diff options
author | bill-auger <mr.j.spam.me@gmail.com> | 2020-01-18 20:06:11 -0500 |
---|---|---|
committer | bill-auger <mr.j.spam.me@gmail.com> | 2020-01-19 08:53:38 -0500 |
commit | 72851d5f27f4fafefc20922de319e133caa53449 (patch) | |
tree | 1ff8686ca22b2a2be98cba361c611adf3052cd9f /libre/iceweasel/PKGBUILD | |
parent | 16b80f1f2bbecf98375b588f62a9bab77bc2e315 (diff) | |
download | abslibre-72851d5f27f4fafefc20922de319e133caa53449.tar.gz abslibre-72851d5f27f4fafefc20922de319e133caa53449.tar.bz2 abslibre-72851d5f27f4fafefc20922de319e133caa53449.zip |
[iceweasel]: rework patches for v72.0.1
Diffstat (limited to 'libre/iceweasel/PKGBUILD')
-rw-r--r-- | libre/iceweasel/PKGBUILD | 333 |
1 files changed, 11 insertions, 322 deletions
diff --git a/libre/iceweasel/PKGBUILD b/libre/iceweasel/PKGBUILD index c3ff85b28..61c4fd39a 100644 --- a/libre/iceweasel/PKGBUILD +++ b/libre/iceweasel/PKGBUILD @@ -69,18 +69,18 @@ source=(https://archive.mozilla.org/pub/firefox/releases/$pkgver/source/firefox- 0001-Use-remoting-name-for-GDK-application-names.patch $pkgname.desktop) source+=(https://repo.parabola.nu/other/iceweasel/${pkgname}_${_brandingver}-${_brandingrel}.branding.tar.xz{,.sig} - firefox-70.0-add-distro.patch libre.patch - libre-searchengines.patch) + libre-searchengines.patch + vendor.js.in) sha256sums=('1fa59aedc8469c3e6ffb12449ab7de2f93776f7679eedebfb74aa309b694956f' 'SKIP' '5f7ac724a5c5afd9322b1e59006f4170ea5354ca1e0e60dab08b7784c2d8463c' 'f573d00835afe066ef1887bfea35099933ee07aeadc4c0d603972127e600cfc4' 'e90956067d8549f02864d612369ed8714d7173f0ee07bbfb4374a7323b4a733e' 'SKIP' - '41ab298519dfdf86e1599990cd2a2e4d939a2a1d77de829caa0593d0d2e8f0e8' - '497b0b7d15364acec4b8706ab41ce4aefd4fd1d7f1baa7980a46d14cca8aedd8' - 'dfed11d97f1d4198a3dc608be159b6b53a11054f376cdb73bb0fe9a487ae9418') + '1169ccda88642881e0ba024f0c82fce9ac3064d3587517f9960e88cae479ce3e' + 'dfed11d97f1d4198a3dc608be159b6b53a11054f376cdb73bb0fe9a487ae9418' + '4979e733215492372c196cdb93ec61eac1fbbd44f44e637dbd420040c8d9affe') validpgpkeys=('14F26682D0916CDD81E37B6D61B7B526D98F0353') # Mozilla Software Releases <release@mozilla.com> validpgpkeys+=('BFA8008A8265677063B11BF47171986E4B745536') # Andreas Grapentin @@ -92,10 +92,6 @@ prepare() { msg "applying 0001-Use-remoting-name-for-GDK-application-names.patch" patch -Np1 -i ../0001-Use-remoting-name-for-GDK-application-names.patch - # https://bugzilla.mozilla.org/show_bug.cgi?id=1212502 - msg "applying firefox-70.0-add-distro.patch" - patch -Np1 -i ../firefox-70.0-add-distro.patch - cat >../mozconfig <<END ac_add_options --enable-application=browser @@ -239,6 +235,10 @@ build() { CFLAGS="${CFLAGS/-fno-plt/}" CXXFLAGS="${CXXFLAGS/-fno-plt/}" + # DEBUG: clang-9: error: unknown argument: '-fvar-tracking-assignments' + CFLAGS="${CFLAGS/-fvar-tracking-assignments/}" + CXXFLAGS="${CXXFLAGS/-fvar-tracking-assignments/}" + # Do 3-tier PGO msg2 "Building instrumented browser..." cat >.mozconfig ../mozconfig - <<END @@ -304,320 +304,9 @@ pref("extensions.shownSelectionUI", true); END # Parabola additions to vendor.js - # - # TODO: Go through this and figure out what's nescessary, remove - # most of it. This is mostly cargo-cult BS. For example, disabling - # all the EME stuff... that's already off because of `--disable-eme` - # in `.mozconfig`. Some of these settings no longer exist. Some of - # these settings don't do anything on GNU/Linux. - # - # However, they don't seem to be causing any of the critical