Comments (8)
IMO, no. The FBI exploit used workers and I assume other exploits do too.
I wouldn't advise setting it to true for all pages. (ie. in the user.js)
I'd recommend to either temporarily enable it in about:config before loading those pages, or setup a second profile for those pages if you visit them regularly.
Just my 2 cents
from user.js.
There are often alternatives that work without it: http://regexr.com/
No idea if it's as good as the other one, but if something doesn't work for me I'll find something else that does.
from user.js.
What I have experienced is that Google Street View requires it (Street View only, not maps), requires it means set to true (default). How not to agree with earthlng? But at the same time enabling/disabling on a per-site basis is cumbersome given the sites requiring it are numerous and/or frequently called. There are several add-ons which resume to a toolbar button to simply toggle an about:config setting but unfortunately none that I know that handle this dom.workers.enabled.
On another hand I've encountered no issue setting dom.serviceWorkers.enabled
and dom.workers.sharedWorkers.enabled
to false.
For a quick access to a given about:config setting it is always possible to create a bookmark of the form, i.e. about:config?filter=dom.workers.enabled
which at least makes it faster/easier than opening about:config and retyping the query each time.
from user.js.
@crssi indeed.
Well, if it appears that this dom.workers.enabled
is really better set to false than I might very well follow the advise which seems argumented (earthlin:
The FBI exploit used workers and I assume other exploits do too
)
I'd use the about:config?filter=dom.workers.enabled
to quickly set it to true when required by a site (Google Street View, regex101.com ...). Cumbersome but again, if that important then perhaps better to false. I'll add an internote (provided by the eponymous FF add-on) to remember.
from user.js.
That's why I have asked :)
Since the reported CVEs were already fixed by FF if I am correct... I know, I know, there might be (and sure are) some unknown exploits.
from user.js.
Looks like the Pwn2Own exploit also used workers. If you need more reasons to disable that shit - well, I'm sorry that's all I got ;)
It's also interesting that the exploited experimental feature was pref-ed off in stable but the code ignored it, at least in one place where it really mattered.
from user.js.
earthlng: Unless there's something more we can help you with here, please consider closing this @crssi
@earthlng Letting this opened will eventually give us more hints. I see there's a quick decision to close issues here. There are a few ones opened now and you can have up to 25 opened issues before the list generates a second pagelist with a bottom link.
I think these opened issues could give more followers, imho.
from user.js.
I moved the comments regarding the broken addon into a new issue here
from user.js.
Related Issues (20)
- changelog v126 [important: read upcoming changes for FF128] HOT 38
- Typo in user.js HOT 2
- Clipboard pref default changed HOT 1
- Add I still dont care about cookies to optional extensions HOT 1
- ToDo: work out WTF this all means and fixup if required HOT 5
- Privacy-Preserving Attribution (FF 128) HOT 4
- Make Updater.sh shell agnostic HOT 3
- Is it necessary to disable canvas from the browser if it offers to disable or allow them on the site? As well as browser security settings presets HOT 3
- add FPP granularOverrides for the FYI factor HOT 30
- Overrides won't work HOT 2
- ToDo: diffs FF126-FF127 HOT 12
- v128 SOCKS change HOT 2
- RFP: exclude timezone as UTC/GMT and use my real one HOT 2
- How to enable click to copy? HOT 2
- Quarantined domains aren't enforced if a certain add-on is disabled HOT 3
- extensions.enabledScopes HOT 1
- Noob (likely invalid) question about TZP'ing vanilla AF (also vanilla FF + RFP) HOT 6
- Are `network.dns.disablePrefetch`/`network.dns.disablePrefetchFromHTTPS` master switches of `dom.prefetch_dns_for_anchor_http_document`/`dom.prefetch_dns_for_anchor_https_document`? HOT 2
- So i installed arkenfox user.js and for some reason now i have these thick lines on the edges of the screen and even that i did a backup they are still in there it kinda looks like it is in box. HOT 1
- ToDo: diffs FF127-FF128 HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from user.js.