1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
|
From 2fec68a4597270e7fce1c0a4e3a328be4766a2d3 Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Sun, 4 Apr 2021 13:09:05 +0300
Subject: [PATCH 1/5] geolocation: Disable API and remove Google API URLs
The idea for Iceweasel is to reference only services which can be
self-hosted using 100% free software stack.
At the moment, upstream uses Google Geolocation API by default for
release builds. There's also a special configuration for Nightly and
early Beta builds to use Mozilla Location Services. Since I couldn't find
the source code of Google Geolocation API, let's assume it's nonfree.
So removed the URLs.
Mozilla Location Services need further evaluation. But as we don't ship
Nightly or Beta builds and strive to stick as close to upstream as
possible while keeping the SW stack 100% free, release builds don't have
any valid geolocation provider, so let's disable geolocation API by
default for now.
---
modules/libpref/init/all.js | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml
index 5632486c69..b977858e04 100644
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -5616,7 +5616,7 @@
# Is support for Navigator.geolocation enabled?
- name: geo.enabled
type: bool
- value: true
+ value: false
mirror: always
# Time, in milliseconds, to wait for the location provider to spin up.
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index af04cba691..514f750a23 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -3094,7 +3094,7 @@ pref("network.psl.onUpdate_notify", false);
// All the Geolocation preferences are here.
//
-pref("geo.provider.network.url", "https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%");
+pref("geo.provider.network.url", "");
// Timeout to wait before sending the location request.
pref("geo.provider.network.timeToWaitBeforeSending", 5000);
--
2.41.0
From 413f141022f562beb53ed87370146a123872f35b Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Sun, 4 Apr 2021 13:49:05 +0300
Subject: [PATCH 2/5] Disable banners and remove URLs for mobile apps on
about:protections page
---
browser/app/profile/firefox.js | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index a7d255df89..801816dc41 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1955,7 +1955,7 @@ pref("browser.contentblocking.report.monitor.enabled", false);
pref("browser.contentblocking.report.proxy.enabled", false);
// Disable the mobile promotion by default.
-pref("browser.contentblocking.report.show_mobile_app", true);
+pref("browser.contentblocking.report.show_mobile_app", false);
// Locales in which Send to Device emails are supported
// The most recent list of supported locales can be found at https://github.com/mozilla/bedrock/blob/6a08c876f65924651554decc57b849c00874b4e7/bedrock/settings/base.py#L963
@@ -1989,7 +1989,7 @@ pref("browser.promo.cookiebanners.enabled", false);
// Set to true for Fx113 (see bug 1808611)
pref("browser.promo.cookiebanners.enabled", false);
-pref("browser.contentblocking.report.hide_vpn_banner", false);
+pref("browser.contentblocking.report.hide_vpn_banner", true);
pref("browser.contentblocking.report.vpn_sub_id", "sub_HrfCZF7VPHzZkA");
pref("browser.contentblocking.report.monitor.url", "https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections");
@@ -2000,12 +2000,12 @@ pref("browser.contentblocking.report.monitor.home_page_url", "https://monitor.fi
pref("browser.contentblocking.report.manage_devices.url", "https://accounts.firefox.com/settings/clients");
pref("browser.contentblocking.report.endpoint_url", "https://monitor.firefox.com/user/breach-stats?includeResolved=true");
pref("browser.contentblocking.report.proxy_extension.url", "https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-protections&utm_content=about-protections");
-pref("browser.contentblocking.report.mobile-ios.url", "https://apps.apple.com/app/firefox-private-safe-browser/id989804926");
-pref("browser.contentblocking.report.mobile-android.url", "https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_report%26utm_content%3Dmobile_promotion");
-pref("browser.contentblocking.report.vpn.url", "https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-protections-card");
-pref("browser.contentblocking.report.vpn-promo.url", "https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-protections-top-promo");
-pref("browser.contentblocking.report.vpn-android.url", "https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-browser%26utm_medium%3Dfirefox-browser%26utm_campaign%3Dabout-protections-mobile-vpn%26anid%3D--");
-pref("browser.contentblocking.report.vpn-ios.url", "https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738");
+pref("browser.contentblocking.report.mobile-ios.url", "");
+pref("browser.contentblocking.report.mobile-android.url", "");
+pref("browser.contentblocking.report.vpn.url", "");
+pref("browser.contentblocking.report.vpn-promo.url", "");
+pref("browser.contentblocking.report.vpn-android.url", "");
+pref("browser.contentblocking.report.vpn-ios.url", "");
// Protection Report's SUMO urls
pref("browser.contentblocking.report.lockwise.how_it_works.url", "https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report");
--
2.41.0
From 275785d94093d5c2dd46739484a2744642df357f Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Tue, 17 Jan 2023 21:59:51 +0100
Subject: [PATCH 3/5] FSDG: Remove some references to AMO
* addons.mozilla.org (AMO) is a third-party repository, not compatible
with the FSDG, because it is not committed to only including free
software, see [1]. The work to remove the references to it from
Iceweasel right now is far from being complete.
* Remove URLs to services.addons.mozilla.org as one of these URLs is
used to fetch recommendations from AMO after the click on Extensions
button from the toolbar.
* Disable abuse reporting functionality as it uses the API on the same
hostname. Sanity check during build preparation should verify this
hostname is not available in the sources, and make it clear the patch
needs reworking when that check fails.
* Remove AMO URL to fetch langpacks. These are for Firefox, and Parabola
has Iceweasel langpacks anyway.
* Remove some AMO URLs from mobile.js. There's no Android version of
Iceweasel AFAIK, but these are some steps towards total removal of
references to AMO.
* Remove some AMO related preferences from vendor.js.in and patch them
directly in the sources, to avoid the rotting and to get notified
quickly when Mozilla introduces any changes to them in the future.
[1] https://labs.parabola.nu/issues/2409#note-4
---
browser/app/profile/firefox.js | 12 ++++++------
mobile/android/app/geckoview-prefs.js | 8 ++++----
modules/libpref/init/all.js | 8 ++++----
3 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index 801816dc41..9c2562ff23 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -33,12 +33,12 @@ pref("extensions.postDownloadThirdPartyPrompt", true);
// Preferences for AMO integration
pref("extensions.getAddons.cache.enabled", true);
-pref("extensions.getAddons.get.url", "https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%");
-pref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%");
-pref("extensions.getAddons.link.url", "https://addons.mozilla.org/%LOCALE%/firefox/");
-pref("extensions.getAddons.langpacks.url", "https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%");
-pref("extensions.getAddons.discovery.api_url", "https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%");
-pref("extensions.getAddons.browserMappings.url", "https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%");
+pref("extensions.getAddons.get.url", "");
+pref("extensions.getAddons.search.browseURL", "https://gnuzilla.gnu.org/mozzarella/search.php?q=%TERMS%");
+pref("extensions.getAddons.link.url", "https://gnuzilla.gnu.org/mozzarella/");
+pref("extensions.getAddons.langpacks.url", "");
+pref("extensions.getAddons.discovery.api_url", "");
+pref("extensions.getAddons.browserMappings.url", "");
// The URL for the privacy policy related to recommended extensions.
pref("extensions.recommendations.privacyPolicyUrl", "https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=privacy-policy-link#addons");
diff --git a/mobile/android/app/geckoview-prefs.js b/mobile/android/app/geckoview-prefs.js
index c1983abc2b..35c24e5d43 100644
--- a/mobile/android/app/geckoview-prefs.js
+++ b/mobile/android/app/geckoview-prefs.js
@@ -228,11 +228,11 @@ pref("extensions.experiments.enabled", false);
// Support credit cards in GV autocomplete API (bug 1691819)
pref("extensions.formautofill.addresses.capture.enabled", true);
-pref("extensions.getAddons.browseAddons", "https://addons.mozilla.org/%LOCALE%/android/collections/4757633/mob/?page=1&collection_sort=-popularity");
+pref("extensions.getAddons.browseAddons", "");
pref("extensions.getAddons.cache.enabled", true);
-pref("extensions.getAddons.get.url", "https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%");
-pref("extensions.getAddons.langpacks.url", "https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=android&type=language&appversion=%VERSION%");
-pref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/%LOCALE%/android/search?q=%TERMS%&platform=%OS%&appver=%VERSION%");
+pref("extensions.getAddons.get.url", "");
+pref("extensions.getAddons.langpacks.url", "");
+pref("extensions.getAddons.search.browseURL", "");
// Don't let XPIProvider install distribution add-ons; we do our own thing on mobile
pref("extensions.installDistroAddons", false);
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 514f750a23..abbf229223 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -1851,11 +1851,11 @@ pref("services.common.uptake.sampleRate", 1); // 1%
pref("extensions.abuseReport.enabled", false);
// Whether abuse report originated from AMO should use the Firefox integrated dialog.
pref("extensions.abuseReport.amWebAPI.enabled", false);
-pref("extensions.abuseReport.url", "https://services.addons.mozilla.org/api/v4/abuse/report/addon/");
-pref("extensions.abuseReport.amoDetailsURL", "https://services.addons.mozilla.org/api/v4/addons/addon/");
+pref("extensions.abuseReport.url", "");
+pref("extensions.abuseReport.amoDetailsURL", "");
// Whether Firefox integrated abuse reporting feature should be opening the new abuse report form hosted on AMO.
pref("extensions.abuseReport.amoFormEnabled", false);
-pref("extensions.abuseReport.amoFormURL", "https://addons.mozilla.org/%LOCALE%/%APP%/feedback/addon/%addonID%/");
+pref("extensions.abuseReport.amoFormURL", "");
// Blocklist preferences
pref("extensions.blocklist.enabled", true);
@@ -3158,7 +3158,7 @@ pref("extensions.webextensions.ExtensionStorageIDB.enabled", true);
// Whether to allow the inline options browser in HTML about:addons page.
pref("extensions.htmlaboutaddons.inline-options.enabled", true);
// Show recommendations on the extension and theme list views.
-pref("extensions.htmlaboutaddons.recommendations.enabled", true);
+pref("extensions.htmlaboutaddons.recommendations.enabled", false);
// The URL for the privacy policy related to recommended add-ons.
pref("extensions.recommendations.privacyPolicyUrl", "");
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index 1f1b1cbd3e..7ea9d82cdf 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -22,9 +22,9 @@
pref("browser.hiddenWindowChromeURL", "chrome://browser/content/hiddenWindowMac.xhtml");
// Set add-ons abuse report related prefs specific to Firefox Desktop.
-pref("extensions.abuseReport.enabled", true);
-pref("extensions.abuseReport.amWebAPI.enabled", true);
-pref("extensions.abuseReport.amoFormEnabled", true);
+pref("extensions.abuseReport.enabled", false);
+pref("extensions.abuseReport.amWebAPI.enabled", false);
+pref("extensions.abuseReport.amoFormEnabled", false);
// Enables some extra Extension System Logging (can reduce performance)
pref("extensions.logging.enabled", false);
--
2.41.0
From 7c742c2c0e0bd817fd646d0b83a0265c67d6c5fb Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Sun, 4 Jun 2023 13:16:40 +0200
Subject: [PATCH 4/5] FSDG: Disable Contile and autoupdate of system addons
1. Contile (see change context lines) is used to fetch sponsored top
sites, which are not controlled by Parabola and are likely to not
be committed to include only free software.
2. While system addons shipped in the source code seem to be free
software, I'm not sure if the update endpoint also returns only free
software, given that Mozilla is not committed to include only free
software in their repositories.
As these URLs can be considered as repositories not committed to include
only free software, remove them from the source code.
---
browser/app/profile/firefox.js | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index 9c2562ff23..7577fbe008 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -48,8 +48,8 @@ pref("extensions.recommendations.themeRecommendationUrl", "https://color.firefox
pref("extensions.update.autoUpdateDefault", true);
// Check AUS for system add-on updates.
-pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml");
-pref("extensions.systemAddon.update.enabled", true);
+pref("extensions.systemAddon.update.url", "");
+pref("extensions.systemAddon.update.enabled", false);
// Disable add-ons that are not installed by the user in all scopes by default.
// See the SCOPE constants in AddonManager.jsm for values to use here.
