Git/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-11-22 10:31:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Updated 4.1 Extensions (markdown)

Thorin-Oakenpants 2021-10-16 16:02:15 +00:00
parent fddad66d9c
commit ed94196f4d
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
4.1-Extensions.md

@ -17,8 +17,6 @@ This list covers privacy and security related extensions only. While we believe
---
### :small_orange_diamond: Extensions (maybe)
* [HTTPS Everywhere](https://addons.mozilla.org/firefox/addon/https-everywhere/) <sup>✔ [Privacy](https://www.eff.org/code/privacy/policy)</sup> | [GitHub](https://github.com/EFForg/https-everywhere)
- If you're using HTTPS-Only mode (usable since FF83), then this is basically redundant, especially as more of the web turns to secure context
* [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) <sup>✔ [Privacy](https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/)</sup> | [GitHub](https://github.com/kkapsner/CanvasBlocker)
- `Canvas API`: great fallback if you allow an RFP canvas site exception
- `Screen API` and `Navigator API`: don't use with RFP
@ -47,9 +45,11 @@ These extensions will not mask or alter any data sent or received, but may be us
---
### :small_orange_diamond: Don't Bother...
* [uMatrix](https://addons.mozilla.org/firefox/addon/umatrix/) <sup>✔ [Privacy](https://github.com/gorhill/uMatrix/wiki/Privacy-policy)</sup> | [GitHub](https://github.com/gorhill/uMatrix)
* uMatrix
- ⚠️ No longer maintained, the last commit was April 2020 except for a [one-off patch](https://github.com/gorhill/uMatrix/releases/tag/1.4.2) to fix a [vulnerability](https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc)
- Everything uMatrix did can be covered by prefs or other extensions: use uBlock Origin for any content blocking.
* HTTPS Everywhere
- Scheduled for [deprecation](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) and redundant with [HTTPS-Only Mode](https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/)
* Cookie extensions
* ❗️ Functionality for extensions may be missing for clearing IndexedDB, Service Workers cache, or cache **by host**. Clearing cookies & localStorage on their own, and leaving orphaned persistent data is a false sense of privacy
* see [1340511](https://bugzilla.mozilla.org/1340511) for progress on this