#27268: preferences cleanup -------------------------------------------------+------------------------- Reporter: rzb | Owner: tbb- | team Type: defect | Status: | needs_review Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: ff68-esr, TorBrowserTeam201910R, | Actual Points: GeorgKoppen201910 | Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by gk): Replying to [comment:21 Thorin]: > Replying to [comment:20 gk]: > > Great work! I'll start with a patch for the first three sections. What should we set `intl.charset.fallback.override` to in your opinion? > > IMO this shouldn't be done here: but rather be tied to privacy.spoof_english: see https://trac.torproject.org/projects/tor/ticket/20025#comment:5 .. the solution part > > > > Set `intl.charset.fallback.override` = `windows-1252` when `privacy.spoof_english` = `2`, and reset it when `privacy.spoof_english` !== `2`. Do this upstream I see. > > `bug_27268` (https://gitweb.torproject.org/user/gk/tor- browser.git/log/?h=bug_27268) has the first batch of prefs fixups for review (two commits). There is a Torbutton patch, too, in `bug_27268` (https://gitweb.torproject.org/user/gk/torbutton.git/commit/?h=bug_27268&id=a2eac79bab7c2afa17cd45109a5669cf528215c0): Note, I removed `security.pki.sha1_enforcement_level` as well even though the pref is still in action. But we set it to a lower value than Mozilla ships today which we should not do. > > Urgent, Deprecated + Not-in-DXR (first three sections) check: I don't see the following being removed > - intl.charset.default > - media.gmp-eme-adobe.visible > - media.gmp-eme-adobe.enable > - browser.download.manager.scanWhenDone > - browser.download.manager.retention Huh, you are right. `bug_27268_v2` (https://gitweb.torproject.org/user/gk /tor-browser.git/log/?h=bug_27268_v2) should fix that. The eme prefs were removed earlier on on our latest branch. > And I don't see a dom.netinfo.enabled in the tor button code Hrm. I am not sure yet what we should do. While we don't defend against os fingerprinting leaving the netinfo state the way it is seems a bit lame. I guess we should disable it everywhere? -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27268#comment:22> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs