user.js
user.js copied to clipboard
pyllyukko
Let's create a list on github-docs about buggy web pages if you use user.js
As you know it is hard to surf on web with user.js. I always have problem with many sites, but it i realyly takes time to find which config is not compatibale with the visited site. I think we can create a list of buggy sites so anyone can contribute it.
I can start with mines:
- site
- bug
- comments
- how to fix
- linkedin.com
- does not go home page after login
- this is not happening at the moment. but I will point an important think. if you have dom.enable_performance=false you can not login to linkedin. But resistFingerprinting overrides these value. so if you have resistFingerprinting=true linkedin works. but if you have resistFingerprinting=false you can not loggin, until you set dom.enable_performance=true.
- resistFingerprinting=true or ( resistFingerprinting=false and dom.enable_performance=true)
- console.firebase.google.com
- the page is buggy (you can not use it)
- icons are not rendering. instead of icons, the browser shows the meta-datas of icons. so the page is mixed/broken.
- browser.display.use_document_fonts = 1
- chat.google.com
- home page does not work after login
- loading notification stays there. any click event does not work on page.
- dom.webaudio.enabled=true
It would be great if you pin this issue, or close it and copy it to docs.
Thank you
Do not mess with dom.enable_performance if you use privacy.resistFingerprinting (RFP for short) enabled. Leave it at default. RFP already has timing protections in it since FF56 (see bugzilla 1369303) - and don't mess with dom.enable_resource_timing, and definitely don't mess with dom.event.highrestimestamp.enabled
PK's user.js is (was?) aimed at ESR52 at a minimum and needs a little overhaul, and most RFP patches didn't arrive until well after that (most came around the FF55-60 mark). It's unfortunate that a large number of prefs that we (anti-FPing people) used, were modified under RFP: and effects are often different (e.g a pref might only be able to turn an api on or off, but RFP can code under the hood and do a lot more, e.g rounding numbers, spoofing some events but blocking others) A good example if media stats where RFP spoofs results, but the pref disables the API entirely - and that adds entropy.
If DO you use RFP then you DO NOT need these redundant prefs. In fact, some even cause RFP to not behave as you would expect and alter your fingerprint. Comment them out, and make sure they are RESET in about:config
These are all in PK's user.js, btw. Sometimes the pref may win, sometimes RFP - it depends how they coded it (e.g the UA spoofing ignores a general agent override pref, by design - but the net info pref will override RFP's spoof)
-
dom.maxHardwareConcurrency(probably does no harm since its the same value of 2) -
dom.enable_resource_timing -
dom.enable_performance -
device.sensors.enabled -
dom.gamepad.enabled(you can detect if the api is enabled or not, so don't be THAT one guy. also does nothing unless you plug one in, in which case I would assume you want to use it) -
dom.netinfo.enabled(is at least default false on desktop, not sure when that happened, but fiddling with it may affect mobile - the original RFP patch for this spoofed it as "unknown", whereas the pref returns "undefined"- i think, I'm a bit hazy on it all now, it was so long ago) -
media.webspeech.synth.enabled -
media.video_stats.enabled -
webgl.enable-debug-renderer-info
^^ you don't need any of those if you use RFP, and as you have already found out, you have an issue with mixing timing prefs & RFP
icons are not rendering
This is called tofu, it looks like a domino with hexadecimal code on it. What is your OS. You need to change your default font to something so the PUAs actually map to something.
And that's assuming that you are not actually blocking a webfont
icons are not rendering
This is called
tofu, it looks like a domino with hexadecimal code on it. What is your OS. You need to change your default font to something so the PUAs actually map to something.And that's assuming that you are not actually blocking a webfont
I use Ubuntu 18.04 (English). Most of thing on my OS are as default. I have not installed any app which installs/removes fonts. Is this issue normal about firebase page?
If DO you use RFP then you DO NOT need these redundant prefs.
Which prefs you mean? The list that you write below right? Or all the PK user.js?
Or all the PK user.js?
No, just the ones I listed
I use Ubuntu 18.04
OK, so it's linux. Change your default serif, or sans serif (one of those, not sure which one) font to deja vu - see https://github.com/pyllyukko/user.js/issues/395#issuecomment-393888264
I could nto get the point exactly about font issue. My firefox settings are here:
I could not understand what should I do? Is my fingerprint is not unique if I have:
resistFingerprinting=false AND dom.enable_performance=true
Is my fingerprint is not unique if I have
No, because RFP does not do anything about fonts yet, which is why you should/could limit fonts.
I see you are allowing pages to choose their own fonts. So now I'm not even sure what your issue is with console.firebase.google.com (I can't check because it requires me to log in with a google account) - maybe you're blocking a webfont.
Post a screen shot of the offending icon that should be a font. Look at the source code and work out what that element is using.
Maybe someone else can help. For all I know it's a ligature?
@Thorin-Oakenpants
@Atavic thank you but the issue is not about solving the problem. its only about information. I have already the solution written.
That looks like a ligature (because it's displaying readable text or whatever), rather than a missing font icon/glyph or tofu (which as I said looks like a domino, or a rectangle with some code in it)
https://google.github.io/material-design-icons/ <-- i suspect it has something to do with all of this
I've found that video chat doesn't work well. Doesn't matter if it's Skype (for web), Google Duo (for web), Jitsi Meet, Facebook Messenger, etc. The video window won't load and/or will throw a vague error. Haven't been able to find the pref responsible though. Any ideas?
Enable WebRTC. https://github.com/pyllyukko/user.js/blob/2929c685d443e48f02c228af92aa43b1b0f33c72/user.js#L75
There are more WebRTC prefs below if it still breaks.
Thanks. Looks like the culprits were primarily media.peerconnection.enabled like you said, as well as: https://github.com/pyllyukko/user.js/blob/2929c685d443e48f02c228af92aa43b1b0f33c72/user.js#L88 Commenting these out fixed video chat for Jitsi Meet and FB Messenger. Skype, as it turns out, just doesn't like Firefox, but a simple Chrome useragent override makes Skype for web work like a charm. Google Duo works after commenting out:
https://github.com/pyllyukko/user.js/blob/2929c685d443e48f02c228af92aa43b1b0f33c72/user.js#L714 which I believe is a breakage like the kind discussed in #227 . As for Discord, it looks like they simply don't want to support video chat in Firefox. Couldn't find a pref to fix it, and useragent didn't make a difference.
create a list of buggy sites so anyone can contribute it
These should be added to the NOTICE above the pref that breaks a particular website. For example:
-// NOTICE: Disabling WebRTC breaks peer-to-peer file sharing tools (reep.io ...)
+// NOTICE: Disabling WebRTC breaks peer-to-peer file sharing tools (reep.io ...) and video chat (Jitsi, FB Messenger...)
@e-t-l do you want to send a patch with your findings?
I don't have time to do it right now (I'm also pretty new to using Git, and most of my contributions on Github so far have been in the form of opening/commenting on issues. Sending a PR is a whole new thing I'll have to work out).
I'm just going to comment so I don't forget:
https://github.com/pyllyukko/user.js/blob/d6ce4ebf9e30e846b9e383384f7a20d121fb4030/user.js#L200 breaks in-browser Zoom calls.
After more experimentation, it looks like media.navigator.enabled, media.getusermedia.audiocapture.enabled, and media.getusermedia.screensharing.enabled can all be left on False, but media.peerconnection.enabled must be True to prevent breakage on FB Messenger and Jitsi.
There is now a mechanism to warn about possible breakage caused by user.js: under the relevant // PREF: ... entry and associated documentation links, add a line beginning with // NOTICE: and describe the problem caused by changes to the value of this pref. Then run make doc-whatdoesitdo to update README.md and submit a Pull Request.
See https://github.com/pyllyukko/user.js/pull/542/files for an example.
I suggest closing this issue.
