2020-12-12 18:51:55 +00:00
|
|
|
//
|
|
|
|
// **********************************************************************************
|
|
|
|
// user.js | Pale Moon *
|
|
|
|
// *
|
|
|
|
// https://git.nixnet.xyz/Narsil/palemoon_user.js *
|
|
|
|
// *********************************************************************************/
|
|
|
|
//
|
|
|
|
// Author : Narsil : https://git.nixnet.xyz/Narsil
|
|
|
|
//
|
|
|
|
//
|
|
|
|
//
|
|
|
|
// Based on : arkenfox : https://github.com/arkenfox/user.js
|
|
|
|
//
|
|
|
|
//
|
|
|
|
// License : https://git.nixnet.xyz/Narsil/desktop_user.js/raw/branch/master/LICENSE
|
|
|
|
//
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// STARTUP
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable about:config warning
|
|
|
|
user_pref("general.warnOnAboutConfig", false);
|
|
|
|
//-------------------------------------
|
|
|
|
// Disable about:networking warning
|
|
|
|
user_pref("network.warnOnAboutNetworking", false);
|
|
|
|
//-------------------------------------
|
|
|
|
// Disable default browser check
|
|
|
|
user_pref("browser.shell.checkDefaultBrowser", false);
|
|
|
|
user_pref("browser.shell.skipDefaultBrowserCheckOnFirstRun", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set START page (0=blank, 1=home, 2=last visited page, 3=resume previous session)
|
|
|
|
user_pref("browser.startup.page", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set HOME+NEWWINDOW page
|
|
|
|
user_pref("browser.startup.homepage", "about:blank");
|
|
|
|
// -------------------------------------
|
|
|
|
// Set NEWTAB page
|
|
|
|
// true=Activity Stream (default), false=blank page
|
|
|
|
user_pref("browser.newtabpage.enabled", false);
|
|
|
|
user_pref("browser.newtab.preload", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Start Pale Moon in PB (Private Browsing) mode
|
|
|
|
// user_pref("browser.privatebrowsing.autostart", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable "slow startup" options
|
|
|
|
user_pref("browser.slowStartup.notificationDisabled", true);
|
|
|
|
user_pref("browser.slowStartup.maxSamples", 0);
|
|
|
|
user_pref("browser.slowStartup.samples", 0);
|
|
|
|
user_pref("browser.rights.3.shown", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// GEOLOCATION ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable Location-Aware Browsing
|
|
|
|
user_pref("geo.enabled", false);
|
|
|
|
user_pref("geo.wifi.uri", "");
|
|
|
|
user_pref("geo.wifi.logging.enabled", false); // [HIDDEN PREF]
|
|
|
|
user_pref("browser.geolocation.warning.infoURL", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Set search region
|
|
|
|
user_pref("browser.search.region", "US"); // [HIDDEN PREF]
|
|
|
|
user_pref("browser.search.countryCode", "US"); // [HIDDEN PREF]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// LANGUAGE / LOCALE ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Set preferred language for displaying web pages
|
|
|
|
user_pref("intl.accept_languages", "en-US, en");
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable using OS locale, force APP locale ***/
|
|
|
|
user_pref("intl.locale.matchOS", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce US English locale regardless of the system locale
|
|
|
|
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
|
|
|
|
// -------------------------------------
|
|
|
|
// Set APP locale ***/
|
|
|
|
user_pref("general.useragent.locale", "en-US");
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// QUIET PALE MOON
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable auto-CHECKING for extension and theme updates ***/
|
|
|
|
user_pref("extensions.update.enabled", false);
|
|
|
|
user_pref("extensions.blocklist.enabled", false);
|
|
|
|
user_pref("extensions.blocklist.itemURL", "");
|
|
|
|
user_pref("extensions.blocklist.detailsURL", "");
|
|
|
|
user_pref("extensions.blocklist.url", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto-update checks
|
|
|
|
user_pref("app.update.enabled", false);
|
2020-12-19 16:48:26 +00:00
|
|
|
user_pref("app.update.url", "");
|
|
|
|
user_pref("app.update.url.override", ""); // [HIDDEN PREF]
|
2020-12-12 18:51:55 +00:00
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto-INSTALLING updates [NON-WINDOWS]
|
|
|
|
user_pref("app.update.auto", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable background update staging ***/
|
|
|
|
user_pref("app.update.staging.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// This is the update available, downloaded, error and success information ***/
|
|
|
|
user_pref("app.update.silent", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto-INSTALLING extension and theme updates
|
|
|
|
user_pref("extensions.update.autoUpdateDefault", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable extension metadata
|
|
|
|
user_pref("extensions.getAddons.cache.enabled", false);
|
|
|
|
// ------------------------------------
|
|
|
|
// Featured extensions for displaying in Get Add-ons panel ***/
|
|
|
|
user_pref("extensions.webservice.discoverURL", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable search engine updates (e.g. OpenSearch)
