browser.security.newcerterrorpage.enabled
    Bug 1463748 - Fork and pref-off the new error pages

  • browser.sessionstore.resuming_after_os_restart
    Bug 603903 - Part 2: restore session when restarted by Windows

  • browser.snapshots.limit
    Bug 860493: Add pref to disable history swipe animations.

  • browser.tabs.multiselect
    Bug 1458010 - Add ability to select multiple tabs using Ctrl/Cmd.

  • browser.tabs.remote.tabCacheSize
    Bug 1465106 - Disable tab layer cache
    Bug 1176019 - Cache layers of background tabs

  • browser.urlbar.autoFill.typed
    Bug 1239708: Improve awesomebar autofill. Part 3: Front-end changes.

  • device.sensors.ambientLight.enabled
    Bug 1462308 - Disable all Device Sensor events except orientation by default for stable.

  • device.sensors.proximity.enabled
    Bug 1462308 - Disable all Device Sensor events except orientation by default for stable.

  • devtools.devedition.promo.enabled
    Bug 1463924 - Remove Dev. Edition promo doorhanger.

  • devtools.devedition.promo.shown
    Bug 1463924 - Remove Dev. Edition promo doorhanger.

  • devtools.devedition.promo.url
    Bug 1463924 - Remove Dev. Edition promo doorhanger.

  • devtools.inspector.fonthighlighter.enabled
    Bug 1440855 - New font text-run highlighter used from the font inspector;r=gl

  • devtools.inspector.show-three-pane-tooltip
    Bug 1467564 - Only show the 3 pane tooltip in release or beta.
    Bug 1464233 - Allow 3 pane inspector to ride the trains.
    Bug 1433718 - Enable 3 pane inspector in nightly and make unit tests pass.
    Bug 1433718 - Make unit tests pass with the 3 pane inspector on in nightly.
    Bug 1446944 - Provide onboarding tooltip for the 3 pane inspector feature.

  • devtools.inspector.three-pane-enabled
    Bug 1464233 - Allow 3 pane inspector to ride the trains.
    Bug 1433718 - Enable 3 pane inspector in nightly and make unit tests pass.
    Bug 1433718 - Make unit tests pass with the 3 pane inspector on in nightly.

  • devtools.inspector.three-pane-first-run
    Bug 1468495 - Reset the inspector widths for the first run of 3 pane inspector.

  • devtools.inspector.three-pane-toggle
    Bug 1462451 - Remove checks for the 3 pane toggle button.

  • devtools.new-animationinspector.enabled
    Bug 1470807: Enable new animation inspector on Beta and Release channel.

  • devtools.telemetry.tools.opened.version
    Bug 1296723 - Remove logOncePerBrowserVersion telemetry functions and probes

  • devtools.toolbar.enabled
    Bug 1461970 - Removing DeveloperToolbar, its menu, its pref and everything using gDevToolsBrowser.getDeveloperToolbar.

  • devtools.toolbox.previousHost
    Bug 1192642 - Add a left host type for the toolbox.

  • devtools.webconsole.autoMultiline
    Bug 1464476 - Remove devtools.webconsole.autoMultiline preference;

  • devtools.webconsole.jsterm.codeMirror
    Bug 1463409 - Add a preference to enable CodeMirror-powered jsterm;

  • dom.clearSiteData.enabled
    Bug 1268889 - Implement Clear-Site-Data header - part 2 - pref,

  • dom.ipc.plugins.sandbox-level.flash
    Bug 1366256 - Part 1: Promote Windows plugin process sandbox to level 3.
    Bug 1433577 - [Mac] Enable sandboxing for the Flash NPAPI plugin process on Nightly;
    Bug 1366256: Part 1 - Promote Windows plugin process sandbox to level 3
    Bug 1444291 - Part 3 - Add read access to the Mac Flash sandbox, support sandbox levels

  • dom.keyboardevent.dispatch_during_composition
    Bug 1446401 - Start to dispatch "keydown" event and "keyup" event even during in composition in Nightly and early Beta

  • dom.mutation-events.cssom.disabled
    Bug 1460295 - Don't dispatch mutation event for style attribute change from CSSOM.

  • dom.registerContentHandler.enabled
    Bug 1460481 - Disable registerContentHandler from stable releases.

