v144 #1992

Thorin-Oakenpants · 2025-08-19T10:49:37Z

No description provided.

it added as inactive in 140 due to bugs not fixed in time - seems stable now

Tiagoquix · 2025-11-01T01:31:48Z

1984333 - hardwareConcurrency: less than 8 return 4 else return 8 (FF143+)

1984333 - spoof navigator.hardwareConcurrency as 4 except mac return 8 (FF144+)
previously FF55+ it returned 2

these comments seems to be inconsistent

Thorin-Oakenpants · 2025-11-01T02:45:23Z

hardwareConcurrency: less than 8 return 4 else return 8 (FF143+)

this is FPP: any platform can return 4 or 8 depending on the real number of processors they have: so a binary outcome = entropy

1984333 - spoof navigator.hardwareConcurrency as 4 except mac return 8 (FF144+)
previously FF55+ it returned 2

this is RFP: so all mac are 8 and all windows, linux, android is 4 = equivalency of platform, no entropy

edit: it was added in FF144 but backported to 143 beta which I did update in the FPP info and also in both checks in TZP see lines78 and also 91 - but I missed updating the RFP info in the user.js

default false and discontinued

JFC

Tiagoquix · 2025-11-16T18:00:58Z

user.js

   // user_pref("network.http.microsoft-entra-sso.enabled", false); // [DEFAULT: false]
+/* 0910: enforce no direct attestation in passkeys [FF144+]
+   // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1981587 ***/
+pref("security.webauthn.always_allow_direct_attestation", false); // [DEFAULT: false]


@Thorin-Oakenpants wrong syntax. should be user_pref rather than pref.

Tiagoquix · 2025-11-16T18:01:33Z

user.js

+ [1] https://support.mozilla.org/en-US/kb/manage-enhanced-tracking-protection-exceptions
+ [2] https://etp-exceptions.mozilla.org/ ***/
+user_pref("privacy.trackingprotection.allow_list.baseline.enabled", true); // [DEFAULT: true]
+user_pref("privacy.trackingprotection.allow_list.convenience.enabled", false); // DEFAULT: false when ETP Strict manually chosen]


@Thorin-Oakenpants missing [ before when

Tiagoquix · 2025-11-24T18:23:00Z

user.js

 * This setting controls if the option "Display in Firefox" is available in the setting below
 *   and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With")
- * [WHY] pdfjs is lightweight, open source, and secure: the last exploit was June 2015 [1]
+ * [WHY] pdfjs is lightweight, open source, and secure: In the last 10 years it has only had


@Thorin-Oakenpants why not mention the June 2015 one?

why not mention the other one from 2015? why not also mention the one from 2013? - rhetorical q's

I am providing a simple statement of risk over time. In the last 10 years there have been 2.

https://bugzilla.mozilla.org/show_bug.cgi?id=2003799

Thorin-Oakenpants added 7 commits August 19, 2025 10:49

v142

9ad1ce5

remove OCSP, #1576

ae6242b

add removed OCSP prefs to cleanup script

934a339

update FPP info

ff92cee

tidy

c5087d6

tidy

0ef5f72

make 2635 active

a05d90d

it added as inactive in 140 due to bugs not fixed in time - seems stable now

Thorin-Oakenpants changed the title ~~v142~~ v144 Oct 1, 2025

Thorin-Oakenpants added 7 commits October 9, 2025 07:10

tidy

7007e28

don't sanitize history/downloads

ba7f0ce

update clearing history mentions

d01f1e9

remove 4510, #1965

1c76110

browser.display.use_system_colors, #1965

8cd3137

add document_color_use, #1965

1f58af5

grrrrr .. must. be. consistent.

c569822

correct RFP info

e69b544

Thorin-Oakenpants mentioned this pull request Nov 2, 2025

upcoming change: AF won't sanitize history on close [update your overrides] #1974

Closed

Thorin-Oakenpants added 7 commits November 3, 2025 01:32

Merge branch 'master' into Thorin-Oakenpants-patch-1

bfcb365

remove fakespot

7c44441

default false and discontinued

fakespot.featureGate

845872c

MOAR featuregates

59c17aa

JFC

ETP exception lists

dd081db

passkeys attestation

669930f

yelpRealtime.featureGate

e1dd797

Tiagoquix reviewed Nov 16, 2025

View reviewed changes

Thorin-Oakenpants added 2 commits November 16, 2025 19:41

tidy

5ca8f0c

update RFP info

54956e5

Thorin-Oakenpants added 2 commits November 22, 2025 00:40

be consistent

c90135c

update pdfjs CVEs info

4e94234

Tiagoquix reviewed Nov 24, 2025

View reviewed changes

Thorin-Oakenpants added 2 commits December 8, 2025 01:44

remove keyword.enabled

a724883

https://bugzilla.mozilla.org/show_bug.cgi?id=2003799

keyword.enabled

2c594e5

https://bugzilla.mozilla.org/show_bug.cgi?id=2003799

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

v144 #1992

v144 #1992

Uh oh!

Thorin-Oakenpants commented Aug 19, 2025

Uh oh!

Tiagoquix commented Nov 1, 2025

Uh oh!

Thorin-Oakenpants commented Nov 1, 2025 •

edited

Loading

Uh oh!

Tiagoquix Nov 16, 2025

Uh oh!

Tiagoquix Nov 16, 2025

Uh oh!

Tiagoquix Nov 24, 2025

Uh oh!

Thorin-Oakenpants Nov 24, 2025

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants

v144 #1992

Are you sure you want to change the base?

v144 #1992

Uh oh!

Conversation

Thorin-Oakenpants commented Aug 19, 2025

Uh oh!

Tiagoquix commented Nov 1, 2025

Uh oh!

Thorin-Oakenpants commented Nov 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Tiagoquix Nov 16, 2025

Choose a reason for hiding this comment

Uh oh!

Tiagoquix Nov 16, 2025

Choose a reason for hiding this comment

Uh oh!

Tiagoquix Nov 24, 2025

Choose a reason for hiding this comment

Uh oh!

Thorin-Oakenpants Nov 24, 2025

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants

Thorin-Oakenpants commented Nov 1, 2025 •

edited

Loading