// Toggling 'dom.webserial.enabled' itself could be fingerprintable, but setting these instead just causes the permission to be automatically denied
defaultPref("dom.webserial.gated", true); // [DEFAULT]
defaultPref("permissions.default.serial", 2); // [HIDDEN]
the implication here is not entirely correct: if any policies are defined (as they are in phoenix, shipping its own policies.json), dom.webserial.enabled is locked to false*. if fingerprinting truly is a concern, with the webserial api turned on by default in desktop release builds, or the api support is intended to be left user-modifiable by default (aka defaultPref instead of lockPref), DefaultSerialGuardSetting: 3 should be set as policy, which would ironically allow the api by default (dom.webserial.enabled->true), and then it would be gated by abovementioned prefs. the policy should not be set on android, since false is the default on mobile and should not be overridden; the value being locked to false by policy usage is not an issue there (that is, until the default changes to true everywhere).
*EDIT:
in ff152+, the pref might no longer be locked to false by policy usage, just default false in that case (it is locked in 151); the fingerprinting angle remains the same. so for 152, explicitly setting defaultPref("dom.webserial.enabled", true); // [NO-ANDROID] [DEFAULT] might be enough.
https://codeberg.org/celenity/Phoenix/src/commit/d3cc0d78b3533d409e181c8c0fec6964c835cf54/phoenix-unified.cfg#L3871-3873
the implication here is not entirely correct: if _any policies are defined_ (as they are in phoenix, shipping its own `policies.json`), `dom.webserial.enabled` is [locked to false](https://hg-edge.mozilla.org/mozilla-central/rev/69d447bb852a)*. if fingerprinting truly is a concern, with the webserial api [turned on by default](https://bugzilla.mozilla.org/show_bug.cgi?id=2029625) in desktop release builds, or the api support is intended to be left user-modifiable by default (aka `defaultPref` instead of `lockPref`), [`DefaultSerialGuardSetting: 3`](https://firefox-admin-docs.mozilla.org/reference/policies/defaultserialguardsetting/) should be set as policy, which would ironically allow the api by default (`dom.webserial.enabled->true`), and then it would be gated by abovementioned prefs. the policy should not be set on android, since `false` is the default [on mobile](https://searchfox.org/firefox-main/source/modules/libpref/init/StaticPrefList.yaml#6027) and should not be overridden; the value being locked to `false` by policy usage is not an issue there (that is, until the default changes to `true` everywhere).
*EDIT:
in ff152+, the pref might no longer be [locked to false](https://bugzilla.mozilla.org/show_bug.cgi?id=2042826) by policy usage, just default `false` in that case (it is locked in 151); the fingerprinting angle remains the same. so for 152, explicitly setting `defaultPref("dom.webserial.enabled", true); // [NO-ANDROID] [DEFAULT]` might be enough.