2025.01.24.1
FYI: Users who manually installed Phoenix on macOS or GNU/Linux who used the sudo mv commands from the README are highly recommended to reinstall Phoenix with the updated steps, due to potential security issues. Thank you to doomedguppy for discovering & reporting this issue, and thank you to @Modaresisofthard for the prompt response and fix.
-
Regardless of Firefox's DoH mode, we now always warn before falling back to the system's native DNS by default. -
network.trr.display_fallback_warning&network.trr_ui.show_fallback_warning_option->true -
Disabled Firefox's nonfunctional, legacy Safe Browsing API to ensure it's never used and for defense in depth. It's also now explicitly labeled in the case it is ever used for whatever reason. -
browser.safebrowsing.provider.google.advisoryName->Google Safe Browsing (Legacy),browser.safebrowsing.provider.google.gethashURL&browser.safebrowsing.provider.google.updateURL-> -
Explicitly enabled Firefox's native collector for sessionstore, as the old implementation is incompatible with per-site process isolation (Fission). -
browser.sessionstore.disable_platform_collection->false -
Added additional prefs to ensure Firefox's Cookie Banner Blocking is properly enabled and fully functional. -
cookiebanners.cookieInjector.enabled&cookiebanners.service.enableGlobalRules.subFrames->true -
Explicitly disabled EDNS Client Subnet (ECS) by default to prevent leaking general location data to authoritative DNS servers. -
network.trr.disable-ECS->true -
Sending headers for DoH requests are now explicitly disabled. -
network.trr.send_accept-language_headers&network.trr.send_user-agent_headers->false,network.trr.send_empty_accept-encoding_headers->true
Codeberg: See here for more details.
GitLab: See here for more details.
GitHub: See here for more details.
:)