issues. local _shortver=$(cut -d. -f1,2 <<<"$pkgver") - cat >> "$vendorjs" <<END -// Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier -pref("ui.key.menuAccessKeyFocuses", false); - -// Disable the GeoLocation API for content -pref("geo.enabled", false); - -// Make sure that the request URL of the GeoLocation backend is empty -pref("geo.wifi.uri", ""); - -// Google Widevine DRM -// https://blog.mozilla.org/futurereleases/2016/04/08/mozilla-to-test-widevine-cdm-in-firefox-nightly/ -// https://wiki.mozilla.org/QA/Widevine_CDM -// https://bugzilla.mozilla.org/show_bug.cgi?id=1288580 -pref("media.gmp-widevinecdm.visible", false); -pref("media.gmp-widevinecdm.enabled", false); -pref("media.gmp-widevinecdm.autoupdate", false); - -// Default sites for about:newtab -pref("browser.newtabpage.activity-stream.default.sites", "https://wiki.parabola.nu/,https://labs.parabola.nu/,https://www.gnu.org/,https://libreplanet.org/,https://www.wikipedia.org/"); - -// Poodle attack -pref("security.tls.version.min", 1); - -// Don't call home for blacklisting -pref("extensions.blocklist.enabled", false); - -// Disable plugin installer -pref("plugins.hide_infobar_for_missing_plugin", true); -pref("plugins.hide_infobar_for_outdated_plugin", true); -pref("plugins.notifyMissingFlash", false); - -//https://developer.mozilla.org/en-US/docs/Web/API/MediaSource -//pref("media.mediasource.enabled",true); - -// Speeding it up -pref("network.http.pipelining", true); -pref("network.http.proxy.pipelining", true); -pref("network.http.pipelining.maxrequests", 10); -pref("nglayout.initialpaint.delay", 0); - -// Disable third party cookies -pref("network.cookie.cookieBehavior", 1); - -// Prevent EULA dialog to popup on first run -pref("browser.EULA.override", true); - -// Set useragent to Firefox compatible -//pref("general.useragent.compatMode.firefox", true); -// Spoof the useragent to a generic one -pref("general.useragent.compatMode.firefox", true); -// Spoof the useragent to a generic one -pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:$_shortver) Gecko/20100101 Firefox/$_shortver"); -pref("general.appname.override", "Netscape"); -pref("general.appversion.override", "$_shortver"); -pref("general.buildID.override", "Gecko/20100101"); -pref("general.oscpu.override", "Windows NT 6.1"); -pref("general.platform.override", "Win32"); - -// Privacy & Freedom Issues -// https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/ -// https://panopticlick.eff.org -// http://ip-check.info -// http://browserspy.dk -// https://wiki.mozilla.org/Fingerprinting -// http://www.browserleaks.com -// http://fingerprint.pet-portal.eu -pref("privacy.donottrackheader.enabled", true); -pref("privacy.donottrackheader.value", 1); -pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); - -// CIS 2.1.1 Disable Auto Update / Balrog -pref("app.update.auto", false); -pref("app.update.checkInstallTime", false); -pref("app.update.enabled", false); -pref("app.update.staging.enabled", false); -pref("app.update.url", "about:blank"); -pref("media.gmp-manager.certs.1.commonName", ""); -pref("media.gmp-manager.certs.2.commonName", ""); -// Disable Gecko media plugins: https://wiki.mozilla.org/GeckoMediaPlugins -pref("media.gmp-manager.url", "http://127.0.0.1/"); -pref("media.gmp-manager.url.override", "data:text/plain,"); -pref("media.gmp-provider.enabled", false); -// Don't install openh264 codec -pref("media.gmp-gmpopenh264.enabled", false); -pref("media.gmp-eme-adobe.enabled", false); -pref("media.peerconnection.video.h264_enabled", false); - -// CIS 2.3.4 Block Reported Web Forgeries -// http://kb.mozillazine.org/Browser.safebrowsing.enabled -// http://kb.mozillazine.org/Safe_browsing -// https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work -// http://forums.mozillazine.org/viewtopic.php?f=39&t=2711237&p=12896849#p12896849 -pref("browser.safebrowsing.enabled", false); - -// CIS 2.3.5 Block Reported Attack Sites -// http://kb.mozillazine.org/Browser.safebrowsing.malware.enabled -pref("browser.safebrowsing.malware.enabled", false); - -// Disable safe browsing remote lookups for downloaded files. -// This leaks information to google. -// https://www.mozilla.org/en-US/firefox/39.0/releasenotes/ -// https://wiki.mozilla.org/Security/Application_Reputation -pref("browser.safebrowsing.downloads.remote.enabled", false); -pref("browser.safebrowsing.appRepURL", "about:blank"); -pref("browser.safebrowsing.provider.mozilla.gethashURL", "about:blank"); -pref("browser.safebrowsing.provider.mozilla.updateURL", "about:blank"); -pref("browser.safebrowsing.downloads.remote.block_dangerous", false); -pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); -pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); -pref("browser.safebrowsing.downloads.remote.block_uncommon", false); -pref("browser.safebrowsing.downloads.remote.enabled", false); -pref("browser.safebrowsing.downloads.remote.url", "about:blank"); -pref("browser.safebrowsing.provider.google.gethashURL", "about:blank"); -pref("browser.safebrowsing.provider.google.updateURL", "about:blank"); -pref("browser.safebrowsing.provider.google.lists", "about:blank"); - -// https://bugzilla.mozilla.org/show_bug.cgi?id=1025965 -pref("browser.safebrowsing.phishing.enabled", false); -pref("browser.safebrowsing.provider.google4.lists", "about:blank"); -pref("browser.safebrowsing.provider.google4.updateURL", "about:blank"); -pref("browser.safebrowsing.provider.google4.gethashURL", "about:blank"); -pref("browser.safebrowsing.provider.google4.reportURL", "about:blank"); -pref("browser.safebrowsing.provider.mozilla.lists", "about:blank"); - -// Disable Microsoft Family Safety MiTM support -// https://bugzilla.mozilla.org/show_bug.cgi?id=1239166 -// https://wiki.mozilla.org/SecurityEngineering/Untrusted_Certificates_in_Windows_Child_Mode -// https://hg.mozilla.org/releases/mozilla-release/file/ddb37c386bb2ffa180117b4d30ca3b41a8af233c/security/manager/ssl/nsNSSComponent.cpp#l782 -pref("security.family_safety.mode", 0); -// https://bugzilla.mozilla.org/show_bug.cgi?id=1265113 -// https://hg.mozilla.org/releases/mozilla-release/rev/d9659c22b3c5 -// https://bugzilla.mozilla.org/show_bug.cgi?id=1298883 -pref("security.enterprise_roots.enabled", false); - -//pref("services.sync.privacyURL", "https://www.gnu.org/software/gnuzilla/"); -pref("social.enabled", false); -pref("social.remote-install.enabled", false); -pref("datareporting.healthreport.uploadEnabled", false); -pref("datareporting.healthreport.about.reportUrl", "127.0.0.1"); -pref("datareporting.healthreport.documentServerURI", "127.0.0.1"); -pref("healthreport.uploadEnabled", false); -pref("social.toast-notifications.enabled", false); -pref("datareporting.policy.dataSubmissionEnabled", false); -pref("datareporting.healthreport.service.enabled", false); -pref("browser.slowStartup.notificationDisabled", true); -pref("network.http.sendRefererHeader", 