|
|
|
|
user_pref("browser.search.update", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable sending Flash crash reports ***/
|
|
|
|
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable sending the URL of the website where a plugin crashed ***/
|
|
|
|
user_pref("dom.ipc.plugins.reportCrashURL", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable about:addons' Recommendations pane (uses Google Analytics) ***/
|
|
|
|
user_pref("extensions.getAddons.showPane", false); // [HIDDEN PREF]
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable telemetry
|
|
|
|
user_pref("toolkit.telemetry.unified", false);
|
|
|
|
user_pref("toolkit.telemetry.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.server", "data:,");
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Mozilla permission to silently opt you into tests ***/
|
|
|
|
user_pref("network.allow-experiments", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Captive Portal detection
|
|
|
|
user_pref("captivedetect.canonicalURL", "");
|
|
|
|
user_pref("network.captive-portal-service.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Block unwanted connections
|
|
|
|
user_pref("app.support.baseURL", "");
|
|
|
|
user_pref("browser.feedback.url", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto updating of personas (themes) ***/
|
|
|
|
user_pref("lightweightThemes.update.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Tracking Protection in all windows
|
|
|
|
user_pref("privacy.trackingprotection.pbmode.enabled", false);
|
|
|
|
user_pref("privacy.trackingprotection.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable link prefetching
|
|
|
|
user_pref("network.prefetch-next", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable DNS prefetching
|
|
|
|
user_pref("network.dns.disablePrefetch", true);
|
|
|
|
user_pref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF]
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable predictor / prefetching ***/
|
|
|
|
user_pref("network.predictor.enabled", false);
|
|
|
|
user_pref("network.predictor.enable-prefetch", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable link-mouseover opening connection to linked server
|
|
|
|
user_pref("network.http.speculative-parallel-limit", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce no "Hyperlink Auditing" (click ng)
|
|
|
|
user_pref("browser.send_pings", false);
|
|
|
|
user_pref("browser.send_pings.require_same_host", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable IPv6
|
|
|
|
user_pref("network.dns.disableIPv6", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable HTTP2
|
|
|
|
// user_pref("network.http.spdy.enabled", false);
|
|
|
|
// user_pref("network.http.spdy.enabled.deps", false);
|
|
|
|
// user_pref("network.http.spdy.enabled.http2", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce the proxy server to do any DNS lookups when using SOCKS
|
|
|
|
user_pref("network.proxy.socks_remote_dns", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable SSL False Start for HTTPS/WebSockets/SPDY connections
|
|
|
|
user_pref("security.ssl.enable_false_start", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable GIO as a potential proxy bypass vector
|
|
|
|
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable location bar using search
|
|
|
|
// user_pref("keyword.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable location bar domain guessing
|
|
|
|
user_pref("browser.fixup.alternate.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Display all parts of the url in the location bar ***/
|
|
|
|
user_pref("browser.urlbar.trimURLs", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable displaying javascript in history URLs
|
|
|
|
user_pref("browser.urlbar.filter.javascript", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable coloring of visited links - CSS history leak
|
|
|
|
user_pref("layout.css.visited_links_enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable live search suggestions
|
|
|
|
user_pref("browser.search.suggest.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable location bar suggestion types
|
|
|
|
user_pref("browser.urlbar.suggest.history", false);
|
|
|
|
user_pref("browser.urlbar.suggest.bookmark", false);
|
|
|
|
user_pref("browser.urlbar.suggest.openpage", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable location bar dropdown
|
|
|
|
// user_pref("browser.urlbar.maxRichResults", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable location bar autofill
|
|
|
|
user_pref("browser.urlbar.autoFill", false);
|
|
|
|
user_pref("browser.urlbar.autoFill.typed", false);
|
|
|
|
user_pref("browser.urlbar.autocomplete.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable search and form history
|
|
|
|
user_pref("browser.formfill.enable", false);
|
|
|
|
user_pref("browser.formfill.saveHttpsForms", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable browsing and download history
|
|
|
|
user_pref("places.history.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// PASSWORDS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable saving passwords and password alerts.
