Librefox Release v2.1

intika · Dec 21, 2018 · d2adc41 · d2adc41
1 parent c8372a1
commit d2adc41
Show file tree

Hide file tree

Showing 14 changed files with 205 additions and 103 deletions.
diff --git a/Changelog.txt b/Changelog.txt
@@ -33,7 +33,7 @@ v2.1 :
 - Defaulting HW Settings instead of enforcing them
 - Improve HD Video playback 
 - Gathering infos/code for firewalling extensions 
-- Correct some grammar mistakes
+- Correct some grammar mistakes, thanks to @mikroskeem 
 - Update to firefox v64 
 - Adding extension firewall feature 
 - Fix referer blocking twitter and many other sites
@@ -51,6 +51,8 @@ v2.1 :
 - Adding release x64 mac
 - Adding release x64 esr mac
 - Adding release x64 esr mac
+- Add tor compatibility & patches
+- Grammar mistakes, thanks to @brainscar
 
 v1.8 :
 ------

diff --git a/README.md b/README.md
diff --git a/debugging/debug-check-todo.log b/debugging/debug-check-todo.log
@@ -4,7 +4,7 @@ Todo Checks I/II :
 Todo Checks II/II :
 -------------------
 
-- Complete bench tests
+- Complete bench tests on all 0 values
 
 - Check the mozilla perf addon https://perf-html.io/
 
@@ -27,6 +27,52 @@ Addons Code To Checks :
 - https://addons.mozilla.org/en-US/firefox/addon/switch-container/
 - https://addons.mozilla.org/en-US/firefox/addon/smart-referer/
 
+Build Notes :
+-------------
+
+- Compress tar.xz
+
+    tar cfJ <archive.tar.xz> <files>
+
+- Files to remove :  
+
+    crash-reporter...
+    crash-reporter...
+    removed-files
+    update...
+    update...
+    update...
+    browser/feature/webcomp...
+    browser/feature/webcomp...
+    browser/feature/...
+
+- Tor files to remove :  
+
+    Classic removal plus 
+    https-everywhere addon 
+    profile.meek-http-helper... 
+
+- Patching release :
+
+    >browser.omni.ja.chrome.browser.content.browser.preferences.in-content.privacy.origin (patch with winrar)
+    Tor : patch mozilla.cfg
+
+- Tor windows : 
+
+    Install it to desktop then get the files 
+    (Only the lnk file is a new file compared to compressed version)
+    remove lnk file
+    add link.vbs
+    add bat file
+
+- Tor mac :
+
+    Under mac, mount and extract all content to a folder
+    Copy by command .DS_Store (from dmg to folder)
+    run "codesign --remove-signature Tor\ Browser.app". 
+    With disk utils, create a dmg from a folder (nocompression rw) 
+    We are converting iso-dmg to dmg...
+
 Missing features : 
 ------------------
 

diff --git a/librefox/distribution/policies.json b/librefox/distribution/policies.json
@@ -8,8 +8,6 @@
     "DisableFirefoxStudies": true,
     "DisablePocket": true,
     "DisableProfileImport": true,
-    "OverridePostUpdatePage": ""
-    "OverrideFirstRunPage": ""
     "DisableSetDesktopBackground": true,
     "DisableSystemAddonUpdate": true,
     "DisableTelemetry": true