  • dom.registerProtocolHandler.insecure.enabled
    Bug 1460506 - Restrict registerProtocolHandler over insecure connections in stable releases.

  • dom.serviceWorkers.parent_intercept
    Bug 1469024 Define service worker parent intercept pref in StaticPrefList and read it once at startup.

  • dom.webcomponents.shadowdom.report_usage
    Bug 1461278 - Print a note to the web console when a web site is using shadow DOM (v1), preffed off by default,

  • extensions.geckoProfiler.getSymbolRules
    Bug 1461056 - Remove the "remoteBreakpad" symbol rule, because it's no longer needed.
    Bug 1441051 - Automatically invoke dump_syms.exe on Windows when the profiler asks for symbol tables.

  • extensions.geckoProfiler.symbols.url
    Bug 1461056 - Remove unneeded function urlForSymFile.

  • extensions.minCompatibleAppVersion
    Bug 1461216: Remove minCompatible*Version preferences.

  • extensions.minCompatiblePlatformVersion
    Bug 1461216: Remove minCompatible*Version preferences.

  • extensions.systemAddon.update.enabled
    Bug 1428459 - Divorce system add-ons from app.update prefs

  • extensions.webextensions.ExtensionStorageIDB.enabled
    Bug 1406181 - Add ExtensionStorageIDB JSM module.

  • gfx.webrender.async-scene-build
    Bug 1452845 - Turn on async scene building by default.
    Bug 1391318 - Automatically enable async scene building with webrender.all.
    Bug 1451469 - Complete hooking up of the sampler thread.

  • gfx.webrender.debug.echo-driver-messages
    Bug 1469041 - Expose WebRender's frame/scene debug indicators.

  • gfx.webrender.debug.new-frame-indicator
    Bug 1469041 - Expose WebRender's frame/scene debug indicators.

  • gfx.webrender.debug.new-scene-indicator
    Bug 1469041 - Expose WebRender's frame/scene debug indicators.

  • gfx.webrender.hit-test
    Bug 1436409 - Remove gecko/APZ hit-test codepath from WebRenderCommandBuilder.

  • gfx.webrender.program-binary-disk
    Bug 1418202 - Serialize ProgramBinary to/from blob/disk

  • hangmonitor.timeout
    Bug 1448040 - Remove HangMonitor/ChromeHangs

  • image.animated.decode-on-demand.threshold-kb
    Bug 1460258 - Re-enable discarding of animated image frames.
    Bug 1454824 - Disable discarding of animated image frames due to high CPU consumption.

  • image.animated.resume-from-last-displayed
    Bug 1454149 - Do not advance animated images which are not displayed.

  • image.mem.max_decoded_image_kb
    Bug 1335148 - Part 4: Remove unused max_decoded_image_kb pref.

  • io.activity.intervalMilliseconds
    Bug 1447931 - NetworkActivity becomes IOActivity -

  • javascript.options.array_prototype_values
    Bug 1469540 - Remove option to disable Array.prototype.values.

  • layers.enable-tiles-if-skia-pomtp
    Bug 1454978 - Enable tiled parallel OMTP when we are using skia on windows on nightly.
    Bug 1454978 - Cleanup tiling prefs in all.js.
    Bug 1438551 - Add a pref for enabling tiles when we are using skia with parallel painting.

  • layout.accessiblecaret.allow_script_change_updates
    Bug 1463576 - 1. Add layout.accessiblecaret.script_change_update_mode pref;

  • layout.accessiblecaret.script_change_update_mode
    Bug 1463576 - 1. Add layout.accessiblecaret.script_change_update_mode pref;

  • layout.css.getPropertyCSSValue.enabled
    Bug 1408301: Remove getPropertyCSSValue.
    Bug 1461092 - Unship GetPropertyCSSValue in Firefox 61.
    Bug 1448415: Hide getPropertyCSSValue on nightly.

  • layout.css.moz-document.url-prefix-hack.enabled
    Bug 1448225 - Convert StylePrefs to StaticPrefs.
    Bug 1446470: Add another pref to control the url-prefix hack.

  • layout.css.scrollbar-colors.enabled
    Bug 1460456 part 3 - Add scrollbar-{face,track}-color properties.

  • layout.css.shape-outside.enabled
    Bug 1457297: Turn pref layout.css.shape-outside.enabled on by default for all channels.
    Bug 1353631 Part 1: Set preference default to true in Nightly for layout.css.shape-outside.enabled.
    Bug 1353631: Set preference default to true in Nightly for layout.css.shape-outside.enabled.

