gitlab celenityy/Phoenix 2025.05.11.1
on GitLab

latest releases: 2025.09.07.1, 2025.08.06.1, 2025.07.30.1...
4 months ago

  • Enabled tracking protection against CMPs (Cookie/consent managers) by default, in all browsing windows.

    privacy.trackingprotection.consentmanager.annotate_channels -> true
    privacy.trackingprotection.consentmanager.skip.enabled -> false
    privacy.trackingprotection.consentmanager.skip.pbmode.enabled -> false

  • Enabled an additional plug-in blocklist (mozplugin-block-digest256) from Mozilla (Like Nightly).

    urlclassifier.blockedTable -> moztest-block-simple,mozplugin-block-digest256

  • Disabled network connectivity status monitoring.

    See details: https://bugzilla.mozilla.org/show_bug.cgi?id=620472

    network.manage-offline-status -> false
    network.offline-mirrors-connectivity -> false

    DESKTOP (Red Hat/Fedora-specific):

    offline.autoDetect -> false
    toolkit.networkmanager.disable -> true

  • Set proxy extensions (if installed) to start as soon as possible, instead of waiting for the first browser window to open.

    extensions.webextensions.early_background_wakeup_on_request -> true

  • Prevented HTTP/3 from being disabled if enterprise policies are configured.

    network.http.http3.disable_when_third_party_roots_found -> false

  • Limited/restricted CSP reporting as much as possible (We still block these requests by default with uBlock Origin).

    security.csp.reporting.limit.count -> 1
    security.csp.reporting.limit.timespan -> 999999999
    security.csp.reporting.script-sample.max-length -> 0
    security.csp.truncate_blocked_uri_for_frame_navigations -> true

  • DESKTOP: Set the browser to check for updates hourly (instead of the default of 6 hours in foreground and 7 hours in background).

    app.update.background.interval -> 3600
    app.update.interval -> 3600

  • DESKTOP: Set the browser to immediately prompt users when an update is ready, and ensured the binary is always old enough to check for updates.

    app.update.checkInstallTime.days -> 0
    app.update.promptWaitTime -> 0

  • DESKTOP: Enabled Shadow Stacks (for Windows users).

    See details: https://wikipedia.org/wiki/Shadow_stack

    security.sandbox.content.shadow-stack.enabled -> true
    security.sandbox.gmp.shadow-stack.enabled -> true
    security.sandbox.gpu.shadow-stack.enabled -> true
    security.sandbox.rdd.shadow-stack.enabled -> true
    security.sandbox.socket.shadow-stack.enabled -> true

  • DESKTOP: Set the browser to always warn on unprivileged namespaces (for Linux users).

    security.sandbox.warn_unprivileged_namespaces -> true

  • Disabled various new telemetry pings.

    browser.engagement.ctrlTab.has-used -> true
    telemetry.glean.internal.finalInactive -> false
    telemetry.glean.internal.maxPingsPerMinute -> 0

    DESKTOP:

    browser.engagement.downloads-button.has-used -> true
    browser.engagement.fxa-toolbar-menu-button.has-used -> true
    browser.engagement.home-button.has-used -> true
    browser.engagement.library-button.has-used -> true
    browser.engagement.search_counts.pbm -> false
    browser.engagement.sidebar-button.has-used -> true
    browser.engagement.total_uri_count.pbm -> false
    browser.newtabpage.activity-stream.telemetry.privatePing.enabled -> false
    browser.newtabpage.activity-stream.telemetry.surfaceId ->
    browser.newtabpage.ping.enabled -> false

  • Disabled the automatic upload of profiler data (from 'about:logging') to Mozilla by default.

    toolkit.aboutLogging.uploadProfileToCloud -> false

  • Removed Mozilla's new OHTTP telemetry endpoints.

    DESKTOP:

    browser.newtabpage.activity-stream.discoverystream.ohttp.configURL ->
    browser.newtabpage.activity-stream.discoverystream.ohttp.relayURL ->

    ANDROID:

    network.ohttp.configURL ->
    network.ohttp.relayURL ->

  • Added placeholder IDs to certain (primarily telemetry-related) preferences, to reduce breakage and protect against potential fingerprinting.

    asanreporter.clientid -> unknown
    datareporting.dau.cachedUsageProfileGroupID -> b0bacafe-b0ba-cafe-b0ba-cafeb0bacafe

    DESKTOP:

    browser.contentblocking.cfr-milestone.milestone-shown-time -> 999999999
    browser.contextual-services.contextId -> {foo-123-foo}
    browser.startup.homepage_override.buildID -> 20181001000000

  • Cleaned up and removed more tracking parameters and unnecessary information (ex. locale) from various Mozilla links/URLs.

    app.support.baseURL -> https://support.mozilla.org/kb/
    extensions.abuseReport.amoFormURL -> https://addons.mozilla.org/feedback/addon/%addonID%/
    extensions.blocklist.addonItemURL -> https://addons.mozilla.org/blocked-addon/%addonID%/%addonVersion%/
    extensions.getAddons.get.url -> https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%
    extensions.update.background.url -> https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&updateType=%UPDATE_TYPE%
    extensions.update.url -> https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&updateType=%UPDATE_TYPE%
    pdfjs.altTextLearnMoreUrl -> https://support.mozilla.org/kb/pdf-alt-text
    signon.firefoxRelay.learn_more_url -> https://support.mozilla.org/kb/relay-integration#w_frequently-asked-questions
    signon.firefoxRelay.privacy_policy_url -> https://www.mozilla.org/privacy/subscription-services/
    signon.firefoxRelay.terms_of_service_url -> https://www.mozilla.org/privacy/subscription-services/