diff --git a/librefox/mozilla.cfg b/librefox/mozilla.cfg
@@ -4,7 +4,7 @@
 // Privafox-Firefox Version : 2.1
 // ==============================
 //
-// Privafox-Firefox : Firefox settings for a better security, privacy and performances
+// Privafox-Firefox : Firefox settings for a better security, privacy and performance
 //
 // Mozilla.cfg      : Locking firefox settings for security, privacy & prevent settings changes 
 //
@@ -24,7 +24,7 @@
 // ==============================
 //
 // "Section"        : Description of the settings section separated by "----"
-// "Bench Diff"     : Impact on the performances of firefox can be a gain or loss of performance 
+// "Bench Diff"     : Impact on the performance of firefox can be a gain or loss of performance 
 //                    +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss
 //                    Performance can be tested here : https://intika.github.io/octane/
 // "Pref"           : Preference/Settings name and or description followed by links or documentations
@@ -56,33 +56,33 @@ lockPref("general.config.filename", "mozilla.cfg");
 //
 // -----------------------------------------------------------------------
 // Section : User settings                    // Bench Diff : +0    / 5000
-// Section : Defaulting Settings              // Bench Diff : ???   / 5000
+// Section : Defaulting Settings              // Bench Diff : +0    / 5000
 // -------------------------------------------
 // Section : Controversial                    // Bench Diff : +0    / 5000
 // Section : Firefox Fingerprint              // Bench Diff : +0    / 5000
 // Section : Locale/Time                      // Bench Diff : +0    / 5000
 // Section : Ghacks-user Selection            // Bench Diff : +100  / 5000
-// Section : Extensions Manager               // Bench Diff : ???   / 5000
-// Section : IJWY To Shut Up                  // Bench Diff : ???   / 5000
-// Section : Microsoft Windows                // Bench Diff : ???   / 5000
-// Section : Firefox ESR60.x                  // Bench Diff : ???   / 5000
+// Section : Extensions Manager               // Bench Diff : +0    / 5000
+// Section : IJWY To Shut Up                  // Bench Diff : +0    / 5000
+// Section : Microsoft Windows                // Bench Diff : +0    / 5000
+// Section : Firefox ESR60.x                  // Bench Diff : +0    / 5000
 // -------------------------------------------
 // Section : Security 1/3                     // Bench Diff : +0    / 5000
 // Section : Security 2/3                     // Bench Diff : +0    / 5000
 // Section : Security 3/3 (Cipher)            // Bench Diff : +0    / 5000
 // -------------------------------------------
-// Section : Performances 1/5                 // Bench Diff : +650  / 5000
-// Section : Performances 2/5                 // Bench Diff : -800  / 5000
-// Section : Performances 3/5                 // Bench Diff : -1720 / 5000
-// Section : Performances 4/5                 // Bench Diff : -200  / 5000 
-// Section : Performances 5/5                 // Bench Diff : -50   / 5000 
+// Section : Performance 1/5                  // Bench Diff : +650  / 5000
+// Section : Performance 2/5                  // Bench Diff : -800  / 5000
+// Section : Performance 3/5                  // Bench Diff : -1720 / 5000
+// Section : Performance 4/5                  // Bench Diff : -200  / 5000 
+// Section : Performance 5/5                  // Bench Diff : -50   / 5000 
 // -------------------------------------------
 // Section : General Settings 1/3             // Bench Diff : +100  / 5000
 // Section : General Settings 2/3             // Bench Diff : +0    / 5000
 // Section : General Settings 3/3             // Bench Diff : -40   / 5000
 // -------------------------------------------
-// Section : Disabled - ON/OFF                // Bench Diff : ???   / 5000
-// Section : Disabled - Deprecated Active     // Bench Diff : ???   / 5000
+// Section : Disabled - ON/OFF                // Bench Diff : +0    / 5000
+// Section : Disabled - Deprecated Active     // Bench Diff : +0    / 5000
 // Section : Disabled - Deprecated Inactive   // Bench Diff : +0    / 5000
 // -----------------------------------------------------------------------
 //
@@ -153,7 +153,7 @@ lockPref("network.cookie.thirdparty.nonsecureSessionOnly", false); // (FF58+) //
 // is disabled in Librefox. it's recommended to use ublock instead. 
 // This feature is disabled :
 // - Until it evolve and integrate at least list editing
-// - Because double filtering (this + ublock) is not suitable for performances.
+// - Because double filtering (this + ublock) is not suitable for performance.
 
 // Pref : Track Protection
 lockPref("privacy.trackingprotection.enabled", false);
@@ -588,8 +588,8 @@ lockPref("permissions.default.geo", 2);
 // Section : Defaulting Settings
 // Those settings are not locked this section purpose is to change default setting... 
 // Modifications can still be done within firefox
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // ----------------------------------------------------------------------------------------------------
 // Defaulting Settings : Other Defaulting
@@ -695,7 +695,7 @@ defaultPref("extensions.ui.experiment.hidden", false);
 //defaultPref("extensions.ui.dictionary.hidden", false);
 //defaultPref("extensions.ui.locale.hidden", false);
 
-// Pref : Pref tied to privafox, displaying small density by default
+// Pref : Pref tied to librefox, displaying small density by default
 // Small icons...
 defaultPref("browser.uidensity", 1);
 
