social.remote-install.enabled option in Tor Browser
Can you please look into the firefox config option social.remote-install.enabled and see if it should be disabled by default in the Tor Browser?
Currently it is set to true.
Activity
// remote-install allows any website to activate a provider, with extended UI // notifying user of installation. we can later pref off remote install if // necessary. This does not affect whitelisted and directory installs.but
// Bug 898706 we do not enable social in private sessions since frameworker // would be shared between private and non-private windowsuntil it has been redesigned after esr45
When I removed the frameWorker a while back, I removed all code preventing social running in a private window, but aparently missed this one. FrameWorker was the sole reason for avoiding private windows since it could cross between the two. So basically, you could use social (share) in private windows, but you couldn't add a social provider. There's no reason for that limitation.
Trac:
Summary: social.remote-install.enabled option in Tor Browser 4.0 to social.remote-install.enabled option in Tor BrowserHave looked at the
social.*prefs and the associated code, I think it makes sense to disable these. Here's a patch to do that:https://github.com/arthuredelstein/tor-browser/commit/13612
Trac:
Status: new to needs_review
Keywords: N/A deleted, TorBrowserTeam201705R addedmentioned in issue #19004 (moved)
mentioned in issue #19048 (moved)
