this post was submitted on 28 May 2024
6 points (87.5% liked)

Firefox CSS

451 readers
1 users here now

Pushing the limits of the Firefox Browser through the use of CSS.

#join #firefoxcss:mozilla.org

Post your Firefox UI customizations here!

What is userChrome.css?

Rules (enforced)

  1. Posts must have flair!

  2. Follow Lemmy.World rules

  3. Posts cannot be memes/shitposts. They should be about Firefox customization with CSS.

  4. Please be civil. Bear in mind that many users come here for help and would be turned off by insults and rudeness.

  5. When posting large amount of code use a service dedicated to hosting text snippets, such as pastebin, hastebin, github gist or equivalent. Relatively short snippets can be wrapped in code-block for inline viewing.

  6. Do NOT use url-shorteners or link to compressed downloads (such as zip or rar) when sharing code.

Guidelines (not enforced)

Consider adding the following info to help people try your tweaks:

  1. Screenshots should have code in comments.

  2. Include Firefox version

  3. When asking for help you should share your custom style to help others understand what you are doing. This is increasingly important the more custom rules you have.

  4. List any other addons that may be changing the UI

  5. If a custom wallpaper is used, include a link to the original.

  6. If someone's comment solves you problem, reply to the comment to let them know, and change your post flair to solved.

Wiki

Find Helpful Knowledge and answers to common issues in /c/FirefoxCSS wiki.

Links

Lemmy Communities

Websites

founded 2 years ago
MODERATORS
6
is CSSs safe? (self.firefoxcss)
submitted 7 months ago* (last edited 7 months ago) by bitahcold to c/firefoxcss
 

Hello friends, I am using custom css' on my Librewolf. Downloaded FF-ULTIMA and it looks cool. I have looked at its all .css files as stranger for css. As far as my view, there is no problem but can these css files cause any security or privacy vulnerability? Like, being injectable or the creator of theme can track us or not? It may seem a funny question but idk much about css language. Just wanted to asking. Am I safe with it?

top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 5 points 7 months ago (1 children)

It's probably safe, but if the CSS loads images via URLs, it's possible that the owner of those URLs is able to track generic metrics about usage or even replace the images arbitrarily to drastically change the theme.

[–] MrOtherGuy 5 points 7 months ago (2 children)

Yeah, loading any external resources - I would think fonts even more so than images - is potentially risky. In addition, there is somewhat realistic possibility for browser fingerprinting if you use some style that makes browser viewport size atypical.

I can't think of any actual security issues other than those. Otherwise the worst that a style could do is crash the browser, to make it utterly unusable or make it super slow. But those are all recoverable by simply trashing userChrome.css and restarting Firefox.

[–] [email protected] 2 points 6 months ago

Any external resource is definitely correct. I didn't think about fonts, but some types allow embedded code to assist with rendering and I suppose that could be a vector. I was more thinking about tracking pixels, but I'm really not sure how big any of those risks are in a theme.

I personally wouldn't be worried about them, but I also don't run themes. Browser extensions on the other hand ...

[–] tb_ 2 points 4 months ago

there is somewhat realistic possibility for browser fingerprinting

A fun website to visit: https://www.amiunique.org/fingerprint

[–] [email protected] 2 points 7 months ago

It should be safe.