@@ -1603,8 +1603,8 @@ pref("prompts.defaultModalType", 3);
pref("browser.topsites.useRemoteSetting", true);
// Fetch sponsored Top Sites from Mozilla Tiles Service (Contile)
-pref("browser.topsites.contile.enabled", true);
-pref("browser.topsites.contile.endpoint", "https://contile.services.mozilla.com/v1/tiles");
+pref("browser.topsites.contile.enabled", false);
+pref("browser.topsites.contile.endpoint", "");
// Whether to enable the Share-of-Voice feature for Sponsored Topsites via Contile.
pref("browser.topsites.contile.sov.enabled", true);
--
2.41.0
From 40f5b56ba68e3f256fa3672a77efd0c1951d7e00 Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Tue, 26 Sep 2023 21:27:34 +0200
Subject: [PATCH 5/5] FSDG: Disable Firefox Translations for now
Although fully local translation is a great achievement, I'd hesitate to keep it
enabled for now, because of the following concerns:
1. According to the FSDG [1]:
> All information for practical use in a free distribution must be available in
source form.
Translation models are downloaded as Remote Settings attachments, see their
paths on the attachment server, for example in [2] in the source tree. The
hostname of that server is returned by Remote Settings server, access to which
is disabled by 9001-FSDG-sync-remote-settings-with-local-dump.patch and
PKGBUILD. So in my understanding, to comply with the FSDG, the distro has to
make sources of those models available. It looks like those can be found using
info from [4], but even then...
2. According to FSDG [3]:
> a free system distribution cannot include free software that can only be
built by using nonfree software.
It depends on whether those models can be considered software (or "information
for practical use" in case the FSDG is not totally precise when talking only
about software here). While the models are freely licensed [4], their README
mentions the first training pipeline [5] that lists CUDA and CUDNN in the
requirements. Both are nonfree and blocklisted in Parabola. Further research is
needed on possibility to make the models with 100% free software stack.
3. Because calls to Remote Settings server are disabled, as mentioned above, the
models won't be downloaded anyway, and Firefox Translations feature will be
broken, so keeping it enabled would lead to poor user experience. An alternative
would be to use something like [6], but that requires additional research and
probably has the same issues with the toolchain for the models.
[1] https://www.gnu.org/distros/free-system-distribution-guidelines.html#license-rules
[2] services/settings/dumps/main/translations-models.json
[3] https://www.gnu.org/distros/free-system-distribution-guidelines.html#complete-distros
[4] WARNING! GitHub webpage is likely to run nonfree software in user's web browser, so at least disable JavaScript when opening: https://github.com/mozilla/firefox-translations-models
[5] WARNING! GitHub webpage is likely to run nonfree software in user's web browser, so at least disable JavaScript when opening: https://github.com/mozilla/firefox-translations-training
[6] https://addons.mozilla.org/en-US/firefox/addon/translatelocally-for-firefox/
---
browser/app/profile/firefox.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
index f58075204d..a2ffbec390 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -1882,7 +1882,7 @@ pref("browser.translation.neverForLanguages", "");
// Enable Firefox translations powered by the Bergamot translations
// engine https://browser.mt/.
-pref("browser.translations.enable", true);
+pref("browser.translations.enable", false);
// Enable the new Firefox Translations Settings UI Design
pref("browser.translations.newSettingsUI.enable", false);
--
2.42.0
From e0f27816208ff4371f9de3e2a9190f1a26a4a2f8 Mon Sep 17 00:00:00 2001
From: grizzlyuser <grizzlyuser@protonmail.com>
Date: Fri, 17 Nov 2023 20:52:18 +0100
Subject: [PATCH] FSDG: Put a fuse, to blow up when upstream switches to
search-config-v2
process-json-files.py will probably need rework.
---
modules/libpref/init/all.js | 2 ++
1 file changed, 2 insertions(+)
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 86bfe71247..af91481d2d 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -3462,6 +3462,8 @@ pref("browser.search.removeEngineInfobar.enabled", true);
// Enables a new search configuration style with no functional changes for the
// user. This is solely intended as a rollout button - it will go away once the
// new configuration has been rolled out.
+//
+// Extra comment, so the patch fails to apply as soon as the line below is changed upstream.
pref("browser.search.newSearchConfig.enabled", false);
// GMPInstallManager prefs
--
2.42.1
|
