diff --git a/Changelog.txt b/Changelog.txt index b7f48c6..a362367 100644 --- a/Changelog.txt +++ b/Changelog.txt @@ -1,10 +1,11 @@ Librefox Firefox - Chagelog : ----------------------------- -v2.2 : ------- -- README.md update +vMaster : +--------- +- Various README update - Policy update +- Prettify README v2.1 : ------ diff --git a/README.md b/README.md index e989785..446eeeb 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@

- +

--- @@ -18,8 +18,8 @@ Features -------- - Updated browser: because this project is not a fork, it is kept updated with the latest Firefox version. -- Extensions firewall: limit internet access for extensions ([firewall-test-feature](#extensions-firewall)) -- IJWY (I Just Want You To Shut Up): embedded server links and other calling home functions are removed ([zero unauthorized connection](#ijwy-i-just-want-you-to-shut-up) by default). +- Extensions firewall: limit internet access for extensions ([firewall-test-feature](#extensions-firewall-)) +- IJWY (I Just Want You To Shut Up): embedded server links and other calling home functions are removed ([zero unauthorized connection](#ijwy-i-just-want-you-to-shut-up-) by default). - User settings updates: gHacks/pyllyukko base is kept up to date. - Settings protection: important settings are enforced/locked within `mozilla.cfg` and `policies.json`, those settings cannot be changed by addons/updates/Firefox or unwanted/accidental manipulation; To change those settings you can easily do it by editing `mozilla.cfg` and `policies.json`. - Librefox-addons: set of optional Librefox extensions @@ -36,69 +36,72 @@ Features Index ----- - 
-> Librefox: Features ............................................................... 
-> Librefox: Download ............................................................... 
-> Librefox: Capture ................................................................ 
-> Addons: Librefox Addons .......................................................... 
-> Addons: Recommended Addons ....................................................... 
-> Addons: Recommended Addons Settings .............................................. 
-> Addons: Reviewing Addons Source Code ............................................. 
-> Addons: Other Useful Addons Listing .............................................. 
-> Wiki: Installation Instructions .................................................. 
+> Wiki: Extensions Network Firewall ................................................ 
-> Wiki: IJWY (I Just Want You To Shut Up) .......................................... 
-> Wiki: Edit Locked Settings ....................................................... 
-> Wiki: Settings Index ............................................................. 
-> Wiki: Cookies Settings ........................................................... 
-> Wiki: Tracking Protection ........................................................ 
-> Wiki: Comparing Changes And Updates .............................................. 
-> Wiki: Documentation .............................................................. 
-> Wiki: Librefox Dark Theme ........................................................ 
-> Wiki: Tuning Librefox ............................................................ 
-> Wiki: Librefox ESR ............................................................... 
-> Wiki: Tor Compatibility .......................................................... 
-> Wiki: DRM Compatibility .......................................................... 
-> Wiki: Building And Packaging ..................................................... 
-> Browser Tests: Security/Fingerprint .............................................. 
-> Browser Tests: Performance ....................................................... 
-> Browser Tests: DNS/VPN/Proxy Leak ................................................ 
-> Infos: Librefox Roadmap .......................................................... 
-> Infos: Changelog ................................................................. 
-> Infos: About .....................................................................
Download -------- +**Important:** Please consider reading [installation instructions](#installation-instructions) before using Librefox + **Linux** - [Librefox-2.1-Linux-64.0.0-x64.tar.xz](https://github.com/intika/Librefox/releases/download/Librefox-v2.1-v64.0.0/Librefox-2.1-Firefox-Linux-64.0.0-x64.tar.xz) - 45.1 MB - SHA1: 1d25c606e08e6ad2e674abf3032255902067a81d @@ -137,14 +140,12 @@ Download Capture ------- -

Librefox Addons --------------- - Librefox addons are not bundled and need to be installed manually - [Librefox Dark Theme](https://addons.mozilla.org/en-US/firefox/addon/librefox-dark-theme/): Dark theme @@ -153,7 +154,6 @@ Librefox addons are not bundled and need to be installed manually Recommended Addons ------------------ - Recommended addons are not bundled and need to be installed manually - [Cookie Master](https://addons.mozilla.org/en-US/firefox/addon/cookiemaster/): Block all cookies and only allow authorized sites @@ -164,7 +164,6 @@ Recommended addons are not bundled and need to be installed manually Recommended Addons Settings --------------------------- - `uBlock`: Additional filters are availables here: https://filterlists.com/ (don't surcharge it to avoid performance loss) `Browser Plugs Privacy Firewall`: Keep settings light to make `privacy.resistFingerprinting` efficient because too much customization will lead to uniqueness and therefore easy fingerprinting. @@ -176,15 +175,12 @@ Recommended Addons Settings - Privacy / Font / Randomize - Privacy / Font / Enable protection for font and glyph fingerprinting ``` - Reviewing Extensions Code ------------------------- - Recommended extensions code have been reviewed for potential unwanted behaviour... reviewed version are available under [extensions](https://github.com/intika/Librefox/tree/master/extensions) directory. Extensions Firewall ------------------- - **Extensions Firewall - Description** *This is a test experiment feature and it is disabled by default !!!* A new section `Extensions Manager` is added to manage addons globally (and addons networking in the subsection `Extensions Firewalling`). Firewalling the network for addons is doable, but it requires a considerable amount of additional work in Librefox to make it usable through a button or in a per addon basis (this may or may not be added in a future version, it also could be abandoned as it is a test feature). Currently you can block a list of domains or block the whole network for all the extensions. @@ -214,22 +210,42 @@ Check `debug-check-todo.log` for additional info about future version and resear IJWY (I Just Want You To Shut Up) --------------------------------- - This is a set of settings that aim to remove all the server links embedded in Firefox and other calling home functions in the purpose of blocking un-needed connections. The objective is zero unauthorized connection (ping/telemetry/Mozilla/Google...). Changelog --------- - Available in the [releases page](https://github.com/intika/Librefox/releases) +Installation instructions +-------------------------- +**WARNING:** in the current state of the project Librefox is replacing Firefox (because currently Librefox is a patched Firefox version), therefore if you already have a Firefox profile, that profile will be used and temporary files (cookies and current session) will be removed, make sure to copy your current Firefox's profile before using Librefox. +Using Librefox simultaneously with Firefox is possilbe through different profile you can follow [this wiki](https://www.ghacks.net/2008/05/29/run-multiple-firefox-profiles-simultaneously/) to do so. +**Future Librefox version** will be independant from Firefox and therefore solve this issue. + +**Win** +- Download the zip file according to your architecture (x64/x32) +- Extract the zip file +- You can use directly Librefox by running 'extracted-file/core/firefox.exe' +- You can as well install/replace your current Firefox by running setup.exe + +**Linux** +- Download the tar.xz file according to your architecture (x64/x32) +- Extract the tar.xz file +- You can use directly Librefox by running 'extracted-file/firefox' +- You can as well create a shortcut to 'extracted-file/firefox' to open Librefox easily, from the desktop for instance. + +**Mac** +- Download the dmg package +- Open the package +- Open the application before installing it (check if it fit your need) +- Copy the Librefox-Firefox to applications directory + Edit Locked Settings -------------------- - Just edit `mozilla.cfg`, save and restart Librefox. -Browser Tests - Security/Fingerprint +Browser Tests - Security/Fingerprint ------------------------------------ - Firefox 60 and `privacy.resistFingerprinting` are relatively new, please give it some time to be more widely used and thus less finger-printable; If you are using a different site to analyze your browser make sure to read and understand what the test is about. - [SSLLabs](https://www.ssllabs.com/ssltest/viewMyClient.html) @@ -244,44 +260,48 @@ Firefox 60 and `privacy.resistFingerprinting` are relatively new, please give it Browser Tests - Performances ---------------------------- - Performance tests can be done here [LVP Octane](https://intika.github.io/lvp-octane/), it needs to be launched alone with other applications closed and with no other activity but the benchmark, also it's recommended to launch it many times and then calculate the average. Browser Tests - DNS/VPN/Proxy Leak ---------------------------------- - - [IPLeak](https://ipleak.net/) - [Tenta-Test](https://tenta.com/test/) - [IP-Browserleaks](https://browserleaks.com/ip) About ----- - **Author:** Intika - intika@librefox.org **Based on:** [gHacks-user.js](https://github.com/ghacksuserjs/ghacks-user.js), [User.js](https://github.com/pyllyukko/user.js/) and [PrivaConf](https://addons.mozilla.org/en-US/firefox/addon/privaconf/) big thanks to everyone. -**Acknowledgment:** Special thanks to the ghacks-user team for allowing the usage of their work, @brainscar, @Eloston, @dimqua, @pyllyukko, @Atavic, @anchev, @antuketot76, @nhynes, @maxidor, ghacks.net (Martin Brinkmann), and all the others i forget to mention. + -Librefox Roadmap ----------------- +**Acknowledgment** -**Objectives for future versions of Librefox (this may change)** +Special thanks to: +- The Mozilla team for their amazing work on Firefox +- The gHacks-User team for allowing the usage of their work +- gHacks.net (Martin Brinkmann) for writing on Librefox +- All users that are encouraging this project by starring it +- And everyone who is helping this project: @brainscar, @Eloston, @dimqua, @pyllyukko, @Atavic, @anchev, @antuketot76, @nhynes, @maxidor, @samuel8941, @shaynem, @szepeviktor, and all the others i forget to mention. +Librefox Roadmap +---------------- +**Objectives for future versions of Librefox (this may change)** - Develop an all-in-one Librefox addon to rule them all ? (Normal & Tor Version… this would simplify Librefox) - Develop an easy to use firewall system for extensions (button/hosts/allow/deny/per-addon) +- Develop an advanced settings page +- Fix legal mozilla issue - Update checker extension (feature in the full extension ?) - Advertisement for the project to reach more users ? **Todo for future versions of Librefox (this may change)** - - Improve HD-video playback performance - Testing compatibility on those [sites](https://developer.mozilla.org/en-US/docs/Web/Demos_of_open_web_technologies) and adjust the related settings. - Review un-reviewed addons code (dont-track-me-google/decentraleyes/canvasblocker/temporary-containers/switch-container/smart-referer) Settings Index -------------- - ``` // ============================== // Index mozilla.cfg .......... : @@ -331,12 +351,10 @@ Settings Index Cookies Settings ---------------- - Using different web services without cookies is impossible and cookie settings in a browser are very important when it come to privacy, in Librefox the settings are locked to avoid unwanted changes in such an important setting, but they can be easily changed in `mozilla.cfg` under `User Settings: Cookies settings`. Tracking Protection ------------------- - Firefox now integrates a tracking protection feature (based on disconnect.me) it's a small content blocking list, the listing can not be edited, this feature is disabled in Librefox. It's recommended to use uBlock Origin instead. This feature is disabled: - Until it evolves and integrates at least list editing. @@ -346,7 +364,6 @@ You can however easily enable this feature in `mozilla.cfg` under `User Settings Comparing Changes And Updates ----------------------------- - If you want to compare changes over updates or if you