|
|
|
|
user_pref("signon.rememberSignons", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Use a primary password
|
|
|
|
user_pref("security.ask_for_password", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set how often in minutes Pale Moon should ask for the primary password
|
|
|
|
user_pref("security.password_lifetime", 5);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto-filling username & password form fields
|
|
|
|
user_pref("signon.autofillForms", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable formless login capture for Password Manager
|
|
|
|
user_pref("signon.formlessCapture.enabled", false);
|
|
|
|
user_pref("security.insecure_field_warning.contextual.enabled", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable websites' autocomplete="off"
|
|
|
|
user_pref("signon.storeWhenAutocompleteOff", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Limit (or disable) HTTP authentication credentials dialogs triggered by sub-resources
|
|
|
|
user_pref("network.auth.subresource-http-auth-allow", 1);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// CACHE ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable disk cache
|
|
|
|
user_pref("browser.cache.disk.enable", false);
|
|
|
|
user_pref("browser.cache.disk.capacity", 0);
|
|
|
|
user_pref("browser.cache.disk.smart_size.enabled", false);
|
|
|
|
user_pref("browser.cache.disk.smart_size.first_run", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable offline cache ***/
|
|
|
|
user_pref("browser.cache.offline.enable", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable memory cache
|
|
|
|
// user_pref("browser.cache.memory.enable", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// SESSIONS & SESSION RESTORE ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Exclude "Undo Closed Tabs" in Session Restore ***/
|
|
|
|
user_pref("browser.sessionstore.max_tabs_undo", 0);
|
|
|
|
user_pref("browser.sessionstore.max_windows_undo", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable storing extra session data [SETUP-CHROME]
|
|
|
|
user_pref("browser.sessionstore.privacy_level", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable deferred level of storing extra session data 0=all 1=http-only 2=none
|
|
|
|
user_pref("browser.sessionstore.privacy_level_deferred", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable resuming session from crash ***/
|
|
|
|
// user_pref("browser.sessionstore.resume_from_crash", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set the minimum interval between session save operations
|
|
|
|
user_pref("browser.sessionstore.interval", 30000);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// FAVICONS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable favicons in shortcuts
|
|
|
|
user_pref("browser.shell.shortcutFavicons", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable favicons in history and bookmarks
|
|
|
|
user_pref("browser.chrome.site_icons", false);
|
|
|
|
user_pref("browser.chrome.favicons", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable favicons in web notifications ***/
|
|
|
|
user_pref("alerts.showFavicons", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Require safe negotiation
|
|
|
|
user_pref("security.ssl.require_safe_negotiation", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control TLS versions with min and max
|
|
|
|
// user_pref("security.tls.version.min", 3);
|
|
|
|
// user_pref("security.tls.version.max", 4);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable SSL session tracking
|
|
|
|
user_pref("security.ssl.disable_session_identifiers", true); // [HIDDEN PREF]
|
|
|
|
// -------------------------------------
|
|
|
|
// Block rc4 fallback
|
|
|
|
user_pref("security.tls.unrestricted_rc4_fallback", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable TLS1.3 0-RTT (round-trip time)
|
|
|
|
user_pref("security.tls.enable_0rtt_data", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// OCSP (Online Certificate Status Protocol)
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Enable OCSP Stapling
|
|
|
|
user_pref("security.ssl.enable_ocsp_stapling", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control when to use OCSP fetching (to confirm current validity of certificates)
|
|
|
|
user_pref("security.OCSP.enabled", 0);
|
|
|
|
user_pref("services.sync.prefs.sync.security.OCSP.enabled", false);
|
|
|
|
user_pref("security.OCSP.GET.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set OCSP fetch failures (non-stapled) to hard-fail [SETUP-WEB]
|
|
|
|
user_pref("security.OCSP.require", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// CERTS / HPKP (HTTP Public Key Pinning) ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable or limit SHA-1 certificates
|
|
|
|
user_pref("security.pki.sha1_enforcement_level", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Windows 8.1's Microsoft Family Safety cert
|
|
|
|
user_pref("security.family_safety.mode", 0);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// MIXED CONTENT ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Enforce no insecure active content on https pages
|
|
|
|
