Keep an eye on fingerprinting risks due to the Reporting API
Support for the Reporting API landed on nightly in the Firefox 65 cycle. There is already at least one needed fingerprinting fixup known which we need to take care of when this gets enabled, but there are likely more. A good start for closer investigation is the Privacy Considerations section in the spec itself.
We should keep this feature disabled until the risks are evaluated. This can be done by making sure dom.reporting.enabled
and dom.reporting.header.enabled
are false