codeberg celenity/Phoenix 2025.04.15.1
on Codeberg

latest releases: 2025.09.07.1, 2025.08.06.1, 2025.07.30.1...
5 months ago
  • Prevented Firefox from automatically using the system's proxy configuration by default, due to security concerns, and to ensure the user is always in control and making the conscious decision to use a proxy, if they do at all.

    See details: https://codeberg.org/celenity/Phoenix/commit/d0ac438c3c464ecc15798b07da73f9db61d688b3

    network.proxy.type -> 0

  • Re-enabled the Baseline Interpreter by default, and instead disabled eager baseline hints.

    See details: https://codeberg.org/celenity/Phoenix/issues/93

    javascript.options.blinterp -> true
    javascript.options.jithints -> false

  • Disabled automatic storage access grants by default.

    dom.storage_access.auto_grants -> false
    dom.storage_access.max_concurrent_auto_grants -> 1

  • Enabled the ability to add signatures to PDFs.

    pdfjs.enableSignatureEditor -> true

  • Disabled collection/generation of wireframes by default.

    See details: https://searchfox.org/mozilla-central/source/browser/components/sessionstore/PageWireframes.sys.mjs

    browser.history.collectWireframes -> false

  • Disabled the insecure 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA' & 'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA' ciphers (like Chromium, Firefox Nightly, & Tor Browser).

    See details: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/issues/361#note_3089049 + https://bugzilla.mozilla.org/show_bug.cgi?id=1600437

    security.ssl3.ecdhe_ecdsa_aes_128_sha -> false
    security.ssl3.ecdhe_ecdsa_aes_256_sha -> false

  • Set external links in PDFs to open in new tabs/windows by default.

    pdfjs.externalLinkTarget -> 2

  • Explicitly set per-site process isolation (Fission) to always isolate everything.

    See details: https://searchfox.org/mozilla-central/source/dom/ipc/ProcessIsolation.cpp

    fission.webContentIsolationStrategy -> 1

  • Disabled the 'data collection' permission for browser extensions.

    See details: https://searchfox.org/mozilla-central/source/toolkit/locales-preview/dataCollectionPermissions.ftl

    extensions.dataCollectionPermissions.enabled -> false

  • Enabled Add-on Manager Remote Settings by default to expose the preference via the about:config.

    See details: https://searchfox.org/mozilla-central/source/toolkit/mozapps/extensions/docs/AMRemoteSettings-overview.rst

    extensions.remoteSettings.disabled -> false

  • Set additional preferences to ensure the Reporting API is never active for redundancy.

    dom.reporting.delivering.maxFailures -> 0
    dom.reporting.delivering.maxReports -> 0

  • DESKTOP: Set the 'devtools.debugger.remote-enabled' & 'xpinstall.enabled' to reset per-session for Linux users. This is already the current behavior for other platforms, but it wasn't working for Linux users due to a misconfiguration.

    See details: https://codeberg.org/celenity/Phoenix/commit/f20c044998a091e3fb9502633bc231acc618ba0b

  • DESKTOP: Updated environment variables to disable Mozilla's Crash Reporter.

    See details: https://firefox-source-docs.mozilla.org/toolkit/crashreporter/crashreporter/index.html#user-specified-environment-variables 

    export MOZ_CRASHREPORTER=;
export MOZ_CRASHREPORTER_DISABLE=1;
export MOZ_CRASHREPORTER_NO_REPORT=1;
export MOZ_CRASHREPORTER_URL="data;";

    Previously, we just set MOZ_CRASHREPORTER to 0.

  • Added www.anonymco.com to our internal domain blocklist.