user_pref("security.mixed_content.block_active_content", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable Mixed-Content-Blocker to use the HSTS cache but disable the HSTS Priming requests
|
|
|
|
user_pref("security.mixed_content.use_hsts", true);
|
|
|
|
user_pref("security.mixed_content.send_hsts_priming", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/
|
|
|
|
user_pref("security.mixed_content.block_display_content", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// CIPHERS [WARNING: do not meddle with your cipher suite]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable 3DES (effective key size < 128 and no PFS)
|
|
|
|
// user_pref("security.ssl3.rsa_des_ede3_sha", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable the remaining non-modern cipher suites
|
|
|
|
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
|
|
|
|
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
|
|
|
|
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
|
|
|
|
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
|
|
|
|
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
|
|
|
|
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// UI (User Interface) ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Display warning on the padlock for "broken security"
|
|
|
|
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control "Add Security Exception" dialog on SSL warnings
|
|
|
|
user_pref("browser.ssl_override_behavior", 1);
|
|
|
|
// -------------------------------------
|
|
|
|
// Display advanced information on Insecure Connection warning pages
|
|
|
|
user_pref("browser.xul.error_pages.expert_bad_cert", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// FONTS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable websites choosing fonts
|
|
|
|
user_pref("browser.display.use_document_fonts", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable icon fonts (glyphs) and local fallback rendering
|
|
|
|
// user_pref("gfx.downloadable_fonts.enabled", false);
|
|
|
|
// user_pref("gfx.downloadable_fonts.fallback_delay", -1);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable WOFF2 (Web Open Font Format) ***/
|
|
|
|
user_pref("gfx.downloadable_fonts.woff2.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable rendering of SVG OpenType fonts
|
|
|
|
user_pref("gfx.font_rendering.opentype_svg.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable graphite
|
|
|
|
user_pref("gfx.font_rendering.graphite.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disabling fonts can uglify the web a fair bit. ***/
|
|
|
|
user_pref("layout.css.font-loading-api.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable special underline handling for a few fonts which you will probably never use.
|
|
|
|
user_pref("font.blacklist.underline_offset", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Limit system font exposure to a whitelist
|
|
|
|
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// HEADERS / REFERERS
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Control when images/links send a referer
|
|
|
|
// user_pref("network.http.sendRefererHeader", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control the amount of information to send
|
|
|
|
user_pref("network.http.referer.trimmingPolicy", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control when to send a referer
|
|
|
|
user_pref("network.http.referer.XOriginPolicy", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control the amount of information to send
|
|
|
|
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable spoofing a referer
|
|
|
|
// user_pref("network.http.referer.spoofSource", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable the DNT (Do Not Track) HTTP header
|
|
|
|
user_pref("privacy.donottrackheader.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// PLUGINS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Set default plugin state (i.e. new plugins on discovery) to never activate
|
|
|
|
user_pref("plugin.default.state", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable widevine CDM (Content Decryption Module)
|
|
|
|
user_pref("media.gmp-manager.url", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable click to play and set to 0 minutes ***/
|
|
|
|
user_pref("plugins.click_to_play", true);
|
|
|
|
user_pref("plugin.sessionPermissionNow.intervalInMinutes", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable plugins using external/untrusted scripts with XPCOM or XPConnect ***/
|
|
|
|
user_pref("security.xpconnect.plugin.unrestricted", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable all GMP (Gecko Media Plugins) [SETUP]
|
|
|
|
user_pref("media.gmp-manager.url", "data:text/plain,"); // [HIDDEN PREF]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// MEDIA / CAMERA / MIC ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable WebRTC (Web Real-Time Communication)
|
|
|
|
user_pref("media.peerconnection.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable camera stuff ***/
|
|
|
|
user_pref("camera.control.face_detection.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable canvas capture stream
|
|
|
|
user_pref("canvas.capturestream.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable camera image capture
|
|
|
|
user_pref("dom.imagecapture.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable auto-play of HTML5 media
|
|
|
|
user_pref("media.autoplay.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable audio auto-play in non-active tabs
|
|
|
|
user_pref("media.block-autoplay-until-in-foreground", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable offscreen canvas
|
|
|
|
user_pref("gfx.offscreencanvas.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable two more webgl preferences
|
|
|
|
user_pref("webgl.dxgl.enabled", false); // [WINDOWS]
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable WebGL (Web Graphics Library)
|
|
|
|
user_pref("webgl.disabled", true);
|
|
|
|
user_pref("webgl.enable-webgl2", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Limit WebGL ***/
|
|
|
|
user_pref("webgl.min_capability_mode", true);
|
|
|
|
user_pref("webgl.disable-extensions", true);
|
|
|
|
user_pref("webgl.disable-fail-if-major-performance-caveat", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable screensharing ***/
|
|
|
|
user_pref("media.getusermedia.screensharing.enabled", false);
|
|
|
|
user_pref("media.getusermedia.audiocapture.enabled", false);
|
|
|
|
user_pref("media.getusermedia.screensharing.allow_on_old_platforms", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// WINDOW MEDDLING & LEAKS / POPUPS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Prevent scripts from moving and resizing open windows ***/
|
|
|
|
user_pref("dom.disable_window_move_resize", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable [new window] scripts hiding or disabling the following ***/
|
|
|
|
user_pref("dom.disable_window_open_feature.location", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.menubar", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.resizable", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.status", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.toolbar", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable [popup window] scripts hiding or disabling the following ***/
|
|
|
|
user_pref("dom.disable_window_flip", true); // window z-order
|
|
|
|
user_pref("dom.disable_window_move_resize", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.close", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.minimizable", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.personalbar", true);
|
|
|
|
user_pref("dom.disable_window_open_feature.titlebar", true);
|
|
|
|
user_pref("dom.disable_window_status_change", true);
|
|
|
|
user_pref("dom.allow_scripts_to_close_windows", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Open links targeting new windows in a new tab instead
|
|
|
|
user_pref("browser.link.open_newwindow", 3);
|
|
|
|
user_pref("browser.link.open_newwindow.restriction", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Fullscreen API (requires user interaction) to prevent screen-resolution leaks
|
|
|
|
// user_pref("full-screen-api.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Block popup windows
|
|
|
|
user_pref("dom.disable_open_during_load", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Limit events that can cause a popup [SETUP-WEB]
|
|
|
|
user_pref("dom.popup_allowed_events", "click dblclick");
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// WEB WORKERS
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable service workers
|
|
|
|
user_pref("dom.serviceWorkers.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Web Notifications
|
|
|
|
// user_pref("dom.webnotifications.enabled", false);
|
|
|
|
// user_pref("dom.webnotifications.serviceworker.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Push Notifications
|
|
|
|
user_pref("dom.push.enabled", false);
|
|
|
|
user_pref("dom.push.connection.enabled", false);
|
|
|
|
user_pref("dom.push.serverURL", "");
|
|
|
|
user_pref("dom.push.userAgentID", "");
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable website control over browser right-click context menu
|
|
|
|
// user_pref("dom.event.contextmenu.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable website access to clipboard events/content [SETUP-HARDEN]
|
|
|
|
user_pref("dom.event.clipboardevents.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set max popups from a single non-click event - default is 20! ***/
|
|
|
|
user_pref("dom.popup_maximum", 3);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable idle observation ***/
|
|
|
|
user_pref("dom.idle-observers-api.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Intersection Observer API
|
|
|
|
user_pref("dom.IntersectionObserver.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce websites to ask to store data for offline use
|
|
|
|
user_pref("offline-apps.allow_by_default", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Display a notification when websites ask to store data for offline use
|
|
|
|
user_pref("browser.offline-apps.notify", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable asm.js
|
|
|
|
user_pref("javascript.options.asmjs", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Ion and baseline JIT to harden against JS exploits [SETUP-HARDEN]
|
|
|
|
// user_pref("javascript.options.ion", false);
|
|
|
|
// user_pref("javascript.options.baselinejit", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable WebAssembly
|
|
|
|
user_pref("javascript.options.wasm", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// HARDWARE FINGERPRINTING ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Disable Web Audio API
|
|
|
|
user_pref("dom.webaudio.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable keyboard fingerprinting
|
|
|
|
user_pref("dom.beforeAfterKeyboardEvent.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable keyboard fingerprinting
|
|
|
|
user_pref("dom.keyboardevent.code.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Randomize Canvas
|
|
|
|
user_pref("canvas.poisondata", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Presentation API
|
|
|
|
// user_pref("dom.presentation.enabled", false);
|
|
|
|
// user_pref("dom.presentation.controller.enabled", false);
|
|
|
|
// user_pref("dom.presentation.discoverable", false);
|
|
|
|
// user_pref("dom.presentation.discovery.enabled", false);
|
|
|
|
// user_pref("dom.presentation.receiver.enabled", false);
|
|
|
|
// user_pref("dom.presentation.session_transport.data_channel.enable", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// MISCELLANEOUS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Prevent accessibility services from accessing your browser [RESTART]
|
|
|
|
user_pref("accessibility.force_disabled", 1);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable sending additional analytics to web servers
|
|
|
|
user_pref("beacon.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Remove temp files opened with an external application
|
|
|
|
user_pref("browser.helperApps.deleteTempFileOnExit", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable page thumbnail collection
|
|
|
|
user_pref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF]
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable various developer tools in browser context
|
|
|
|
user_pref("devtools.chrome.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable MathML (Mathematical Markup Language)
|
|
|
|
// user_pref("mathml.disabled", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable middle mouse click opening links from clipboard
|
|
|
|
user_pref("middlemouse.contentLoadURL", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
|
|
|
|
user_pref("network.http.redirection-limit", 10);
|
|
|
|
// -------------------------------------
|
|
|
|
// Remove special permissions for certain mozilla domains
|
|
|
|
user_pref("permissions.manager.defaultsUrl", "");
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce Punycode for Internationalized Domain Names to eliminate possible spoofing
|
|
|
|
user_pref("network.IDN_show_punycode", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce no system colors; they can be fingerprinted
|
|
|
|
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// DOWNLOADS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Discourage downloading to desktop
|
|
|
|
// user_pref("browser.download.folderList", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce user interaction for security by always asking where to download
|
|
|
|
user_pref("browser.download.useDownloadDir", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable adding downloads to the system's "recent documents" list ***/
|
|
|
|
user_pref("browser.download.manager.addToRecentDocs", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable hiding mime types (Options>General>Applications) not associated with a plugin ***/
|
|
|
|
user_pref("browser.download.hide_plugins_without_extensions", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable "open with" in download dialog
|
|
|
|
// user_pref("browser.download.forbid_open_with", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// SECURITY ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Enforce CSP (Content Security Policy)
|
|
|
|
user_pref("security.csp.enable", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable JAR from opening Unsafe File Types ***/
|
|
|
|
user_pref("network.jar.open-unsafe-types", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable WebIDE to prevent remote debugging and extension downloads
|
|
|
|
user_pref("devtools.debugger.remote-enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable SimpleServiceDiscovery
|
|
|
|
user_pref("gfx.layerscope.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable Strict File Origin Policy on local files
|
|
|
|
user_pref("security.fileuri.strict_origin_policy", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable Subresource Integrity
|
|
|
|
user_pref("security.sri.enable", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable DNS requests for hostnames with a .onion TLD
|
|
|
|
user_pref("network.dns.blockDotOnion", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable remote JAR files being opened, regardless of content type
|
|
|
|
user_pref("network.jar.block-remote-files", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable DeviceStorage API
|
|
|
|
user_pref("device.storage.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable HTTP Alternative Services
|
|
|
|
user_pref("network.http.altsvc.enabled", false);
|
|
|
|
user_pref("network.http.altsvc.oe", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Remove paths when sending URLs to PAC scripts
|
|
|
|
user_pref("network.proxy.autoconfig_url.include_path", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable "image/" mime types bypassing CSP
|
|
|
|
user_pref("security.block_script_with_wrong_mime", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Block top level window data: URIs
|
|
|
|
user_pref("security.data_uri.block_toplevel_data_uri_navigations", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enforce a security delay on some confirmation dialogs such as install, open/save
|
|
|
|
user_pref("security.dialog_enable_delay", 700);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// PERSISTENT STORAGE
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Clear localStorage and UUID when an extension is uninstalled
|
|
|
|
user_pref("extensions.webextensions.keepStorageOnUninstall", false);
|
|
|
|
user_pref("extensions.webextensions.keepUuidOnUninstall", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable HTTP sites setting cookies with the "secure" directive
|
|
|
|
user_pref("network.cookie.leave-secure-alone", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable 3rd-party cookies and site-data
|
|
|
|
user_pref("network.cookie.cookieBehavior", 1);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set third-party cookies (i.e ALL) (if enabled) to session-only
|
|
|
|
user_pref("network.cookie.thirdparty.sessionOnly", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Delete cookies and site data on close
|
|
|
|
user_pref("network.cookie.lifetimePolicy", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable DOM (Document Object Model) Storage
|
|
|
|
// user_pref("dom.storage.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable service worker cache and cache storage
|
|
|
|
// user_pref("dom.caches.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Storage API
|
|
|
|
// user_pref("dom.storageManager.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// SHUTDOWN
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Enable Firefox to clear items on shutdown
|
|
|
|
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set what items to clear on shutdown
|
|
|
|
user_pref("privacy.clearOnShutdown.cache", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.cookies", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.connectivityData", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.downloads", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.formdata", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.history", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.offlineApps", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.passwords", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.sessions", true);
|
|
|
|
user_pref("privacy.clearOnShutdown.siteSettings", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Reset default items to clear with Ctrl-Shift-Del
|
|
|
|
user_pref("privacy.cpd.cache", true);
|
|
|
|
user_pref("privacy.cpd.connectivityData", false);
|
|
|
|
user_pref("privacy.cpd.cookies", false);
|
|
|
|
user_pref("privacy.cpd.downloads", true);
|
|
|
|
user_pref("privacy.cpd.formdata", true);
|
|
|
|
user_pref("privacy.cpd.history", true);
|
|
|
|
user_pref("privacy.cpd.offlineApps", false);
|
|
|
|
user_pref("privacy.cpd.passwords", false);
|
|
|
|
user_pref("privacy.cpd.sessions", true);
|
|
|
|
user_pref("privacy.cpd.siteSettings", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Reset default 'Time range to clear' for 'Clear Recent History'
|
|
|
|
user_pref("privacy.sanitize.timeSpan", 0);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// RFP ALTERNATIVES
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Spoof (or limit?) number of CPU cores
|
|
|
|
// user_pref("dom.maxHardwareConcurrency", 2);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable resource/navigation timing
|
|
|
|
user_pref("dom.enable_resource_timing", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable timing attacks
|
|
|
|
user_pref("dom.enable_performance", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable device sensor API
|
|
|
|
user_pref("device.sensors.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable site specific zoom
|
|
|
|
user_pref("browser.zoom.siteSpecific", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable giving away network info
|
|
|
|
user_pref("dom.netinfo.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable the SpeechSynthesis (Text-to-Speech) part of the Web Speech API
|
|
|
|
user_pref("media.webspeech.synth.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable video statistics - JS performance fingerprinting
|
|
|
|
user_pref("media.video_stats.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable touch events
|
|
|
|
// user_pref("dom.w3c_touch_events.enabled", 0);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable MediaDevices change detection
|
|
|
|
user_pref("media.ondevicechange.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable WebGL debug info being available to websites
|
|
|
|
user_pref("webgl.enable-debug-renderer-info", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable PointerEvents
|
|
|
|
