Release 2025.01.06.1 · celenityy/Phoenix

Enabled support for Trusted Types (Like Chromium). - dom.security.trusted_types.enabled -> true
CSP assertions for about: pages are no longer skipped. (This was already the default behavior for standard Firefox releases, but now we enforce it - which is particularly useful for ex. Thunderbird, where it actually isn't enabled by default...) - dom.security.skip_about_page_has_csp_assert -> false
Explicitly disabled the Network Information API. Firefox already disables it by default, but now we directly enforce it. - dom.netinfo.enabled -> false
Disabled Event Telemetry on Desktop (Already disabled on Android) - this is likely covered by our other telemetry prefs, but useful for defense in depth. - privacy.imageInputTelemetry.enableTestMode -> false
Blocked insecure object subrequests in mixed content. - security.mixed_content.block_object_subrequest -> true
Minor tweaks/fixes

Codeberg: See here for more details.

GitHub: See here for more details.

Provide feedback