@@ -797,10 +797,12 @@ lockPref("intl.locale.requested", "en-US");
 // Pref : Spoof User-agent (disabled)
 // Disabled to make resistFingerprinting efficient
 //lockPref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0, 45");
-//lockPref("general.appname.override", "Netscape");
-//lockPref("general.appversion.override", "5.0 (Windows)");
-//lockPref("general.platform.override", "Win32");
-//lockPref("general.oscpu.override", "Windows NT 6.1");
+
+// Pref : This does not work with resistFingerprinting... (Still needed for ESR)
+lockPref("general.appname.override", "Netscape");
+lockPref("general.appversion.override", "5.0 (Windows)");
+lockPref("general.platform.override", "Win32");
+lockPref("general.oscpu.override", "Windows NT 6.1");
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Ghacks-user Selection
@@ -843,7 +845,8 @@ lockPref("offline-apps.allow_by_default", false);
 // [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
 // [1] archived: https://archive.is/DYjAM 
 lockPref("extensions.enabledScopes", 1); // (hidden pref)
-lockPref("extensions.autoDisableScopes", 15);
+// Tor-compatibility-patch
+lockPref("extensions.autoDisableScopes", 15); //Tor value must be 0
 // Pref : 2663: enable warning when websites try to install add-ons
 // [SETTING] Privacy & Security>Permissions>Warn you when websites try to install add-ons 
 lockPref("xpinstall.whitelist.required", true); // default: true
@@ -1039,8 +1042,8 @@ lockPref("permissions.manager.defaultsUrl", "");
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Extensions Manager
 // Extensions settings and experimental tentative to firewall extensions
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // ----------------------------------------------------------------------------------
 // Extensions Firewalling - Blocking Domains :
@@ -1135,8 +1138,8 @@ lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");
 lockPref("extensions.webcompat-reporter.enabled", false); // Default true
 
 // ----------------------------------------------------------------------------------
-// Extensions Performances :
-// -------------------------
+// Extensions Performance :
+// ------------------------
 
 // Pref : Delaying extensions background script startup
 defaultPref("extensions.webextensions.background-delayed-startup", true); //default true
@@ -1158,8 +1161,8 @@ defaultPref("extensions.webextensions.background-delayed-startup", true); //defa
 // I Just Want You To Shut Up : Closing all non necessary communication to mozilla.org etc. 
 //                              Thoses settings are not used in gHacks for the moment.
 //                              Will be upstreamed once stable in final version. 
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // Pref : Disabling performance addon url [FF64+]
 lockPref("devtools.performance.recording.ui-base-url", "");
@@ -1654,8 +1657,8 @@ lockPref("prio.publicKeyB", "");
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Microsoft Windows
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // Pref : Other webGl [WINDOWS]
 lockPref("webgl.dxgl.enabled", false); 
@@ -1694,8 +1697,8 @@ lockPref("security.family_safety.mode", 0);
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Firefox ESR60.x    
 // Deprecated Active For ESR
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // Pref : Geolocation
 lockPref("browser.search.countryCode", "US");
@@ -1868,7 +1871,7 @@ lockPref("security.ssl3.ecdh_rsa_rc4_128_sha", false);
 lockPref("security.ssl3.rsa_seed_sha", false);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// Section : Performances 1/5
+// Section : Performance 1/5
 // Defaulting settings - HW Settings can be checked under about:support
 // Bench Diff : +650/5000 
 // >>>>>>>>>>>>>>>>>>>>>>
@@ -1881,6 +1884,7 @@ defaultPref("layout.frame_rate.precise", true);
 // Pref : Enable Hardware Acceleration and Off Main Thread Compositing (OMTC).
 // It's likely your browser is already set to use these features.
 // May introduce instability on some hardware.
+// Tor compatibility - have inverted values in tor.
 defaultPref("webgl.force-enabled", true);
 defaultPref("layers.acceleration.force-enabled", true);
 
@@ -1913,7 +1917,7 @@ defaultPref("browser.tabs.animate", false);
 //defaultPref("dom.maxHardwareConcurrency", 8);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// Section : Performances 2/5
+// Section : Performance 2/5
 // Bench Diff : -800/5000
 // >>>>>>>>>>>>>>>>>>>>>>
 
@@ -1928,25 +1932,26 @@ defaultPref("browser.tabs.animate", false);
 // https://webassembly.org/
 // https://en.wikipedia.org/wiki/WebAssembly
 // https://trac.torproject.org/projects/tor/ticket/21549
-// Solved with extension disabled here for performances 
+// Solved with extension disabled here for performance
 //lockPref("javascript.options.wasm", false);
 
 // Bench Diff : -100/5000 
 // Pref : Prevent font fingerprinting
 // https://browserleaks.com/fonts
 // https://github.com/pyllyukko/user.js/issues/120
-// Solved with extension disabled here for performances 
+// Solved with extension disabled here for performance 
 //lockPref("browser.display.use_document_fonts", 0);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// Section : Performances 3/5
+// Section : Performance 3/5
 // Bench Diff : -1720/5000
 // >>>>>>>>>>>>>>>>>>>>>>>
 
 // Bench Diff : -220/5000
 // Pref : Disable webGL I/II
 // WebGL introduce high fingerprinting... (webgl is direct hardware js) 
-lockPref("webgl.disabled", true);
+defaultPref("webgl.disabled", false); // Tor have it false but the rest is the same (webgl)
+// This does not leak
 lockPref("webgl.enable-webgl2", false);
 lockPref("webgl.min_capability_mode", true);
 
@@ -1964,11 +1969,12 @@ lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active
 // https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
 // https://www.mozilla.org/en-US/security/advisories/mfsa2015-50/
 // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712
-// Solved with extension disabled here for performances 
+// Solved with extension disabled here for performance 
+// Tor enforce this
 //lockPref("javascript.options.asmjs", false);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// Section : Performances 4/5
+// Section : Performance 4/5
 // Bench Diff : -200/5000 
 // >>>>>>>>>>>>>>>>>>>>>>
 
@@ -1978,7 +1984,7 @@ lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active
 lockPref("javascript.options.shared_memory", false);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
-// Section : Performances 5/5
+// Section : Performance 5/5
 // Bench Diff : -50/5000 
 // >>>>>>>>>>>>>>>>>>>>>
 
@@ -1987,8 +1993,8 @@ lockPref("javascript.options.shared_memory", false);
 // Service workers essentially act as proxy servers that sit between web apps, and the browser
 // and network, are event driven, and can control the web page/site it is associated with,
 // intercepting and modifying navigation and resource requests, and caching resources.
-// SW may decrease performances depending on the script this ot that site is running in background
-// So overall disabling SW should enhance performances because it block SW Scripts 
+// SW may decrease performance depending on the script this ot that site is running in background
+// So overall disabling SW should enhance performance because it block SW Scripts 
 // [NOTE] Service worker APIs are hidden (in Firefox) and cannot be used when in PB mode.
 // [NOTE] Service workers only run over HTTPS. Service Workers have no DOM access. 
 lockPref("dom.serviceWorkers.enabled", false);
@@ -2585,8 +2591,8 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
 
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Disabled - ON/OFF 
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // - Disabled - Section OFF -----------------------------------------------------------------
 
@@ -2773,7 +2779,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
 // [NOTE] Not recommended due to performance issues 
 // lockPref("browser.cache.memory.enable", false);
 // lockPref("browser.cache.memory.capacity", 0); // (hidden pref)
-// This is going too far... disabled for performances
+// This is going too far... disabled for performance
 // Firefox should be run in a container... sandbox or... 
 
 // Pref : Newtabpage
@@ -2877,8 +2883,8 @@ lockPref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Disabled - Deprecated Active
 // Deprecated settings but left active for various reasons
-// Bench Diff : ???/5000
-// >>>>>>>>>>>>>>>>>>>>>
+// Bench Diff : +0/5000
+// >>>>>>>>>>>>>>>>>>>>
 
 // Pref : 0516 : disable Onboarding (FF55+)
 // Onboarding is an interactive tour/setup for new installs/profiles and features. Every time

diff --git a/packaging/mac/background.esr.png b/packaging/mac/background.esr.png
diff --git a/packaging/mac/background.png b/packaging/mac/background.png
diff --git a/packaging/mac/background.privafox.png b/packaging/mac/background.privafox.png
diff --git a/packaging/mac/background.tiff b/packaging/mac/background.tiff
diff --git a/...orBrowser/Data/Browser/profile.default/extensions/[email protected] b/...orBrowser/Data/Browser/profile.default/extensions/[email protected]
diff --git a/...rowser/Data/Browser/profile.default/extensions/{efd1ce61-97d1-4b4f-a378-67d0d41d858d}.xpi b/...rowser/Data/Browser/profile.default/extensions/{efd1ce61-97d1-4b4f-a378-67d0d41d858d}.xpi
diff --git a/packaging/tor/TorBrowser/Data/Browser/profile.default/user.js b/packaging/tor/TorBrowser/Data/Browser/profile.default/user.js