Miscellaneous security- and privacy-related prefs for Tor Browser

JKT has been working on some prefs he suggested we might consider:

Security.mixed_content.upgrade_display_content
- Upgrades passive mixed content to HTTPS transparently
Network.ftp.enabled
- disable FTP
security.insecure_connection_icon.enabled and security.insecure_connection_icon.pbmode.enabled
security.insecure_connection_text.enabled and security.insecure_connection_text.pbmode.enabled
- Both of these mark HTTP connections as insecure. One with a broken lock icon, the other with text saying ‘Not Secure’
Insecure flash content:
- security.mixed_content.block_object_subrequest
Sensors:
- device.sensors.*.enabled (motion, proximity, ambientLight and orientation) && the Event constructors are now also included in device.sensors.enabled
- device.sensors.enabled set to False in RF (https://bugzilla.mozilla.org/show_bug.cgi?id=1369319)
dom.registerProtocolHandler.insecure.enabled
browser.cache.offline.insecure.enable
dom.registerContentHandler.enabled

Others being pondered:

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information