____
* <details><summary>Prevented third parties from setting cookies unless the third party already has cookies as a first party (Like Safari).</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/72b9578d04c5c16df27b4e51849ddd44781ab0d8
`privacy.dynamic_firstparty.limitForeign` -> `true`
</details>
* <details><summary>Limited maximum cookie lifetime to 6 months/180 days (Like Brave).</summary>
See details: https://github.com/brave/brave-browser/issues/3443 + https://github.com/fmarier/brave-core/commit/4d222df50a8dfaaabb31e9f2c5070c4db5ba8fd5
`network.cookie.maxageCap` -> `15552000`
</details>
* <details><summary>Enabled tracking protection against CMPs (Cookie/consent managers) by default, in all browsing windows.</summary>
`privacy.trackingprotection.consentmanager.annotate_channels` -> `true`
`privacy.trackingprotection.consentmanager.skip.enabled` -> `false`
`privacy.trackingprotection.consentmanager.skip.pbmode.enabled` -> `false`
</details>
* <details><summary>Enabled an additional plug-in blocklist (mozplugin-block-digest256) from Mozilla (Like Nightly).</summary>
`urlclassifier.blockedTable` -> `moztest-block-simple,mozplugin-block-digest256`
</details>
* <details><summary>Disabled network connectivity status monitoring.</summary>
See details: https://bugzilla.mozilla.org/show_bug.cgi?id=620472
`network.manage-offline-status` -> `false`
`network.offline-mirrors-connectivity` -> `false`
**DESKTOP** *(Red Hat/Fedora-specific)*:
`offline.autoDetect` -> `false`
`toolkit.networkmanager.disable` -> `true`
</details>
* <details><summary>Instead of blocking all mixed display content unconditionally, we now only block mixed display content if it can't be upgraded to HTTPS.</summary>
See details: https://github.com/mozilla/policy-templates/issues/1141
`security.mixed_content.block_display_content` -> `false`
</details>
* <details><summary>Disabled the automatic import of OS client authentication certificates by default.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/62285ea38b6bdab2d06e0376848169c2a2e06a24
`security.osclientcerts.autoload` -> `false`
</details>
* <details><summary>Disabled the Wi-Fi Tickler to prevent proxy bypasses.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/458bb0cb0ff7a9cf5beaba476b888bfb7ec48eb0
`network.tickle-wifi.enabled` -> `false`
</details>
* <details><summary>Set proxy extensions (if installed) to start as soon as possible, instead of waiting for the first browser window to open.</summary>
`extensions.webextensions.early_background_wakeup_on_request` -> `true`
</details>
* <details><summary>Prevented HTTP/3 from being disabled if enterprise policies are configured.</summary>
`network.http.http3.disable_when_third_party_roots_found` -> `false`
</details>
* **<details><summary>ANDROID**: Disabled TLS session identifiers.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/38ec7461f1e437f502ba7f82d2d836b0386e03dd
`security.ssl.disable_session_identifiers` -> `true`
</details>
* <details><summary>Limited/restricted CSP reporting as much as possible (We still block these requests by default with uBlock Origin).</summary>
`security.csp.reporting.limit.count` -> `1`
`security.csp.reporting.limit.timespan` -> `999999999`
`security.csp.reporting.script-sample.max-length` -> `0`
`security.csp.truncate_blocked_uri_for_frame_navigations` -> `true`
</details>
* **<details><summary>DESKTOP**: Set the browser to check for updates hourly (instead of the default of 6 hours in foreground and 7 hours in background).</summary>
`app.update.background.interval` -> `3600`
`app.update.interval` -> `3600`
</details>
* **<details><summary>DESKTOP**: Set the browser to immediately prompt users when an update is ready, and ensured the binary is always old enough to check for updates.</summary>
`app.update.checkInstallTime.days` -> `0`
`app.update.promptWaitTime` -> `0`
</details>
* <details><summary>Disabled the Battery API.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/b4e578ed809ca5d63b20ff22bda78cb76f5d4d07
`dom.battery.enabled` -> `false`
</details>
* <details><summary>Disabled the Clipboard API.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/e16d6048a13b685c35d51371fd067a6e5fde5714
`dom.events.asyncClipboard.clipboardItem` -> `false`
