Enforce secure autoconfig and fetching from Exchange

[boredsquirrel]

Description

• enable autoconfig
• allow fetching from Exchange (needed for... exchange servers)
• do not empty the autoconfig and Addon URLs as this is irreversible
• add 2 hardening settings and enable them (even though "fetch from ISP" is still disabled)

Reason and / or context

Autoconfig is very useful and not critical, as it contacts the mailserver only, to get infos.

Contacting the ISP, or sending personal data is disabled, and the connection needs to be secure.

How has this been tested ?

yes, on Thunderbird Flatpak.

Types of changes :

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

Checklist :

• My changes looks good ;
• I agree that my code may be modified in the future ;
• My code follows the code style of this project (see .eslintrc.yml).

[HorlogeSkynet]

Please find my comments inline. Thanks for your time 🙏

[boredsquirrel]

Hi, sorry for the late reply. Added most changes that are clear to me.

so, deactivated but useful settings get no indentation, deactivated and obsolete settings get an indentation?

[HorlogeSkynet]

Hi, sorry for the late reply.

Hey, sorry too. I'll try to review all subjects in a batch again.

so, deactivated but useful settings get no indentation, deactivated and obsolete settings get an indentation?

Disabled preferences are always indented. Enabled ones aren't.
Deprecated (upstream) settings follow the same rule.