install.py: Waterfox compatibility and default to firefox user.js always (#485)

* install.py: Integrate waterfox and default to firefox user.js always

This commit:
- Removes the old --zen switch
- Adds a new --browser/-b switch to specify the browser. Available
  options: firefox, waterfox, zen
- Now defaults to the firefox user.js even if there's new user.js added

* install.py: Remove the redundant --zen flag

.github/FUNDING.yml

@@ -1,13 +0,0 @@
-# These are supported funding model platforms
-
-github: yokoffing
-patreon: # Replace with a single Patreon username
-open_collective: # Replace with a single Open Collective username
-ko_fi: yokoffing
-tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-liberapay: yokoffing
-issuehunt: # Replace with a single IssueHunt username
-otechie: # Replace with a single Otechie username
-lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry
-custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']

Securefox.js

@@ -690,45 +690,6 @@ user_pref("network.prefetch-next", false);
 //user_pref("network.early-hints.preconnect.enabled", true);
 //user_pref("network.early-hints.preconnect.max_connections", 10); // DEFAULT
 
-// PREF: Network Predictor (NP)
-// When enabled, it trains and uses Firefox's algorithm to preload page resource
-// by tracking past page resources. It uses a local file (history) of needed images,
-// scripts, etc. to request them preemptively when navigating.
-// [NOTE] By default, it only preconnects DNS, TCP, and SSL handshakes.
-// No data sends until clicking. With "network.predictor.enable-prefetch" enabled,
-// it also performs prefetches.
-// [1] https://wiki.mozilla.org/Privacy/Reviews/Necko
-// [2] https://www.ghacks.net/2014/05/11/seer-disable-firefox/
-// [3] https://github.com/dillbyrne/random-agent-spoofer/issues/238#issuecomment-110214518
-// [4] https://www.igvita.com/posa/high-performance-networking-in-google-chrome/#predictor
-//user_pref("network.predictor.enabled", false); // [DEFAULT: false FF144+]
-
-// PREF: Network Predictor fetch for resources ahead of time
-// Prefetch page resources based on past user behavior.
-//user_pref("network.predictor.enable-prefetch", false); // [FF48+] [DEFAULT: false]
-
-// PREF: make Network Predictor active when hovering over links
-// When hovering over links, Network Predictor uses past resource history to
-// preemptively request what will likely be needed instead of waiting for the document.
-// Predictive connections automatically open when hovering over links to speed up
-// loading, starting some work in advance.
-//user_pref("network.predictor.enable-hover-on-ssl", false); // DEFAULT
-
-// PREF: assign Network Predictor confidence levels
-// [NOTE] Keep in mind that Network Predictor must LEARN your browsing habits.
-// Editing these lower will cause more speculative connections to occur,
-// which reduces accuracy over time and has privacy implications.
-//user_pref("network.predictor.preresolve-min-confidence", 60); // DEFAULT
-//user_pref("network.predictor.preconnect-min-confidence", 90); // DEFAULT
-//user_pref("network.predictor.prefetch-min-confidence", 100); // DEFAULT
-
-// PREF: other Network Predictor values
-// [NOTE] Keep in mmind that Network Predictor must LEARN your browsing habits.
-//user_pref("network.predictor.prefetch-force-valid-for", 10); // DEFAULT; how long prefetched resources are considered valid and usable (in seconds) for the prediction modeling
-//user_pref("network.predictor.prefetch-rolling-load-count", 10); // DEFAULT; the maximum number of resources that Firefox will prefetch in memory at one time based on prediction modeling
-//user_pref("network.predictor.max-resources-per-entry", 250); // default=100
-//user_pref("network.predictor.max-uri-length", 1000); // default=500
-
 /******************************************************************************
  * SECTION: SEARCH / URL BAR                                                 *
 ******************************************************************************/
@@ -1298,7 +1259,7 @@ user_pref("privacy.userContext.ui.enabled", true);
     //user_pref("browser.eme.ui.enabled", false);
 
 /******************************************************************************
- * SECTION: JIT                                                              *
+ * SECTION: JIT & WASM                                                        *
 ******************************************************************************/
 // PREF: Just-In-Time Compilation
 // Around half of zero-day exploits are directly related to "just in time"
@@ -1307,8 +1268,7 @@ user_pref("privacy.userContext.ui.enabled", true);
 // [1] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
 // [2] https://www.youtube.com/watch?v=i7qlZeDt9o4
 
-// PREF: JavaScript JIT
+// PREF: Ion and Baseline JIT
-// PREF: disable Ion and baseline JIT to harden against JS exploits
 // [NOTE] When both Ion and JIT are disabled, and trustedprincipals
 // is enabled, then Ion can still be used by extensions [4].
 // Tor Browser doesn't even ship with these disabled by default.
@@ -1318,31 +1278,40 @@ user_pref("privacy.userContext.ui.enabled", true);
 // [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
 // [5] https://wiki.mozilla.org/IonMonkey
 // [6] https://github.com/arkenfox/user.js/issues/1791#issuecomment-1891273681
-//user_pref("javascript.options.baselinejit", false);
+//user_pref("javascript.options.baselinejit", false); // DO NOT TOUCH
 //user_pref("javascript.options.ion", false);
-//user_pref("javascript.options.jit_trustedprincipals", false);
+//user_pref("javascript.options.jit_trustedprincipals", true); // HIDDEN PREF
+
+// PREF: Blinterp (JIT-like)
+// You do not need to touch blinterp unless you want to go even slower
+// than the Baseline JIT (which I do not recommend).
+//user_pref("javascript.options.blinterp", false);
 
