Miscellaneous security- and privacy-related prefs for Tor Browser

JKT has been working on some prefs he suggested we might consider:

• Security.mixed_content.upgrade_display_content
  • Upgrades passive mixed content to HTTPS transparently
• Network.ftp.enabled
  • disable FTP
• security.insecure_connection_icon.enabled and security.insecure_connection_icon.pbmode.enabled
• security.insecure_connection_text.enabled and security.insecure_connection_text.pbmode.enabled
  • Both of these mark HTTP connections as insecure. One with a broken lock icon, the other with text saying ‘Not Secure’
• Insecure flash content:
  • security.mixed_content.block_object_subrequest
• Sensors:
  • device.sensors.*.enabled (motion, proximity, ambientLight and orientation) && the Event constructors are now also included in device.sensors.enabled
  • device.sensors.enabled set to False in RF (https://bugzilla.mozilla.org/show_bug.cgi?id=1369319)
• dom.registerProtocolHandler.insecure.enabled
• browser.cache.offline.insecure.enable
• dom.registerContentHandler.enabled

Others being pondered:

• Http-disabled
  • I believe this is to block all HTTP connections.