  • layout.css.text-combine-upright-digits.enabled
    Bug 1457373 - Remove text-combine-upright digits option -

  • layout.css.webkit-appearance.enabled
    Bug 1429713 part 1 - Add a -webkit-appearance alias for -moz-appearance (behind a pref).

  • layout.css.xul-display-values.content.enabled
    Bug 1288572: Hide -moz- display values from content behind a pref.

  • layout.display-list.retain
    Bug 1467530 - Disable retained display lists by default for Firefox 61.

  • layout.event-regions.enabled
    Bug 1436409 - Remove the layout.event-regions.enabled pref and bake it in as false everywhere.

  • network.activity.intervalMilliseconds
    Bug 1447931 - NetworkActivity becomes IOActivity -

  • network.cookie.maxNumber
    Bug 1460251 - Up cookie limit to 180 per host and expose prefs.

  • network.cookie.maxPerHost
    Bug 1460251 - Up cookie limit to 180 per host and expose prefs.

  • network.dir.format
    Bug 833098: Part 1 - Remove dead code in xpfe directory viewer.

  • network.sts.poll_busy_wait_period
    Bug 1442178 - Do a busy wait of socket poll() shortly after network change detection,

  • network.sts.poll_busy_wait_period_timeout
    Bug 1442178 - Do a busy wait of socket poll() shortly after network change detection,

  • network.sts.pollable_event_timeout
    Bug 1442178 - Repair broken socket polling wakeup mechanism after a network change to prevent long load hangs,

  • network.trr.blacklist-duration
    bug 1470005 - change default TRR blacklist duration to 60 seconds
    bug 1451011 - expire TRR blacklist entries after 20 minutes by default

  • plugin.java.mime
    Bug 1461243 - Part 5: Stub out obsolete DOM API navigator.javaEnabled(). r=jimm

  • plugin.state.java
    Bug 1461243 - Part 5: Stub out obsolete DOM API navigator.javaEnabled(). r=jimm

  • print.font-variations-as-paths
    Bug 1464094 - print font variations as paths for PDF/PS output.

  • privacy.trackingprotection.storagerestriction.enabled
    Bug 1461921 - Block storage access for third-parties on the tracking protection list - part 1 - Pref and Blocking check,

  • security.OCSP.GET.enabled
    bug 1456489 - prevent making OCSP requests on the main thread

  • security.pki.name_matching_mode
    Bug 1463936 - Set default security.pki.name_matching_mode to enforce (3) for all builds.
    Bug 1461373 - Set BRNameMatchingPolicy to "Enforce" for Nightly

  • toolkit.winRegisterApplicationRestart
    Bug 603903 - Part 1: add RegisterApplicationRestart

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Jul 12, 2018

yay! another small one

Edit: don't want to pollute this issue, but this is interesting - https://portableapps.com/node/58213. Seems like browser.cache.disk.capacity=0 is not respected - maybe it requires > 0 (we're ok since we have browser.cache.disk.enable=false which is respected)

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Aug 10, 2018

since it was snuck into 61.0.2 - we should look at toolkit.winRegisterApplicationRestart and if we need to do anything about it

Edit: apparently it is false for now, so we could leave it until or if we pick up on when it's flipped. I'm just not sure if this requires session recovery to be active to even be a threat (of persistent data)

Edit edit: https://www.ghacks.net/2018/08/09/firefox-61-0-2-release-information/#comment-4386694

I’m currently using 62b15 on “Windows 7” and “toolkit.winRegisterApplicationRestart” is set to true. It’s also set to true in Nightly.

So I guess we better deal with it in this diffs then

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Aug 14, 2018

  • pref("privacy.trackingprotection.storagerestriction.enabled", false); - in FF63 they 1st renamed it to privacy.3rdpartystorage.enabled but now removed the pref again and merged it with network.cookie.cookieBehavior. Best to ignore for FF62 IMO, because otherwise we have it in the user.js for 1 version and then have to move it to 9999.
    We can list it at the top of this issue "for visibility" for those who want to try it. (but I'm not sure if it needs TP enabled or if it's even fully ready yet in FF62)
  • pref("extensions.webextensions.ExtensionStorageIDB.enabled", false); - there have already been a couple of issues identified with this (+ fixed in latest FF63) and it's best to wait until they enable it by default IMO. I suggest we move it to "ignore"
@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Aug 14, 2018

huh .. tying tracking protection to the cookie pref? I mean I get it, kinda (I use cookies to control localStorage & IDB), but I don't follow why they would tie it directly to that setting. Am trying to read that diff.

So users who block all cookies can't use TP (or any of the other TP lists they are going to add)? That's not very nice of them. I get that it currently only applies to cookies, but future lists included non-cookie stuff IIRC

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Aug 14, 2018

users who block all cookies can't use TP

You can use TP and block all cookies just fine AFAIK. ATM there are 2 kinds of TP, active and passive. Active TP will completely block requests (which could theoretically also try to set a cookie) while passive TP will just prevent the cookie from being set. At least that's how I think it works.

Seems like a nice option for people who don't want to allow everything (0=allow all cookies and site data) but for whom 1st-party-only breaks too many of their favorite sites.
Maybe one day mozilla will make it the new default value instead of 0.

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Aug 15, 2018

Time will tell, it's all as clear as mud ATM to me. I'm still not sure how they can reconcile TP's state with a defined cookie default. eg (edited, must have been tired)

  • network.cookie.cookieBehavior=2 - you block all cookies
  • network.cookie.cookieBehavior=0,2,3 - you allow all or some cookies

So if you block all cookies, but allow a site exception, how can TP know whether it's allowed to kick in or not. The reverse don't matter (eg blocking cookies as a site exception). Because that's the only difference I see in the cookie pref - allow-all-some vs block

I think I'm confusing this with privacy.trackingprotection.*.enabled which still remains as the on/off switch, and the new setup is just about domains in TP lists and how to handle those domains's cookies + localStorage etc

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Aug 15, 2018

network.cookie.cookieBehavior=0 - you block all cookies

0 = you ALLOW all cookies

FF63 will have a new option available cookieBehavior=4 = allow all except from tracking resources

@Thorin-Oakenpants

This comment was marked as off-topic.

Copy link
Member

Thorin-Oakenpants commented Aug 17, 2018

earthlng wrote:

  • do something with 1700s (containers)

I'd rather NOT do something with containers just yet. Users can enable it if they want but we shouldn't enable it by default for everyone because there are probably reasons why mozilla are still keeping it disabled.

Well, I ain't got to it yet. My first thing to check was what the defaults are in FF62, and ESR60. I had a feeling that they were enabled - in which case I was going to propose maybe removing the section (and shoving 1704 to personal). Anyway... lemme go check the defaults

Update: OK, so on FF61 (and I'll just assume ESR60 is the same), the only one that is on by default is 1703 which doesn't really matter.

Good, one less thing to deal with

@Thorin-Oakenpants

This comment was marked as off-topic.

Copy link
Member

Thorin-Oakenpants commented Aug 17, 2018

the only one that is on by default is 1703 which doesn't really matter.

@earthlng what is the default for privacy.usercontext.about_newtab_segregation.enabled in ESR60.x ? If it's true then we could remove this pref?

@earthlng

This comment was marked as off-topic.

Copy link
Member

earthlng commented Aug 17, 2018

default is false in 60.1.0ESR. It was changed to true in FF61 and ESR is based on FF60 so it makes sense that it's still false in ESR because they very rarely change prefs in ESR.

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Aug 20, 2018

They'll set fallback-limit pref to TLS 1.3 by default for Firefox 62 and IMO we can just remove that pref from the user.js because it's not necessary to enforce the default. plus: "We're on the road to remove that code"

@Thorin-Oakenpants

This comment was marked as resolved.

