Tags

2025.01.24.1

**FYI:** Users who **manually** installed Phoenix on **macOS** or **GNU/Linux** who used the **`sudo mv`** commands from the `README` are highly recommended to reinstall Phoenix with the [updated steps](https://codeberg.org/celenity/Phoenix#manual-installation), [due to potential security issues](https://codeberg.org/celenity/Phoenix/issues/48). Thank you to [doomedguppy](https://codeberg.org/doomedguppy) for discovering & reporting this issue, and thank you to [Seyed Mohamad Amin Modaresi](https://codeberg.org/gnu1) for the prompt response and fix.
____

* Regardless of Firefox's DoH mode, we now always warn before falling back to the system's native DNS by default. - `network.trr.display_fallback_warning` & `network.trr_ui.show_fallback_warning_option` -> `true`

* Disabled Firefox's [nonfunctional](https://security.googleblog.com/2018/01/announcing-turndown-of-deprecated.html), [legacy Safe Browsing API](https://code.google.com/archive/p/google-safe-browsing/wikis/Protocolv2Spec.wiki) to ensure it's never used and for defense in depth. It's also now explicitly labeled in the case it is ever used for whatever reason. - `browser.safebrowsing.provider.google.advisoryName` -> `Google Safe Browsing (Legacy)`, `browser.safebrowsing.provider.google.gethashURL` & `browser.safebrowsing.provider.google.updateURL` -> ` `

* Explicitly enabled Firefox's native collector for sessionstore, as the old implementation is incompatible with per-site process isolation *([Fission](https://wiki.mozilla.org/Project_Fission))*. - `browser.sessionstore.disable_platform_collection` -> `false`

* Added additional prefs to ensure Firefox's Cookie Banner Blocking is properly enabled and fully functional. - `cookiebanners.cookieInjector.enabled` & `cookiebanners.service.enableGlobalRules.subFrames` -> `true`

* Explicitly disabled [EDNS Client Subnet (ECS)](https://wikipedia.org/wiki/EDNS_Client_Subnet) by default to prevent leaking general location data to authoritative DNS servers. - `network.trr.disable-ECS` -> `true`

* Sending headers for DoH requests are now explicitly disabled. - `network.trr.send_accept-language_headers` & `network.trr.send_user-agent_headers` -> `false`, `network.trr.send_empty_accept-encoding_headers` -> `true`
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.22.2...2025.01.24.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.22.2...2025.01.24.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.22.2...2025.01.24.1) for more details.
___

:)

2025.01.22.2

____

* Google Safe Browsing is now proxied on **all** Phoenix installations, regardless of platform. :D - This proxy is set-up using the servers we've set up for [IronFox](https://ironfoxoss.org) - which are hosted on Cloudflare *(on our bucket located in the EU's jurisdiction...)*. You can see the source code behind our proxy [here](https://gitlab.com/ironfox-oss/safebrowsing-proxy).

* **DESKTOP**: Fixed a bug that prevented users from installing extensions from `addons.mozilla.org` until refreshing the page.

* **DESKTOP**: Disabled HaGeZi's Badware Hoster Blocklist in uBlock Origin by default, due to causing too much breakage.

* **DESKTOP**: Enabled BadBlock - Click Tracking & Dandelion Sprout's Annoyances List in uBlock Origin by default.

* **DESKTOP**: Blocked the use of specific broad whitelists in uBlock Origin, that were only designed for/meant to be used on the DNS level.

* **DESKTOP**: Switched the links for HaGeZi's filterlists in uBlock Origin to use Codeberg, rather than GitLab *(due to Codeberg's superior privacy policy...)*.

* **DESKTOP**: Added preferences back to `phoenix.cfg`, as some preferences appear to not take effect unless set there. We're still also keeping preferences set in `phoenix.js` though, for consistency and defense in depth.

* Other minor tweaks and improvements.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.22.1...2025.01.22.2) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.22.1...2025.01.22.2) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.22.1...2025.01.22.2) for more details.
___

:)

2025.01.22.1

____

* Extensions/themes are now checked for updates **hourly** by default rather than once every 24 hours... - `extensions.update.interval` -> `3600`

* Timestamps are now shown in the web console by default. - `devtools.webconsole.timestampMessages` -> `true`

* DESKTOP: Google Safe Browsing is now proxied by default! :) It's using the servers we've set up for [IronFox](https://ironfoxoss.org) - which are hosted on Cloudflare *(on our bucket located in the EU's jurisdiction...)*. Hopefully these will be working on Android soon.

