Search code, repositories, users, issues, pull requests...
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
This is very concerning from a security perspective and quite literally acts as a backdoor - You can see here: https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16222 & here: https://firefox-source-docs.mozilla.org/devtools/backend/protocol.html for some details
Not even Firefox Developer Edition enables these prefs by default. Respectfully, I have no idea what your team was thinking flipping them, and I seriously have to question the motives here. I hope that this was simply incompetence & not malicious, but it is concerning regardless. The browser is one of the, if not the most security critical component in our lives. Treating it as a hobbyist project like this is unacceptable. Please do better in the future.
There's various other prefs I think are highly questionable that I'll leave feedback for separately - But this was the most severe & needed to be taken care of ASAP.
