Page MenuHomePureOS Tracker
Create Task
Maniphest T11

firefox-esr - rename to purebrowser to stay free from Mozilla trademark entanglements
Closed, ResolvedPublic
Actions

Description

Mozilla has a registered trademark on "Firefox".

To ensure we have the freedom to adapt, we should rename the browser we provide with PureOS to PureBrowser - and rename now, not when eventual changes are needed.

Below noted are ideas for eventual changes, included when initially reported but not (any longer) part of this issue: Parts considered relevant to act on should be reported as separate issues (one issue per topic).

We could create an index of free extensions for Firefox. It could be a simple page like the one here: http://directory.fsf.org/wiki/IceCat, hosted somewhere on our website. The real task would be searching through https://addons.mozilla.org/en-US/firefox/ for foss extensions.

Adding this index to Firefox/PureBrowser is a simple trick, it is just needed to add this:

// Preferences for the Get Add-ons panel
pref ("extensions.webservice.discoverURL", "link_to_our_index");
pref ("extensions.getAddons.search.url", "link_to_our_index");

to the /usr/lib/firefox/browser/defaults/preferences/vendor.js

For now we could use IceCat's repo:

// Preferences for the Get Add-ons panel
pref ("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/GNU_IceCat");
pref ("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/GNU_IceCat");

Other things to consider adding to vendor.js:

For freedom:

// Disable Freedom Violating DRM Feature
pref("browser.eme.ui.enabled", false);
pref("media.eme.enabled", false);
pref("media.eme.apiVisible", false);

// Disable plugin installer
pref("plugins.hide_infobar_for_missing_plugin", true);
pref("plugins.hide_infobar_for_outdated_plugin", true);
pref("plugins.notifyMissingFlash", false);

// PFS url
pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");
pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");

// Disable Link to FireFox Marketplace, currently loaded with non-free "apps"
pref("browser.apps.URL", "");

For privacy & security:

// Disable the GeoLocation API for content
pref("geo.enabled", false);

// Make sure that the request URL of the GeoLocation backend is empty
pref("geo.wifi.uri", "");

// Disable Pocket and make sure that the request URLs of the Pocket are empty
pref("browser.pocket.enabled", false);
pref("browser.pocket.api", "");
pref("browser.pocket.site", "");
pref("browser.pocket.oAuthConsumerKey", "");
pref("browser.pocket.useLocaleList", false);
pref("browser.pocket.enabledLocales", "");

// Poodle attack
pref("security.tls.version.min", 1);

// Don't call home for blacklisting
pref("extensions.blocklist.enabled", false);

// Disable third party cookies
pref("network.cookie.cookieBehavior", 1);

// Prevent EULA dialog to popup on first run
pref("browser.EULA.override", true);

// disable app updater url
pref("app.update.url", "http://127.0.0.1/");"

// Privacy & Freedom Issues
// https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/
// https://panopticlick.eff.org
// http://ip-check.info
// http://browserspy.dk
// https://wiki.mozilla.org/Fingerprinting
// http://www.browserleaks.com
// http://fingerprint.pet-portal.eu
pref("privacy.donottrackheader.enabled", true);
pref("privacy.donottrackheader.value", 1);
pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
pref("browser.safebrowsing.enabled", false);
pref("browser.safebrowsing.malware.enabled", false);
pref("services.sync.privacyURL", "https://www.gnu.org/software/gnuzilla/");
pref("social.enabled", false);
pref("social.remote-install.enabled", false);
pref("datareporting.healthreport.uploadEnabled", false);
pref("datareporting.healthreport.about.reportUrl", "127.0.0.1");
pref("datareporting.healthreport.documentServerURI", "127.0.0.1");
pref("healthreport.uploadEnabled", false);
pref("social.toast-notifications.enabled", false);
pref("datareporting.policy.dataSubmissionEnabled", false);
pref("datareporting.healthreport.service.enabled", false);
pref("browser.slowStartup.notificationDisabled", true);
pref("network.http.sendRefererHeader", 2);
pref("network.http.referer.spoofSource", true);
pref("dom.event.clipboardevents.enabled",false);
pref("network.prefetch-next", false);
pref("network.dns.disablePrefetch", true);
pref("network.http.sendSecureXSiteReferrer", false);
pref("toolkit.telemetry.enabled", false);
// Do not tell what plugins do we have enabled: https://mail.mozilla.org/pipermail/firefox-dev/2013-November/001186.html
pref("plugins.enumerable_names", "");
pref("plugin.state.flash", 1);
// Do not autoupdate search engines
pref("browser.search.update", false);
// Warn when the page tries to redirect or refresh
pref("accessibility.blockautorefresh", true);
pref("dom.battery.enabled", false);
pref("device.sensors.enabled", false);
pref("camera.control.face_detection.enabled", false);
pref("camera.control.autofocus_moving_callback.enabled", false);
pref("network.http.speculative-parallel-limit", 0);

// Disable channel updates
pref("app.update.enabled", false);
pref("app.update.auto", false);

// Avoid logjam attack
pref("security.ssl3.dhe_rsa_aes_128_sha", false);
pref("security.ssl3.dhe_rsa_aes_256_sha", false);
pref("security.ssl3.dhe_dss_aes_128_sha", false);
pref("security.ssl3.dhe_rsa_des_ede3_sha", false);

// Disable heartbeat
pref("browser.selfsupport.url", "");

// Don't download ads for the newtab page
pref("browser.newtabpage.directory.source", "");
pref("browser.newtabpage.directory.ping", "");
pref("browser.newtabpage.introShown", true);

// Disable home snippets
pref("browser.aboutHomeSnippets.updateUrl", "data:text/html");

// Disable directory service
pref("social.directories", "");
pref("social.whitelist", "");
pref("social.shareDirectory", "");

// Don't install openh264 codec
pref("media.gmp-gmpopenh264.enabled", false);

// Mobile
pref("privacy.announcements.enabled", false);
pref("browser.snippets.enabled", false);
pref("browser.snippets.syncPromo.enabled", false);
pref("browser.snippets.geoUrl", "http://127.0.0.1/");
pref("browser.snippets.updateUrl", "http://127.0.0.1/");
pref("browser.snippets.statsUrl", "http://127.0.0.1/");
pref("datareporting.policy.firstRunTime", 0);
pref("datareporting.policy.dataSubmissionPolicyVersion", 2);
pref("browser.webapps.checkForUpdates", 0);
pref("browser.webapps.updateCheckUrl", "http://127.0.0.1/");
pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ");

// Use old style preferences, that allow javascript to be disabled
pref("browser.preferences.inContent",false);

There's more of this in Iceweasel. :)

Related Objects
Search...

Event Timeline

mladen created this task.Nov 9 2016, 13:07
zlatan.todoric raised the priority of this task from Normal to Unbreak Now!.Nov 10 2016, 16:36
hema.prathaban added a comment.Nov 16 2016, 08:44

The new browser is pushed to the repo and accepted, please test it.

mak changed the visibility from "All Users" to "Public (No Login Required)".Nov 28 2016, 12:52
philtweir removed a subscriber: philtweir.Jan 1 2017, 13:25
zlatan.todoric closed this task as Resolved.Mar 24 2017, 20:22

I checked and it works. Anyone feel free to reopen bug if it is not resolved. Also, we removed Firefox entirely from repo.

jonas.smedegaard renamed this task from Freeing Firefox/PureBrowser to firefox-esr - rename to purebrowser to stay free from Mozilla trademark entanglements.Apr 12 2018, 08:31
jonas.smedegaard claimed this task.
jonas.smedegaard updated the task description. (Show Details)
jonas.smedegaard removed a subscriber: hema.prathaban.
jonas.smedegaard added a comment.Apr 12 2018, 08:37

Since firefox-esr 52.5.0esr-1pureos2 released 2017-12-19, this issue is solved by renaming only binary package (not source package as previous), to stay closer to Deban and ease sharing our patches with Debian and other derivatives wanting to do similar.

hansolo added a subscriber: hansolo.Feb 13 2019, 02:14