Tiny Tiny RSS: Community

Missing material-icons ff config


Describe the problem you’re having:
After updating from v17 uf v18, I currently miss the material-icons

tt-rss version (including git commit id):
v18.12 (848bb65)

Platform (i.e. Linux distro, PHP, PostgreSQL, etc) versions:
Debian Stretch
MariaDB 10.1.37
FIrefox 65
Firefox config: https://github.com/ghacksuserjs/ghacks-user.js

Please provide any additional information below:
the problem is caused by the Firefox variable
browser.display.use_document_fonts = 0

normally this parameter should allow to display icons
gfx.downloadable_fonts.enabled = true


I’m confused. You explicitly have Firefox set to not use document fonts and you’re surprised it’s not using document fonts?

Set browser.display.use_document_fonts to 1.


Activating document fonts would destroy the entire security concept.

To display icons there is usually the parameter
gfx.downloadable_fonts.enabled = true
I just don’t know how to put this in the programming to make it work.


ah yes the rest of the browser engine and javascript VM are just fine, totally not a security nightmare at all; no, the real and only security issue in the whole shebang is webfonts.

i suggest you use something else instead of tt-rss, what with your technical illiteracy and paranoia.

yes, it’s very obvious that you don’t really know much of anything at all.


I have deactivated javascript by default. you don’t have to worry about my security.

I just wanted to know if it was possible to mark the fonts as such that the parameter “gfx.downloadable_fonts.enabled” also has an effect, on other websites that works too

thank you but as long as you can’t do more than insult please stay out of my request


me insulting illiterate technophobes like you is one of the major reasons this forum exists, fyi.

i suggest you deactivate it again, both on this forum and within tt-rss.


:roll_eyes: You’re new here, but fox is the one who runs the show.


An, admittedly naive, search for browser.display.use_document_fonts security isn’t throwing up anything interesting about how those two concepts relate to each other.


i’m sure it’s technically not the greatest idea (especially if you’re using some kind of vintage OS that loads fonts in a kernel context) but making webfonts a hill to die on, while using everything else from the web application stack, seems unimaginably retarded.


I was just pointing out a problem. I have never been treated so unfriendly.

In forums about privacy this rss reader is recommended but it seems to be the wrong choice.

excerpt from ghacks-user.js

/* 1401: disable websites choosing fonts (0=block, 1=allow)

  • If you disallow fonts, this drastically limits/reduces font
  • enumeration (by JS) which is a high entropy fingerprinting vector.


I found this from here. At this point, you’re fucking flies ← Lots of effort for little gain.


i still don’t know how you get the idea that this parameter is my only setting in Firefox but i like to let you believe it.

but also so that you don’t die stupid you can inform yourself here https://github.com/ghacksuserjs/ghacks-user.js

i also use uMatrix and NoScript to block everything by default and unlock it by hand first


the problem here is your lack of education and contrails conspiracy-tier paranoia, which is what we’re pointing out to you, in terms simple enough for you to understand.

for people like you, being on the internet is the wrong choice.


what’s the point of blocking everything if you have to unblock stuff later anyway
do you like pointless busywork? are you employed?

can you audit the scripts you’re unblocking versus ones you don’t to see which pose a security risk? are you familiar with javascript deobfuscation?


It’s about me deciding who gets my dates and who doesn’t.
and it doesn’t even take 10% of the scripts to make the website work.

just because you apparently don’t care what happens to your data and your privacy is ignored doesn’t mean it counts for everyone.
Because of people like you we are going to fall into a big digital hole!

i would wish that we now return to the topic again and do not go further in the offtopic.


so, you like pointless busywork because it provides an illusion of you being in control of something.

that’s rather sad, tbh.

oh you don’t say


The point is that you can stop certain sites from loading crap – facebook for one. It does make things run a little fast once you have a set of exceptions in place if you are on a shoe string network.

To be fair, once you run uBlock and uMatrix, you are 99% there. The rest 1% is paranoia or stuff you should not care about. If you do, use Tor and go full on paranoid. BTW, even Tor is not 100% secure.

But yeah, off topic…


op, are you posting through tor? :thinking:

e: his IP address is not listed as a tor exit node, so no. truly shameful disregard of privacy, if you want my opinion.


Surely they are using a VPN… :face_with_raised_eyebrow:



my point is randomly clicking on stuff in umatrix without any reason or understanding until the site starts working already is not a very useful approach to privacy nor security.