ironfox-oss/IronFox!94
____
## Important
We are currently unable to provide updates to IronFox on **Accrescent**, [due to ongoing client and server issues that Accrescent is facing](https://infosec.exchange/@accrescent/115408303090609483). This impacts **all** apps on Accrescent, and is not just limited to IronFox.
**For the time being, we would highly recommend Accrescent users use our `Nightly` CI builds**. As we now use a separate package ID for these builds, it is possible to install Nightly builds *alongside* your existing, standard install of IronFox. This ensures that you can continue to receive the latest security updates and fixes from us, without losing any existing data. **Once updates resume on Accrescent, you can *(and **should**)* simply switch back to your existing standard install.**
Please see [here](https://gitlab.com/ironfox-oss/IronFox/-/blob/dev/docs/FAQ.md#how-can-i-download-nightly-builds) for details on how to install our `Nightly` builds.
## Changes
- [Enabled the display of certain advanced options](bb47aee7e6) at [`about:support`](about:support).
- [Implemented support to block/filter unwanted Remote Settings collections on the Application Services level](33373ec291), similar to [the current Remote Settings Blocker patch](e6c69ef28d/patches/gecko-rs-blocker.patch) *(derived from LibreWolf)* for Gecko. This is necessary due to this Remote Settings instance being separate from Gecko's instance.
- Replaced the `Enable WebGL` settings toggle with a **`Disable WebGL`** toggle that disables WebGL instead, to improve clarity and help avoid confusion.
- Updated to Firefox [`144.0.1`](https://firefox.com/firefox/android/144.0.1/releasenotes/).
- [Other minor tweaks and adjustments](https://gitlab.com/ironfox-oss/IronFox/-/merge_requests/94/diffs).
MR-author: celenity <celenity@celenity.dev>
Co-authored-by: Weblate <hosted@weblate.org>
Co-authored-by: Akash Yadav <itsaky01@gmail.com>
Approved-by: Akash Yadav <itsaky01@gmail.com>
Merged-by: celenity <celenity@celenity.dev>
ironfox-oss/IronFox!92
____
## Changes
- [Added a separate toggle in settings to enable/disable JIT for **extensions**](48a42e213a) when JIT is otherwise disabled globally *(**Disabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Security` -> **`Enable JavaScript Just-in-time Compilation (JIT) for extensions`**.
- [Added support for natively enabling/disabling WebGL per-site](5e1acb19a6) via FPP overrides. **It is now recommended to disable the uBlock Origin `Block WebGL` lists** *(The `Block WebGL` lists will be removed from the uBlock Origin config entirely in the near future, but we're keeping them for now to ex. give users time to update)*. See [Notes](#notes) below for details, such as how you can manually allow desired websites to use WebGL.
- [Added a toggle in settings to enable or disable our default WebGL overrides](c9298799ee) *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable WebGL overrides from IronFox`**. When WebGL is enabled, this setting enables WebGL by default for certain websites, to reduce breakage/unexpected behavior. Note that this list is **NOT** fetched/updated remotely.
- [Added a toggle in settings to enable or disable spoofing the timezone to `UTC-0`](c8cb5064e4) *(**Disabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Spoof timezone to UTC-0`**.
- [Added a toggle in settings to enable or disable our default timezone overrides](c8cb5064e4) *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable timezone spoofing overrides from IronFox`**. When timezone spoofing is enabled, this setting disables timezone spoofing by default for certain websites, to reduce breakage/unexpected behavior. Note that this list is **NOT** fetched/updated remotely.
- [Added a toggle in settings to enable or disable *Mozilla's* default fingerprinting protection overrides](64e3706be8) to reduce website breakage *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable fingerprinting protection overrides from Mozilla`**. Note that this list **IS** fetched/updated remotely.
- [Added a toggle in settings to enable or disable *our* default fingerprinting protection overrides](64e3706be8) to reduce website breakage *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable fingerprinting protection overrides from IronFox`**. This toggle does **not** disable fingerprinting protection overrides that we set to **harden** protection for certain websites. Note that this list is **NOT** fetched/updated remotely.
- [Implemented](522770b2dc) [Phoenix's extension blocklist](https://codeberg.org/celenity/Phoenix/src/branch/pages/build/policies/blocklist.json) to block malicious/phishing/sketchy extensions.
- [Locked Gecko preferences controlled by UI settings](bc9df5c52c) *(See [details](https://gitlab.com/ironfox-oss/IronFox/-/blob/dev/docs/FAQ.md#why-are-certain-preferences-locked))*.
- [Prevented the JIT toggle from controlling `javascript.options.main_process_disable_jit`](8171a4da48), as this pref is not required for JIT to function, and is preferable to leave on - even when JIT is enabled, to improve security.
- Updated to Firefox [`144.0`](https://firefox.com/firefox/android/144.0/releasenotes/).
- Updated microG to [`v0.3.10.250932`](https://github.com/microg/GmsCore/releases/tag/v0.3.10.250932).
- Updated Phoenix to [`2025.10.12.1`](https://codeberg.org/celenity/Phoenix/releases/tag/2025.10.12.1).
- [Other minor tweaks, adjustments, and enhancements](https://gitlab.com/ironfox-oss/IronFox/-/merge_requests/92/diffs).
## Notes
You can manually allow websites to use WebGL with the `privacy.fingerprintingProtection.granularOverrides` preference at `about:config`. For instance, if I want to allow **`example.com`** to use WebGL, I would set the value of `privacy.fingerprintingProtection.granularOverrides` to:
```sh
[{"firstPartyDomain":"example.com","overrides":"-DisableWebGL"}]
```
If I *also* wanted to allow `example2.com`, I'd set the value to:
```sh
[{"firstPartyDomain":"example.com","overrides":"-DisableWebGL"},{"firstPartyDomain":"example2.com","overrides":"-DisableWebGL"}]
```
**[Please report websites that require WebGL to us if possible](https://gitlab.com/ironfox-oss/IronFox/-/issues)**, so that we can investigate and potentially add them to the default WebGL overrides list.
MR-author: celenity <celenity@celenity.dev>
Co-authored-by: Weblate <hosted@weblate.org>
Co-authored-by: Akash Yadav <itsaky01@gmail.com>
Approved-by: celenity <celenity@celenity.dev>
Merged-by: celenity <celenity@celenity.dev>
This should allow for easier maintenance and updates in the future, and provides all of our custom settings in one centralized place (This is also similar to ex. LibreWolf)
Signed-off-by: celenity <celenity@celenity.dev>
This is especially important since we now have uBlock Origin as optional on the onboarding; and even with that aside, this is also beneficial for other reasons - ex. I suspect that this will improve performance, this will ensure users are still protected if they disable uBo for a site, etc... - In general, I also just think this is better handled by the browser
Signed-off-by: celenity <celenity@celenity.dev>
While we currently block WebGL by default with uBlock Origin (and it's similarly possible to block WebRTC with uBlock Origin), these toggles are useful for users who want to disable WebGL and/or WebRTC globally, and know they don't need/wish to use it for ANY website. This is also primarily beneficial from a security perspective, as it also provides further attack surface reduction
Signed-off-by: celenity <celenity@celenity.dev>
We can use these to cover important information for the time-being, until the website is ready - once it is, we'll move content from here to there
Signed-off-by: celenity <celenity@celenity.dev>
