codeberg celenity/Phoenix 2025.04.11.1
on Codeberg

latest releases: 2025.08.06.1, 2025.07.30.1, 2025.07.11.1...
4 months ago

  • Heavily optimized and significantly improved the performance of our uBlock Origin configuration - See here for details on the recommended way to update.

  • DESKTOP: Added back Cloudflare & NextDNS as built-in DNS over HTTPS providers, in addition to Cloudflare's Malware Protection & Family Protection variants. Note that we still use Quad9 by default. It should also be noted that the built-in standard, Cloudflare Unfiltered DNS provider has a stricter privacy policy than the Malware Protection & Family Protection variants, due to a contract with Mozilla. - doh-rollout.provider-list -> [{"uri":"https://dns.quad9.net/dns-query","UIName":"Quad9 - Real-time Malware Protection","autoDefault":true},{"uri":"https://zero.dns0.eu","UIName":"DNS0 (ZERO) - Hardened Real-time Malware Protection","autoDefault":false},{"uri":"https://dns0.eu","UIName":"DNS0 - Real-time Malware Protection","autoDefault":false},{"uri":"https://base.dns.mullvad.net/dns-query","UIName":"Mullvad (Base) - Ad/Tracking/Limited Malware Protection","autoDefault":false},{"uri":"https://dns.adguard-dns.com/dns-query","UIName":"AdGuard (Public) - Ad/Tracking Protection","autoDefault":false},{"uri":"https://dns.mullvad.net/dns-query","UIName":"Mullvad - Unfiltered","autoDefault":false},{"uri":"https://wikimedia-dns.org/dns-query","UIName":"Wikimedia - Unfiltered","autoDefault":false},{"uri":"https://firefox.dns.nextdns.io/","UIName":"NextDNS (Public) - Unfiltered","autoDefault":false},{"uri":"https://unfiltered.adguard-dns.com/dns-query","UIName":"AdGuard (Public) - Unfiltered","autoDefault":false},{"uri":"https://kids.dns0.eu","UIName":"DNS0 - Kids","autoDefault":false},{"uri":"https://family.dns.mullvad.net/dns-query","UIName":"Mullvad (Family)","autoDefault":false},{"uri":"https://family.adguard-dns.com/dns-query","UIName":"AdGuard (Public) - Family Protection","autoDefault":false},{"uri":"https://extended.dns.mullvad.net/dns-query","UIName":"Mullvad (Extended) - Ad/Tracking/Limited Malware/Social Media Protection","autoDefault":false},{"uri":"https://all.dns.mullvad.net/dns-query","UIName":"Mullvad (All) - Ad/Tracking/Limited Malware/Social Media/Adult/Gambling Protection","autoDefault":false},{"uri":"https://security.cloudflare-dns.com/dns-query","UIName":"Cloudflare - Malware Protection","autoDefault":false},{"uri":"https://mozilla.cloudflare-dns.com/dns-query","UIName":"Cloudflare - Unfiltered (Stricter privacy policy)","autoDefault":false},{"uri":"https://family.cloudflare-dns.com/dns-query","UIName":"Cloudflare - Adult Content/Malware Protection","autoDefault":false}]

  • DESKTOP: Disabled installation of add-ons by default, and reset it back to false per-session. Note that this has no impact on already installed add-ons, and has no impact on updates. Additionally, Firefox will prompt you to re-enable the ability to install add-ons when you attempt to install one. To be absolutely clear, I will never remove the ability for users to install add-ons in Phoenix. All this does is add an extra layer of protection by ensuring the ability to install add-ons is only enabled when users need it, and disabled the rest of the time. - xpinstall.enabled -> false

  • DESKTOP: Extensions can now be installed from sources outside of the AMO (addons.mozilla.org) and our built-in exceptions. INSTALLING EXTENSIONS FROM OUTSIDE OF THE AMO IS STRONGLY NOT RECOMMENDED. This gives users greater freedom and control over their browsing experience, which is one of Phoenix's primary goals, and it also has other benefits. For instance, with the previous approach, users couldn't override and prevent the sources we allowed (ex. the AMO) from being able to install extensions if they desired. This is no longer the case, meaning users can have an even safer browsing experience if they desire. I believe that the new defenses we've added in this release allow this to be done in a safe way, as we can ensure extensions are only installed when users make the explicit, conscious decision to install them.

