✅ reEnabled download and share images
✅ Enabled HSTS preload list
⛔️ Disabled Telemetry Coverage (hidden pref, I'm not sure that it is also present in fennec but for safety I added it)
⛔️ Set max popups from a single non-click event from 2 to 0 (default 20)
⛔️ Removed limits of the amount of entries in your DNS cache
⛔️ Disabled navigator.registerProtocolHandler (can no longer be used on insecure sites)
(thanks to https://github.com/v1nc for these suggestions)
✅ Enabled addons autoupdate (need tests)
✅ Sanitized FFox blocklist URL (so it won't send identifiable information)
✅ Enforced the proxy server to do any DNS lookups when using SOCKS
✅ Added some descriptions into OCSP section
✅ Enabled require a valid OCSP
✅ Added OrangeManBad in credits
✅ Sorted and fixed some prefs response for OCSP enabled certificates
⛔️ Disabled more webspeech prefs
⛔️ Disabled some more webgl prefs
✅ Added dividing lines for each prefs to make it easier to read.
✅ Sorted rules
✅ General text optimization
✅ Added MIT license
no prefs has been added or modified in this update. I prefer to isolate it from future changes as it would be difficult and uncomfortable to find what has changed due to the addition of all the divisors.
✅ reEnabled touch(screen) events [set to 1(enabled) instead 2(autodetect)]
✅ Added a dedicated rule in about:config to test user.js
✅ Removed some duplicated and incorrect rules
✅ Started to refine timeout parameters "1" to "-1"
⛔️ Blocked more unwanted connections [FENNEC]
⛔️ Disabled more feedback
✅ Sorted lot of rules and sections
✅ Adjusted credits (added pyllyukko)
✅ Control TLS versions with min (1.2) and max (1.3)
✅ Added some descriptions
✅ Enebled warn the user when server doesn't support RFC 5746 ("safe" renegotiation)
✅ Set control "Add Security Exception" dialog on SSL warnings to "pre-populate url" only
✅ Enabled display advanced information on Insecure Connection warning pages
⛔️ Disabled old SSL/TLS "insecure" renegotiation
⛔️ Disabled SSL Error Reporting
⛔️ Disabled TLS1.3 0-RTT (round-trip time)
⛔️ Disallowed SHA-1
⛔️ Disabled Family Safety cert
⛔️ Disabled 3DES, 128 bits, DHE (Diffie-Hellman Key Exchange), and the remaining non-modern cipher suites
⛔️ Disabled resource timing API
⛔️ Disabled sensor API
⛔️ Disabled gamepad API (USB device ID enumeration)
⛔️ Disabled "dom.netinfo" (giving away network info)
⛔️ Disabled video statistics (JS performance fingerprinting)
⛔️ Disabled touch(screen) events
⛔️ Disabled MediaDevices change detection
⛔️ Disabled WebGL debug info being available to websites
⛔️ Disabled PointerEvents
✅ Sorted a lot of rules and fixed some parameters
✅ Enabled window.opener protection
⛔️ Disabled Service Workers
⛔️ Disabled Web Notifications
⛔️ Disabled Push Notifications
⛔️ Disabled "Confirm you want to leave" dialog on page close
⛔️ Disabled asm.js
⛔️ Disabled Intersection Observer API
✅ Sorted a lot of rules and refined various parameters
✅ Set max popups from a single non-click event (from 3 to 2)
⛔️ Disabled Network Connectivity checks
⛔️ Disable Web Compatibility Reporter
⛔️ Prevent websites from disabling new window features
⛔️ Blocked popup windows during load
⛔️ Limited events that can cause a popup
✅ reEnabled datatime picker
✅ reEnabled top search bar to using words instead url only
⛔️ Limited more info sended and disabled more unwanted connection
⛔️ Disabled completely snippets [FENNEC]
✅ Credits adjusted
✅ Sorted some rules and added some descriptions
✅ Set Browser locale (fennec exclusive)
✅ Added Headers/Referers section to limit sended info
⛔️ Disabled search suggestions / forms / limited history contents and more..