 // PREF: WebAssembly JIT [FF52+]
 // Vulnerabilities [1] have increasingly been found, including those known and fixed
 // in native programs years ago [2]. WASM has powerful low-level access, making
 // certain attacks (brute-force) and vulnerabilities more possible.
+// trustedprincipals: This controls whether WebAssembly is allowed in "privileged" contexts
+// (like your extensions or internal browser scripts).
 // [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
 // [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
 // [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
 // [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
 //user_pref("javascript.options.wasm", false);
     //user_pref("javascript.options.wasm_trustedprincipals", false);
-    //user_pref("javascript.options.wasm_baselinejit", false);
+    //user_pref("javascript.options.wasm_baselinejit", true); // DO NOT TOUCH
     //user_pref("javascript.options.wasm_optimizingjit", false);
 
 // PREF: Asm.js JIT [FF22+]
+// Asm.js is essentially the "ancestor" of WebAssembly. It was a strict subset of JavaScript
+// designed to allow browsers to pre-compile code into highly efficient machine instructions.
+// However, WebAssembly was created specifically to replace Asm.js and has done so almost entirely.
+// Disabling Asm.js removes the "legacy" risk surface without affecting your ability to run modern WebAssembly sites.
 // [1] http://asmjs.org/
 // [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
 // [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
-//user_pref("javascript.options.asmjs", false);
+// [4] https://github.com/rh0dev/slides/blob/master/OffensiveCon2018_From_Assembly_to_JavaScript_and_back.pdf
-
+//user_pref("javascript.options.asmjs", false); // DEFAULT
-// PREF: Blinterp (JIT-like)
-//user_pref("javascript.options.blinterp", false);
      
 /******************************************************************************
  * SECTION: VARIOUS                                                          *

install.py

@@ -99,7 +99,7 @@ def _get_default_profile_folder(firefox_root):
     print(f"Reading {config_path}...")
 
     config_parser = ConfigParser(strict=False)
-    config_parser.read(config_path)
+    config_parser.read(config_path, encoding = "utf8")
 
     path = None
     for section in config_parser.sections():
@@ -174,12 +174,17 @@ def download_betterfox(url):
 def extract_betterfox(data, profile_folder):
     zipfile = ZipFile(data)
     userjs_zipinfo = None
+    depth = 1 # default to firefox user.js living at root dir
+    if args.browser != "firefox":
+        depth = 2 # ignore the outside
     for file in zipfile.filelist:
-        if "/zen/" in file.filename and not args.zen:
+        path = file.filename.split("/")
+        if len(path)-1 != depth or (args.browser not in path and depth != 1) :
             continue
         if file.filename.endswith("user.js"):
             userjs_zipinfo = file
             userjs_zipinfo.filename = Path(userjs_zipinfo.filename).name
+            break
 
     if not userjs_zipinfo:
         raise BaseException("Could not find user.js!")
@@ -212,18 +217,15 @@ if __name__ == "__main__":
 
     default_profile_folder = _get_default_profile_folder(firefox_root)
 
-    argparser = ArgumentParser(
+    argparser = ArgumentParser()
-
-    )
     argparser.add_argument("--overrides", "-o", default=default_profile_folder.joinpath("user-overrides.js"), help="if the provided file exists, add overrides to user.js. Defaults to " + str(default_profile_folder.joinpath("user-overrides.js"))),
-    argparser.add_argument("--zen", "-z", action="store_true", default=False, help="Install user.js for the Zen browser instead. Defaults to False"),
-    
     
     advanced = argparser.add_argument_group("Advanced")
     advanced.add_argument("--betterfox-version", "-bv", default=None, help=f"Which version of Betterfox to install. Defaults to the latest compatible release for your installed Firefox version")
     advanced.add_argument("--profile-dir", "-p", "-pd", default=default_profile_folder, help=f"Which profile dir to install user.js in. Defaults to {default_profile_folder}")
     advanced.add_argument("--repository-owner", "-ro", default="yokoffing", help="owner of the Betterfox repository. Defaults to yokoffing")
     advanced.add_argument("--repository-name", "-rn", default="Betterfox", help="name of the Betterfox repository. Defaults to Betterfox")
+    advanced.add_argument("--browser", "-b", default="firefox", help="Which browser should Betterfox install to. Defaults to firefox. Available options: firefox, zen, waterfox")
     
     disable = argparser.add_argument_group("Disable functionality")
     disable.add_argument("--no-backup", "-nb", action="store_true", default=False, help="disable backup of current profile (not recommended)"),

policies.json

@@ -10,7 +10,7 @@
         "DisableDeveloperTools": false,
         "DontCheckDefaultBrowser": true,
         "DNSOverHTTPS": {
-            "Enabled": true,
+            "Enabled": false,
             "ProviderURL": "",
             "Locked": false
         },