already have a `user.js`/`mozilla.cfg`/`policies.json`. consider using [Compare-UserJS](https://github.com/claustromaniac/Compare-UserJS), it's an amazing tool to compare user.js files and output the diffs in detailed breakdown, developed by gHack's very own resident cat, [claustromaniac](https://github.com/claustromaniac) :cat: Usage: If not on windows install [PowerShell](https://github.com/PowerShell/PowerShell) then (for example) `pwsh Compare-UserJS.ps1 mozilla.cfg user.js` (Warning that PowerShell connects to Microsoft sometimes). @@ -370,7 +387,6 @@ Documentation Librefox Dark Theme ------------------- - Librefox provides a classic dark theme extension ([Librefox Dark Theme](https://addons.mozilla.org/en-US/firefox/addon/librefox-dark-theme/)) but also a purified version of ShadowFox available under [dark-theme directory](https://github.com/intika/Librefox/tree/master/dark-theme) to install it just copy the directory chrome to your Librefox profile directory and then restart Librefox, this will expand the dark theme to internal pages like settings pages. Tuning Librefox @@ -402,7 +418,6 @@ Other Addons ------------ **Other privacy addons** - - [NoHTTP](https://addons.mozilla.org/en-US/firefox/addon/nohttp): Block http traffic and/or redirect it to https (Excellent remplacment for the unrecommended https-everywhere) - [Google-Container](https://addons.mozilla.org/en-US/firefox/addon/google-container/): Open all Google sites in a container - [Facebook-Container](https://addons.mozilla.org/en-US/firefox/addon/facebook-container/): Open all Facebook sites in a container @@ -417,7 +432,6 @@ Other Addons - [Smart-Referer](https://addons.mozilla.org/en-US/firefox/addon/smart-referer/): Manage referer with a button (Send referers only when staying on the same domain.) **Other useful addons** - - [Dormancy](https://addons.mozilla.org/en-US/firefox/addon/dormancy/): Unload tab after a certain time, useful for performance when opening a lot of tabs - [Add Custom Search Engine](https://addons.mozilla.org/en-US/firefox/addon/add-custom-search-engine/): Customize your search engine - [ProxySwitcheroo](https://addons.mozilla.org/en-US/firefox/addon/proxyswitcheroo/): Apply proxy settings in a click @@ -426,20 +440,18 @@ Other Addons - [Shortkeys](https://addons.mozilla.org/en-US/firefox/addon/shortkeys/): Add custom shortkeys - [Tabboo](https://addons.mozilla.org/en-US/firefox/addon/tabboo-session-manager/): Session manager -**Librefox Addons For ESR And Tor:** +**Librefox Addons For ESR And Tor** - [Librefox HTTP Watcher ESR - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/librefox-http-watcher-tor-mod/): Change the url bar color on http and onion sites (to green/red) - [Librefox NoHTTP - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/nohttp-librefox-mod-for-tor/): Block http traffic and/or redirect it to https (Excellent replacement for the unrecommended https-everywhere) Tor Compatibility ----------------- - We do not recommend connecting over Tor on Librefox classic version (because of the missing Librefox-Tor-Addons, they are only included in the tor version for obvious reasons), use instead Librefox-Tor version if your threat model calls for it, or for accessing hidden services (Thus said tor settings have been enabled since v2 on all Librefox versions for user toriffying/proxifying their entire connection). Currently Librefox-TBB is in beta test, Tor compatibility may change. DRM Compatibility ----------------- - Digital rights management (DRM) is enforced off by default (this is needed for Netflix and similar); you can enable it with the following instructions: - Open `mozilla.cfg` - Under the section `Section: User Settings` @@ -450,12 +462,10 @@ Digital rights management (DRM) is enforced off by default (this is needed for N Librefox ESR ------------ - For ESR users if you opt for `Librefox HTTP Watcher` you need to use this version [Librefox HTTP Watcher ESR - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/librefox-http-watcher-tor-mod/) Building And Packaging ---------------------- - Currently Librefox is applied to a built version of Firefox, you can [build it](https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Build_Instructions) or use the [version provided by mozilla](https://ftp.mozilla.org/pub/firefox/releases/63.0.3/) **Linux** @@ -537,3 +547,4 @@ Alternatively, you can package Librefox manually: - Copy `policies.json` to `Firefox/Firefox.app/Contents/Ressources/distribution/` - Unmount the dmg file - Compress it with tools like (hdiutils/dropdmg/disk-utilities/ultraiso/transmac) + diff --git a/debugging/debug-check-todo.log b/debugging/debug-check-todo.log index f76cfdd..0b9eb20 100644 --- a/debugging/debug-check-todo.log +++ b/debugging/debug-check-todo.log @@ -1,33 +1,7 @@ -Todo Checks I/II : ------------------- - -Todo Checks II/II : -------------------- - -- Policy update - check PR - -- Complete bench tests on all 0 values - -- Check the mozilla perf addon https://perf-html.io/ - -- Update build instructions - -- Youtube hd videos hanging (with indexedDB disabled and other...) - -- Review un-reviewed addons code - -- Testing compatibility on those sites - https://developer.mozilla.org/en-US/docs/Web/Demos_of_open_web_technologies - -Addons Code To Checks : ------------------------ +Todo Checks : +------------- -- https://addons.mozilla.org/en-US/firefox/addon/dont-track-me-google1/ -- https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/ -- https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/ -- https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/ -- https://addons.mozilla.org/en-US/firefox/addon/switch-container/ -- https://addons.mozilla.org/en-US/firefox/addon/smart-referer/ +- This section is migrated to github issues Build Notes : ------------- diff --git a/ghacks-diff/userJS_diff_upstream.log b/ghacks-diff/userJS_diff_upstream.log index ea63320..7b441b1 100644 --- a/ghacks-diff/userJS_diff_upstream.log +++ b/ghacks-diff/userJS_diff_upstream.log @@ -1 +1 @@ -All what needs to be up-streamed have been discussed +All what needs to be up-streamed have been discussed \ No newline at end of file diff --git a/librefox/distribution/policies.json b/librefox/distribution/policies.json index e478baf..0fbda0e 100644 --- a/librefox/distribution/policies.json +++ b/librefox/distribution/policies.json @@ -2,6 +2,7 @@ "policies": { "AppUpdateURL": "", "DisableAppUpdate": true, + "OverridePostUpdatePage": "", "DisableMasterPasswordCreation": true, "DisableFeedbackCommands": true, "DisableFirefoxAccounts": true, diff --git a/librefox/mozilla.cfg b/librefox/mozilla.cfg index 31fda99..955526a 100644 --- a/librefox/mozilla.cfg +++ b/librefox/mozilla.cfg @@ -138,8 +138,8 @@ lockPref("network.cookie.leave-secure-alone", true); // default: true // nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones // [1] https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ // [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly -lockPref("network.cookie.thirdparty.sessionOnly", false); // default : false -lockPref("network.cookie.thirdparty.nonsecureSessionOnly", false); // (FF58+) // default false +lockPref("network.cookie.thirdparty.sessionOnly", true); // default : false +lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+) // default false // Also check "User Settings : Track Protection" for other cookies settings @@ -595,7 +595,7 @@ lockPref("permissions.default.geo", 2); // Defaulting Settings : Other Defaulting // ---------------------------------------------------------------------------------------------------- -// Pref : Prefered lang for displaying websites... +// Pref : Preferred language for displaying websites... // The first settings overflow the second one defaultPref("privacy.spoof_english", 2); //defaultPref("intl.accept_languages", "en-US, en"); //This make lang windows unusable @@ -1072,8 +1072,8 @@ lockPref("extensions.webextensions.identity.redirectDomain", ""); // Pref : CSP Settings For Extensions I/II : Extension Firewall Feature // Uncomment to disable network for the extensions -// Enable-Firewall-Feature-In-The-Next-Line >>>>>> -//lockPref("extensions.webextensions.base-content-security-policy", "default-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' moz-extension: blob: filesystem:;"); +// Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>> +lockPref("extensions.webextensions.base-content-security-policy", "default-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' moz-extension: blob: filesystem:;"); // Pref : CSP Settings For Extensions II/II : Extension Firewall Feature // This value is applied after the first one (just ignore this)