Copy link
Member

Thorin-Oakenpants commented Aug 20, 2018

^^ added to changed in OP (cuz it wasn't there yet, just so you're aware)

@earthlng earthlng changed the title ToDo: diffs FF61-FF62b6 ToDo: diffs FF61-FF62b20 Aug 29, 2018

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Aug 31, 2018

moved from new to ignore -> new:

  • all the activity-stream shit since it's still possible to delete the system addon. FF63+ will have it built-in and we'll deal with it then
  • pref("browser.security.newcerterrorpage.enabled", false); - wait until they enable it by default
  • pref("browser.tabs.multiselect", false); - not privacy/security related
  • pref("devtools.inspector.fonthighlighter.enabled", false);
  • pref("devtools.inspector.three-pane-first-run", true);
  • pref("dom.webcomponents.shadowdom.report_usage", false);
    probably nightly-only. We'll see it in the diffs if they ever change it to true in beta or release
  • pref("extensions.webextensions.ExtensionStorageIDB.enabled", false); - see my comment
  • pref("privacy.trackingprotection.storagerestriction.enabled", false); - see my comment

moved from changed to ignore -> changed:

  • pref("apz.android.chrome_fling_physics.enabled", true); // prev: false - Android. IDGAF
  • pref("dom.ipc.plugins.sandbox-level.flash", 3); // prev: 2
    Flash. IDGAF. higher sandbox-level is always welcome but we don't need to enforce it or anything
  • pref("dom.registerContentHandler.enabled", false); // prev: true
    navigator.registerContentHandler() has been removed 👍
  • pref("dom.registerProtocolHandler.insecure.enabled", false); // prev: true
    navigator.registerProtocolHandler() can no longer be used on insecure sites 👍
  • pref("network.http.throttle.version", 1); // prev: 2
  • pref("security.pki.name_matching_mode", 3); // prev: 1
    more restrictive hostname matching in TLS certificates 👍

some of the remaining changed prefs might be beta-only, let's wait until 62-release is out

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 5, 2018

dom.registerContentHandler.enabled & dom.registerProtocolHandler.insecure.enabled .. both previously true - shouldn't we add these for ESR60 users? or were they also flipped there?

Edit: also FYI: intent to remove dom.indexedDB.enabled - 1488583

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 5, 2018

moved from new to ignore

pref("browser.history_swipe_animation.disabled", false); // not privacy related
pref("browser.tabs.remote.tabCacheSize", 0);
 // ^ temp(?) change due to e10s related issues
pref("devtools.debugger.pause-on-caught-exceptions", true);
pref("devtools.webconsole.jsterm.codeMirror", false);
 // ^ don't need to change these
pref("dom.mutation-events.cssom.disabled", true);
pref("dom.serviceWorkers.parent_intercept", false);
pref("gfx.webrender.program-binary-disk", true);
pref("image.animated.resume-from-last-displayed", true);
pref("io.activity.intervalMilliseconds", 0);
pref("layout.accessiblecaret.script_change_update_mode", 0);
 // ^ https://hg.mozilla.org/mozilla-central/rev/92022a209721
pref("layout.css.property-append-only", false);
pref("layout.css.scrollbar-colors.enabled", false);
pref("layout.css.webkit-appearance.enabled", false);
pref("layout.css.xul-display-values.content.enabled", false);
pref("network.cookie.maxNumber", 3000);
pref("network.cookie.maxPerHost", 180);
pref("network.sts.poll_busy_wait_period", 50);
pref("network.sts.poll_busy_wait_period_timeout", 7);
pref("network.sts.pollable_event_timeout", 6);
pref("services.sync.engine.bookmarks.validation.enabled", true);
pref("services.sync.engine.passwords.validation.enabled", true);
 // ^^ IDGAF about sync


edit:

  • also 1464094 print.font-variations-as-paths -> ignore
  • can't find the two pdfjs.*ModeOnLoad on DXR

@earthlng earthlng changed the title ToDo: diffs FF61-FF62b20 ToDo: diffs FF61-FF62 Sep 5, 2018

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 5, 2018

62.0 changes since 62b20

new

pref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false); // true in 62b20
pref("services.sync.engine.bookmarks.validation.enabled", true);
pref("services.sync.engine.passwords.validation.enabled", true);

removed

pref("geo.provider.ms-windows-location", false);

changed

pref("app.update.channel", "beta"); // prev: "release"
pref("app.update.url.details", "https://www.mozilla.org/%LOCALE%/firefox/beta/notes"); // prev: "https://www.mozilla.org/%LOCALE%/firefox/notes"
pref("app.update.url.manual", "https://www.mozilla.org/firefox/beta"); // prev: "https://www.mozilla.org/firefox/"
pref("browser.newtabpage.activity-stream.telemetry.ut.events", true); // prev: false
pref("dom.keyboardevent.dispatch_during_composition", true); // prev: false
pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); // prev: "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_API_KEY%"
pref("layout.css.moz-document.url-prefix-hack.enabled", false); // prev: true
pref("network.tcp.tcp_fastopen_enable", true); // prev: false
pref("toolkit.telemetry.enabled", true); // prev: false

--- updated 1st post

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 5, 2018

https://bugzilla.mozilla.org/show_bug.cgi?id=603903#c69

... This feature is currently limited to Windows, though it may be extended to macOS later (in bug 1326181).

