Web Browser improvements

Web Browser improvements
A thread dedicated to improving Web Browsers; what would like like to see removed, added, or work differently?

I'll start with a short list of things I'd love to see:

Better caching (and thus privacy)
- Completely ignore 'no-store' caching directive (cache everything)
- Never send conditional HTTP request headers (e.g, "If-Modified-Since") but do checking based HTTP response headers yourself (privacy)
- Previously browsed pages and resources will always be available offline and the user is asked whether the page should be updated or is allowed to connect to the Internet
- Always try to hit cache without making any connection to the server which had (or has) the resource you are requesting
- A portable, exportable cache storage format which is content-addressed with rich metadata
- Clearly indicate to the user that he is browsing a cached page and how long ago it was cached
- User-defined rules for URL de-duplication (make suggestions based on content with the same content hash but different URL)
- User-defined cache invalidation (e.g., invalidate CSS every X months)
- Keep track of which resource is dependent on what HTML document so it easy to delete web page(s) with all their resources (which are only used in those documents)
- A cache whitelist and blacklist based on Regex or something more simple
- Add WARC support
- Add "Remote caching" support

Better privacy
- Only send referrers on the same domain (sending no referrers can break some crappy sites)
- Always try to connect to HTTPS version of a domain (if it doesn't support it maybe optionally store it in a HTTPS blacklist)
- Decrease fingerprintability (Tor Browser does this quite well)
- Install uBlock Origin or uMatrix by default with a sane list of defaults

(Among other things I'll probably remember later)

Other urls found in this thread:

trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#BuildingJustFirefox
github.com/JustOff/ca-archive/releases
web.archive.org/web/201706/https://addons.mozilla.org/en-US/firefox/addon//
makeuseof.com/tag/control-how-firefox-caches-websites-with-better-cache/
web.archive.org/web/20111210213434/https://addons.mozilla.org/en-US/firefox/addon/bettercache/
files.catbox.moe/vmk46l.zip
github.com/pyllyukko/user.js
gitweb.torproject.org/tor-browser.git/tree/toolkit/components/resistfingerprinting/nsRFPService.h
trac.torproject.org/projects/tor/ticket/26146
twitter.com/AnonBabble

Compiling Tor Browser (Firefox-only)
trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#BuildingJustFirefox
I just ran with make and commented "ac_add_options --enable-tor-browser-update" out in ".mozconfig" (make sure you have a recent stable version of Rust installed by the way)

This makes it sound like a NSA wishlist tbh. Why not add a caching option that stores everything in memory and deletes it every time you turn the page too? You can do this with pre firefox26 browsers where you set the cache to delete on next pageload from memory and never store anything to disk. Why did these options dissappear?

Like its nice to have the extreme control over the cache you want. But why not a option to have no cache of any sort? Its easier to hack into a windows computer then it is to break SSL encryption assuming the ssl encryption isn't already backdoored and then steal the browser cache of the windows computer windows 8 through 10 automatically send your browser cache of the major browsers to microsoft/NSA anyways so moot point.

Don't use firefox anymore as its codebase is pozzed to hell and back along with the tor browser being based on the bad fruit that is modern firefox. Use palemoon 27, but not any version after 27, because it is based on a firefox 26 codebase with performance/security improvements. That and all the newer browsers have CSS2 which backdoors you even with javascript off and ublock installed. Palemoon 27 does not have CSS2/backdoor but palemoon 28 is based on firefox 52 which does have CSS2. Since you compile from source just use palemoon with newest libraries needed and no pulseaudio you can use alsa alone with 27. To get the tor browser security features install addons that change user agent, platform agent, app agent, javascript OSCPU/nonjavascript OSCPU, accept headers, and disabe canvas fingerprinting. You can change reported screen resolution with the CTRL+ or CTRL- keycombos. You can't control the reported fonts your operating system reports unless you change them on the OS. And the last thing of note is randomizing the time reported by http refferers or disabling them outright.

Remote --- well, your own local server I meant (or whatever the user wants).
That's already an option in every browser.

The thing that'd worry me is fingerprintability --- but if Palemoon uses the same SSL-backend (NSS with TLSv1.3 support) then you can imitate Tor Browser with no problem.

'List of XUL-based (Legacy) extensions
WebExtensions really do suck
You can get a list of XUL-based extension (probably contains some WebExtensions too) by downloading the XPI from: github.com/JustOff/ca-archive/releases extract that like a ZIP archive and look for a SQLite file which contains metadata about every extension as of mid 2017

Yes it supports NSS with TLSv1.3. It uses the same ssl background libraries, the openssl/libressl/insertssl implementation you have installed on your system if you use system libraries having compiled it from source.

But not like I was explaining. Most browsers delete the cache on browser close, but that doesn't happen if it is written to disk and then the computer is powered off without the browser closing, which means it stays on the disk till next power up. I mean deleting it as soon as it is in memory and storing it only in memory. Like lets say you load 8ch.net and then 8ch.net/tech/index.html, the browser I desire would delete the 8ch.net page from memory and all associated data/cookies as soon as it starts loading 8ch.net/tech/index.html and it would do no disk writes.

No modern browser does that, they always write to disk first and delete afterwards.

Legacy extensions can be downloaded by their "slug" column in the "addons" table, like so:
web.archive.org/web/201706/https://addons.mozilla.org/en-US/firefox/addon//
(You can use SqliteBrowser by the way)

Thanks, good to know.

Regarding caching, I want it to be persistent. I want to ignore all server-side caching directives and store everything I want to store permanently.
One thing I forgot to add:
- Add versioning support for the cache --- so you can browse your own personal archive like on the Wayback Machine