    ANDROID:

    extensions.getAddons.search.browseURL -> https://addons.mozilla.org/android/search?q=%TERMS%

    DESKTOP:

    app.releaseNotesURL -> https://www.mozilla.org/firefox/%VERSION%/releasenotes
    app.releaseNotesURL.aboutDialog" -> https://www.mozilla.org/firefox/%VERSION%/releasenotes
    app.releaseNotesURL.prompt -> https://www.mozilla.org/firefox/%VERSION%/releasenotes
    app.update.url.details -> https://www.mozilla.org/firefox/notes
    app.update.url.manual -> https://www.mozilla.org/firefox/new
    browser.contentblocking.report.cookie.url -> https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_cross-site-tracking-cookies
    browser.contentblocking.report.cryptominer.url -> https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_cryptominers
    browser.contentblocking.report.fingerprinter.url -> https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_fingerprinters
    browser.contentblocking.report.lockwise.how_it_works.url -> https://support.mozilla.org/kb/password-manager-remember-delete-edit-logins
    browser.contentblocking.report.social.url -> https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_social-media-trackers
    browser.contentblocking.report.tracker.url -> https://support.mozilla.org/kb/trackers-and-scripts-firefox-blocks-enhanced-track#w_tracking-content
    browser.dictionaries.download.url -> https://addons.mozilla.org/language-tools/
    browser.search.searchEnginesURL -> https://addons.mozilla.org/firefox/search-engines/
    browser.xr.warning.infoURL -> https://support.mozilla.org/kb/webxr-permission-info-page
    extensions.getAddons.link.url -> https://addons.mozilla.org/
    extensions.getAddons.search.browseURL -> https://addons.mozilla.org/search?q=%TERMS%
    lightweightThemes.getMoreURL -> https://addons.mozilla.org/themes/

  • DESKTOP: Removed Mozilla's feedback URL & the about:home support article (which definitely isn't relevant to us...).

    app.feedback.baseURL ->
    browser.newtabpage.activity-stream.support.url ->

  • Removed unnecessary partner attribution identifiers, to protect against fingerprinting.

    app.distributor ->
    app.distributor.channel ->
    mozilla.partner.id ->

    DESKTOP:

    browser.search.param.search_rich_suggestions ->

  • DESKTOP: Disabled Mozilla's new Ad Routing Service (MARS) OHTTP provider & ad reporting.

    browser.newtabpage.activity-stream.discoverystream.reportAds.enabled -> false
    browser.newtabpage.activity-stream.unifiedAds.ohttp.enabled -> false

  • DESKTOP: Disabled Mozilla's new Firefox Suggest (Merino) OHTTP provider.

    browser.newtabpage.activity-stream.discoverystream.merino-provider.ohttp.enabled -> false

  • DESKTOP: Disabled ('inferred') 'personalization' on about:home

    browser.newtabpage.activity-stream.discoverystream.sections.personalization.enabled -> false
    browser.newtabpage.activity-stream.discoverystream.sections.personalization.inferred.enabled -> false
    browser.newtabpage.activity-stream.discoverystream.sections.personalization.inferred.user.enabled -> false

  • DESKTOP: Disabled new about:home mobile promotions.

    DESKTOP:

    browser.newtabpage.activity-stream.mobileDownloadModal.enabled -> false
    browser.newtabpage.activity-stream.mobileDownloadModal.variant-a -> false
    browser.newtabpage.activity-stream.mobileDownloadModal.variant-b -> false
    browser.newtabpage.activity-stream.mobileDownloadModal.variant-c -> false`

  • DESKTOP: Disabled the new about:home Fakespot promotion card.

    browser.shopping.experience2023.newPositionCard.hasSeen -> true

  • DESKTOP: Enabled advanced performance settings at about:preferences#general by default.

    browser.preferences.defaultPerformanceSettings.enabled -> false

  • Lowered the network priority of known trackers (if not blocked...).

privacy.trackingprotection.lower_network_priority -> true

  • Disabled the ability for websites to prevent disabling Picture-in-Picture.

    media.videocontrols.picture-in-picture.respect-disablePictureInPicture -> false

  • DESKTOP: Enabled the ability to download and switch locales (as well as the ability to switch without restarting...

    intl.multilingual.downloadEnabled -> true
    intl.multilingual.enabled -> true
    intl.multilingual.liveReload -> true
    intl.multilingual.liveReloadBidirectional -> true

  • Ensured that uBlock Origin (if enabled) can always run on restricted/quarantined domains by default.

    extensions.quarantineIgnoredByUser.uBlock0@raymondhill.net -> true

  • DESKTOP: Temporarily switched the Web Compatibility Reporter URL from Mozilla's to our issue tracker, as it's currently impossible to fully disable it due to an upstream bug...

    See details: https://bugzilla.mozilla.org/show_bug.cgi?id=1963764

    ui.new-webcompat-reporter.new-report-endpoint -> https://phoenix.celenity.dev/issues

  • DESKTOP: Stopped locking the value of 'security.cert_pinning.enforcement_level', to ensure users can still access the pinned domains if ex. certs are changed/become outdated.

  • Various other changes...

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

:)

Check out latest releases or
releases around celenityy/Phoenix 2025.05.11.1

Don't miss a new Phoenix release

NewReleases is sending notifications on new releases.

Get notifications