2025.12.23.1

---

Changes

• Blocked permission prompts to access MIDI devices by default.
• Disabled the WebExtensions AI API (Details).
• Disabled the Windows UI Automation API.
• Enabled hardware acceleration for PDF.js by default to improve performance.
• Enabled optimized partial rendering for PDF.js by default to improve performance (Details).
• Forced WebGL to be loaded out of process to improve security.
• Re-enabled Trusted Types by default.
  • We used to enable this by default a while back, but we stopped due to bugs found with the implementation. Thankfully, this feature has now matured a lot, and the previously encountered bugs no longer appear to be a problem.
• Other minor tweaks, adjustments, and fixes.

Android-only

• Disabled the Firefox "AI" (Local machine learning) Runtime by default.
  • We keep this enabled on desktop for the time-being, as it's required for certain legitimate functionality there (PDF.js alt text image generation), and we still don't enable/install any AI models/functionality on desktop by default. But, this legitimate functionality isn't currently implemented/relevant to Android, so there's no reason not to disable it entirely here.
• Fixed an issue with BankID authentication for certain websites.
• Fixed an issue with Obtainium app installation.

Desktop-only

• Disabled import of Mozilla's default bookmarks via prefs (in addition to how we currently handle it with policies).
• Disabled the prompt/nag for users to enable the AI Link Preview (key points) feature.
• Hid the UI toggle to enable the AI Link Preview (key points) feature at about:preferences#general.
• Reduced the amount of items stored in the browser console's input history by default.
• Prevented browser console queries/searches and recent selections from persisting across browser restarts.
• Updated the Merino OHTTP endpoints.

Specialized Configs

• Disabled clipboard events by default (but re-enabled for certain configs to avoid breakage, like Discord).
• Disabled history swipe animations.
• Disabled screensharing by default (but re-enabled in certain configs to avoid breakage, like Discord and Element).
• Disabled tab warming.
• Disabled update of zoom level for background tabs.
• Enabled audio focus mangement by default, as it prevents multiple tabs from playing audio at the same time.
• Enabled Local Network Access Restrictions for top-level domains.
• Enabled suspension of inactive/background tabs.
• Increased session history to restore functionality of the back/forward buttons.
• Instead of relaxing site permissions globally for specialized configs, we now include custom default permissions files to relax permissions only for the config's corresponding site(s).
  • (Ex. for the Apple Maps config, instead of re-enabling geolocation prompts globally, we only allow maps.apple.com to prompt to use geolocation).
• Prevented the browser from attempting to resume background video playback upon tab hover.
• Re-enabled containers by default, as disabling them (and even re-enabling them after) appears to have caused strange data loss issues in the Discord specialized config, and, in general, it just wasn't necessary to disable them.
• Re-enabled the download panel (Though it's still hidden until a file is actually downloaded).
• Set cookies and site data to clear on exit by default (except for the Element config).
  • Using the new custom default permissions files detailed above, we still set prevent clearing data for the specialized configs' corresponding site(s) by default.

Discord:

• Re-enabled origin headers for same-origin requests to fix an issue with file uploads.

Photopea:

• Re-enabled tooltips by default.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.11.27.1

---

Changes

• Blocked privileged about: pages from loading remote scripts.
• Disabled fetching Firefox Relay's denylist by default.
• Disabled Native Messaging by default (Details).
  • To re-enable it, at the cost of privacy and security, you can set the following prefs:
    • webextensions.native-messaging.max-input-message-bytes -> 1048576
    • webextensions.native-messaging.max-output-message-bytes -> 999999999
• Disabled semantic history by default.
• Hardened protocol handling.
• Set the browser's region to a dummy value (XX), instead of US. This is beneficial as it ensures that certain functionality (such as Firefox Suggest and Mozilla's DoH rollout) are disabled by default, allows us to disable features like Firefox Suggest by default without locking them, and in general, ensures we aren't impacted by unwanted geo targetting.
• Other minor tweaks and adjustments.

Desktop-only

• Disabled Firefox's new Unified Trust Panel by default, as it prevents setting per-site exceptions for the built-in cookie banner blocker.
• Disabled new tab attribution.
• Disabled Sports URL bar suggestions by default.
• For macOS and Windows: [Enabled the ability to warn users upon potentially misconfigured/problematic settings at about:preferences#privacy](https://codeberg.org/celenity/Phoenix/commit/d937b0010f092a88726cf4b1c7958b7a156ac262). (On Linux, this currently breaks about:preferences#privacy).
• For Windows: Disabled taskbar lists by default.
• Leveraged new profile-related preferences to disable the Firefox Messaging System.
• Removed the DisableProfileImport policy.
• Removed the DisplayBookmarksToolbar policy (We still always display the bookmarks toolbar by default though, just with the pref instead).
• Removed DNS0 from the list of default DNS over HTTPS providers, due to its unfortunate discontinuation.
• Removed the Mullvad Leta search engine, due to its unfortunate discontinuation.
• Updated preferences to disable IP Protection (Mozilla VPN) by default.

Specialized Configs

This release includes significant improvements for Phoenix's handling of specialized configs. Browser functionality and UI have been minimized, in order to make using them as close to using a native app as possible. This section will not be exhaustive, but will do it's best to cover the notable changes.

• Disabled add-on abuse reporting.
• Disabled the bookmark edit dialog.
• Disabled the bookmarks toolbar.
• Disabled camera permission prompts (except for the Discord and Element configs, where users may wish to allow them).
• Disable the Close duplicate tabs context menu item.
• Disabled the download panel.
• Disabled favicons.
• Disabled file picker dialogs (except for the Discord, Element, Photopea, and Twitter configs, where they are needed).
• Disabled Firefox Home. The config's corresponding app/service is now loaded immediately (except for on the first launch, to allow uBlock Origin to install).
• Disabled machine learning functionality.
• Disabled microphone permission prompts (except for the Discord, Element, and Twitter configs, where users may wish to allow them).
• Disabled origin headers.
• Disabled Password Manager/Autofill functionality.
• Disabled Picture-in-Picture (except for the Discord, Element, Twitter, and YouTube configs, where they are needed).
• Disabled printing.
• Disabled referers (except for the Twitter config, where they are needed).
• Disabled session restore functionality.
• Disabled the Share URL menu item.
• Disabled support for web applications manifests.
• Disabled tab detachment.
• Disabled tab switching with Ctrl + Tab.
• Disabled Taskbar Tabs (PWAs).
• Disabled text fragments.
• Disabled toolbar keyboard navigation.
• Disabled tooltips.
• Disabled the Unload Tab context menu item.
• Disabled unloading tabs on low memory.
• Disabled URL fix-up.
• Disabled user certificate/key databases.
• Disabled Web Compatibility interventions (except for the YouTube config, where they are needed).
• Disabled warnings on closing tabs and quitting the browser.
• Enabled vertical tabs. In combination with our other changes, this effectively hides the tab bar entirely.
• For Linux and Windows: Disabled the menu bar.
• Hid the UI to automatically delete files downloaded in Private Browsing.
• Introduced a new specialized config for YouTube Music.
• Prevented the browser from trying to open internally-handled attachments.
• Removed the link to download themes.
• Set links to always open in the current tab/browsing window.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.11.07.1

---

Changes

• Disabled Contast Control by default to protect against fingerprinting (See details).
• Enabled the display of More settings on print previews by default.
• Enabled GREASE by default (See details).
• Enabled Local Network Access Restrictions for WebSocket connections (See details).
• Enabled the Page Setup.. menu by default, useful for ex. printing (On desktop, located under File from the menu bar).
• Set the media autoplay blocking policy to transient by default (See details).
• Updated the list of default fingerprinting protection granular overrides.
• Updated the list of restricted domains for extensions.
• Other minor tweaks and adjustments.

Android-only

• Configured CRLite to use all clubcards, instead of just priority revocations, by default.

