diff --git a/user.js b/user.js index 7588958..f92d047 100644 --- a/user.js +++ b/user.js @@ -46,6 +46,12 @@ user_pref("browser.slowStartup.notificationDisabled", true); user_pref("browser.slowStartup.maxSamples", 0); user_pref("browser.slowStartup.samples", 0); user_pref("browser.rights.3.shown", true); +// ------------------------------------- +// Disable "tearing off" of tabs +user_pref("browser.tabs.allowTabDetach", true); +// ------------------------------------- +// Disable using the "Back" button to go back to the QuickDial page +user_pref("browser.newtabpage.add_to_session_history", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // GEOLOCATION ***/ @@ -66,7 +72,7 @@ user_pref("browser.search.countryCode", "US"); // [HIDDEN PREF] // Set preferred language for displaying web pages user_pref("intl.accept_languages", "en-US, en"); // ------------------------------------- -// Disable using OS locale, force APP locale ***/ +// Disable using OS locale, force APP locale user_pref("intl.locale.matchOS", false); // ------------------------------------- // Enforce US English locale regardless of the system locale @@ -78,7 +84,7 @@ user_pref("general.useragent.locale", "en-US"); // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // QUIET PALE MOON // >>>>>>>>>>>>>>>>>>>>> -// Disable auto-CHECKING for extension and theme updates ***/ +// Disable auto-CHECKING for extension and theme updates user_pref("extensions.update.enabled", false); user_pref("extensions.blocklist.enabled", false); user_pref("extensions.blocklist.itemURL", ""); @@ -93,10 +99,10 @@ user_pref("app.update.url.override", ""); // [HIDDEN PREF] // Disable auto-INSTALLING updates [NON-WINDOWS] user_pref("app.update.auto", false); // ------------------------------------- -// Disable background update staging ***/ +// Disable background update staging user_pref("app.update.staging.enabled", false); // ------------------------------------- -// This is the update available, downloaded, error and success information ***/ +// This is the update available, downloaded, error and success information user_pref("app.update.silent", false); // ------------------------------------- // Disable auto-INSTALLING extension and theme updates @@ -105,7 +111,7 @@ user_pref("extensions.update.autoUpdateDefault", false); // Disable extension metadata user_pref("extensions.getAddons.cache.enabled", false); // ------------------------------------ -// Featured extensions for displaying in Get Add-ons panel ***/ +// Featured extensions for displaying in Get Add-ons panel user_pref("extensions.webservice.discoverURL", ""); // ------------------------------------- // Disable search engine updates (e.g. OpenSearch) @@ -114,10 +120,10 @@ user_pref("browser.search.update", false); // Disable sending Flash crash reports ***/ user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); // ------------------------------------- -// Disable sending the URL of the website where a plugin crashed ***/ +// Disable sending the URL of the website where a plugin crashed user_pref("dom.ipc.plugins.reportCrashURL", false); // ------------------------------------- -// Disable about:addons' Recommendations pane (uses Google Analytics) ***/ +// Disable about:addons' Recommendations pane (uses Google Analytics) user_pref("extensions.getAddons.showPane", false); // [HIDDEN PREF] // ------------------------------------- // Disable telemetry @@ -125,7 +131,7 @@ user_pref("toolkit.telemetry.unified", false); user_pref("toolkit.telemetry.enabled", false); user_pref("toolkit.telemetry.server", "data:,"); // ------------------------------------- -// Disable Mozilla permission to silently opt you into tests ***/ +// Disable Mozilla permission to silently opt you into tests user_pref("network.allow-experiments", false); // ------------------------------------- // Disable Captive Portal detection @@ -136,15 +142,18 @@ user_pref("network.captive-portal-service.enabled", false); user_pref("app.support.baseURL", ""); user_pref("browser.feedback.url", ""); // ------------------------------------- -// Disable auto updating of personas (themes) ***/ +// Disable auto updating of personas (themes) user_pref("lightweightThemes.update.enabled", false); // ------------------------------------- // Disable