`dom.events.asyncClipboard.readText` -> `false`
`dom.events.testing.asyncClipboard` -> `false`
</details>
* <details><summary>Disabled online speech recognition.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/aea7d4ba2d80f0bc0154ee0da3b07aca476aecae
`media.webspeech.service.endpoint` -> `data;`
</details>
* <details><summary>Disabled scanning add-on scopes on launch.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/4660fcd9ac90bde34dc230ca58f3fe3f76d9267e
`extensions.startupScanScopes` -> `0`
</details>
* <details><summary>Disabled Gecko Media Plugins (GMP).</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/cc6fb2c13054c1ff6cb2fe1469591b0272e84c78
`media.gmp-provider.enabled` -> `false`
</details>
* **<details><summary>ANDROID**: Disabled HLS.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/0abcbeac89d9eaa4b2d6c0b8a573f6815ebb72b6
`media.hls.enabled` -> `false`
</details>
* **<details><summary>DESKTOP**: Enabled Arbitrary Code Guard (ACG) (for Windows users).</summary>
See details: https://medium.com/@boutnaru/the-windows-security-journey-acg-arbitrary-code-guard-74b08a8bd1e5
`security.sandbox.gmp.acg.enabled` -> `true`
`security.sandbox.rdd.acg.enabled` -> `true`
`security.sandbox.utility-wmf.acg.enabled` -> `true`
</details>
* **<details><summary>DESKTOP**: Enabled Code Integrity Guard (CIG) for pre-spawn (for Windows users).</summary>
See details: https://github.com/mozilla/policy-templates/issues/1141
`security.sandbox.cig.prespawn.enabled` -> `true`
</details>
* **<details><summary>DESKTOP**: Enabled Shadow Stacks (for Windows users).</summary>
See details: https://wikipedia.org/wiki/Shadow_stack
`security.sandbox.content.shadow-stack.enabled` -> `true`
`security.sandbox.gmp.shadow-stack.enabled` -> `true`
`security.sandbox.gpu.shadow-stack.enabled` -> `true`
`security.sandbox.rdd.shadow-stack.enabled` -> `true`
`security.sandbox.socket.shadow-stack.enabled` -> `true`
</details>
* **<details><summary>DESKTOP**: Set the browser to always warn on unprivileged namespaces (for Linux users).</summary>
`security.sandbox.warn_unprivileged_namespaces` -> `true`
</details>
* **<details><summary>ANDROID**: Disabled sending console output to logcat by default. </summary>
See details: https://codeberg.org/celenity/Phoenix/commit/dcadf87f3daacdd554f2de358be77cd568c67646
`consoleservice.logcat` -> `false`
`geckoview.console.enabled` -> `false`
</details>
* <details><summary>Disabled various new telemetry pings.</summary>
`browser.engagement.ctrlTab.has-used` -> `true`
`telemetry.glean.internal.finalInactive` -> `false`
`telemetry.glean.internal.maxPingsPerMinute` -> `0`
**DESKTOP**:
`browser.engagement.downloads-button.has-used` -> `true`
`browser.engagement.fxa-toolbar-menu-button.has-used` -> `true`
`browser.engagement.home-button.has-used` -> `true`
`browser.engagement.library-button.has-used` -> `true`
`browser.engagement.search_counts.pbm` -> `false`
`browser.engagement.sidebar-button.has-used` -> `true`
`browser.engagement.total_uri_count.pbm` -> `false`
`browser.newtabpage.activity-stream.telemetry.privatePing.enabled` -> `false`
`browser.newtabpage.activity-stream.telemetry.surfaceId` -> ` `
`browser.newtabpage.ping.enabled` -> `false`
</details>
* <details><summary>Disabled the automatic upload of profiler data (from 'about:logging') to Mozilla by default.</summary>
`toolkit.aboutLogging.uploadProfileToCloud` -> `false`
</details>
* <details><summary>Removed Mozilla's new OHTTP telemetry endpoints.</summary>
**DESKTOP**:
`browser.newtabpage.activity-stream.discoverystream.ohttp.configURL` -> ` `
`browser.newtabpage.activity-stream.discoverystream.ohttp.relayURL` -> ` `
**ANDROID**:
`network.ohttp.configURL` -> ` `
`network.ohttp.relayURL` -> ` `
</details>
* <details><summary>Added placeholder IDs to certain (primarily telemetry-related) preferences, to reduce breakage and protect against potential fingerprinting.</summary>
`asanreporter.clientid` -> `unknown`
`datareporting.dau.cachedUsageProfileGroupID` -> `b0bacafe-b0ba-cafe-b0ba-cafeb0bacafe`
**DESKTOP**:
`browser.contentblocking.cfr-milestone.milestone-shown-time` -> `999999999`
`browser.contextual-services.contextId` -> `{foo-123-foo}`
`browser.startup.homepage_override.buildID` -> `20181001000000`
