Skip to content

lock RFP part 2

context: https://github.com/arkenfox/user.js/issues/1716#issuecomment-1731820059

This makes me super happy. I've always said RFP is an all-in buy-in, no exceptions (we allow a per site canvas exception which is session only in TB and webgl is click to play and slider in TB, that's it). Note arkenfox will move to FPP when it's mature, so we will lose that feedback, but there's not much left to report TBH - the RFP protections have mainly been static for years.

While ESR115 was almost five release ago for devs (tim, tom and tom are about to start nightly 120) ... and I'm not what was hooked up when, let's futureproof this and make sure

  • we just locked RFP in release builds - see #41797 (closed)
  • let's lock privacy.resistFingerprinting.exemptedDomains 🔥 🚒
  • let's ensure in code that RFPTargets - e.g this cannot be used in RFP mode
    • if it can't be done in code for whatever reason, lock privacy.fingerprintingProtection.overrides
    • ^ it is still not clear (or guaranteed) to me that this pref doesn't get used in RFP
  • and anything else worthwhile if it's still there in 115 or upcoming in 128 - e.g. #41797 (comment 2908596)

cc @tjr @pierov

Edited by Thorin
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information