review stop-undesired-requests.patch

this patch blocks all remote settings, but it needs to be reviewed as it has a side effect, which prevents updates of blocklists and crl lists between releases. as these are security features that have no privacy implication (unlike alternatives like ocsp that we disable), we want to have them in the browser.