</details>
* <details><summary>Cleaned up and removed more tracking parameters and unnecessary information (ex. locale) from various Mozilla links/URLs.</summary>
`app.support.baseURL` -> `https://support.mozilla.org/kb/`
`extensions.abuseReport.amoFormURL` -> `https://addons.mozilla.org/feedback/addon/%addonID%/`
`extensions.blocklist.addonItemURL` -> `https://addons.mozilla.org/blocked-addon/%addonID%/%addonVersion%/`
`extensions.getAddons.get.url` -> `https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%`
`extensions.update.background.url` -> `https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&updateType=%UPDATE_TYPE%`
`extensions.update.url` -> `https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&updateType=%UPDATE_TYPE%`
`pdfjs.altTextLearnMoreUrl` -> `https://support.mozilla.org/kb/pdf-alt-text`
`signon.firefoxRelay.learn_more_url` -> `https://support.mozilla.org/kb/relay-integration#w_frequently-asked-questions`
`signon.firefoxRelay.privacy_policy_url` -> `https://www.mozilla.org/privacy/subscription-services/`
`signon.firefoxRelay.terms_of_service_url` -> `https://www.mozilla.org/privacy/subscription-services/`
**ANDROID**:
`extensions.getAddons.search.browseURL` -> `https://addons.mozilla.org/android/search?q=%TERMS%`
**DESKTOP**:
`app.releaseNotesURL` -> `https://www.mozilla.org/firefox/%VERSION%/releasenotes`
`app.releaseNotesURL.aboutDialog"` -> `https://www.mozilla.org/firefox/%VERSION%/releasenotes`
`app.releaseNotesURL.prompt` -> `https://www.mozilla.org/firefox/%VERSION%/releasenotes`
`app.update.url.details` -> `https://www.mozilla.org/firefox/notes`
`app.update.url.manual` -> `https://www.mozilla.org/firefox/new`
`browser.contentblocking.report.cookie.url` -> `https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_cross-site-tracking-cookies`
`browser.contentblocking.report.cryptominer.url` -> `https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_cryptominers`
`browser.contentblocking.report.fingerprinter.url` -> `https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_fingerprinters`
`browser.contentblocking.report.lockwise.how_it_works.url` -> `https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins`
`browser.contentblocking.report.social.url` -> `https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_social-media-trackers`
`browser.contentblocking.report.tracker.url` -> `https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_tracking-content`
`browser.dictionaries.download.url` -> `https://addons.mozilla.org/language-tools/`
`browser.search.searchEnginesURL` -> `https://addons.mozilla.org/firefox/search-engines/`
`browser.xr.warning.infoURL` -> `https://support.mozilla.org/kb/webxr-permission-info-page`
`extensions.getAddons.link.url` -> `https://addons.mozilla.org/`
`extensions.getAddons.search.browseURL` -> `https://addons.mozilla.org/search?q=%TERMS%`
`lightweightThemes.getMoreURL` -> `https://addons.mozilla.org/themes/`
</details>
* **<details><summary>DESKTOP**: Removed Mozilla's feedback URL & the about:home support article (which definitely isn't relevant to us...).</summary>
`app.feedback.baseURL` -> ` `
`browser.newtabpage.activity-stream.support.url` -> ` `
</details>
* <details><summary>Removed unnecessary partner attribution identifiers, to protect against fingerprinting.</summary>
`app.distributor` -> ` `
`app.distributor.channel` -> ` `
`mozilla.partner.id` -> ` `
**DESKTOP**:
`browser.search.param.search_rich_suggestions` -> ` `
</details>
* **<details><summary>DESKTOP**: Disabled Mozilla's new Ad Routing Service (MARS) OHTTP provider & ad reporting.</summary>
`browser.newtabpage.activity-stream.discoverystream.reportAds.enabled` -> `false`
`browser.newtabpage.activity-stream.unifiedAds.ohttp.enabled` -> `false`
</details>
* **<details><summary>DESKTOP**: Disabled Mozilla's new Firefox Suggest (Merino) OHTTP provider.</summary>
`browser.newtabpage.activity-stream.discoverystream.merino-provider.ohttp.enabled` -> `false`
</details>
* **<details><summary>DESKTOP**: Disabled ('inferred') 'personalization' on about:home</summary>
`browser.newtabpage.activity-stream.discoverystream.sections.personalization.enabled` -> `false`