Desktop-only

• Disabled marketing/attribution/campaign actions on first run.
• Enabled fading of unloaded tabs (even if not explicitly unloaded) in the tab bar by default.
• Enabled Local Network Access Restrictions by default via Mozilla's newly added enterprise policies*(See details)*.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.10.26.1

---

Changes

• Disabled window state restoration by default.
• Enabled display of in-process subframes and thread information at about:processes by default.
• Enabled prompts for unsafe HTTP redirects.
• Enabled WebAssembly Memory Control (when WebAssembly is enabled) by default.
• Removed javascript.options.throw_on_asmjs_validation_failure to prevent breakage when ASM.js is disabled.
• Updated certain performance-related preferences *(Credit to Betterfox).
• Updated the list of default fingerprinting protection granular overrides.
• Updated the list of restricted domains for extensions.
• Other minor tweaks and adjustments.

Desktop-only

• Added a fake/scam/impersonation Tamper monkey extension to the add-on blocklist (See details).
• Added Marginalia as a default/built-in search engine.
• Added the Screenshot button to the toolbar by default (for new profiles).
• Disabled FlightAware (flight status) URL bar suggestions by default.
• Disabled the promotion card for dragging tabs when vertical tabs are enabled.
• Disabled TLS session identifiers, primarily to strengthen protection against detection of Private Browsing.
• Enabled the Anti tracking debug panel by default.
• Enabled important date URL bar suggestions by default (depends on Firefox Suggest).
• Updated preferences to disable Firefox Suggest online suggestions.
• Worked around an upstream bug to disable the Ask AI Chatbot context menu item by default.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.10.12.1

---

Changes

• Added secure-api.pnc.com to the list of restricted domains for extensions.
• Disabled additional Mozilla nags/promotions.
• Disabled shared memory allocation from the parent process to content processes by default.
• Enabled the Safe Browsing V5 API, and configured it to use the IronFox proxy (Currently works on Nightly) *(See details).
• Enforced validation for ASM.js (if ASM.js is enabled).
• Other minor tweaks, fixes, and adjustments.

Desktop-only

• Added BrowsingBloc to the add-on blocklist (See details).
• Configured Mozilla's new GenerativeAI policies to disable Generative AI functionality by default.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.10.03.1

---

Changes

• Enabled the use of Oblivious HTTP (OHTTP) to improve privacy for search suggestions (if search suggestions are enabled) from supported engines (Currently, only Google is supported). - (Details: 1)
• Removed 127.0.0.1 and localhost from the list of quarantined/restricted domains, due to this causing too much friction and requiring users to allow desired add-ons to access all restricted domains, which wouldn't be necessary otherwise. - (Details: 1)
• Removed no longer necessary ETP exception for https://api.transcend.io/privacy/graphql, due to the issue being fixed upstream. - (Details: 1)
• Other minor tweaks, fixes, and adjustments.

Android-only

• Fixed an issue that caused add-on installation to fail in private browsing windows for certain derivatives (ex. IronFox). - (Details: 1)

Desktop-only

• Added the OverridePostUpdatePage policy. - (Details: 1)
• Added a new specialized config for Photopea. - (Details: 1)
• Disabled nags to opt-in to real-time URL bar suggestions. - (Details: 1)
• Disabled real-time Yelp URL bar suggestions. - (Details: 1)
• Disabled the OpenAI/ChatGPT Smart Assist feature. - (Details: 1)
• Disabled stock market (Polygon) URL bar suggestions by default. - (Details: 1)
• Fixed an issue that caused the menu bar to always display, regardless of if the user disabled it. - (Details: 1)
• Removed the discontinued Hugging Chat AI Chatbot provider. - (Details: 1)
• Stopped attempting to enable Firefox Labs to prevent a broken/empty Firefox Labs section from appearing at the bottom of pages at about:preferences (Labs itself also depends on telemetry and studies, which we disable...). - (Details: 1)
• Updated the EnableTrackingProtection policy to include Mozilla's newly added options. - (Details: 1)

Twitter specialized config

• Re-enabled WebAssembly by default to unbreak the E2EE chat feature. - (Details: 1)

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.09.07.1

---

Changes

• Blocked websites from prompting to access apps and services (outside of the browser) on your device by default (Nightly). - (Details: 1)
• browser.cache.disk_cache_ssl is no longer disabled by default, due to it being unnecessary with browser.cache.disk.enable (which we still disable by default). - (Details: 1)
• Disabled Mozilla's Glean (telemetry) redesign/navigation category at about:glean. - (Details: 1)
• Disabled OCSP revocation checks by default, as they are no longer necessary due to advancements with Certificate Transparency and CRLite. - (Details: 1)
• Other minor tweaks, fixes, and adjustments.

Desktop-only

• Added BadBlock Fonts to uBlock Origin (Enabled by default). - (Details: 1)
• Blocked websites from prompting to access local network resources by default (Nightly). - (Details: 1)
• Disabled AI Page Assist by default. - (Details: 1)
• Disabled Firefox Home shortcut personalization. - (Details: 1)
• Disabled Mozilla's new Firefox Home promotion card. - (Details: 1)
• Disabled Mozilla's new VPN/IP Protection promotional widgets. - (Details: 1)
• Enabled a UI setting under Files and Applications -> Downloads at about:preferences#general to enable automatic deletion of files downloaded while under Private Browsing. - (Details: 1)
• Hid the UI setting at about:preferences#general to allow AI to suggest tabs and a name for tab groups by default. - (Details: 1)
• If Firefox Sync is active, disabled avatar/profile fetching (to prevent unwanted/unnecessary network activity). - (Details: 1)
• Prevented exposing the browser locale when navigating to local network access information/support page. - (Details: 1)
• Stopped setting ETP Strict via policies, due to it locking impacted settings, locking the UI to set cookie exceptions per-site, and causing other weird/undesired behavior (We still enforce ETP Strict though via the browser.contentblocking.category pref). - (Details: 1)
• Updated our uBlock Origin config per latest upstream changes. - (Details: 1)

YouTube specialized config

• Pinned YouTube Music to about:home by default. - (Details: 1)

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.08.06.1

---

Changes

• Disabled WASM-Ion JIT instead of WASM-Baseline JIT by default. - (Details: 1)
• Decreased the lifetime of certain content processes. - (Details: 1, 2)
• Enabled the Integrity-Policy header by default. - (Details: 1)
• Required resources loaded by MV2 extensions to be specified under web_accessible_resources in the extension's manifest by default. - (Details: 1)
• Updated the list of quarantined/restricted domains. - (Details: 1)
• Other minor tweaks, fixes, and adjustments.

Android-only

• Blocked websites from prompting to access geolocation by default. - (Details: 1)
• Blocked websites from prompting to display notifications by default. - (Details: 1)
• Increased the number of processes to improve performance and security. - (Details: 1)
• Prevented over-allocation of webCOOP+COEP processes, due to upstream setting an incorrect value for dom.ipc.processCount.webCOOP+COEP. - (Details: 1)
• Updated the list of domains excluded from DNS over HTTPS by default. - (Details: 1, 2, 3, 4)

Desktop-only

• Enabled a toggle to easily configure exceptions for Firefox Translations, located at about:preferences#general, which can be found by navigating to Languages -> Firefox Translations -> Exceptions.... - (Details: 1)

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.07.30.1

---

• Temporarily disabled unconditionally blocking Local Network Access requests, due to breakage of LAN resources (though we still block access for trackers, and block access for websites in general with uBlock Origin).

  See details: https://codeberg.org/celenity/Phoenix/issues/162 + https://codeberg.org/celenity/Phoenix/issues/164 + https://codeberg.org/celenity/Phoenix/commit/07fe3b2a73439acc47624a90f526aebd0b670417

  network.lna.blocking -> false

• Fixed use of the OS geolocation provider on Android, GNU/Linux, and macOS.

  See details: https://codeberg.org/celenity/Phoenix/commit/427347e88323e96997e2e84c9e9cce9afd7b6e77

  geo.provider.use_mls -> false

• ANDROID: Fixed Firefox Translations.

  See details: https://codeberg.org/celenity/Phoenix/commit/0590ae3dff47342af52da8a72300975b2682e069

  extensions.webextensions.base-content-security-policy -> script-src 'self' 'wasm-unsafe-eval' 'unsafe-inline'; upgrade-insecure-requests;

• ANDROID: No longer set pdfjs.historyUpdateUrl to true by default, as it's currently broken/doesn't work properly.

  See details: https://codeberg.org/celenity/Phoenix/commit/d8c7f561dfd228217d227ff3ef4d95b4baa577fa

  pdfjs.historyUpdateUrl -> false

• Prevented exposing XPCOM Components.interfaces to websites.

  See details: https://codeberg.org/celenity/Phoenix/commit/b94aedaee24be82c49e75dc251f3d55ce2e3debe

  dom.use_components_shim -> false

• ANDROID: Enabled the Potentially Harmful Application list (when Safe Browsing is enabled).

  See details: https://codeberg.org/celenity/Phoenix/commit/6083b56252a2672fb410f1a6d0420341936f6df2

  urlclassifier.malwareTable -> goog-malware-proto,goog-unwanted-proto,moztest-harmful-simple,moztest-malware-simple,moztest-unwanted-simple,goog-harmful-proto

• Re-enabled the warning when entering fullscreen mode by default (though we still disable the obnoxious delay...).

  See details: https://codeberg.org/celenity/Phoenix/commit/fd0556187aaf90e2347c9230d8401b6e4a53b59e

  full-screen-api.warning.delay -> 500
full-screen-api.warning.timeout -> 3000

• ANDROID: Blocked media autoplay by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/ec799519af8e4f387fd4e2f4b562547f821f6f77

  media.geckoview.autoplay.request.testing -> 2

• Added new preferences to disable/skip Mozilla's Terms of Use.

  See details: https://codeberg.org/celenity/Phoenix/commit/2110f9f7d1e2bbd1e46510aad3a1b190b229a1ef

  termsofuse.acceptedDate -> 32503679999000
termsofuse.acceptedVersion -> 999
termsofuse.bypassNotification -> true

• DESKTOP: Added DNS4EU to the list of built-in DNS over HTTPS resolvers.

  See details: https://codeberg.org/celenity/Phoenix/commit/e9fb2f053e10fd45753e986c516ebcd7cd3cf72b

• DESKTOP: Added Startpage (EU) to the list of default search engines.

  See details: https://codeberg.org/celenity/Phoenix/commit/9d91666328959e814672f1507affad2c70eed582

• DESKTOP: Allowed Remote Settings collections are no longer configured for LibreWolf users.

  See details: https://codeberg.org/celenity/Phoenix/commit/a202fa0b0db8b119237292f5e49d9080fa62d50b

  librewolf.services.settings.allowedCollections ->

• YOUTUBE SPECIALIZED CONFIG: Disabled dynamic rounding of content dimensions/letterboxing by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/366ab84f4d408fbd04cca44d7c40b963cbf22467

  privacy.resistFingerprinting.letterboxing -> false

• Other minor tweaks, fixes, and adjustments.

---

Codeberg: See here for more details.

GitLab: See here for more details.

GitHub: See here for more details.

---

:)

2025.07.11.1

⚠️ IMPORTANT NOTE FOR MACOS INTEL USERS:

To ensure Phoenix continues to work properly, you must run the migration script with the following command in your terminal:

/bin/zsh -c "$(curl --cert-status --doh-cert-status --no-insecure --no-proxy-insecure --no-sessionid --no-ssl --no-ssl-allow-beast --no-ssl-auto-client-cert --no-ssl-no-revoke --no-ssl-revoke-best-effort --proto -all,https --proto-default https --proto-redir -all,https --show-error -sSL https://gitlab.com/celenityy/Phoenix/-/raw/pages/installer_scripts/macos_migrate.sh)"

Note that this ONLY impacts Intel macOS users.

Apologies for any inconvenience, and thank you for your time, patience, and support.

---

• DESKTOP: Updated environment variables to disable ASan crash reporting and SSLKEYLOGGING. - APPLE SILICON USERS: Please expand this and see the attached note below!

  See details: https://codeberg.org/celenity/Phoenix/commit/e74226995f4defd0385ae4c92e4b1599c42b97f3

  NOTE: macOS (Apple Silicon) users must run the environment variable update script with the following command in your terminal to add the new environment updates:

  /bin/zsh -c "$(curl --cert-status --doh-cert-status --no-insecure --no-proxy-insecure --no-sessionid --no-ssl --no-ssl-allow-beast --no-ssl-auto-client-cert --no-ssl-no-revoke --no-ssl-revoke-best-effort --proto -all,https --proto-default https --proto-redir -all,https --show-error -sSL https://gitlab.com/celenityy/Phoenix/-/raw/pages/installer_scripts/macos_new_env.sh)"

  This is NOT necessary for macOS (Intel) users, as these are automatically added as part of the migration script.