* DESKTOP: Enabled Firefox's newer `Felt privacy` design for Private Browsing & Certificate Errors (`browser.privatebrowsing.felt-privacy-v1` & `security.certerrors.felt-privacy-v1` -> `true`)

* DESKTOP: Moved Phoenix's preferences from `phoenix.cfg` to `phoenix.js`, meaning our prefs are now applied globally at a single location.

* Heavily refined the overall build process, as well as did lots of minor tweaks, enhancements, clean-up, and re-organization.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.20.2...2025.01.22.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.20.2...2025.01.22.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.20.2...2025.01.22.1) for more details.
___

:)

2025.01.20.2

____

* Enabled [Cookies Having Independent Partitioned State (CHIPS)](https://developer.mozilla.org/docs/Web/Privacy/Privacy_sandbox/Partitioned_cookies) by default - `network.cookie.CHIPS.enabled` -> `true`

* Enabled Smartblock Embeds/Placeholders by default - `extensions.webcompat.smartblockEmbeds.enabled` -> `true`

* ANDROID: Explicitly enable a couple more ETP Strict protections - `network.cookie.cookieBehavior.optInPartitioning.pbmode` & `network.cookie.cookieBehavior.trackerCookieBlocking` -> `true`

* DESKTOP: Added an `Unload tab` option to the context menu when right clicking tabs - `browser.tabs.unloadTabInContextMenu` -> `true`

* DESKTOP: Fixed syntax errors with `phoenix.js` and `policies.json`... 😅
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.20.1...2025.01.20.2) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.20.1...2025.01.20.2) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.20.1...2025.01.20.2) for more details.
___

:)

2025.01.20.1

____

* Enabled light mode by default as part of our new approach to fingerprinting protection *(as this matches ex. RFP)*... - `layout.css.prefers-color-scheme.content-override` -> `1`

* Updated specialized configs to use our new approach to fingerprinting protection. - (https://codeberg.org/celenity/Phoenix/issues/46)

* Explicitly disabled prefetching via proxy. - `network.dns.prefetch_via_proxy` -> `false`

* Explicitly disabled TLS 1.3 0-RTT for HTTP3. - `network.http.http3.enable_0rtt` -> `false`

* URLbar entries no longer open in new tabs by default. - `browser.urlbar.openintab`

* Removed the annoying `Import data from another browser` default bookmark - `DisableProfileImport` -> `true`

* `Always ask` is now shown in the permissions dropdown for camera and microphone *(if that's their current status)* - `permissions.media.show_always_ask.enabled` -> `true`

* Updated references to our `Hardened` config to `Extended`.

* ETP WebCompat is no longer disabled in our `Extended` configs, as it's harmless and actually useful. *(We still disable dFPI heuristics though...)* - `privacy.antitracking.enableWebcompat`

* Specialized configs are now based off of `Extended No-Sync` instead of `No-Sync`. The build process itself for specialized configs has also been heavily improved, and unnecessary prefs were removed.

* **DESKTOP**: Permission for websites to override keyboard shortcuts is now only blocked on `Extended` by default rather than all configs. - `permissions.default.shortcuts`

* **DESKTOP** - **EXTENDED**: WebRTC hardening prefs are now unlocked and can be manually toggled by users if desired. - `media.peerconnection.ice.default_address_only` & `media.peerconnection.ice.no_host`

* **DISCORD** & **ELEMENT** specialized configs: Permission to override keyboard shortcuts is no longer blocked by default. - `permissions.default.shortcuts` -> `0`

* **YOUTUBE** specialized config: Fixed syntax errors.

* Replaced the `browser.phoenix.*.applied` prefs with `browser.phoenix.*.status` prefs - as this is far cleaner and easy to manage (as well as better organized...)

* Other minor tweaks, fixes, and enhancements...
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.19.1...2025.01.20.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.19.1...2025.01.20.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.19.1...2025.01.20.1) for more details.
___

:)

2025.01.19.1

____

* Changed our approach to fingerprinting protection - See https://codeberg.org/celenity/Phoenix/issues/46 for details.

* Unlocked the majority of preferences we previously had locked - See https://codeberg.org/celenity/Phoenix/issues/47 for details, as well as for the list of preferences we still lock...

* Disabled `failIfMajorPerformanceCaveat` in WebGL contexts due to fingerprinting concerns. - `webgl.disable-fail-if-major-performance-caveat' -> 'true'

* We no longer disable memory caching, as it can cause breakage in certain contexts, and there's simply no real benefit it brings *(Not even Tor Browser sets this...)*. - `browser.cache.memory.enable` & `browser.cache.memory.capacity`

* Disabled the use of third-party/OS level root certificates. This is commonly abused by malware (including garbage antiviruses...) and these certificates are added to MITM traffic without user knowledge/consent. Users can still manually import their own certificate into Firefox's built-in certificate store - which I think is acceptable, because at least users this way are aware of the certificate(s) they're importing and why... - `security.certerrors.mitm.auto_enable_enterprise_roots` & `security.enterprise_roots.enabled` -> `false`

* We no longer enable [CSS grid Masonry layout](https://developer.mozilla.org/docs/Web/CSS/CSS_grid_layout/Masonry_layout), as it could be fingerprintable *(and generally best to just leave up to upstream...)* - `layout.css.grid-template-masonry-value.enabled`

* We now explicitly disable JIT (Ion/WarpMonkey) for extensions. We already did by default, but since we now manually set it, it's exposed in the `about:config` for users to toggle if desired. - `javascript.options.jit_trustedprincipals` -> `false`

* Switched the target video resolution (when using Firefox's fingerprinting protection from 480p to 1080p - This is also the default on Nightly, and provides for a far better experience... - `privacy.resistFingerprinting.target_video_res` -> `1080`

* Enabled Firefox's Cosmetic + UI Animations. Firefox already does this by default, but since we now manually set it, it's exposed in the `about:config` for users to toggle if desired. - `toolkit.cosmeticAnimations.enabled` -> `true`, `ui.prefersReducedMotion` -> `1`

* **Desktop**: Removed more Mozilla URL tracking paramaters :/ - `browser.contentblocking.report.monitor.url' -> 'https://monitor.firefox.com/' & 'browser.contentblocking.report.monitor.sign_in_url' -> 'https://monitor.firefox.com/oauth/init'

* **Android**: Enabled Safe Browsing by default using Android's specific prefs. - `browser.safebrowsing.features.malware.update` & `browser.safebrowsing.features.phishing.update` -> `true`

* Lots of clean-up and unnecessary prefs removed + re-organization

* Other minor tweaks, fixes, and enhancements...
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.14.1...2025.01.19.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.14.1...2025.01.19.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.14.1...2025.01.19.1) for more details.
___

:)

2025.01.14.1

____

* Disabled the use of system accent colors due to fingerprinting concerns - `widget.non-native-theme.use-theme-accent` -> `false`

* Fixed the URL for [BeaconDB](https://beacondb.net/) - `geo.provider.network.url` -> `https://api.beacondb.net/v1/geolocate` *(Thanks to @lucasmz https://codeberg.org/celenity/Phoenix/pulls/45 💜)*

* **Desktop**: Explicitly opted out of the origin trial for [Privacy-Preserving Attribution](https://support.mozilla.org/kb/privacy-preserving-attribution) **in policies.json** for defense in depth - `dom.origin-trials.private-attribution.state` -> `2`

* **Android**: Fully enabled Bounce Tracking Protection *(part of [ETP Strict](https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop#w_strict-enhanced-tracking-protection))* - `privacy.bounceTrackingProtection.mode` -> `1`
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.13.1...2025.01.14.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.13.1...2025.01.14.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.13.1...2025.01.14.1) for more details.
___

:)

2025.01.13.1

____

* Set additional preferences to ensure DNS Prefetching is fully disabled for defense in depth - `dom.prefetch_dns_for_anchor_http_document` & `dom.prefetch_dns_for_anchor_https_document` -> `false`

* Similarly, set the maximum amount of connections for Preconnect to `0`... - `network.early-hints.preconnect.max_connections` -> `0`

* Disabled saving clipboard history locally and/or to the cloud... - `clipboard.copyPrivateDataToClipboardCloudOrHistory` -> `false`

* Set `file://` URLs to open in a separate content process - `browser.tabs.remote.separateFileUriProcess` -> `true`

* Enabled [Opaque Response Blocking](https://github.com/annevk/orb) - `browser.opaqueResponseBlocking` & `browser.opaqueResponseBlocking.javascriptValidator` -> `true`

* Enabled SHIP (Session History In Parent), as it's required for Per-site process isolation (Fission) - `fission.disableSessionHistoryInParent` -> `false`

* Explicitly opted out of the origin trial for [Privacy-Preserving Attribution](https://support.mozilla.org/kb/privacy-preserving-attribution) for defense in depth - `dom.origin-trials.private-attribution.state` -> `2`

* Enforced blocking access to the AddonManager over insecure protocols - `extensions.webapi.testing.http` -> `false`

* Additionally, blocked certain Mozilla developer websites from accessing the AddonManager... - `extensions.webapi.testing` -> `false`

* Enforced always running web extensions out of process - `extensions.webextensions.remote` -> `true`

* Enabled [COEP: credentialless](https://developer.chrome.com/blog/coep-credentialless-origin-trial) - `browser.tabs.remote.coep.credentialless` -> `true`, `dom.origin-trials.coep-credentialless.state` -> `1`

* Prevented `remoteTypes` from triggering process switches they shouldn't be able to... - `browser.tabs.remote.enforceRemoteTypeRestrictions` -> `true`

* Switched setting Quad9 as the default DoH provider by now using `network.trr.default_provider_uri` instead of `network.trr.custom_uri` & `network.trr.uri` - `network.trr.default_provider_uri` -> `https://dns.quad9.net/dns-query`, `network.trr.custom_uri` & `network.trr.uri` -> ` `

* Minor tweaks & re-organization
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.12.2...2025.01.13.1) for more details.

GitLab: See [here](https://gitlab.com/celenity/Phoenix/-/compare/2025.01.12.2...2025.01.13.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.12.2...2025.01.13.1) for more details.
___

:)

2025.01.12.2

____

* Minor, Android-specific update: to officially begin locking & enforcing important prefs, just like we do on desktop... - See https://codeberg.org/celenity/Phoenix/commit/756643bedf9c271d9597c8c64cc690cc97243d2b for details
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.12.1...2025.01.12.2) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.12.1...2025.01.12.2) for more details.
___

:)

2025.01.12.1

____

* Disabled JIT within Firefox's main process - `javascript.options.main_process_disable_jit` -> `true`

* Disabled the JIT [Baseline Interpreter](https://firefox-source-docs.mozilla.org/js/index.html#javascript-jits) - `javascript.options.blinterp` -> `false`

* Disabled marking JIT code pages as **both** writable **and** exeuctable - `javascript.options.content_process_write_protect_code` -> `true`

* Enabled `fdlibm` for `Math.sin`, `Math.cos`, and `Math.tan`, [as it is less fingerprintable](https://groups.google.com/a/mozilla.org/g/dev-platform/c/0dxAO-JsoXI/m/eEhjM9VsAgAJ) - `javascript.options.use_fdlibm_for_sin_cos_tan` -> `true`

* Disabled [Preconnect](https://github.com/uBlockOrigin/uBlock-issues/issues/2913) - `network.preconnect` -> `false`

* Disabled [Early Hints](https://developer.mozilla.org/docs/Web/HTTP/Status/103) - `network.early-hints.enabled` & `network.early-hints.preconnect.enabled` -> `false`

* Explicitly disabled [AI/"ML Autofill"](https://searchfox.org/mozilla-central/source/toolkit/components/formautofill/MLAutofill.sys.mjs) by default - `extensions.formautofill.ml.experiment.enabled` -> `false`

* Fully disabled the use of SharedArrayBuffer using window.postMessage, regardless of context  - `dom.postMessage.sharedArrayBuffer.bypassCOOP_COEP.insecure.enabled` & `dom.postMessage.sharedArrayBuffer.withCOOP_COEP` -> `false`

* Enforced various important security preferences - See https://codeberg.org/celenity/Phoenix/commit/df260a8161046f333ac49bb7544336fcdfd4bd24 & https://codeberg.org/celenity/Phoenix/commit/24c193f0d0310e19f05b89a0e43cb4b71a62b5ed for details...

* Desktop: Enforced applying Content Security Policy (CSP) to the internal `browser.xhtml` - `security.browser_xhtml_csp.enabled` -> `true`

* Desktop: Locked `general.config.obscure_value` to prevent severe breakage... - `general.config.obscure_value` -> `0`

* Minor tweaks/fixes & re-organization
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/2025.01.06.1...2025.01.12.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/2025.01.06.1...2025.01.12.1) for more details.
___

:)

2025.01.06.1

____

* Enabled support for [Trusted Types](https://developer.mozilla.org/docs/Web/API/Trusted_Types_API) (Like Chromium). - `dom.security.trusted_types.enabled` -> `true`

* CSP assertions for `about:` pages are no longer skipped. *(This was already the default behavior for standard Firefox releases, but now we enforce it - which is particularly useful for ex. Thunderbird, where it actually isn't enabled by default...)* - `dom.security.skip_about_page_has_csp_assert` -> `false`

* Explicitly disabled the [Network Information API](https://developer.mozilla.org/docs/Web/API/Network_Information_API). Firefox already disables it by default, but now we directly enforce it. - `dom.netinfo.enabled` -> `false`

* Disabled [Event Telemetry](https://searchfox.org/mozilla-central/source/modules/libpref/init/StaticPrefList.yaml#15549) on Desktop *(Already disabled on Android)* - this is likely covered by our other telemetry prefs, but useful for defense in depth. - `privacy.imageInputTelemetry.enableTestMode` -> `false`

* Blocked insecure object subrequests in mixed content. - `security.mixed_content.block_object_subrequest` -> `true`

* Minor tweaks/fixes
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/05January2025v1...2025.01.06.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/05January2025v1...2025.01.06.1) for more details.
___

:)

05January2025v1

**Phoenix now has an official icon :D**

Credit to @Gnu1 for designing it - huge thanks to them for their great work as always :)
____

* New version formatting! This should make it cleaner, simpler, and easier to keep up with new releases...

* Phoenix on desktop no longer clears cookies & site data on exit by default *(Except for our specialized `YouTube` config)*. Not an easy choice to make - but it's best we leave this to users to decide. Firefox's current approach to site exceptions also [has its own drawbacks](https://bugzilla.mozilla.org/show_bug.cgi?id=1767271), and Mozilla needs to make it more user-friendly to set. **We still clear cache, history, & sessions on exit by default.**

* Set `extensions.update.autoUpdateDefault` to `true` to ensure users are always notified of extension updates.

* We now disable unsafe negotiations (via  setting `security.ssl.require_safe_negotiation` to `true`) for all configs. This was previously only set on Extended Hardening & the specialized configs, though appears to cause little to 0 breakage, so now it's set everywhere :).

* New `browser.phoenix.version` pref to allow easily checking & confirming your version of Phoenix from within the browser...

* Added more preferences from Firefox's ETP Strict tracking protection to Phoenix's Android configs, to ensure that they are always enabled.

* Other minor tweaks & fixes.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20250103.2...05January2025v1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20250103.2...05January2025v1) for more details.
___

:)

20240103.2

____

* Ensured that we're properly always enabling Fission (Per-site process isolation) by default on Android (& elsewhere) by setting `fission.autostart.session` to `true`. *(We currently already set `fission.autostart` to `true`...)*

* We now **always** enforce Spectre mitigations, even for isolated content - by setting `javascript.options.spectre.disable_for_isolated_content` to `false`.

* Firefox on desktop will no longer automatically guess which container to open external links in, as this can cause unintended leaks & cross-contamination. You can restore Firefox's default behavior by setting `browser.link.force_default_user_context_id_for_external_opens` in your `about:config` to  `false`.

* Websites are no longer able to automatically download as many files as they want to a user's device without prompting. You can still set exemptions for specific downloads. (`browser.download.enable_spam_prevention`).

* Improved organization & fix numbering of categories. We've also now added various `phoenix` preferences that allow for easy debugging & testing, so that you can easily see if Phoenix is properly applied to Firefox - and if not, where it went wrong
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20250103.1...20250103.2) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20250103.1...20250103.2) for more details.
___

Credit to the [Tor Project](https://www.torproject.org/) & [Rusty-Snake](https://codeberg.org/rusty-snake/firefox-config) for some of the security preferences above.

:)

20250103.1

**Phoenix is now officially supported on Debian/Ubuntu & Android!** 🎉 Huge thank you to @Gnu1 for their incredible work, time, and assistance in making this Debian release possible. 💜

**Debian/Ubuntu** users can now install Phoenix simply by using the [unified installation script](https://codeberg.org/celenity/Phoenix#install). **Android** users should see [here](https://phoenix.celenity.dev/android) for installation steps & more details.

**I'd also like to officially announce a brand new community [Matrix Space](https://matrix.to/#/#phoenix:unredacted.org) *(Recommended)* and [Discord Server](https://discord.gg/AMZ2GRxxjr)**! Feel free to join if you'd like to discuss Phoenix, need support, have any questions or concerns, would like to help with development... or simply want to chat. :)

____

* Fixed IPv6 connectivity issues when DNS over HTTPS is enabled by setting `network.dns.preferIPv6` to `true`. - https://codeberg.org/divested/brace/pulls/5

* Enabled Geoclue for GNU/Linux users, so that that they can rely on the Geolocation service their distribution is using, which may be preferable over BeaconDB (our current provider). **BeaconDB is still used as a fallback in such cases**. Geoclue can be disabled by setting `geo.provider.use_geoclue` in your `about:config` to `false`.

* Disabled middle mouse clicks from pasting clipboard content by default, as it's far too easy to accidentally press & unintentionally paste content *(Which can potentially be sensitive...)*, by setting `middlemouse.paste` to `false`. You can re-enable middle mouse clicks pasting clipboard content by setting `middlemouse.paste` in your `about:config` to `true`, **though this is not recommended**.

* Fixed issues opening HTML files by removing the `network.buffer.cache.count` & `network.buffer.cache.size` prefs - https://github.com/yokoffing/Betterfox/issues/279.

* Set `apz.overscroll.enabled` to `true` by default to enhance smooth scrolling. You can revert this change by setting `apz.overscroll.enabled` to `false` in your `about:config`.

* Spellcheck is now enabled for both single-line **and** multi-line text boxes by default. To revert to Firefox's default behavior of only checking single-line text boxes, change `layout.spellcheckDefault` to `1` in your `about:config`. https://codeberg.org/celenity/Phoenix/issues/33

* Introduced a new [specialized config](https://codeberg.org/celenity/Phoenix#specialized-configs) for Element.

* Disabled [Network Error Logging](https://w3c.github.io/network-error-logging/) by setting `network.http.network_error_logging.enabled` to `false`.

* Various other minor tweaks, fixes, & enhancements.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241229-1...20250103.1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241229-1...20250103.1) for more details.
___

:)

20241229-1

____

* We no longer set Firefox's locale to `en-US` by default, as this caused lots of weird issues & breakage - and in general is out of scope for the project - https://codeberg.org/celenity/Phoenix/issues/10 (`intl.accept_languages` & `intl.locale.requested`).

* Disabled [XFA](https://wikipedia.org/wiki/XFA) in pdf.js, due to security reasons - https://codeberg.org/celenity/Phoenix/commit/186d4eed51d43da257a050aca396704e6863fb3f (`pdfjs.enableXfa`).

* If a website asks for a user's personal certificate, Phoenix will **always** ask the user first, rather than automatically choose one. This was already the default behavior - but now we've enforced it (`security.default_personal_cert`).

* Enforced that Firefox can never access the Windows Shell... This was already the default behavior - but now we've enforced it (`network.protocol-handler.external.shell`).

* Ensured that the user is **always** warned before Firefox launches an external program. This was already the default behavior for all protocols **except** `mailto:`, **but now we enforce it, as well as for `mailto:`** (`network.protocol-handler.warn-external-default`, `network.protocol-handler.warn-external.mailto`, & `security.external_protocol_requires_permission`).

* **BadBlock+** is now enabled by **default** in uBlock Origin.

* Updated our uBlock Origin configuration (`assets.json`) to match latest upstream changes - https://codeberg.org/celenity/Phoenix/commit/ab1ee070d6b1b32b23ccef5e5b2eccc360c703bd.

* Improved documentation & the README.

* Various other minor tweaks, fixes, & enhancements.
___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241225-1...20241229-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241225-1...20241229-1) for more details.
___

:)

20241225-1

**🎄 Merry Christmas to those who celebrate! 🎅**

____

Since the last release:

* Fixed sanitizing cookies & site data by default. This was already Phoenix's intended behavior, but it appears to have been working improperly - so this fixes it. Preferences related to sanitizing are also now unlocked - so you may easily override this behavior via `about:preferences#privacy` or the `about:config` if desired *(though this is not recommended)*.

* Added support for installing Phoenix on macOS if Firefox is installed in ~/Applications (Previously, only /Applications was supported).

* Hardened Firefox's sandboxing - https://codeberg.org/celenity/Phoenix/commit/6927a985d6ab197462493037fc2151a3620841d3.

* Removed useless Firefox View preferences - https://codeberg.org/celenity/Phoenix/commit/ae60e05fea752db6dce237a4f6cfab4364b1ae9e.

* Set 'browser.search.separatePrivateDefault' to false by default to ensure Google isn't set as the default search engine for private browsing windows...

* WebXR/Virtual Reality is now only disabled by **default**, instead of being **locked**. This preference isn't fingerprintable - still useful to disable by default for reducing attack surface, but now users can override & enable this functionality if they really want to for whatever reason.

* Unlocked preferences so that users may now disable automatic updates of add-ons and system extensions via the `about:config` - though this is **NOT RECOMMENDED**.

* We no longer enable [Web Task Scheduling](https://blog.mozilla.org/performance/2022/06/02/prioritized-task-scheduling-api-is-prototyped-in-nightly/) (`'dom.enable_web_task_scheduling') by default - as it appears to be causing issues (https://github.com/yokoffing/Betterfox/issues/355) & is still experimental.

* Extensions can now **only** be installed from profile & application directories  - This prevents extensions being installed from the system itself/via other programs...

* Revamped & heavily improved Phoenix's `README` & Wiki/Documentation.

* General clean-up & improvements to project organization.

* Various tweaks & fixes.

___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241216-1...20241225-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241216-1...20241225-1) for more details.
___

:)

20241216-1

**Welcome to the new Phoenix!** 🎉

____

This is a **major** update, with fundamental changes to Phoenix's design & how it operates.

The most notable difference is that **Phoenix is now entirely local**. You can see details [here](https://codeberg.org/celenity/Phoenix/issues/29) as to why this decision was made & the major benefits it will provide in terms of privacy, security, performance, usability, etc.

This is currently available for users of Arch Linux, Fedora Linux, & macOS. Debian installations are currently broken anyways at the moment :/ and are being re-worked in the near future, as a top priority.

Simply run the upgrade script for your platform, and it'll handle everything for you:

```sh
sudo bash -c "$(curl -fsSL https://phoenix.celenity.dev/upgrade.sh)"
```

Once it's complete, you should be good to go!

Can't wait to see what you think :) - looking forward to any and all feedback!

___

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241211-1...20241216-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241211-1...20241216-1) for more details.
___

:)

20241211-1

___

* There is now a single, unified installer script for installing Phoenix on GNU/Linux distributions & macOS (as well as an uninstaller script to compliment it). **Huge thanks to @Gnu1 for their work and contribution. 💜**
* Heavily improved macOS install & uninstall scripts.
* Updated our uBlock Origin config to match latest upstream changes.
* Our uBlock Origin config now includes BadBlock - Ethical Whitelist as an **optional** whitelist, **not** enabled by default. See the introduction [here](https://badblock.celenity.dev/base/whitelists/ethical.txt) for more details.
* Enabled the use of our custom uBlock Origin config on LibreWolf & forks. We currently don't support LibreWolf, but this is useful for if we decide to in the future.
* `Amazon`, `Bing`, & `Google` built-in search engines will now be fully removed for users on Firefox ESR releases.
* Our macOS Homebrew Tap has changed from `celenity/Phoenix-Policies-macOS` to simply `celenity/tap`. No action is required for existing macOS installations, due to Codeberg's automatic redirects.
* If the user configures a proxy, we prevent the browser from bypassing it by default.
* Changed certain proxy preferences we set from `locked` to `default`, so that the user may change them if they choose to do so.
* Prompts for users to 'refresh' their Firefox profile have been disabled, as it could cause severe issues with Phoenix users (especially those using one of our `user.js` files.
* Post Quantum Encryption is further enforced where possible.
* Several important preferences have been added to our policies (in addition to our `.cfg` files) for defense in depth. *(See specifics [here](https://codeberg.org/celenity/Phoenix/commit/1bcaee4f87e53c64e041427e81e688a961f6b204))*
* Users may now install the [FMHY SafeGuard](https://github.com/fmhy/FMHY-SafeGuard) extension directly from GitHub at their own discretion.
* Added policies for defense in depth against dangerous 'Data Loss Prevention'/'ContentAnalysis' functionality. *(See specifics [here](https://codeberg.org/celenity/Phoenix/commit/2bf4558ed5d9ea7044b826720b006bbff5581744))*
* Disabled Mozilla feedback prompts & Mozilla's `Web Compatibility Reporter` - We don't want users bothering Mozilla due to our customizations; feedback & issues should be filed with us directly. Additionally, in the case of the `Web Compatibility Reporter`, disabling it also decreases attack surface & potentially improves performance.
* Other minor tweaks & enhancements

Codeberg: See [here](https://codeberg.org/celenity/Phoenix/compare/20241204-1...20241211-1) for more details.

GitHub: See [here](https://github.com/celenityy/Phoenix/compare/20241204-1...20241211-1) for more details.

___

:)

20241204-1

Release

____

Lots of updates here:

* Hardened Phoenix's local and remote config files to prevent us or an attacker (if we ever compromised) from having the ability to override the user's homepage. Downside is that users will no longer be able to easily set a different browser homepage via `about:preferences`, however they can still set an override via editing their local 'phoenix.cfg', which will persist as we don't remotely update it. See here: https://codeberg.org/celenity/Phoenix/issues/18#issuecomment-2490737 for more details on Phoenix's approach to security and protecting users, even in the worst case scenarios, and even from ourselves. **Due to these updates, you are HIGHLY recommend to re-install Phoenix (specifically, the local 'phoenix.cfg' file and 'phoenix.js' files should be updated).**

* Placed further restrictions on the installation of extensions, to ensure that we're only granting this capability to websites (with user permission) where it's absolutely necessary.

* Fixed a strange bug that prevented users from installing extensions from the GitHub repos we allow in certain instances (primarily if the .xpi was file was on a past page of releases)

* Heavy consolidated policies. There are no longer separate policies for Windows/macOS & Linux. 'Personal-Dev-Nightly-Policies' have also been fully deprecated. Users can now choose from either our Standard Policies, or 'No-Sync' (or my Personal policies at their own discretion....).

* Added policies to ensure that the user can always access about:addons, about:config, about:profiles, & about:support.

* Added a policy to always display the bookmark toolbar by default. Can be overriden by users depending on their preference.

* Added a policy to ensure that users are always notified if there is an attempt to activate dangerous, invasive 'Content Analysis' functionality.

* Firefox will no longer offer to save passwords for users by default. Can be overriden, though users are highly recommended to use secure password managers instead, such as Bitwarden or Proton Pass.

* Fully disabled Password Manager on my Personal Policies & set to install Bitwarden by default

* Disabled the annoying 'Profile Import' functionality on my Personal Policies

* Added a 'Phoenix Policies Initialized' policy, as well as 'Phoenix Initialized' & 'Phoenix Applied' prefs, to make Phoenix easier to debug & confirm whether it is working as expected.

* Various other minor tweaks & enhancements

___

See https://codeberg.org/celenity/Phoenix/commits/branch/pages for more details

:)

20241203-1

Release

* Various tweaks, changes, and enhancements, as well as hardening. **Users are recommended to re-install Phoenix if possible for their platform of choice.**

* See https://codeberg.org/celenity/Phoenix/commits/branch/pages for more details - future releases will have full notes and more information.

:)