    network.dns.localDomains -> 250analytics.com,a.omappapi.com,ads.allizom.org,ads.mozilla.org,ads.nonprod.webservices.mozgcp.net,ads.prod.webservices.mozgcp.net,analytics.getpocket.com,analytics.google.com,analytics.withgoogle.com,anf1.fuzzing.mozilla.org,anonymco.com,asan-nightly-frontend-elb-1348905149.us-east-2.elb.amazonaws.com,braze.com,contile.services.mozilla.com,contile-images.services.mozilla.com,crash-reports.allizom.org,crash-reports.mozilla.com,crash-reports-xpsp2.mozilla.com,crash-stacks.mozilla.com,crash-stats.allizom.org,crash-stats.mozilla.com,crash-stats.mozilla.org,dap.services.mozilla.com,dap.nonprod.webservices.mozgcp.net,dap.prod.webservices.mozgcp.net,dap-09-3.api.divviup.org,discovery.addons.allizom.org,discovery.addons.mozilla.org,discovery.addons-dev.allizom.org,divviup.org,download-stats.mozilla.org,download-stats.r53-2.services.mozilla.com,experimenter.services.mozilla.com,experimenter.nonprod.webservices.mozgcp.net,experimenter.prod.webservices.mozgcp.net,fhr.data.mozilla.com,fhr.r53-2.services.mozilla.com,firefox-android-home-recommendations.getpocket.com,fuzzing.mozilla.org,google-analytics.com,google-analytics-cn.com,googleanalytics.com,googlesyndication.com,googlesyndication-cn.com,googletagmanager.com,googletagmanager-cn.com,googletagservices.com,googletagservices-cn.com,improving.duckduckgo.com,incoming.telemetry.mozilla.org,incoming.thunderbird.net,incoming-telemetry.thunderbird.net,merino.nonprod.cloudops.mozgcp.net,merino.prod.cloudops.mozgcp.net,merino.services.mozilla.com,metrics-content.duckduckgo.com,mozilla-ohttp.fastly-edge.com,new-sentry.gitlab.net,normandy.cdn.mozilla.net,normandy.nonprod.cloudops.mozgcp.net,normandy.prod.cloudops.mozgcp.net,normandy-cdn.services.mozilla.com,ohttp-gateway.prod.webservices.mozgcp.net,omappapi.com,pagead2.googlesyndication.com,pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com,prod.experimenter.prod.webservices.mozgcp.net,prod.ohttp-gateway.prod.webservices.mozgcp.net,sdk.iad-05.braze.com,sentry.gitlab.net,sentry.io,sentry.nonprod.cloudops.mozgcp.net,sentry.prod.cloudops.mozgcp.net,sitereview.zscaler.com,snippets.allizom.org,snippets.cdn.mozilla.net,snippets.mozilla.com,snippets-prod.frankfurt.moz.works,snippets-prod.moz.works,snippets-prod.oregon-b.moz.works,snippets-stage.moz.works,snippets-stage.oregon-b.moz.works,snowplow.trx.gitlab.net,snowplowalb-1011729428.us-east-1.elb.amazonaws.com,snowplowprd.trx.gitlab.net,snowplowprdnlb-1490493263.us-east-2.elb.amazonaws.com,socorro.nonprod.webservices.mozgcp.net,socorro.prod.webservices.mozgcp.net,socorro-collector.services.mozilla.com,socorro-webapp-allizom.stage.mozaws.net,socorro-webapp.services.mozilla.com,spocs.getpocket.com,spocs.getpocket.dev,spocs.mozilla.net,ssl.google-analytics.com,ssl-google-analytics.l.google.com,start.fedoraproject.org,start.thunderbird.net,start.ubuntu.com,start-stage.thunderbird.net,symbolication.services.mozilla.com,symbols.mozilla.org,tagmanager.google.com,talkback.mozilla.org,talkback-public.mozilla.org,talkback-reports.mozilla.org,telemetry-coverage.mozilla.org,telemetry-coverage.r53-2.services.mozilla.com,telemetry-incoming.r53-2.services.mozilla.com,telemetry-prod-1054754349.us-east-1.elb.amazonaws.com,updates.thunderbird.net,updates-stage.thunderbird.net,use-application-dns.net,vf.startpage.com,www.250analytics.com,www.anonymco.com,www.google-analytics.com,www.google-analytics-cn.com,www.googleanalytics.com,www.googlesyndication.com,www.googlesyndication-cn.com,www.googletagmanager.com,www.googletagmanager-cn.com,www.googletagservices.com,www.googletagservices-cn.com,www.sentry.io,www-google-analytics.l.google.com,www-googletagmanager.l.google.com

  • APPLE MAPS SPECIALIZED CONFIG: Added various Apple domains to the domain blocklist.

    api.smoot.apple.com, ca.iadsdk.apple.com, cf.iadsdk.apple.com, cstat.g.apple.com, cstat-origin.apple.com, daf.xp.apple.com, fbs.smoot.apple.com, probe.me.apple-dns.net, skadnetwork.iad-apple.com.akadns.net, & tr.iadsdk.apple.com

    network.dns.localDomains -> 250analytics.com,a.omappapi.com,ads.allizom.org,ads.mozilla.org,ads.nonprod.webservices.mozgcp.net,ads.prod.webservices.mozgcp.net,analytics.getpocket.com,analytics.google.com,analytics.withgoogle.com,anf1.fuzzing.mozilla.org,anonymco.com,asan-nightly-frontend-elb-1348905149.us-east-2.elb.amazonaws.com,braze.com,contile.services.mozilla.com,contile-images.services.mozilla.com,crash-reports.allizom.org,crash-reports.mozilla.com,crash-reports-xpsp2.mozilla.com,crash-stacks.mozilla.com,crash-stats.allizom.org,crash-stats.mozilla.com,crash-stats.mozilla.org,dap.services.mozilla.com,dap.nonprod.webservices.mozgcp.net,dap.prod.webservices.mozgcp.net,dap-09-3.api.divviup.org,discovery.addons.allizom.org,discovery.addons.mozilla.org,discovery.addons-dev.allizom.org,divviup.org,download-stats.mozilla.org,download-stats.r53-2.services.mozilla.com,experimenter.services.mozilla.com,experimenter.nonprod.webservices.mozgcp.net,experimenter.prod.webservices.mozgcp.net,fhr.data.mozilla.com,fhr.r53-2.services.mozilla.com,firefox-android-home-recommendations.getpocket.com,fuzzing.mozilla.org,google-analytics.com,google-analytics-cn.com,googleanalytics.com,googlesyndication.com,googlesyndication-cn.com,googletagmanager.com,googletagmanager-cn.com,googletagservices.com,googletagservices-cn.com,improving.duckduckgo.com,incoming.telemetry.mozilla.org,incoming.thunderbird.net,incoming-telemetry.thunderbird.net,merino.nonprod.cloudops.mozgcp.net,merino.prod.cloudops.mozgcp.net,merino.services.mozilla.com,metrics-content.duckduckgo.com,mozilla-ohttp.fastly-edge.com,new-sentry.gitlab.net,normandy.cdn.mozilla.net,normandy.nonprod.cloudops.mozgcp.net,normandy.prod.cloudops.mozgcp.net,normandy-cdn.services.mozilla.com,ohttp-gateway.prod.webservices.mozgcp.net,omappapi.com,pagead2.googlesyndication.com,pipeline-incoming-prod-elb-149169523.us-west-2.elb.amazonaws.com,prod.experimenter.prod.webservices.mozgcp.net,prod.ohttp-gateway.prod.webservices.mozgcp.net,sdk.iad-05.braze.com,sentry.gitlab.net,sentry.io,sentry.nonprod.cloudops.mozgcp.net,sentry.prod.cloudops.mozgcp.net,sitereview.zscaler.com,snippets.allizom.org,snippets.cdn.mozilla.net,snippets.mozilla.com,snippets-prod.frankfurt.moz.works,snippets-prod.moz.works,snippets-prod.oregon-b.moz.works,snippets-stage.moz.works,snippets-stage.oregon-b.moz.works,snowplow.trx.gitlab.net,snowplowalb-1011729428.us-east-1.elb.amazonaws.com,snowplowprd.trx.gitlab.net,snowplowprdnlb-1490493263.us-east-2.elb.amazonaws.com,socorro.nonprod.webservices.mozgcp.net,socorro.prod.webservices.mozgcp.net,socorro-collector.services.mozilla.com,socorro-webapp-allizom.stage.mozaws.net,socorro-webapp.services.mozilla.com,spocs.getpocket.com,spocs.getpocket.dev,spocs.mozilla.net,ssl.google-analytics.com,ssl-google-analytics.l.google.com,start.fedoraproject.org,start.thunderbird.net,start.ubuntu.com,start-stage.thunderbird.net,symbolication.services.mozilla.com,symbols.mozilla.org,tagmanager.google.com,talkback.mozilla.org,talkback-public.mozilla.org,talkback-reports