Firefox will automatically restore your tabs after Windows OS reboot. To disable this feature, set the "toolkit.winRegisterApplicationRestart" pref to false.

browser.sessionstore.resuming_after_os_restart is used internally and toggled back and forth automatically -> moved to ignore

also Content loads and runs before user has logged in but it might be a Windows 10 problem only

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 5, 2018

pdfjs: https://github.com/mozilla/pdf.js/pull/9208

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 5, 2018

dom.registerContentHandler.enabled & dom.registerProtocolHandler.insecure.enabled .. both previously true - shouldn't we add these for ESR60 users? or were they also flipped there?

no they were not flipped in ESR60.
dom.registerContentHandler.enabled isn't listed under "Privacy & Security" in Firefox 62 Site Compatibility so IDK if we need that.
But ESR60 users might also want user_pref("layout.css.moz-document.content.enabled", false); "since it could be used by attackers for CSS injection to steal private data in the URL of third-party sites."

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 5, 2018

can't find the two pdfjs.*ModeOnLoad on DXR

https://dxr.mozilla.org/mozilla-beta/search?q=scrollModeOnLoad
https://dxr.mozilla.org/mozilla-beta/search?q=spreadModeOnLoad

looks like DXR is lacking behind a bit and beta hasn't been merged to release etc.

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 5, 2018

pref("layout.css.moz-document.content.enabled", true); - from our diffs, added in FF59 1035091, flipped to false in 61

  • added to list, feel free to do a commit
@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

I'd say we don't add stuff just for ESR60 users. They know they won't get non-critical updates.
There was a good reason to stick with ESR52 for the legacy extension support but IDK why anyone would choose ESR60 over release, beta or nightly. And this user.js was always made for Release anyway.
The rest under new and changed can be ignored as well IMO.
Add toolkit.winRegisterApplicationRestart if you want and then we can close this

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

I agree with the prefs from the looks of them, I just hadn't gotten around to reading about them on bugzilla.

Not sure on the ESR thing - it wouldn't be hard to maintain it (a few extra prefs here and there, or leaving something in when the default becomes what we want). I need to think about it (I'm 50/50). IF we drop ESR I would want to mention it somewhere - eg under the release version

edit: how would we word that?

* date: 08 August 2018
* channel: stable [we will not longer enforce or kept prefs just for ESR]
* version 62-alpha: Total Eclipse of the Pants
*   "Once upon a time there was light in my life, but now there's only pants in the dark"
@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

well both the register*Handler APIs are behind prompts anyway, fe see https://mdn.mozillademos.org/files/9683/protocolregister.png and the problem with disabling the moz-document css rule in ESR60 is that the exception which prevents most or all of the breakage landed in 61 and wasn't backported.

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

OK, I thought about it - I'm OK with dropping catering for or considering ESR in future. We will still keep the ESR deprecated switch though. ESR users can just go grab v60 (or 62) IMO - and unmaintained at that (although to be honest I don't think there's much left to be found and added - just new prefs going forward).

Maybe we could take the current user.js, clean it up a little for ESR60 with an UNMAINTAINED warning at the top, and stick in root?

So we don't need to do anything with the reg*handlers or the css thing either - good

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

I can't be arsed with the restart with windows when forcibly terminated thing. I want to properly disable any local data for crash to be able to read back, and I have the other issue for that

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

No we don't need to do anything, no warning no cleanup no nothing. ESR users can continue to use the latest master and just activate the ESR60 deprecated part with the one-char switch.
There's probably not a lot of stuff that we'll change in terms of existing prefs anyway, mostly we'll add new prefs that won't exist in ESR or remove old prefs which they can re-enable in 9999

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

^^

although to be honest I don't think there's much left to be found and added - just new prefs going forward

fair enough, although I might add that release line in if people get confused

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

Do you want to do a release. I already changed the version and date, so go ahead - it's all yours :) unless there was something else

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

#463 (comment)

lets add toolkit.winRegisterApplicationRestart somewhere and set it to false and active. It could be pretty annoying when content loads and runs before user has logged in

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

sure

Holy F .. WTH did they do to the startup in 62. The chrome paints before its had a chance to resize - so you see blinding white rectangle (at 1600x900 from remembered close state), which then sizes larger off my screen (probably around about my screen size, its just that I have the browser fairly centered on my 2560x1440), and then it finally settles back to 1600x900 as per my prefs, and then fills in my speed dial - and takes about 1 second all up. Highly F annoying.