`browser.newtabpage.activity-stream.discoverystream.sections.personalization.inferred.enabled` -> `false`
`browser.newtabpage.activity-stream.discoverystream.sections.personalization.inferred.user.enabled` -> `false`
</details>
* **<details><summary>DESKTOP**: Disabled new about:home mobile promotions.</summary>
**DESKTOP**:
`browser.newtabpage.activity-stream.mobileDownloadModal.enabled` -> `false`
`browser.newtabpage.activity-stream.mobileDownloadModal.variant-a` -> `false`
`browser.newtabpage.activity-stream.mobileDownloadModal.variant-b` -> `false`
`browser.newtabpage.activity-stream.mobileDownloadModal.variant-c` -> `false``
</details>
* **<details><summary>DESKTOP**: Disabled the new about:home Fakespot promotion card.</summary>
`browser.shopping.experience2023.newPositionCard.hasSeen` -> `true`
</details>
* **<details><summary>DESKTOP**: Disabled the 'Revised Pocket Story Card UI' on about:home</summary>
See details: https://searchfox.org/mozilla-central/source/toolkit/components/nimbus/FeatureManifest.yaml
`browser.newtabpage.activity-stream.discoverystream.sections.cards.enabled` -> `false`
</details>
* <details><summary>Enabled various performance optimizations.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/6a7263d95b16d77c961e886248cc4f15f3ac8c8c + https://codeberg.org/celenity/Phoenix/commit/f4295b0baa3905b6527741a91e1a26808303ca9f
`network.fetchpriority.enabled` -> `true`
`javascript.options.mem.gc_parallel_marking` -> `true`
`javascript.options.wasm_branch_hinting` -> `true`
`javascript.options.wasm_relaxed_simd` -> `true`
`javascript.options.wasm_simd_avx` -> `true`
</details>
* **<details><summary>DESKTOP**: Enabled advanced performance settings at about:preferences#general by default.</summary>
`browser.preferences.defaultPerformanceSettings.enabled` -> `false`
</details>
* <details><summary>Lowered the network priority of known trackers (if not blocked...).</summary>
`privacy.trackingprotection.lower_network_priority` -> `true`
</details>
* <details><summary>Disabled the ability for websites to prevent disabling Picture-in-Picture.</summary>
`media.videocontrols.picture-in-picture.respect-disablePictureInPicture` -> `false`
</details>
* **<details><summary>DESKTOP**: Enabled the ability to download and switch locales (as well as the ability to switch without restarting...</summary>
`intl.multilingual.downloadEnabled` -> `true`
`intl.multilingual.enabled` -> `true`
`intl.multilingual.liveReload` -> `true`
`intl.multilingual.liveReloadBidirectional` -> `true`
</details>
* <details><summary>Ensured that uBlock Origin (if enabled) can always run on restricted/quarantined domains by default.</summary>
`extensions.quarantineIgnoredByUser.uBlock0@raymondhill.net` -> `true`
</details>
* <details><summary>Disabled Mozilla's remote fingerprinting protection overrides by default (for now) to re-enable canvas randomization for Google domains</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/776c3921efbe355ce9ba4549c06a312ecb5447f6
`privacy.fingerprintingProtection.remoteOverrides.enabled` -> `false`
</details>
* <details><summary>Disabled Mozilla's 'Remote Permissions' by default.</summary>
See details: https://codeberg.org/celenity/Phoenix/commit/f203b52b1ae49cd3cf5dbfaa21df541e642c50a4
`permissions.manager.remote.enabled` -> `false`
</details>
* **<details><summary>DESKTOP**: Temporarily switched the Web Compatibility Reporter URL from Mozilla's to our issue tracker, as it's currently impossible to fully disable it due to an upstream bug...</summary>
See details: https://bugzilla.mozilla.org/show_bug.cgi?id=1963764
`ui.new-webcompat-reporter.new-report-endpoint` -> `https://phoenix.celenity.dev/issues`
</details>
* **<details><summary>DESKTOP**: Stopped locking the value of 'security.cert_pinning.enforcement_level', to ensure users can still access the pinned domains if ex. certs are changed/become outdated.</summary></details>
* Various other changes...
___
Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.04.27.1...2025.05.11.1) for more details.
GitLab: See [here](https://gitlab.com/celenityy/Phoenix/-/compare/2025.04.27.1...2025.05.11.1) for more details.
GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.04.27.1...2025.05.11.1) for more details.
___
:)