2); -//pref("network.http.referer.spoofSource", true); -//http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy/ -//pref("dom.storage.enabled", false); -pref("dom.event.clipboardevents.enabled",false); -pref("network.prefetch-next", false); -pref("network.dns.disablePrefetch", true); -pref("network.http.sendSecureXSiteReferrer", false); -pref("toolkit.telemetry.archive.enabled", false); -pref("toolkit.telemetry.bhrPing.enabled", false); -pref("toolkit.telemetry.enabled", false); -pref("toolkit.telemetry.unified", false); -pref("toolkit.telemetry.newProfilePing.enabled", false); -pref("toolkit.telemetry.firstShutdownPing.enabled", false); -pref("toolkit.telemetry.server", "127.0.0.1"); -pref("app.shield.optoutstudies.enabled", false); -pref("experiments.enabled", false); -pref("experiments.manifest.uri", "127.0.0.1"); -pref("extensions.pocket.enabled", false); -pref("extensions.pocket.api", "127.0.0.1"); -// Do not tell what plugins do we have enabled: https://mail.mozilla.org/pipermail/firefox-dev/2013-November/001186.html -pref("plugins.enumerable_names", ""); -pref("plugin.state.flash", 0); -// Do not autoupdate search engines -pref("browser.search.update", false); -// Warn when the page tries to redirect or refresh -//pref("accessibility.blockautorefresh", true); -pref("dom.battery.enabled", false); -pref("device.sensors.enabled", false); -pref("camera.control.face_detection.enabled", false); -pref("camera.control.autofocus_moving_callback.enabled", false); -pref("network.http.speculative-parallel-limit", 0); -// No search suggestions -pref("browser.urlbar.userMadeSearchSuggestionsChoice", true); -pref("browser.search.suggest.enabled", false); - -// Crypto hardening -// https://gist.github.com/haasn/69e19fc2fe0e25f3cff5 -// General settings -//pref("security.tls.unrestricted_rc4_fallback", false); -//pref("security.tls.insecure_fallback_hosts.use_static_list", false); -//pref("security.tls.version.min", 1); -//pref("security.ssl.require_safe_negotiation", true); -//pref("security.ssl.treat_unsafe_negotiation_as_broken", true); -//pref("security.ssl3.rsa_seed_sha", true); -//pref("security.OCSP.enabled", 1); -//pref("security.OCSP.require", true); - - -// WebRTC -pref("media.peerconnection.enabled", false); -pref("media.peerconnection.ice.default_address_only", true); - -pref("font.default.x-western", "sans-serif"); - -// Preferences for the Get Add-ons panel and search engines -pref("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/GNU_IceCat"); -pref("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/GNU_IceCat"); -pref("browser.search.searchEnginesURL", "https://directory.fsf.org/wiki/GNU_IceCat"); - -// Mobile -pref("privacy.announcements.enabled", false); -pref("browser.snippets.enabled", false); -pref("browser.snippets.syncPromo.enabled", false); -pref("identity.mobilepromo.android", "https://f-droid.org/repository/browse/?fdid=org.gnu.icecat&"); -pref("browser.snippets.geoUrl", "http://127.0.0.1/"); -pref("browser.snippets.updateUrl", "http://127.0.0.1/"); -pref("browser.snippets.statsUrl", "http://127.0.0.1/"); -pref("datareporting.policy.firstRunTime", 0); -pref("datareporting.policy.dataSubmissionPolicyVersion", 2); -pref("browser.webapps.checkForUpdates", 0); -pref("browser.webapps.updateCheckUrl", "http://127.0.0.1/"); -pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ"); - -// PFS url -pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); -pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); - -// Geolocation