e6c69ef28d
ironfox-oss/IronFox!92 ____ ## Changes - [Added a separate toggle in settings to enable/disable JIT for **extensions**](48a42e213a) when JIT is otherwise disabled globally *(**Disabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Security` -> **`Enable JavaScript Just-in-time Compilation (JIT) for extensions`**. - [Added support for natively enabling/disabling WebGL per-site](5e1acb19a6) via FPP overrides. **It is now recommended to disable the uBlock Origin `Block WebGL` lists** *(The `Block WebGL` lists will be removed from the uBlock Origin config entirely in the near future, but we're keeping them for now to ex. give users time to update)*. See [Notes](#notes) below for details, such as how you can manually allow desired websites to use WebGL. - [Added a toggle in settings to enable or disable our default WebGL overrides](c9298799ee) *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable WebGL overrides from IronFox`**. When WebGL is enabled, this setting enables WebGL by default for certain websites, to reduce breakage/unexpected behavior. Note that this list is **NOT** fetched/updated remotely. - [Added a toggle in settings to enable or disable spoofing the timezone to `UTC-0`](c8cb5064e4) *(**Disabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Spoof timezone to UTC-0`**. - [Added a toggle in settings to enable or disable our default timezone overrides](c8cb5064e4) *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable timezone spoofing overrides from IronFox`**. When timezone spoofing is enabled, this setting disables timezone spoofing by default for certain websites, to reduce breakage/unexpected behavior. Note that this list is **NOT** fetched/updated remotely. - [Added a toggle in settings to enable or disable *Mozilla's* default fingerprinting protection overrides](64e3706be8) to reduce website breakage *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable fingerprinting protection overrides from Mozilla`**. Note that this list **IS** fetched/updated remotely. - [Added a toggle in settings to enable or disable *our* default fingerprinting protection overrides](64e3706be8) to reduce website breakage *(**Enabled** by default)*, located at `Settings` -> `IronFox` -> `IronFox settings` -> `Privacy` -> **`Enable fingerprinting protection overrides from IronFox`**. This toggle does **not** disable fingerprinting protection overrides that we set to **harden** protection for certain websites. Note that this list is **NOT** fetched/updated remotely. - [Implemented](522770b2dc) [Phoenix's extension blocklist](https://codeberg.org/celenity/Phoenix/src/branch/pages/build/policies/blocklist.json) to block malicious/phishing/sketchy extensions. - [Locked Gecko preferences controlled by UI settings](bc9df5c52c) *(See [details](https://gitlab.com/ironfox-oss/IronFox/-/blob/dev/docs/FAQ.md#why-are-certain-preferences-locked))*. - [Prevented the JIT toggle from controlling `javascript.options.main_process_disable_jit`](8171a4da48), as this pref is not required for JIT to function, and is preferable to leave on - even when JIT is enabled, to improve security. - Updated to Firefox [`144.0`](https://firefox.com/firefox/android/144.0/releasenotes/). - Updated microG to [`v0.3.10.250932`](https://github.com/microg/GmsCore/releases/tag/v0.3.10.250932). - Updated Phoenix to [`2025.10.12.1`](https://codeberg.org/celenity/Phoenix/releases/tag/2025.10.12.1). - [Other minor tweaks, adjustments, and enhancements](https://gitlab.com/ironfox-oss/IronFox/-/merge_requests/92/diffs). ## Notes You can manually allow websites to use WebGL with the `privacy.fingerprintingProtection.granularOverrides` preference at `about:config`. For instance, if I want to allow **`example.com`** to use WebGL, I would set the value of `privacy.fingerprintingProtection.granularOverrides` to: ```sh [{"firstPartyDomain":"example.com","overrides":"-DisableWebGL"}] ``` If I *also* wanted to allow `example2.com`, I'd set the value to: ```sh [{"firstPartyDomain":"example.com","overrides":"-DisableWebGL"},{"firstPartyDomain":"example2.com","overrides":"-DisableWebGL"}] ``` **[Please report websites that require WebGL to us if possible](https://gitlab.com/ironfox-oss/IronFox/-/issues)**, so that we can investigate and potentially add them to the default WebGL overrides list. MR-author: celenity <celenity@celenity.dev> Co-authored-by: Weblate <hosted@weblate.org> Co-authored-by: Akash Yadav <itsaky01@gmail.com> Approved-by: celenity <celenity@celenity.dev> Merged-by: celenity <celenity@celenity.dev>
2.4 KiB
Safe Browsing
IronFox enables Google Safe Browsing by default to provide users with real-time protection against malware, phishing, and other threats.
Firefox's Safe Browsing implementation is very well-designed from a privacy perspective. It is free and open source, and unlike Chromium browsers on Android, does not rely on Google Play Services.
On top of Firefox's already privacy-respecting design and implementation of Safe Browsing, we take additional measures to further improve privacy for users, by routing connections to Google through our proxy.
When Safe Browsing is enabled, IronFox will periodically update its database (through our proxy) to provide protection against the latest threats. Additionally, if a potential match for a malicious website is found, IronFox might submit a partial hash of the suspected URL to Google (through our proxy).
At the cost of security, you can disable Safe Browsing if desired, by navigating to Settings -> IronFox -> IronFox settings -> Security -> Enable Safe Browsing.
If you'd like to keep Safe Browsing enabled, but prefer to disable our proxy and connect to Google directly, you can do this by setting the following preferences in your about:config:
browser.safebrowsing.provider.google4.gethashURL->https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POSTbrowser.safebrowsing.provider.google4.updateURL->https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSING_API_KEY%&$httpMethod=POSTbrowser.safebrowsing.provider.google5.gethashURL->https://safebrowsing.googleapis.com/v5/hashes:search?key=%GOOGLE_SAFEBROWSING_API_KEY%browser.safebrowsing.provider.google5.updateURL->https://safebrowsing.googleapis.com/v5/hashLists:batchGet?key=%GOOGLE_SAFEBROWSING_API_KEY%
If you'd like to revert back to using our proxy, you can do so at any time by resetting the values of the browser.safebrowsing.provider.google4.gethashURL, browser.safebrowsing.provider.google4.updateURL, browser.safebrowsing.provider.google5.gethashURL, and browser.safebrowsing.provider.google5.updateURL preferences.