Adding a couple of Firefox config preferences

[logusergithub]

Hi,
I suppose that they are not so relevant within the project, but using user.js (or even without it) I find that the following items would be useful if added in the 'Options\Standard' panel to temporarily and quickly change the settings if necessary or to manage them independently with the extension:

webgl.disabled
security.ssl.require_safe_negotiation

The first one if I remember well was inserted as additional choosing option also in LibreWolf (together with 'privacy.resistFingerprinting.letterboxing'), the second one is personal but I must say that I am recently meeting some reliable sites (usually institutional or scientific related) that require this option disabled.

In relation to the granting of privacy permissions I would also have a related question. I cannot understand if Firefox remains in 'Strict' mode or switches to 'Custom' mode after I grant them to Chamaleon. This is what I see using the user.js:

It seem to me that on a new profile without user.js if I change cookie settings Firefox switches to 'Custom' mode and I can't choose anymore 'Strict' until I remove the permissions. There is a difference between Chamaleon in managing cookies versus other extensions such as 'Toggle Cookies' (I tried it out of curiosity) which simply changes the parameters without replacing itself in the management? I'm not pretty interested in cookies management, I would like only to be sure to stay in 'Strict' mode without loosing the Option\Standard panel. Thanks.

[logusergithub]

Pardon, what a silly question! Despite the picture I didn't check 'browser.contentblocking.category'and of course is set to 'Strict' as the same of the other parameters that follow the settings from user.js. I also got distracted when I tried to change cookies behavior and I didn't see at that moment the '5' option (sometimes happens, but it seems to be a lag).

Well, considering that I will not change those settings, nothing more to say.

[sereneblue]

Hi @logusergithub,

I'm having a little trouble following this issue.

webgl.disabled
security.ssl.require_safe_negotiation

If I recall correctly, these settings can not be explicitly changed using an addon. There is a checklist in Chameleon with a few Firefox config tweaks which will be removed soon and replaced with a link to a better source.

I installed Toggle Cookies and it does switch the privacy preferences to Custom if you toggle cookies. It may be the implementation in Chameleon that causes Firefox to show that Chameleon controls some of the options under Custom.

Custom can be better than Strict depending on what options you enable. Once you toggle the cookie setting or make a change to enable RFP or tracking protection, it becomes a custom config.

Are you able to see all the cookie options like below?

[logusergithub]

If I recall correctly, these settings can not be explicitly changed using an addon.

Ah, thanks for the point. I didn't know and didn't particularly inquire that some settings (especially WebGL) still can't be changed by extensions.
Indeed I read 'Please note that WebExtensions are unable to modify about:config entries.', but trying to change RFP or WebRTP ('Standard' panel) I could see the corresponding entries switching, so I thought nowadays it was just a matter to add them in the options.
Well, it's not a big deal. Usually if there is some site with some incompatibility I already have a second profile (slightly more permissive) that I quickly open with ContextSearchWebExt.

Are you able to see all the cookie options like below?

Yes, I am able to see all the cookie options like your picture. Very rarely, I don't know why (as I wrote maybe it's a delay) I see the image I posted. There are no other related extensions that can interfere. For privacy\security I only have user.js, uBlock, Skip Redirect, Chameleon (I am happy with the management of referer, tested on DarkLaunch and with those site where cross-origin referer is too strict ) and CleanAllBrowsingData (useful if I also have many tabs to close).
Aside from the overall cookie options, the difference between 'Toggle cookies' and Chameleon' is that the first one does not replace itself in cookie management, so a user can manually select the 'Strict' mode again even though it doesn't make sense if one wants to change cookies. I guess it is another case where an extension still cannot be designed to return to the 'Strict' mode when cookieBehavior5 is re-selected.
PS: it seems to me that RFP is not involved in switching to 'Custom' mode like other settings unless they are related to 'browser.contentblocking.features.strict'.

Custom can be better than Strict depending on what options you enable.

I assume you are referring to these settings (I don't know any others):

network.cookie.cookieBehavior (5)
network.http.referer.disallowCrossSiteRelaxingDefault (True)
http.referer.disallowCrossSiteRelaxingDefault.top_navigation (True)
privacy.partition.network_state.ocsp_cache (True)
privacy.trackingprotection.enabled (True)
privacy.trackingprotection.socialtracking.enabled (True)
privacy.trackingprotection.cryptomining.enabled (True)
privacy.trackingprotection.fingerprinting.enabled (True)
browser.contentblocking.customBlockList.preferences.ui.enabled (True) -> Change to Lv2
maybe dom.serviceWorkers.enabled (False)

I'm not an advanced user and I'm always having a hard time lately figuring out how Firefox behaves in relation to cookies and stuff or if there's any slight advantage to 'Strict' mode over 'Custom'.
TCP\dFPI is related to cookieBehavior5 so third parties are all isolated, right? Assuming I want to use a more restrictive cookieBehavior1\2 ('2' might affect entropy) ) and I use a list of cookie session exceptions if needed, are these exceptions still isolated? Also, shouldn't I revert to FPI at this point if I don't have dFPI?
Either way, it is not a problem for me to use the custom mode without touching the cookie settings.

[sereneblue]

Yes, I am able to see all the cookie options like your picture. Very rarely, I don't know why (as I wrote maybe it's a delay) I see the image I posted.

The last two options were hidden if you had a lower FF version than the one needed to be displayed for the settings. There is a delay here that shouldn't be too noticeable. I've bumped up Chameleon's minimum version to FF 68 so the fifth option shouldn't have a delay anymore in the next version. I can't do much about the last option until Mozilla fully enables addon support in Fenix so I can deprecate the legacy build for FF68 users.

I guess it is another case where an extension still cannot be designed to return to the 'Strict' mode when cookieBehavior5 is re-selected.

Yes, that seems right. Some cookie settings aren't compatible with the Strict config.

TCP\dFPI is related to cookieBehavior5 so third parties are all isolated, right?

Yes, this is the Reject trackers and partition foreign option.

Assuming I want to use a more restrictive cookieBehavior1\2 ('2' might affect entropy) ) and I use a list of cookie session exceptions if needed, are these exceptions still isolated?

If you reject all cookies, I think you'll probably run into some issues. I think you'd be better off using an extension to manage cookies, temporary containers, or dFPI.

Also, shouldn't I revert to FPI at this point if I don't have dFPI?

Yes, I don't see why not.

[logusergithub]

Thanks for the answers. FPI was in fact the previous configuration with some related extensions you mentioned, then I switched to 'Custom' mode with the settings above (I forgot "privacy.query_stripping.enabled") and finally I just changed to the 'Strict' mode.

It was a huge coincidence that I saw the image above just as I tried to change cookies for the first time. I struggled to replicate it. As written in my second comment there is no problem at all. Instead, I see one change related to 'network.cookie.lifetimePolicy' still present but now deactivated with Firefox 102.