• Customized the list of quarantined/restricted domains that untrustworthy extensions can't run on by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/a6b5afdd213c1408404ba9f0a7844a9b52b5d5a2 + https://codeberg.org/celenity/Phoenix/commit/13d0d212d9ae231d0dac1c3431bc37f7a386f3d8 + https://codeberg.org/celenity/Phoenix/commit/9c71b6f4f49f6c2ef3c55365cf3a75ca3404186e + https://codeberg.org/celenity/Phoenix/commit/c1b410dc70d77e5a5906fb222be5731442177f8f + https://codeberg.org/celenity/Phoenix/commit/7c89a5ce91720d0a4cf87d208046007b0b374162

• Allowed certain reputable extensions to run on quarantined/restricted domains by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/588316fb53bf051aa3084fb7a77f8f63057c4fcf + https://codeberg.org/celenity/Phoenix/commit/9c71b6f4f49f6c2ef3c55365cf3a75ca3404186e + https://codeberg.org/celenity/Phoenix/commit/a3f978f790668fc501c9427467874950b422185b

• Prevented certain extensions from running on quarantined/restricted domains by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/4a1d230b00e91ad33b17c6fa1738e2d3e703b468 + https://codeberg.org/celenity/Phoenix/commit/9c71b6f4f49f6c2ef3c55365cf3a75ca3404186e

• Disabled ETP exceptions for minor issues by default - Currently on Nightly.

  See details: https://codeberg.org/celenity/Phoenix/commit/538cea548af3a19a23a2f2aa3e76e0fbe3a7f754

  privacy.trackingprotection.allow_list.convenience.enabled -> false

• DESKTOP: Updated built-in DoH resolvers.

  See details: https://codeberg.org/celenity/Phoenix/commit/ff290bb6a5bd6f9c490e83178762aff8847a4750

  doh-rollout.provider-list -> [{"uri":"https://dns.quad9.net/dns-query","UIName":"Quad9 🇨🇭","autoDefault":true},{"uri":"https://dns.adguard-dns.com/dns-query","UIName":"AdGuard 🇨🇾","autoDefault":false},{"uri":"https://unfiltered.adguard-dns.com/dns-query","UIName":"AdGuard (Unfiltered) 🇨🇾","autoDefault":false},{"uri":"https://mozilla.cloudflare-dns.com/dns-query","UIName":"Cloudflare 🇺🇸","autoDefault":false},{"uri":"https://security.cloudflare-dns.com/dns-query","UIName":"Cloudflare (Malware Protection) 🇺🇸","autoDefault":false},{"uri":"https://dns0.eu","UIName":"DNS0 🇫🇷","autoDefault":false},{"uri":"https://zero.dns0.eu","UIName":"DNS0 (ZERO) 🇫🇷","autoDefault":false},{"uri":"https://base.dns.mullvad.net/dns-query","UIName":"Mullvad (Base) 🇸🇪","autoDefault":false},{"uri":"https://dns.mullvad.net/dns-query","UIName":"Mullvad (Unfiltered) 🇸🇪","autoDefault":false},{"uri":"https://firefox.dns.nextdns.io/","UIName":"NextDNS 🇺🇸","autoDefault":false},{"uri":"https://wikimedia-dns.org/dns-query","UIName":"Wikimedia 🇺🇸","autoDefault":false}]

• DESKTOP: Added DuckDuckGo (No AI) as a default search engine.

  See details: https://codeberg.org/celenity/Phoenix/commit/1cec9e02962346b4fbf9ad8618b24d6f1576a728

• DESKTOP: Removed Mozilla's referral URL parameter from DuckDuckGo.

  See details: https://codeberg.org/celenity/Phoenix/commit/e620783cb2cc7ec301b4acc0458c4861af7f5bd8

• DESKTOP: Added Mozilla's new policies to disable "Stories" and "Sponsored Stories" on about:home.

  See details: https://codeberg.org/celenity/Phoenix/commit/d14b9b2c85275c2bb59275063fb40d462933741a

• DESKTOP: Added policies to skip Mozilla's onboarding, disable What's New pages, and to (attempt to) enable Firefox Labs.

