[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #33534 [Applications/Tor Browser]: Review FF release notes from FF69 to latest (FF73)
#33534: Review FF release notes from FF69 to latest (FF73)
--------------------------------------+--------------------------------
Reporter: pospeselr | Owner: pospeselr
Type: defect | Status: assigned
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points: 12
Parent ID: | Points:
Reviewer: | Sponsor: Sponsor58-must
--------------------------------------+--------------------------------
Comment (by Thorin):
Replying to [comment:8 pospeselr]:
> dom.push.enabled
> - set to false to disable push notifications
Default false in ESR68. I also think it's not enabled/doesn't do anything
in PB mode, since it requires service workers which are also disabled (see
next comment)
However, disabling SWs (pref below) and push (pref above) is not enough to
stop Firefox polling the Mozilla Push Server - which assigns a persistent
ID
- see `dom.push.userAgentID` (without testing, I am not sure if this still
gets sets when started in PB mode)
- you could blank 'dom.push.serverURL' for good measure
> dom.serviceWorkers.enabled
> - set to false to disable service workers
This isn't new. It's default false in ESR60-68 and service workers are not
available in PB mode
> security.insecure_connection_icon.enabled
> - when true shows crossed out padlock on HTTP sites ->
https://www.askvg.com/firefox-tip-show-hide-insecure-connection-icon-in-
address-bar/
Just FYI: if this is true, then both normal and PB modes display the
padlock, but if false, then the pref
`security.insecure_connection_icon.pbmode.enabled` is used in PB mode.
They are currently both default false in ESR68, true in non ESR
> security.tls.version.enable-deprecated
> - we probably want this to be false to disable old TLS
Setting to false still allows downgrading, but makes that downgrading
**session only**. To force TLS 1.0 and 1.1 permanently disabled, just set
- `security.tls.version.min` = 3
- ^^ 3 was the default in FF74 but got reversed due to govt websites
using TLS <1.2
- no idea what it will be in ESR78 stable
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33534#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs