It comes down to the high-level architecture of Gecko.
Gecko is not just a web engine; it is in many ways an entire application framework. Gecko inverts control such that it implements the entire main event loop of the application. Desktop Firefox is essentially one big privileged HTML+JS application that happens to embed a non-privileged browser iframe within it. about:config governs settings around everything in this framework.
Now let's look at Android: the modern architecture of Firefox for Android is that of a native Android app that embeds Gecko similarly to a WebView, albeit a much more powerful one (GeckoView)[1]. Many parts of GeckoView's implementation need to deal with reconciling the "Gecko as app framework that controls the universe" paradigm with the "Gecko as a lowly Android View rendering into a graphics surface" paradigm. about:config is still important, but it only affects the Gecko part, not the native app part.
For GeckoView to work correctly, many about:config settings must be set to very specific values -- the free-for-all that is about:config on desktop could actually break an instance of Firefox on Android. This is particularly fatal to an app when run on a non-rooted phone.
Thanks for the more technical explanation. Explanations for restricting about:config I've come across before didn't make it clear that Firefox for Android is a substantially different design from Firefox for desktop that's easier to break in that way.
Gecko is not just a web engine; it is in many ways an entire application framework. Gecko inverts control such that it implements the entire main event loop of the application. Desktop Firefox is essentially one big privileged HTML+JS application that happens to embed a non-privileged browser iframe within it. about:config governs settings around everything in this framework.
Now let's look at Android: the modern architecture of Firefox for Android is that of a native Android app that embeds Gecko similarly to a WebView, albeit a much more powerful one (GeckoView)[1]. Many parts of GeckoView's implementation need to deal with reconciling the "Gecko as app framework that controls the universe" paradigm with the "Gecko as a lowly Android View rendering into a graphics surface" paradigm. about:config is still important, but it only affects the Gecko part, not the native app part.
For GeckoView to work correctly, many about:config settings must be set to very specific values -- the free-for-all that is about:config on desktop could actually break an instance of Firefox on Android. This is particularly fatal to an app when run on a non-rooted phone.
[1] https://geckoview.dev