  • DESKTOP: Removed our built-in custom add-on recommendations from about:addons, as they're incompatible with our recent changes, simply unnecessary, and provide a better, cleaner UX when disabled. We'll just leave these recommendations on our wiki page. - extensions.getAddons.discovery.api_url & extensions.recommendations.privacyPolicyUrl -> , extensions.getAddons.showPane -> false

  • DESKTOP: Stopped enforcing extension updates via policies to ensure that users can always disable if desired, though this is STRONGLY discouraged.

  • ANDROID: Explicitly enabled the ability to install add-ons by default to expose the setting via the about:config. (Unlike desktop, Firefox unfortunately doesn't prompt users on mobile to re-enable this functionality, so we won't set it there by default, but we can still expose it via the about:config to make it easier for users to disable on their own if desired) - xpinstall.enabled -> true

  • Enabled HTTPS-First for local addresses & unknown suffixes - dom.security.https_first_for_local_addresses & dom.security.https_first_for_unknown_suffixes -> true

  • Excluded third party trackers from storage access auto grants (if enabled) by default - dom.storage_access.auto_grants.exclude_third_party_trackers -> true

  • Further hardened the extension Content Security Policy. - extensions.webextensions.base-content-security-policy -> script-src 'self' 'unsafe-inline'; upgrade-insecure-requests;

  • Added a built-in domain blocklist/firewall, primarily consisting of various Mozilla ad/telemetry domains we want to ensure we never connect to, and ads/trackers/etc. that appear on their services. We'll also include domains that appear on other built-in/default connections/services, but we'll generally prefer to keep it limited in favor of ex. uBlock Origin. We've also customized the list for our specialized configs on desktop, to include ads/telemetry/trackers/etc. that appear on those services. - network.dns.localDomains -> 250analytics.com,a.omappapi.com,ads.allizom.org,ads.mozilla.org,ads.nonprod.webservices.mozgcp.net,ads.prod.webservices.mozgcp.net,analytics.getpocket.com,analytics.google.com,analytics.withgoogle.com,anf1.fuzzing.mozilla.org,anonymco.com,asan-nightly-frontend-elb-1348905149.us-east-2.elb.amazonaws.com,braze.com,contile.services.mozilla.com,contile-images.services.mozilla.com,crash-reports.allizom.org,crash-reports.mozilla.com,crash-reports-xpsp2.mozilla.com,crash-stacks.mozilla.com,crash-stats.allizom.org,crash-stats.mozilla.com,crash-stats.mozilla.org,dap.services.mozilla.com,dap.nonprod.webservices.mozgcp.net,dap.prod.webservices.mozgcp.net,dap-09-3.api.divviup.org,discovery.addons.allizom.org,discovery.addons.mozilla.org,discovery.addons-dev.allizom.org,divviup.org,download-stats.mozilla.org,download-stats.r53-2.services.mozilla.com,experimenter.services.mozilla.com,experimenter.nonprod.webservices.mozgcp.net,experimenter.prod.webservices.mozgcp.net,fhr.data.mozilla.com,fhr.r53-2.services.mozilla.com,firefox-android-home-recommendations.getpocket.com,fuzzing.mozilla.org,google-analytics.com,google-analytics-cn.com,googleanalytics.com,googlesyndication.com,googlesyndication-cn.com,googletagmanager.com,googletagmanager-cn.com,googletagservices.com,googletagservices-cn.com,improving.duckduckgo.com,incoming.telemetry.mozilla.org,incoming.thunderbird.net,incoming-telemetry.thunderbird.net,merino.nonprod.cloudops.mozgcp.net,merino.prod.cloudops.mozgcp.net,merino.services.mozilla.com,metrics-content.duckduckgo.com,mozilla-ohttp.fastly-edge.com,new-sentry.gitlab.net,normandy.cdn.mozilla.net,normandy.nonprod.cloudops.mozgcp.net,normandy.prod.cloudops.mozgcp.net,normandy-cdn.services.mozilla.com,ohttp-gateway.prod.webservices.mozgcp.net,omappapi.com,pagead2.googlesyndication.com,pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com,prod.experimenter.prod.webservices.mozgcp.net,prod.ohttp-gateway.prod.webservices.mozgcp.net,sdk.iad-05.braze.com,sentry.gitlab.net,sentry.io,sentry.nonprod.cloudops.mozgcp.net,sentry.prod.cloudops.mozgcp.net,sitereview.zscaler.com,snippets.allizom.org,snippets.cdn.mozilla.net,snippets.mozilla.com,snippets-prod.frankfurt.moz.works,snippets-prod.moz.works,snippets-prod.oregon-b.moz.works,snippets-stage.moz.works,snippets-stage.oregon-b.moz.works,snowplow.trx.gitlab.net,snowplowalb-1011729428.us-east-1.elb.amazonaws.com,snowplowprd.trx.gitlab.net,snowplowprdnlb-1490493263.us-east-2.elb.amazonaws.com,socorro.nonprod.webservices.mozgcp.net,socorro.prod.webservices.mozgcp.net,socorro-collector.services.mozilla.com,socorro-webapp-allizom.stage.mozaws.net,socorro-webapp.services.mozilla.com,spocs.getpocket.com,spocs.getpocket.dev,spocs.mozilla.net,ssl.google-analytics.com,ssl-google-analytics.l.google.com,start.fedoraproject.org,start.thunderbird.net,start.ubuntu.com,start-stage.thunderbird.net,symbolication.services.mozilla.com,symbols.mozilla.org,tagmanager.google.com,talkback.mozilla.org,talkback-public.mozilla.org,talkback-reports.mozilla.org,telemetry-coverage.mozilla.org,telemetry-coverage.r53-2.services.mozilla.com,telemetry-incoming.r53-2.services.mozilla.com,telemetry-prod-1054754349.us-east-1.elb.amazonaws.com,updates.thunderbird.net,updates-stage.thunderbird.net,use-application-dns.net,vf.startpage.com,www.250analytics.com,www.google-analytics.com,www.google-analytics-cn.com,www.googleanalytics.com,www.googlesyndication.com,www.googlesyndication-cn.com,www.googletagmanager.com,www.googletagmanager-cn.com,www.googletagservices.com,www.googletagservices-cn.com,www.sentry.io,www-google-analytics.l.google.com,www-googletagmanager.l.google.com