user_pref("dom.w3c_pointer_events.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// RFP ALTERNATIVES (NAVIGATOR / USER AGENT SPOOFING)
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Navigator DOM object overrides
|
|
|
|
user_pref("general.buildID.override", "20181001000000"); // Firefox ESR ID
|
|
|
|
user_pref("browser.startup.homepage_override.buildID", "20181001000000"); // Firefox ESR ID
|
2020-12-19 16:48:26 +00:00
|
|
|
user_pref("network.http.useragent.global_override", "Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0"); // Firefox ESR Agent
|
2020-12-12 18:51:55 +00:00
|
|
|
user_pref("general.useragent.updates.url", "");
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// PERSONAL
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
user_pref("browser.startup.homepage_override.mstone", "ignore");
|
|
|
|
user_pref("startup.homepage_welcome_url", "");
|
|
|
|
user_pref("startup.homepage_override_url", "");
|
|
|
|
user_pref("services.sync.prefs.sync.browser.startup.homepage", "about:blank");
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable ctrl-tab previews ***/
|
|
|
|
user_pref("browser.ctrlTab.previews", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control urlbar click behaviour (with defaults) ***/
|
|
|
|
user_pref("browser.urlbar.clickSelectsAll", true);
|
|
|
|
user_pref("browser.urlbar.doubleClickSelectsAll", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Control tab behaviours (with defaults)
|
|
|
|
user_pref("browser.tabs.insertRelatedAfterCurrent", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Switch to the parent tab (if it has one) on close
|
|
|
|
user_pref("browser.tabs.selectOwnerOnClose", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Stay on the parent tab when opening links in a new tab
|
|
|
|
user_pref("browser.tabs.loadInBackground", true);
|
|
|
|
// -------------------------------------
|
|
|
|
// Set behavior of pages normally meant to open in a new window
|
|
|
|
user_pref("browser.tabs.loadDivertedInBackground", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable new search panel UI
|
|
|
|
// user_pref("browser.search.showOneOffButtons", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable/disable MSE (Media Source Extensions)
|
|
|
|
// user_pref("media.mediasource.enabled", false);
|
|
|
|
// user_pref("media.mediasource.mp4.enabled", false);
|
|
|
|
// user_pref("media.mediasource.webm.audio.enabled", false);
|
|
|
|
// user_pref("media.mediasource.webm.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Enable/disable various media types ***/
|
|
|
|
// user_pref("media.mp4.enabled", false);
|
|
|
|
// user_pref("media.flac.enabled", false);
|
|
|
|
// user_pref("media.ogg.enabled", false);
|
|
|
|
// user_pref("media.ogg.flac.enabled", false);
|
|
|
|
// user_pref("media.opus.enabled", false);
|
|
|
|
// user_pref("media.raw.enabled", false);
|
|
|
|
// user_pref("media.wave.enabled", false);
|
|
|
|
// user_pref("media.webm.enabled", false);
|
|
|
|
// user_pref("media.wmf.enabled", false);
|
|
|
|
// user_pref("media.wmf.vp9.enabled", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// Disable Archive Reader API
|
|
|
|
user_pref("dom.archivereader.enabled", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// WARNINGS ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
user_pref("browser.tabs.warnOnClose", false);
|
|
|
|
user_pref("browser.tabs.warnOnCloseOtherTabs", false);
|
|
|
|
user_pref("browser.tabs.warnOnOpen", false);
|
|
|
|
user_pref("full-screen-api.warning.delay", 0);
|
|
|
|
user_pref("full-screen-api.warning.timeout", 0);
|
|
|
|
user_pref("browser.warnOnQuit", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// CONTENT BEHAVIOR ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
user_pref("accessibility.typeaheadfind", false);
|
|
|
|
user_pref("clipboard.autocopy", false);
|
|
|
|
user_pref("layout.spellcheckDefault", 0);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// UX BEHAVIOR ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// user_pref("browser.backspace_action", 2);
|
|
|
|
// user_pref("browser.tabs.closeWindowWithLastTab", false);
|
|
|
|
// user_pref("browser.tabs.loadBookmarksInTabs", true);
|
|
|
|
// user_pref("browser.urlbar.decodeURLsOnCopy", true);
|
|
|
|
// user_pref("general.autoScroll", false);
|
|
|
|
// user_pref("ui.key.menuAccessKey", 0);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// UX FEATURES: Disable and hide the icons and menus ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
user_pref("reader.parse-on-load.enabled", false);
|
|
|
|
user_pref("browser.tabs.animate", false);
|
|
|
|
user_pref("browser.fullscreen.animateUp", 0);
|
|
|
|
user_pref("general.smoothScroll", false);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// OTHER ***/
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// user_pref("browser.bookmarks.max_backups", 2);
|
|
|
|
user_pref("network.manage-offline-status", false);
|
|
|
|
// user_pref("xpinstall.signatures.required", false);
|
|
|
|
// -------------------------------------
|
|
|
|
// SUCCESS
|
|
|
|
user_pref("_config.applied", true);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
//
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|