From e1f56f0da6b94c70b1efacc3d060550953640fac Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 10 Aug 2019 01:39:08 +0300
Subject: [PATCH 1/2] browser-tweaks: document TRR/DoH

Resolves: #785
---
 _includes/sections/browser-tweaks.html | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-tweaks.html
index 2a3dcbcd..e324a1b9 100644
--- a/_includes/sections/browser-tweaks.html
+++ b/_includes/sections/browser-tweaks.html
@@ -118,6 +118,24 @@
   </ul>
   </dd>
 
+  <dt>network.trr.mode = 2</dt>
+  <dd>
+  Use Trusted Recursive Resolver (DNS-over-HTTPS) first and if it fails, use the system resolver <a href="https://wiki.mozilla.org/Trusted_Recursive_Resolver">Source</a>
+  <ul>
+    <li>0 = disabled by default, may change in the future</li>
+    <li>1 = use the faster resolver</li>
+    <li>2 = use DoH first, fallback to system resolver</li>
+    <li>3 = only use DoH. This may require <code>network.trr.bootstrapAddress</code> or using an IP address to <code>network.trr.uri</code></li>
+    <li>5 = explicitly disable DoH</li>
+  </ul>
+  </dd>
+
+  <dt>network.trr.uri = CHANGEME</dt>
+  <dd>The address of your DNS-over-HTTPS provider, if you don't have one, <a href="/providers/dns/#icanndns">check our encrypted DNS recommendations</a>. It can also be changed in <em>Settings, Network Settings, Enable DNS over HTTPS, Use Provider, Custom</em>.</dd>
+
+  <dt>network.security.esni.enabled = true</dt>
+  <dd>Hide the address which you are requesting SSL certificate for if the server supports it. This <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1500289">requires DoH/TRR to be enabled</a> even <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1542754">on Android 9+ when Private DNS is enabled</a>.</dd>
+
   <dt>webgl.disabled = true</dt>
   <dd>WebGL is a potential security risk. <a href="https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern">Source</a></dd>
 
-- 
2.47.2


From 4bea1e7d9dcd25cbc91fb3219280644fdedf4229 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Sat, 10 Aug 2019 01:48:25 +0300
Subject: [PATCH 2/2] fix preposition

---
 _includes/sections/browser-tweaks.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_includes/sections/browser-tweaks.html b/_includes/sections/browser-tweaks.html
index e324a1b9..277bbd57 100644
--- a/_includes/sections/browser-tweaks.html
+++ b/_includes/sections/browser-tweaks.html
@@ -125,7 +125,7 @@
     <li>0 = disabled by default, may change in the future</li>
     <li>1 = use the faster resolver</li>
     <li>2 = use DoH first, fallback to system resolver</li>
-    <li>3 = only use DoH. This may require <code>network.trr.bootstrapAddress</code> or using an IP address to <code>network.trr.uri</code></li>
+    <li>3 = only use DoH. This may require <code>network.trr.bootstrapAddress</code> or using an IP address in <code>network.trr.uri</code>.</li>
     <li>5 = explicitly disable DoH</li>
   </ul>
   </dd>
-- 
2.47.2