[CentOS] Modern FireFox on CentOS 7

Fri Nov 18 21:00:24 UTC 2016
Alice Wonder <alice at domblogger.net>

No idea who this will be useful for, but starting with FireFox 49 I have 
been running a modern FireFox with CentOS 7.

I needed to in order to play with the new Service Worker based Push API 
but it has other things FireFox 45 ESR doesn't have - such as working 
html5 details/summary tags - which I make us when a page needs a Table 
of Contents, for example.

Anyway I start with Fedora src.rpm and build it in mock on my system. 
Here are the changes I made to Fedora spec file for FireFox 50:

--- firefox.spec.orig	2016-11-18 12:31:02.963164405 -0800
+++ firefox.spec	2016-11-18 12:50:16.068918152 -0800
@@ -1,5 +1,5 @@
  # Use system nspr/nss?
-%define system_nss        1
+%define system_nss        0

  # Use system sqlite?
  %if 0%{?fedora} > 23
@@ -27,7 +27,7 @@

  # Hardened build?
-%if 0%{?fedora} > 20
+%if 0%{?fedora} > 20 || 0%{?rhel} > 6
  %define hardened_build    1
  %define hardened_build    0
@@ -94,7 +94,7 @@
  Summary:        Mozilla Firefox Web browser
  Name:           firefox
  Version:        50.0
-Release:        1%{?pre_tag}%{?dist}
+Release:        1%{?pre_tag}%{?dist}.0
  URL:            https://www.mozilla.org/firefox/
  License:        MPLv1.1 or GPLv2+ or LGPLv2+
  Group:          Applications/Internet
@@ -127,7 +127,7 @@
  Patch204:        rhbz-966424.patch
  Patch215:        firefox-enable-addons.patch
  Patch219:        rhbz-1173156.patch
-Patch221:        firefox-fedora-ua.patch
+#Patch221:        firefox-fedora-ua.patch
  Patch223:        rhbz-1291190-appchooser-crash.patch
  Patch224:        mozilla-1170092.patch
  Patch225:        mozilla-1005640-accept-lang.patch
@@ -269,7 +269,7 @@
  %patch204 -p2 -b .966424
  %patch215 -p1 -b .addons
  %patch219 -p2 -b .rhbz-1173156
-%patch221 -p2 -b .fedora-ua
+#%%patch221 -p2 -b .fedora-ua
  %if 0%{?fedora} > 22
  %patch223 -p1 -b .appchooser-crash
@@ -786,6 +786,9 @@

+* Fri Nov 18 2016 Alice Wonder <buildmaster at librelamp.com> - 50.0-1.0
+- Build for CentOS 7, disable UA patch
  * Thu Nov 10 2016 Martin Stransky <stransky at redhat.com> - 50.0-1
  - Update to 50.0


nss in CentOS is too old so that has to be disabled.
Hardened build works so I change the detection macro to trigger

The UA patch I disable for privacy reasons. Including the distribution 
does not convey meaningful information to a website, it only adds a 
characteristic that helps with fingerprinting. So I don't apply that 
patch, X11 Linux in the UA string is enough information on its own.

Hope this is helpful to someone, but of course remember that when CentOS 
is using an older version, you won't benefit from security patch updates 
to CentOS. Have to watch Fedora to know when its time to download 
another src.rpm that includes the fixes. So only use this over CentOS 
FireFox if you really need it.