depends on third party services -pref("geo.enabled", false); -pref("geo.wifi.uri", ""); - -// Disable heartbeat -pref("browser.selfsupport.url", ""); - -// Disable Link to FireFox Marketplace, currently loaded with non-free "apps" -pref("browser.apps.URL", ""); - -// Use old style preferences, that allow javascript to be disabled -pref("browser.preferences.inContent",false); - -// Don't download ads for the newtab page -pref("browser.newtabpage.directory.source", ""); -pref("browser.newtabpage.directory.ping", ""); -pref("browser.newtabpage.introShown", true); - -// Disable home snippets -pref("browser.aboutHomeSnippets.updateUrl", "data:text/html"); - -// Disable hardware acceleration and WebGL -//pref("layers.acceleration.disabled", false); -pref("webgl.disabled", false); - -// Disable SSDP -pref("browser.casting.enabled", false); - -// Disable directory service -pref("social.directories", ""); -pref("social.whitelist", ""); -pref("social.shareDirectory", ""); - -// Disable Pocket integration -pref("browser.pocket.api", "about:blank"); -pref("browser.pocket.enabled", false); -pref("browser.pocket.enabledLocales", "about:blank"); -pref("browser.pocket.oAuthConsumerKey", "about:blank"); -pref("browser.pocket.site", "about:blank"); -pref("browser.pocket.useLocaleList", false); -pref("extensions.pocket.enabled", false); - -// Do not require xpi extensions to be signed by Mozilla -pref("xpinstall.signatures.required", false); - -// Disable File and Directory Entries API (Imported from Edge/Chromium) -// https://developer.mozilla.org/en-US/Firefox/Releases/50#Files_and_directories -// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API -// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Introduction -// https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Firefox_support -// https://bugzilla.mozilla.org/show_bug.cgi?id=1265767 -pref("dom.webkitBlink.filesystem.enabled", false); -// https://developer.mozilla.org/en-US/docs/Web/API/HTMLInputElement/webkitdirectory -// https://bugzilla.mozilla.org/show_bug.cgi?id=1258489 -// https://hg.mozilla.org/releases/mozilla-release/rev/133af19777be -pref("dom.webkitBlink.dirPicker.enabled", false); - -// Directory Upload API, webkitdirectory -// https://bugzilla.mozilla.org/show_bug.cgi?id=1188880 -// https://bugzilla.mozilla.org/show_bug.cgi?id=907707 -// https://wicg.github.io/directory-upload/proposal.html -pref("dom.input.dirpicker", false); - -// fix alsa sound sandbox issue for iceweasel-58 -// https://labs.parabola.nu/issues/1628 -pref("security.sandbox.content.syscall_whitelist", "16"); - -// Disable recommendations of extensions and themes on about:addons page -// https://labs.parabola.nu/issues/2409 -pref("extensions.htmlaboutaddons.discover.enabled", false); -pref("extensions.htmlaboutaddons.recommendations.enabled", false); - -// Disable "Recommend extensions as you browse" in about:preferences#general -pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); - -// URL for 'Find more extensions / themes' in about:addons page -pref("extensions.getAddons.search.browseURL", "https://www.parabola.nu/packages/?q=%TERMS%"); - -// Make extensions work on Mozilla domains -pref("extensions.webextensions.restrictedDomains", ""); -END + cat "${srcdir}"/vendor.js.in >> "$vendorjs" + sed -i "s|@_SHORTVER_@|$_shortver|g" "$vendorjs" local distini="$pkgdir/usr/lib/$pkgname/distribution/distribution.ini" install -Dvm644 /dev/stdin "$distini" <<END |