Tracking Protection in all windows user_pref("privacy.trackingprotection.pbmode.enabled", false); user_pref("privacy.trackingprotection.enabled", false); +// ------------------------------------- +// Disable detailed error reporting of media errors for debugging purposes +user_pref("media.sourceErrorDetails.enabled", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/ +// BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] // >>>>>>>>>>>>>>>>>>>>> // Disable link prefetching user_pref("network.prefetch-next", false); @@ -153,7 +162,7 @@ user_pref("network.prefetch-next", false); user_pref("network.dns.disablePrefetch", true); user_pref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF] // ------------------------------------- -// Disable predictor / prefetching ***/ +// Disable predictor / prefetching user_pref("network.predictor.enabled", false); user_pref("network.predictor.enable-prefetch", false); // ------------------------------------- @@ -165,7 +174,7 @@ user_pref("browser.send_pings", false); user_pref("browser.send_pings.require_same_host", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/ +// HTTP* / TCP/IP / DNS / PROXY / SOCKS etc // >>>>>>>>>>>>>>>>>>>>> // Disable IPv6 user_pref("network.dns.disableIPv6", true); @@ -193,7 +202,7 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] // Disable location bar domain guessing user_pref("browser.fixup.alternate.enabled", false); // ------------------------------------- -// Display all parts of the url in the location bar ***/ +// Display all parts of the url in the location bar user_pref("browser.urlbar.trimURLs", false); // ------------------------------------- // Disable displaying javascript in history URLs @@ -224,9 +233,21 @@ user_pref("browser.formfill.saveHttpsForms", false); // ------------------------------------- // Disable browsing and download history user_pref("places.history.enabled", false); +// ------------------------------------- +// Enable immediately showing the edit dialog for new bookmarks +// user_pref("browser.bookmarks.editDialog.showForNewBookmarks", true); +// ------------------------------------- +// Allow copying the unescaped URL from the address bar +// user_pref("browser.urlbar.decodeURLsOnCopy", true); +// ------------------------------------- +// Control the sizes of default smart bookmarks categories +// user_pref("browser.places.smartBookmarks.max", 1); // [HIDDEN PREF] +// ------------------------------------- +// Unsubscribe to feeds +// user_pref("browser.urlbar.rss", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// PASSWORDS ***/ +// PASSWORDS // >>>>>>>>>>>>>>>>>>>>> // Disable saving passwords and password alerts. user_pref("signon.rememberSignons", false); @@ -249,9 +270,12 @@ user_pref("signon.storeWhenAutocompleteOff", true); // ------------------------------------- // Limit (or disable) HTTP authentication credentials dialogs triggered by sub-resources user_pref("network.auth.subresource-http-auth-allow", 1); +// ------------------------------------- +// Ask for the Master Password the moment the application starts +user_pref("signon.startup.prompt", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// CACHE ***/ +// CACHE // >>>>>>>>>>>>>>>>>>>>> // Disable disk cache user_pref("browser.cache.disk.enable", false); @@ -259,33 +283,49 @@ user_pref("browser.cache.disk.capacity", 0); user_pref("browser.cache.disk.smart_size.enabled", false); user_pref("browser.cache.disk.smart_size.first_run", false); // ------------------------------------- -// Disable offline cache ***/ +// Disable offline cache user_pref("browser.cache.offline.enable", false); // ------------------------------------- // Disable memory cache // user_pref("browser.cache.memory.enable", false); +// ------------------------------------- +// Control from which source restored tabs pull their page content +// 0 = load restored tab data from cache (current behavior, default) +// 1 = refresh restored tab data from the network +// 2 = refresh stored tab data from the network and bypass any cached data. +user_pref("browser.sessionstore.cache_behavior", 0); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// SESSIONS & SESSION RESTORE ***/ +// SESSIONS & SESSION RESTORE // >>>>>>>>>>>>>>>>>>>>> -// Exclude "Undo Closed Tabs" in Session Restore ***/ +// Exclude "Undo Closed Tabs" in Session Restore user_pref("browser.sessionstore.max_tabs_undo", 0); user_pref("browser.sessionstore.max_windows_undo", 0); // ------------------------------------- -// Disable storing extra session data [SETUP-CHROME] +// Disable storing extra session data user_pref("browser.sessionstore.privacy_level", 2); // ------------------------------------- // Disable deferred level of storing extra session data 0=all 1=http-only 2=none user_pref("browser.sessionstore.privacy_level_deferred", 2); // ------------------------------------- -// Disable resuming session from crash ***/ +// Disable resuming session from crash // user_pref("browser.sessionstore.resume_from_crash", false); // ------------------------------------- // Set the minimum interval between session save operations user_pref("browser.sessionstore.interval", 30000); +// ------------------------------------- +// Hide pinned tabs in CtrlTab/AllTab panes +// user_pref("browser.ctrlTab.hidePinnedTabs", true); +// user_pref("browser.allTabs.hidePinnedTabs", true); +// ------------------------------------- +// Change the browser's behavior when restoring tabs from previous sessions +user_pref("browser.sessionstore.cache_behavior", 0); +// ------------------------------------- +// Control of the number of concurrent tabs to be restored from a session (accepted values 1-10) +// user_pref("browser.sessionstore.max_concurrent_tabs", 1); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// FAVICONS ***/ +// FAVICONS // >>>>>>>>>>>>>>>>>>>>> // Disable favicons in shortcuts user_pref("browser.shell.shortcutFavicons", false); @@ -294,11 +334,14 @@ user_pref("browser.shell.shortcutFavicons", false); user_pref("browser.chrome.site_icons", false); user_pref("browser.chrome.favicons", false); // ------------------------------------- -// Disable favicons in web notifications ***/ +// Disable favicons in web notifications user_pref("alerts.showFavicons", false); +// ------------------------------------- +// Disable processing favicons +user_pref("browser.chrome.favicons.process", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/ +// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) // >>>>>>>>>>>>>>>>>>>>> // Require safe negotiation user_pref("security.ssl.require_safe_negotiation", true); @@ -315,6 +358,9 @@ user_pref("security.tls.unrestricted_rc4_fallback", false); // ------------------------------------- // Disable TLS1.3 0-RTT (round-trip time) user_pref("security.tls.enable_0rtt_data", false); +// ------------------------------------- +// Disable TLS 1.3 draft support +// user_pref("security.tls.version.max", 4); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // OCSP (Online Certificate Status Protocol) @@ -327,11 +373,11 @@ user_pref("security.OCSP.enabled", 0); user_pref("services.sync.prefs.sync.security.OCSP.enabled", false); user_pref("security.OCSP.GET.enabled", false); // ------------------------------------- -// Set OCSP fetch failures (non-stapled) to hard-fail [SETUP-WEB] +// Set OCSP fetch failures (non-stapled) to hard-fail user_pref("security.OCSP.require", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// CERTS / HPKP (HTTP Public Key Pinning) ***/ +// CERTS / HPKP (HTTP Public Key Pinning) // >>>>>>>>>>>>>>>>>>>>> // Disable or limit SHA-1 certificates user_pref("security.pki.sha1_enforcement_level", 0); @@ -339,7 +385,7 @@ user_pref("security.pki.sha1_enforcement_level", 0); // Disable Windows 8.1's Microsoft Family Safety cert user_pref("security.family_safety.mode", 0); // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// MIXED CONTENT ***/ +// MIXED CONTENT // >>>>>>>>>>>>>>>>>>>>> // Enforce no insecure active content on https pages user_pref("security.mixed_content.block_active_content", true); @@ -348,7 +394,7 @@ user_pref("security.mixed_content.block_active_content", true); user_pref("security.mixed_content.use_hsts", true); user_pref("security.mixed_content.send_hsts_priming", false); // ------------------------------------- -// Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/ +// Disable insecure passive content (such as images) on https pages user_pref("security.mixed_content.block_display_content", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -366,7 +412,7 @@ user_pref("security.mixed_content.block_display_content", true); // user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// UI (User Interface) ***/ +// UI (User Interface) // >>>>>>>>>>>>>>>>>>>>> // Display warning on the padlock for "broken security" user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); @@ -378,7 +424,7 @@ user_pref("browser.ssl_override_behavior", 1); user_pref("browser.xul.error_pages.expert_bad_cert", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// FONTS ***/ +// FONTS // >>>>>>>>>>>>>>>>>>>>> // Disable websites choosing fonts user_pref("browser.display.use_document_fonts", 0); @@ -387,7 +433,7 @@ user_pref("browser.display.use_document_fonts", 0); // user_pref("gfx.downloadable_fonts.enabled", false); // user_pref("gfx.downloadable_fonts.fallback_delay", -1); // ------------------------------------- -// Disable WOFF2 (Web Open Font Format) ***/ +// Disable WOFF2 (Web Open Font Format) user_pref("gfx.downloadable_fonts.woff2.enabled", false); // ------------------------------------- // Disable rendering of SVG OpenType fonts @@ -396,7 +442,7 @@ user_pref("gfx.font_rendering.opentype_svg.enabled", false); // Disable graphite user_pref("gfx.font_rendering.graphite.enabled", false); // ------------------------------------- -// Disabling fonts can uglify the web a fair bit. ***/ +// Disabling fonts can uglify the web a fair bit user_pref("layout.css.font-loading-api.enabled", false); // ------------------------------------- // Disable special underline handling for a few fonts which you will probably never use. @@ -425,9 +471,12 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // ------------------------------------- // Enable the DNT (Do Not Track) HTTP header user_pref("privacy.donottrackheader.enabled", false); +// ------------------------------------- +// Blocking of authentication-locked cross-origin image subresources by default to prevent spurious auth prompts +// user_pref("network.auth.subresource-http-img-XO-auth", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// PLUGINS ***/ +// PLUGINS // >>>>>>>>>>>>>>>>>>>>> // Set default plugin state (i.e. new plugins on discovery) to never activate user_pref("plugin.default.state", 0); @@ -435,23 +484,23 @@ user_pref("plugin.default.state", 0); // Disable widevine CDM (Content Decryption Module) user_pref("media.gmp-manager.url", ""); // ------------------------------------- -// Enable click to play and set to 0 minutes ***/ +// Enable click to play and set to 0 minutes user_pref("plugins.click_to_play", true); user_pref("plugin.sessionPermissionNow.intervalInMinutes", 0); // ------------------------------------- -// Disable plugins using external/untrusted scripts with XPCOM or XPConnect ***/ +// Disable plugins using external/untrusted scripts with XPCOM or XPConnect user_pref("security.xpconnect.plugin.unrestricted", false); // ------------------------------------- // Disable all GMP (Gecko Media Plugins) [SETUP] user_pref("media.gmp-manager.url", "data:text/plain,"); // [HIDDEN PREF] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// MEDIA / CAMERA / MIC ***/ +// MEDIA / CAMERA / MIC // >>>>>>>>>>>>>>>>>>>>> // Disable WebRTC (Web Real-Time Communication) user_pref("media.peerconnection.enabled", false); // ------------------------------------- -// Disable camera stuff ***/ +// Disable camera stuff user_pref("camera.control.face_detection.enabled", false); // ------------------------------------- // Disable canvas capture stream @@ -476,30 +525,33 @@ user_pref("webgl.dxgl.enabled", false); // [WINDOWS] user_pref("webgl.disabled", true); user_pref("webgl.enable-webgl2", false); // ------------------------------------- -// Limit WebGL ***/ +// Limit WebGL user_pref("webgl.min_capability_mode", true); user_pref("webgl.disable-extensions", true); user_pref("webgl.disable-fail-if-major-performance-caveat", true); // ------------------------------------- -// Disable screensharing ***/ +// Disable screensharing user_pref("media.getusermedia.screensharing.enabled", false); user_pref("media.getusermedia.audiocapture.enabled", false); user_pref("media.getusermedia.screensharing.allow_on_old_platforms", false); +// ------------------------------------- +// Control if sound is playing the tab +// user_pref("browser.tabs.showAudioPlayingIcon", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// WINDOW MEDDLING & LEAKS / POPUPS ***/ +// WINDOW MEDDLING & LEAKS / POPUPS // >>>>>>>>>>>>>>>>>>>>> -// Prevent scripts from moving and resizing open windows ***/ +// Prevent scripts from moving and resizing open windows user_pref("dom.disable_window_move_resize", true); // ------------------------------------- -// Disable [new window] scripts hiding or disabling the following ***/ +// Disable [new window] scripts hiding or disabling the following user_pref("dom.disable_window_open_feature.location", true); user_pref("dom.disable_window_open_feature.menubar", true); user_pref("dom.disable_window_open_feature.resizable", true); user_pref("dom.disable_window_open_feature.status", true); user_pref("dom.disable_window_open_feature.toolbar", true); // ------------------------------------- -// Disable [popup window] scripts hiding or disabling the following ***/ +// Disable [popup window] scripts hiding or disabling the following user_pref("dom.disable_window_flip", true); // window z-order user_pref("dom.disable_window_move_resize", true); user_pref("dom.disable_window_open_feature.close", true); @@ -521,6 +573,12 @@ user_pref("dom.disable_open_during_load", true); // ------------------------------------- // Limit events that can cause a popup [SETUP-WEB] user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); +// ------------------------------------- +// Control whether content can be scrolled if a context menu is open +user_pref("ui.menu.allow_content_scroll", true); +// ------------------------------------- +// Place the browser window fully on a visible portion of the screen +// user_pref("browser.sessionstore.exactPos", true); // [HIDDEN PREF] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // WEB WORKERS @@ -537,24 +595,27 @@ user_pref("dom.push.enabled", false); user_pref("dom.push.connection.enabled", false); user_pref("dom.push.serverURL", ""); user_pref("dom.push.userAgentID", ""); +// ------------------------------------- +// Disable AbortController +user_pref("dom.abortController.enabled", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/ +// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT // >>>>>>>>>>>>>>>>>>>>> // Disable website control over browser right-click context menu // user_pref("dom.event.contextmenu.enabled", false); // ------------------------------------- -// Disable website access to clipboard events/content [SETUP-HARDEN] +// Disable website access to clipboard events/content user_pref("dom.event.clipboardevents.enabled", false); // ------------------------------------- -// Set max popups from a single non-click event - default is 20! ***/ +// Set max popups from a single non-click event - default is 20! user_pref("dom.popup_maximum", 3); // ------------------------------------- // Disable idle observation ***/ user_pref("dom.idle-observers-api.enabled", false); // ------------------------------------- // Disable Intersection Observer API -user_pref("dom.IntersectionObserver.enabled", false); +user_pref("dom.intersectionObserver.enabled", false); // ------------------------------------- // Enforce websites to ask to store data for offline use user_pref("offline-apps.allow_by_default", false); @@ -565,15 +626,24 @@ user_pref("browser.offline-apps.notify", true); // Disable asm.js user_pref("javascript.options.asmjs", false); // ------------------------------------- -// Disable Ion and baseline JIT to harden against JS exploits [SETUP-HARDEN] +// Disable Ion and baseline JIT to harden against JS exploits // user_pref("javascript.options.ion", false); // user_pref("javascript.options.baselinejit", false); // ------------------------------------- // Disable WebAssembly user_pref("javascript.options.wasm", false); +// ------------------------------------- +// Disable Google WebComponents (CustomElements and Shadow DOM) +// user_pref("dom.webcomponents.enabled", false); +// ------------------------------------- +// Enable/Disable the page visibility Web API +// user_pref("dom.visibilityAPI.enabled", true); +// ------------------------------------- +// Disable the way URL hashes