.mozilla.org,telemetry-coverage.mozilla.org,telemetry-coverage.r53-2.services.mozilla.com,telemetry-incoming.r53-2.services.mozilla.com,telemetry-prod-1054754349.us-east-1.elb.amazonaws.com,updates.thunderbird.net,updates-stage.thunderbird.net,use-application-dns.net,vf.startpage.com,www.250analytics.com,www.google-analytics.com,www.google-analytics-cn.com,www.googleanalytics.com,www.googlesyndication.com,www.googlesyndication-cn.com,www.googletagmanager.com,www.googletagmanager-cn.com,www.googletagservices.com,www.googletagservices-cn.com,www.sentry.io,www-google-analytics.l.google.com,www-googletagmanager.l.google.com,ab.apple.com.akadns.net,acfeedbackws.icloud.com,advertising.apple.com,advp.apple.com,amsui.apple.com,api.smoot.apple.com,api-adservices.apple.com,api-smoot.apple.com,applemediaservices.com,bag-smoot.apple.com,bag-smoot.v.aaplimg.com,ca.iadsdk.apple.com,cdn-xp-ingest-ab.v.aaplimg.com,cdn-xp-ingest.edge.apple,cf.iadsdk.apple.com,cstat.apple.com,cstat.apple.com.edgesuite.net,cstat.cdn-apple.com,cstat.g.aaplimg.com,cstat.g.apple.com,cstat-lb.apple.com.akadns.net,cstat-origin.apple.com,daf.xp.apple.com,databeacon.apple.com,datacollection.apple.com,dejavu.apple.com,experiments.apple.com,experiments.apple.com.edgekey.net,fbs.smoot.apple.com,feedbackws.fe2.apple-dns.net,feedbackws.fe.apple-dns.cn,feedbackws.fe.apple-dns.net,feedbackws.icloud.com,feedbackws.icloud.com.cn,gsp10.apple-mapkit.com,gsp10-ssl.apple.com,gsp10-ssl.ls-apple.com.akadns.net,iad.apple.com,iad-apple.com.akadns.net,iadcontent.apple.com,iadcontent-lb.apple.com.akadns.net,iadmoo.apple.com,iadsdk.apple.com,iadsdk.apple.com.akadns.net,iadsdk.apple.com.edgekey.net,iadworkbench.apple.com,images-mercury.mzstatic.com,images-mercury.v.aaplimg.com,launch.apple.com,marketing.services.apple,me.apple-dns.net,metrics.apple.com,metrics.icloud.com,metrics.mzstatic.com,msc-dct-prod.msc.apple.com,parsec.apple.com,partiality.itunes.apple.com,partiality.itunes-apple.com.akadns.net,partiality.itunes.apple.com.edgekey.net,performance-partners.apple.com,prd-usw2-requestattribution-iad.apple.com,probe.me.apple-dns.net,proxy-skadnetwork.apple.com,qa-iad.apple.com,qwapi.com,radarsubmissions.apple.com,radarsubmissions.apple.com.akadns.net,sdkintg-iad.apple.com,sdkintgiad.apple.com,searchads.apple.com,searchads.apple.com.edgesuite.net,searchads.lb-apple.com.akadns.net,securemetrics.apple.com,securemetrics.v.aaplimg.com,securemvt.apple.com,securemvt.v.aaplimg.com,skadnetwork.iad-apple.com.akadns.net,smoot.apple.cn,smoot.apple.com,smoot-apple.com.akadns.net,smoot.apple.com.cn,smoot.g.aaplimg.com,smoot.v.aaplimg.com,smoot-feedback.v.aaplimg.com,smoot-searchv2-ause1c.v.aaplimg.com,speedtracer.apple.com,stg-iad.apple.com,supportmetrics.apple.com,supportmetrics.v.aaplimg.com,supportmetrics-uat.apple.com,tr.iadsdk.apple.com,uxintg-iad.apple.com,uxintgiad.apple.com,xp.apple.com,xp.apple.com.edgekey.net,xp.itunes-apple.com.akadns.net,xp-cdn.apple.com,xp-daf.apple.com.edgekey.net,xp-daf.itunes-apple.com.akadns.net

  • Other tweaks & fixes

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

:)

Check out latest releases or
releases around celenity/Phoenix 2025.04.15.1

Don't miss a new Phoenix release

NewReleases is sending notifications on new releases.

Get notifications