  • DESKTOP: Disabled What's New Pages by default - startup.homepage_override_nimbus_disable_wnp -> true

  • Added additional pref to ensure we never fetch experiments from Nimbus/Normandy - app.normandy.run_interval_seconds -> 0

  • Disabled (in)activity-based ping submission for redundancy. - telemetry.fog.test.activity_limit & telemetry.fog.test.inactivity_limit -> -1

  • Disabled the sync ping for redundancy. - services.sync.telemetry.maxEventsCount & services.sync.telemetry.maxPayloadCount -> 0, services.sync.telemetry.submissionInterval -> 999999999

  • Prevented the Telemetry component from initializing. - toolkit.telemetry.initDelay -> 999999999

  • Opted out of requesting crash reports for background processes from users - browser.crashReports.crashPull -> false & browser.crashReports.requestedNeverShowAgain -> true

  • DESKTOP: Added additional prefs to disable Mozilla promotions - browser.contentblocking.report.mobile-android.url, browser.contentblocking.report.mobile-ios.url, & browser.contentblocking.report.vpn.url ->

  • APPLE MAPS SPECIALIZED CONFIG: Updated the link from beta.maps.apple.com to maps.apple.com - browser.newtabpage.pinned -> [{"url":"https://maps.apple.com/","label":"Apple Maps"}]

  • ELEMENT SPECIALIZED CONFIG: Updated FPP overrides to disable timezone spoofing for more Element instances by default - privacy.fingerprintingProtection.granularOverrides -> [{"firstPartyDomain":"arcticfoxes.net","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"aria.im","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"bitcoinist.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"chatwave.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"cinny.in","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"duesen.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"element.io","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"flieger.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"g24.at","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"gemeinsam.jetzt","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"gnulinux.club","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"hot-chilli.im","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"kde.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"kosmikdog.eu","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"mozilla.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"mtrx.nz","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"neat.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"nitro.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"nope.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"oblak.be","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"pcriot.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"pendora.io","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"rollenspiel.chat","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"socialnetwork24.com","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"studichat.de","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"synod.im","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"the-apothecary.club","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"transfem.dev","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"unredacted.org","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"utwente.io","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"we2.ee","overrides":"-JSDateTimeUTC"},{"firstPartyDomain":"yatrix.org","overrides":"-JSDateTimeUTC"}]

  • Hid the Title Bar by default - browser.tabs.inTitlebar -> 1

  • Cleaned-up files/improved organization

  • Other tweaks & fixes

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

:)

Check out latest releases or
releases around celenity/Phoenix 2025.04.11.1

Don't miss a new Phoenix release

NewReleases is sending notifications on new releases.

Get notifications