  See details: https://codeberg.org/celenity/Phoenix/commit/db08d157a79927b2337966d21938f26053fe9059

• Prevented Firefox from adding random recently visited sites to shortcuts/pins on the browser homepage by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/a453d2e3615df89fc20b196506d7e04c3c6be6e9

  places.frecency.bookmarkVisitBonus -> 0
places.frecency.linkVisitBonus -> 0
places.frecency.permRedirectVisitBonus -> 0
places.frecency.redirectSourceVisitBonus -> 0
places.frecency.tempRedirectVisitBonus -> 0
places.frecency.typedVisitBonus -> 0
places.frecency.unvisitedBookmarkBonus -> 0
places.frecency.unvisitedTypedBonus -> 0

• Spoofed WebGL's "Unmasked Renderer" in Debug Info to always return "Mozilla", even if FPP/RFP is disabled.

  See details: https://codeberg.org/celenity/Phoenix/commit/a8a9e20c59fdcb6b8ecb6d79bbd6acb9e96d1031

  webgl.sanitize-unmasked-renderer -> false

• If FPP/RFP is disabled, limited font visibility to base system fonts + fonts from optional language packs.

  See details: https://codeberg.org/celenity/Phoenix/commit/0e87018940c62c9d52eb2b80a1aabe2a914fe737

  layout.css.font-visibility -> 2

• Fixed an issue that broke local machine learning models.

  See details: https://codeberg.org/celenity/Phoenix/issues/151 + https://codeberg.org/celenity/Phoenix/commit/5d625d48e8e920f06b5d119e812214365409eefd

• Prevented Safe Mode from automatically starting by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/ea1414a4bc0043b2ef5d255a6914e9fc5d1f39e1

  toolkit.startup.max_resumed_crashes -> -1

• Disabled the AMO Abuse Report API (navigator.mozAddonManager.reportAbuse).

  See details: https://codeberg.org/celenity/Phoenix/commit/23eb84674a103b9ef2349764c508f4358167db90

  extensions.addonAbuseReport.url ->

• DESKTOP: Disabled hiding URLs with certain parameters from Top Sites by default.

  See details: https://codeberg.org/celenity/Phoenix/commit/1aee423b507df46f12f6b0b3027e2f18a07313f9

  browser.newtabpage.activity-stream.hideTopSitesWithSearchParam ->

• DESKTOP: Prevented recommending users to install add-ons for search engines.

  See details: https://codeberg.org/celenity/Phoenix/commit/59b132ae7f555749e68299016dcf7ad51080b910

  browser.search.searchEnginesURL ->

• DESKTOP: Added a placeholder shortcut to about:home by default, to allow easily adding custom shortcuts/pins.

  See details: https://codeberg.org/celenity/Phoenix/commit/6f7c769878ee1cedaff7a0e43ba2585f05baa54a

  browser.newtabpage.pinned -> [{"url":"","label":"! Placeholder"}]

• Removed preferences that are no longer necessary, thanks to ESR 140.

  See details: https://codeberg.org/celenity/Phoenix/commit/cb5df025a8210ee96f767a87c22e0b70080d1c10

  security.csp.reporting.limit.count
security.csp.reporting.limit.timespan
security.csp.reporting.script-sample.max-length
security.csp.truncate_blocked_uri_for_frame_navigations

• Removed no longer necessary "-WebGLRenderInfo" FPP overrides.

  See details: https://bugzilla.mozilla.org/show_bug.cgi?id=1966860 + https://codeberg.org/celenity/Phoenix/commit/ebbd445f39efcc11d099a164a415e448c157244f

• Stopped setting cookie banner rules locally, due to it being too buggy/broken, and due to it being generally unnecessary anyways.

  See details: https://codeberg.org/celenity/Phoenix/commit/c8bb872e7159dabc4647648c462e87bab1e1e687

• Disabled timezone spoofing for `bahn.de` by default.

  See details: https://codeberg.org/celenity/Phoenix/issues/157 + https://codeberg.org/celenity/Phoenix/commit/f1ac69ae534a2c77776cec0f3ca9f1253f172b0f

...