Yeah… It’s a bit hard to balance things like this though, I’ve seen lot’s of folks complain about how their Firefox is apparently “broken” because it now suddenly has this empty margin around web-content seemingly wasting space for no reason - and then it turns out that they have deliberately turned this very feature on. And that is even if the feature is completely hidden - I wonder how many more complaints there would be if options like this are made more accessible.

The letterboxing feature has been in Firefox since 2019 - starting from Firefox 67 I think. The preference for it might have been hidden though so maybe it’s just relatively unknown feature - I don’t know if or how visible LibreWolf makes makes it for the user. But regardless, any modern Firefox variant probably has that capability.

Sounds like you are talking about Firefox’s letterboxing feature which you can enable/disable independently from full fingerprinting resistance.

I’m not sure if resistFingerprinting does anything to stop websites from uploading whatever data they can get though, I don’t think it does that. And I don’t think it could really do that in the first place since the website could just obfuscate the data and browser wouldn’t know what is sent.

That’s not necessarily a good solution either, because a service could figure out that the source of random fingerprint data likely comes from the same user. Especially if your ip is not changing. It might perhaps be effective if a substantial amount of people were doing it though.

But to generate such random fingerprint is difficult because it consists of many parts and services don’t all build fingerprints the aame way. You could easily randomize e.g. canvas data, but the issue is that if you only randomize one data point then that one random data point pretty uniquely identifies you if your other datapoints are stable. So to be effective you would really need to randomize several different datapoints and that may not be such an easy task since websites could build them in all sorts of ways.

Yeah, regular http cache is indeed a thing. However it’s more complicated because the web server can tell the browser how the returned content should be cached - if at all. So if, say, reddit servers ask the browser to not cache particular resource (for whatever reason) then it won’t be cached. I mean, the browser is free to do as it pleases, but I think in general browsers would do as the server asked and indeed not cache it.

Well the feature development is certainly progressing - here is the tracking bug for it.

You can nowadays just test it in normal nightly without special build - it’s extremely incomplete, but you can test it if you wish. It’s tied to revorked sidebar which you need to enable in about:config.

Absolutely not. If anything, public officials would be the one group whose messaging I would understand being scanned so that the people can sort of keep them on check. But again, implementing such possibility that would still weaken security of everyone else as well so of course it should not actually be done.

Yup, YT has only shown me a nice “Sign in to confirm you’re not a bot” message for the past week or so. Not because of Firefox or adblockers though, because the same happens on all other browsers and clients as well.

Maybe because of VPN, or who knows what, maybe they are just idiots.

Indeed. I mean, I’m blocking ads as much the next guy and that’s not going to change in any foreseeable future, but I cannot see how introduction of privacy preserving advertising platform could possibly be seen as anything other than an improvement over the current, completely perverse, situation. It would be better for people who don’t block ads, so if this acquisition would advance uses of privacy-respecting advertising systems and simultaneously get some revenue to Mozilla then this sounds quite like a win-win to me.

I don’t. Pretty much everything just goes to other bookmarks. When I want to use them I’ll just type * to urlbar , type something about it and Firefox usually finds the bookmark I wanted.

Yeah, loading any external resources - I would think fonts even more so than images - is potentially risky. In addition, there is somewhat realistic possibility for browser fingerprinting if you use some style that makes browser viewport size atypical.

I can’t think of any actual security issues other than those. Otherwise the worst that a style could do is crash the browser, to make it utterly unusable or make it super slow. But those are all recoverable by simply trashing userChrome.css and restarting Firefox.

Yeah, history is extremely valuable feature. I think I would rather get rid of bookmarks and maybe even tabs rather than history.

In that case the issue is likely that files on disk are being modified by whatever mechanism your IT uses to push updates to devices. If the program files are modified while Firefox is running then you will unavoidably get this prompt.

I suppose the best you can do is to ask your IT folks to not update programs that are currently running.

I have no clue about hacking macOS

Take this with a grain of salt, but I believe I’ve read that standard backdrop-filter won’t work here and this would instead require OS compositor level mechanism because menupopup and panels are technically separate windows (or window-like widgets) from OS perspective.

Yes. I want to have access to both history and bookmarks on all my devices and send specific tabs to other devices. Sync makes these super convenient.

Huh, okay. That does seem like extensions can indeed write arbitrary data to default download directory automatically. Maybe you can create a feature request to existing extension for that kind of feature. Although I would think that an interval is totally unnecessary and it would make more sense to only make a backup whenever style editor is started or a style is otherwise being added/removed or some such.

I’m not 100% sure about this, but I don’t think addons are allowed to write anything to disk without user interaction, except to their own database of course.

I guess you could do it if you had some other installed software that backed up extension data from Firefox profile folder. Then again, if you are worried about some profile data getting wiped, then it would just make sense to back up the whole profile and not just little bits of it because who knows what other data could get wiped.

Has the thing you are doing ever worked? I mean, if you were to use actual inline svg document then I think it would just work, but I doubt you are doing that. But if you just use an svg image using say, list-style-image or background-image, then I don’t think currentcolor inside the svg has ever worked.

The way colors are forwarded from the embedding document (in gecko) to the svg is bit of a hack. The svg icon needs to have certain attribute value in its definition: example: ... AND the element using this svg icon needs to declare that such forwarding is needed using css .thing { -moz-context-properties: fill, fill-opacity } AND then setting the fill color like .thing { fill: currentColor }.

And you need to set svg.context-properties.content.enabled if the svg file you are using is not loaded using chrome:// or resource:// uri.

If you do that setup then you can totally make them use currentColor from the embedding document. This hackery might not be required anymore when/if css link params is implemented.