i’ve noticed that PureBrowser (FireFox ESR) in PureOS Amber (stable) is out-of-the-box configured to use the EFF - “https everywhere” + “Badger” + “uBlock Origin” add-on combination.
They are visible in the Add-Ons Manager but they can’t be easily REMOVED. they can be DISABLED though …
why was this combination chosen instead of including the Libre-JS add-on instead of uBlock Origin ?
and how does “https everywhere” benefit users if the web-site you are visiting is by default only “http” (no encryption - i.e > http://www.gnu.org/ ) ?
AIUI: It doesn’t. It is designed to address the scenario that the web site supports only “https” or supports both “http” and “https” - and then ensures that the user uses the “https” URL (regardless of the URL originally specified) - without breaking the scenario that the web site supports only “http”.
www.gnu.org appears to support https however - so maybe not the best example.
The question might be academic though, since Purism is no longer using Firefox as the web browser in PureOS.
To make our CSO’s vision a reality we’re planning on moving away from Firefox ESR as our default and towards the default GNOME Web browser called “Epiphany”.
I don’t know whether the change is reflected in Amber yet.
That doesn’t mean that you can’t use Firefox ESR or, alternatively, a more current version of Firefox. The essence of freedom is your right to use whatever browser you like!
However I would guess that Purism effort regarding a default, out-of-the-box, secure, private browser with PureOS will be devoted to Epiphany (Gnome Web) - and that they won’t be spending effort on what add-ons are or are not applied to Firefox.
Hence, if you want to query Libre-JS v. uBlock Origin … you would need to see what they are supplying with Epiphany.
as far as i know Epiphany (GNOME-web) doesn’t NEED libre-JS since it already restricts non-free-javascript but the question then would be how would you be able to ALLOW certain web-sites that are running non-free-java to load said code in Epiphany ?
I could see how this could possibly prevent a user from doing online banking. I remember some years ago my bank did this to me when they detected my firefox version became too “old”. They only supported M$ Explorer, Chrome, and Firefox at the time and didn’t allow the little known linux browsers at all. (Chrome was relatively new.)
But like I said this was some years ago. Things may have changed.
This is only a partially informed response but: I think in the early days web sites tended to base strictly off the browser name. So niche browsers might well just not work, as you say. I think the trend is moving away from doing this, which augurs well for niche browsers.
It also depends on whether the dependency is client-side or server-side.
On the server side, some web sites use the User-Agent string. In some browsers you can override the User-Agent string - and thereby make a rejected browser into an accepted browser (or vice versa!).
I override the User-Agent string in order to counter or confound browser fingerprinting.
Google has announced a plan to “phase out” the User-Agent string. Love Google or hate Google, they do have heft, and so when they make such an announcement, web site designers will take notice.
actually - once i properly tested it out i’ve been able to observe that WITH Libre-JS ON in FireFox i have to whitelist ProtonMail (web-client) FIRST before i MAY see the login prompt.
this does NOT happen with GNOME-Web (epiphany) i.e i can just see the prompt as soon as the page is loaded and displayed on the screen. they are both nice to keep on your OS in case you find different purposes for each.
for mobile use (Librem 5) i predict GNOME-Web will be a better fit overall for me. better integration, web-pages and all that good stuff …