This pref does not override privacy.resistFingerprinting, but when it is set (and
privacy.resistFingerprinting is not) we will still adjust the precision of almost
all timers. The adjustment amount is the second pref, which is defaulted to
20us but now dynamically adjustable (in the scale of microseconds.)
This patch does _not_ address the performance API, which privacy.resistFingerprinting
disables.
We are landing this preffed on at the current value we clamp performance.now() at
which is 20us.
MozReview-Commit-ID: ESZlSvH9w1D
--HG--
extra : rebase_source : a8afead1bdba958c6c7b383b2216dacb3a1b135c
New content processes get prefs in three ways.
- They read them from greprefs.js, prefs.js and other such files.
- They get sent "early prefs" from the parent process via the command line
(-intPrefs/-boolPrefs/-stringPrefs).
- They get sent "late prefs" from the parent process via IPC message.
(The latter two are necessary for communicating prefs that have been added or
modified in the parent process since the file reading occurred at startup.)
We have some machinery that detects if a late pref is accessed before the late
prefs are set, which is good. But it has a big exception in it; late pref
accesses that occur early via Add*VarCache() and RegisterCallbackAndCall() are
allowed.
This exception was added in bug 1341414. The description of that bug says "We
should change AddBoolVarCache so that it doesn't look at the pref in the
content process until prefs have been received from the parent." Unfortunately,
the patch in that bug added the exception to the checking without changing
Add*VarCache() in the suggested way!
This means it's possible for late prefs to be read early via VarCaches (or
RegisterCallbackAndCall()) when their values are incorrect, which is bad.
Changing Add*VarCache() to delay the reading as bug 1341414 originally
suggested seems difficult. A simpler fix is to just remove the exception in the
checking and extend the early prefs list as necessary. This patch does that,
lengthening the early prefs list from ~210 to ~300. Fortunately, most (all?) of
the added prefs are ints or bools rather than strings, so it doesn't increase
the size of the command line arguments for content processes by too much.
--HG--
extra : rebase_source : 5ea5876c206401d23a368ef9cb5040522c9ca377
This code is used to detect too-early accesses of prefs in content processes.
The patch makes the following changes.
- New terminology: "early" prefs are those sent via the command line; "late"
prefs are those sent via IPC. Previously the former were "init" prefs and the
latter didn't have a clear name.
- The phase tracking and checking is now almost completely encapsulated within
Preferences.cpp. The only exposure to outside code is via the
AreAllPrefsSetInContentProcess() method, which has a single use.
- The number of states tracked drops from 5 to 3. There's no need to track the
beginning of the pref-setting operations, because we only need to know if
they've finished. (This also avoids the weirdness where we could transition
from END_INIT_PREFS back to BEGIN_INIT_PREFS because of the way -intPrefs,
-boolPrefs and -stringPrefs were parsed separately.)
MozReview-Commit-ID: IVJWiDxdsDV
--HG--
extra : rebase_source : 8cee1dcbd40847bf052ca9e2b759dd550350e5a1
There's no good reason why these should't just be constants. The patch also
appends "MiB" to some of the C++ values to make their meaning clearer.
This patch fixes one outright bug, and one inconsistency.
The bug is due to a prefname mismatch:
- ContentPrefs.cpp and AvailableMemoryTracker.cpp use
"memory.low_virtual_mem_threshold_mb".
- all.js uses "memory.low_virtual_memory_threshold_mb".
Which means that "memory.low_virtual_memory_threshold_mb" showed up in
about:config, but if you changed it nothing would happen because the callback
listened for changes to to "memory.low_virtual_mem_threshold_mb"!
Now for the inconsistency. The above means we actually use a value of 256 for
the virtual memory threshold, even though all.js says 128. But we *do* use a
value of 128 for the commit space threshold, because that's what all.js says
and that prefname is used correctly everywhere. The patch changes the commit
space threshold to 256 for consistency with the virtual memory threshold.
What a mess!
--HG--
extra : rebase_source : d3842c732efa9ab0e90eeb6a4f341aeb289589ed
This was originally added for b2g, where the pref had a different value.
Bug 1398033 enabled it everywhere.
--HG--
extra : rebase_source : c8bb03190cd00d25e6c2ec62a99ed8e911e08197
This is needed since the pref will be sent with the first IPC message as soon
as the content process starts. Without this, it crashes on debug builds.
MozReview-Commit-ID: 3mGwEkaJF7n
--HG--
extra : rebase_source : 42f8d29bf9b74a42b08156ad07f262323b42c72b
In this patch, we read the stylo blocklist into nsLayoutUtils's global static
variable during nsLayoutUtils::Initialize(). So, we can decide if we should
fallback to use Gecko backend while updating style backend for a document.
We add "layout.css.stylo-blocklist.blocked_domains" and
"layout.css.stylo-blocklist.enabled" to ContentPrefs.cpp because they are read
very early (during nsLayoutUtils::Initialize).
MozReview-Commit-ID: 8c4n6m9dYD8
--HG--
extra : rebase_source : ca81cd57980d98b9b73f18bb03a8035b161d23ef
This patch adds a preference jsloader.shareGlobal that makes it so
that JSMs share a single global, in order to reduce memory usage. The
pref is disabled by default, and will be enabled in a later bug. Each
JSM gets its own NonSyntacticVariablesObject (NSVO), which is used for
top level variable bindings and as the value of |this| within the JSM.
For the module loader, the main change is setting up the shared
global, and the NSVO for each JSM. A number of files are blacklisted
from the shared global, because they do things to the global that
would interfer with other JSMs. This is detailed in
mozJSComponentLoader::ReuseGlobal().
MozReview-Commit-ID: 3qVAc1c5aMI
--HG--
extra : rebase_source : fe7e2672be8d09d6b7cec25e08cd464ff3cd6573
1. Delete MediaPrefs::EMEChromiumAPIEnabled() and related logic.
2. We now only use the Chromium CDM interface so delete the opposite side check of MediaPrefs::EMEChromiumAPIEnabled().
MozReview-Commit-ID: GDFrrf4WlWf
--HG--
extra : rebase_source : 987667dd47757afd58e7da10b60c0e1e1ec89d39
Enable client/server using: media.cubeb.sandbox = true
This pref is only read at start up, so requires restarting firefox for
a change in value to take effect.
MozReview-Commit-ID: 36L4vR5QEDJ
--HG--
extra : rebase_source : 501ddea24f6425372930fbf02ca4d15bc91e5de4
Originally the pref is called security.data_uri.inherit_security_context, so the pref is default on.
And when we finish this feature, we turn it off.
To avoid causing confusion in the future, perhaps we should rename it and make the pref default off.
Removing support for this preference means that mReuseLoaderGlobal
will always be false, which lets us eliminate that field, and remove a
lot of code.
This also means that false is always passed to
PrepareObjectForLocation for aReuseLoaderGlobal.
ReadCachedFunction is no longer used, so it is deleted.
MozReview-Commit-ID: 5JD24EYVcQf
--HG--
extra : rebase_source : 3b23b4b8d2b1a2f6a53223477afb4cb13b8a671c
The pref cache added in the previous commit initializes at startup.
MozReview-Commit-ID: IvfBALLdcbe
--HG--
extra : rebase_source : b3c63c76f9eda144e6ae2c8801ac8637444f6c48
We're now asserting that we never check these before the END_ALL_PREFS phase,
which means they don't need to be sent to the content process synchronously.
MozReview-Commit-ID: 4BGbvVCjDWz
This adds 'media.cubeb.backend' to ContentPrefs, which is necessary because
`cubeb_init` is called _very_ early in the lifetime of a content process,
because it needs to be called before enabling seccomp.