Wonder if it's that blank paint pref thing? Anyone else getting this?

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

^^ that's because of pref("browser.startup.blankWindow", true); // prev: false. It has that problem when RFP is enabled

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

browser.startup.blankWindow=false fixes it (added in FF60 btw https://bugzilla.mozilla.org/show_bug.cgi?id=1336227 )

Maybe we should add that in under RFP section?>

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

/* 4504: disable showing about:blank as soon as possible during startup (FF60+)
 * When default true (FF62+) this no longer masks the RFP resizing activity on startup
 * Also blindingly white .. my eyes, my eyes!! ***/
user_pref("browser.startup.blankWindow", false);

^^ I can drop the last comment line if i have to

toolkit.winRegisterApplicationRestart - should we file this under 0001 or under 1000 cache / session stuff

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

/* 0002: disable automatically restoring your tabs after Windows OS reboot [WINDOWS] (FF62+) ***/
user_pref("toolkit.winRegisterApplicationRestart", false);

should we add the bugzilla? I mean it won't launch FF is FF was closed when windows rebooted, so the description is a bit misleading. Wanna fix it up? I kinda want to do this now, so we can do a release and I get to bed (and you can do a changelog) - otherwise it's gonna be another 12+ hrs. I'll make a coffee and await your writing skills :)

Edit: also its about restarting FF as well, not just crashed tabs - but maybe it still fits better under cache / session section - IDK

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

blankWindow: https://bugzilla.mozilla.org/show_bug.cgi?id=1448423

toolkit.winRegisterApplicationRestart: definitely not 0001. /*** 0100: STARTUP ***/ or maybe under MISC, IDK.

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 8, 2018

"disable automatically restoring your Firefox session after OS restarts (FF61.0.2+)"
"As of FF62 it's Windows-only but support for MacOS is also planned"

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

headsup - the RFP window resizing took a hit, I guess something in the toolbar changed. It shifted 1 pixel in height (and still can't get it right) - see https://bugzilla.mozilla.org/show_bug.cgi?id=1418537

added that blankWindow to RFP sticky

Ummm, I'd rather keep the [WINDOWS] tag because it is only windows. If it gets added to mac, then we add a [MAC] tag as well. Definitely not misc. Agree its not really 0002 (although it is a startup issue). Gimme a minute

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 8, 2018

reading thru that ticket - it definitely launches firefox and restores session (regardless of session prefs) on all windows starts (if FF was open). That's how I read it

https://bugzilla.mozilla.org/show_bug.cgi?id=603903#c9 - used to be just updates or installs, but since Win10 Fall update its every start

but .. sometimes it doesn't - see comment .. screw it .. IDK, people can just read the ticket

/* xxxx: disable automatic Firefox start and session restore after reboot [WINDOWS] (FF62+)
 * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false);

whats with the 61.0.2+ - did it land in a dot release?

@earthlng

This comment has been minimized.

Copy link
Member

earthlng commented Sep 9, 2018

blankWindow: once bug 1448423 gets fixed we can remove the pref again - add the link for easy reference?

winRegisterApplicationRestart:

whats with the 61.0.2+ - did it land in a dot release?

https://www.mozilla.org/en-US/firefox/61.0.2/releasenotes/

Adds support for automatically restoring your Firefox session after Windows restarts. Currently, this feature is not enabled by default for most users, but will be gradually enabled over the coming weeks.

(61.0.2+) or (FF62+) - whatever you prefer is fine

@Thorin-Oakenpants

This comment has been minimized.

Copy link
Member

Thorin-Oakenpants commented Sep 9, 2018

I'm confused : 8b5547a <- do we want to add the 1448423 link here?

winRegister look good for 1024

I'll add these and if you want any changes just let me know. If everything is fine, then feel free to close this and even do a release

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment