mirror of
https://github.com/arkenfox/user.js.git
synced 2024-11-22 10:31:40 +01:00
Updated 4.1 Extensions (markdown)
parent
5c9a7fc1bb
commit
2f080176db
@ -28,10 +28,9 @@ This list covers privacy and security related extensions only. While we believe
|
||||
* [HTTPS Everywhere](https://addons.mozilla.org/firefox/addon/https-everywhere/) <sup>✔ [Privacy](https://www.eff.org/code/privacy/policy)</sup> | [GitHub](https://github.com/EFForg/https-everywhere)
|
||||
- If you're using HTTPS-Only mode (usable since FF83), then this is basically redundant, especially as more of the web turns to secure context
|
||||
* [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) <sup>✔ [Privacy](https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/)</sup> | [GitHub](https://github.com/kkapsner/CanvasBlocker)
|
||||
- **DO NOT** use `Screen API` or `Navigator API` protections with RFP
|
||||
- `Window` is protected in the user.js since FF82+ (`privacy.window.name.update.enabled`)
|
||||
- `Audio` is disabled in the user.js, and if enabled (e.g. with remote video conferencing), the entropy is low
|
||||
- The rest is up to you
|
||||
- `Canvas API`: great fallback if you allow an RFP canvas site exception
|
||||
- `Screen API` and `Navigator API`: don't use with RFP
|
||||
- `The rest`: good protection against naive scripts, detectable with advanced scripts
|
||||
* [CSS Exfil Protection](https://addons.mozilla.org/firefox/addon/css-exfil-protection/) | [GitHub](https://github.com/mlgualtieri/CSS-Exfil-Protection) | [Homepage + Test](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester)
|
||||
- Practically zero threat and if the platform's CSS was compromised, you'd have bigger problems to worry about
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user