are handled +user_pref("dom.url.getters_decode_hash", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// HARDWARE FINGERPRINTING ***/ +// HARDWARE FINGERPRINTING // >>>>>>>>>>>>>>>>>>>>> // Disable Web Audio API user_pref("dom.webaudio.enabled", false); @@ -594,7 +664,7 @@ user_pref("canvas.poisondata", true); // user_pref("dom.presentation.session_transport.data_channel.enable", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// MISCELLANEOUS ***/ +// MISCELLANEOUS // >>>>>>>>>>>>>>>>>>>>> // Prevent accessibility services from accessing your browser [RESTART] user_pref("accessibility.force_disabled", 1); @@ -625,9 +695,20 @@ user_pref("network.IDN_show_punycode", true); // ------------------------------------- // Enforce no system colors; they can be fingerprinted user_pref("browser.display.use_system_colors", false); // [DEFAULT: false] +// ------------------------------------- +// Disable the 4th and 5th mouse buttons (Windows) +// user_pref("mouse.button4.enabled", false); +// user_pref("mouse.button4.enabled", false); +// ------------------------------------- +// Use the mousewheel for horizontal scrolling (mouse action value 4) +// (e.g. setting mousewheel.with_shift.action to 4 makes Shift+wheel scroll horizontally) +// user_pref("mousewheel.with_shift.action", 2); +// ------------------------------------- +// Disable tab switching when a modal dialog is presented in a page. +// user_pref("prompts.tab_modal.focusSwitch", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// DOWNLOADS ***/ +// DOWNLOADS // >>>>>>>>>>>>>>>>>>>>> // Discourage downloading to desktop // user_pref("browser.download.folderList", 2); @@ -635,22 +716,22 @@ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false] // Enforce user interaction for security by always asking where to download user_pref("browser.download.useDownloadDir", false); // ------------------------------------- -// Disable adding downloads to the system's "recent documents" list ***/ +// Disable adding downloads to the system's "recent documents" list user_pref("browser.download.manager.addToRecentDocs", false); // ------------------------------------- -// Disable hiding mime types (Options>General>Applications) not associated with a plugin ***/ +// Disable hiding mime types (Options>General>Applications) not associated with a plugin user_pref("browser.download.hide_plugins_without_extensions", false); // ------------------------------------- // Disable "open with" in download dialog // user_pref("browser.download.forbid_open_with", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// SECURITY ***/ +// SECURITY // >>>>>>>>>>>>>>>>>>>>> // Enforce CSP (Content Security Policy) user_pref("security.csp.enable", true); // ------------------------------------- -// Disable JAR from opening Unsafe File Types ***/ +// Disable JAR from opening Unsafe File Types user_pref("network.jar.open-unsafe-types", false); // ------------------------------------- // Disable WebIDE to prevent remote debugging and extension downloads @@ -689,6 +770,21 @@ user_pref("security.data_uri.block_toplevel_data_uri_navigations", true); // ------------------------------------- // Enforce a security delay on some confirmation dialogs such as install, open/save user_pref("security.dialog_enable_delay", 700); +// ------------------------------------- +// Allow users to relax the behavior of file: URIs to treat each URI as a unique origin +// user_pref("security.fileuri.unique_origin", false); +// ------------------------------------- +// Exit to a no-content page after encountering a network or security error +user_pref("browser.escape_to_blank", true); +// ------------------------------------- +// Display punycode domain for IDN websites to combat phishing +// 0 = Display IDN name in identity panel (previous behavior) +// 1 = Display punycode name for DV SSL domains (default) +// 2 = Also display punycode for HTTP sites if IDN name used +user_pref("browser.identity.display_punycode", 1); +// ------------------------------------- +// Enable the use of HSTS (HTTP Strict Transport Security) +user_pref("network.stricttransportsecurity.enabled", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // PERSISTENT STORAGE @@ -750,6 +846,9 @@ user_pref("privacy.cpd.siteSettings", false); // ------------------------------------- // Reset default 'Time range to clear' for 'Clear Recent History' user_pref("privacy.sanitize.timeSpan", 0); +// ------------------------------------- +// Disable "Confirm you want to leave" dialog on page close +user_pref("dom.disable_beforeunload", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // RFP ALTERNATIVES @@ -798,6 +897,9 @@ user_pref("general.buildID.override", "20181001000000"); // Firefox ESR ID user_pref("browser.startup.homepage_override.buildID", "20181001000000"); // Firefox ESR ID user_pref("network.http.useragent.global_override", "Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0"); // Firefox ESR Agent user_pref("general.useragent.updates.url", ""); +// ------------------------------------- +// AUS testing/override the app.update.url.override +// user_pref("app.update.url.override", ""); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // PERSONAL @@ -810,7 +912,7 @@ user_pref("services.sync.prefs.sync.browser.startup.homepage", "about:blank"); // Enable ctrl-tab previews ***/ user_pref("browser.ctrlTab.previews", true); // ------------------------------------- -// Control urlbar click behaviour (with defaults) ***/ +// Control urlbar click behaviour (with defaults) user_pref("browser.urlbar.clickSelectsAll", true); user_pref("browser.urlbar.doubleClickSelectsAll", false); // ------------------------------------- @@ -835,7 +937,7 @@ user_pref("browser.tabs.loadDivertedInBackground", false); // user_pref("media.mediasource.webm.audio.enabled", false); // user_pref("media.mediasource.webm.enabled", false); // ------------------------------------- -// Enable/disable various media types ***/ +// Enable/disable various media types // user_pref("media.mp4.enabled", false); // user_pref("media.flac.enabled", false); // user_pref("media.ogg.enabled", false); @@ -849,9 +951,15 @@ user_pref("browser.tabs.loadDivertedInBackground", false); // ------------------------------------- // Disable Archive Reader API user_pref("dom.archivereader.enabled", false); +// ------------------------------------- +// Don't set previews of the menu list of tabs +// user_pref("browser.allTabs.previews", false); +// ------------------------------------- +// Resize other tabs when closing a tab +// user_pref("browser.tabs.resize_immediately", true); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// WARNINGS ***/ +// WARNINGS // >>>>>>>>>>>>>>>>>>>>> user_pref("browser.tabs.warnOnClose", false); user_pref("browser.tabs.warnOnCloseOtherTabs", false); @@ -861,14 +969,14 @@ user_pref("full-screen-api.warning.timeout", 0); user_pref("browser.warnOnQuit", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// CONTENT BEHAVIOR ***/ +// CONTENT BEHAVIOR // >>>>>>>>>>>>>>>>>>>>> user_pref("accessibility.typeaheadfind", false); user_pref("clipboard.autocopy", false); user_pref("layout.spellcheckDefault", 0); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// UX BEHAVIOR ***/ +// UX BEHAVIOR // >>>>>>>>>>>>>>>>>>>>> // user_pref("browser.backspace_action", 2); // user_pref("browser.tabs.closeWindowWithLastTab", false); @@ -878,7 +986,7 @@ user_pref("layout.spellcheckDefault", 0); // user_pref("ui.key.menuAccessKey", 0); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// UX FEATURES: Disable and hide the icons and menus ***/ +// UX FEATURES: Disable and hide the icons and menus // >>>>>>>>>>>>>>>>>>>>> user_pref("reader.parse-on-load.enabled", false); user_pref("browser.tabs.animate", false); @@ -886,12 +994,18 @@ user_pref("browser.fullscreen.animateUp", 0); user_pref("general.smoothScroll", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -// OTHER ***/ +// OTHER // >>>>>>>>>>>>>>>>>>>>> // user_pref("browser.bookmarks.max_backups", 2); user_pref("network.manage-offline-status", false); // user_pref("xpinstall.signatures.required", false); // ------------------------------------- +// Enable the html tag +// user_pref("dom.menuitem.enabled", true); +// ------------------------------------- +// Control the use of node.getRootNode +user_pref("dom.getRootNode.enabled", false); +// ------------------------------------- // SUCCESS user_pref("_config.applied", true); // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>