Upload files to 'config'

config/mozilla.cfg

@@ -65,7 +65,7 @@ defaultPref("geo.provider.geoclue.always_high_accuracy", false); // [LINUX]
 defaultPref("geo.provider.use_geoclue", false); // [FF102+] [LINUX]
 // -------------------------------------
 // Disable region updates
-lockPref("browser.region.network.url", ""); // [FF78+]
+lockPref("browser.region.network.url", ""); // [FF78+] Defense-in-depth
 lockPref("browser.region.update.enabled", false); // [FF79+]
 // -------------------------------------
 // Set search region
@@ -434,7 +434,7 @@ defaultPref("security.pki.crlite_mode", 0);
 // MIXED CONTENT
 //
 // Disable insecure passive content (such as images) on https pages [SETUP-WEB]
-lockPref("security.mixed_content.block_display_content", true);
+// defaultPref("security.mixed_content.block_display_content", true); // Defense-in-depth
 // -------------------------------------
 // Enable HTTPS-Only mode in all windows [FF76+]
 defaultPref("dom.security.https_only_mode", true); // [FF76+]
@@ -522,9 +522,6 @@ defaultPref("browser.eme.ui.enabled", false);
 // Prevent scripts from moving and resizing open windows
 lockPref("dom.disable_window_move_resize", true);
 // -------------------------------------
-// Block popup windows
-lockPref("dom.disable_open_during_load", true);
-// -------------------------------------
 // Limit events that can cause a popup [SETUP-WEB]
 lockPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
 //
@@ -546,7 +543,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF]
 // -------------------------------------
 // Disable UITour backend so there is no chance that a remote page can use it
 lockPref("browser.uitour.enabled", false);
-lockPref("browser.uitour.url", "");
+lockPref("browser.uitour.url", ""); // Defense-in-depth
 // -------------------------------------
 // Reset remote debugging to disabled
 defaultPref("devtools.debugger.remote-enabled", false); // [DEFAULT: false]
@@ -567,7 +564,7 @@ lockPref("webchannel.allowObject.urlWhitelist", "");
 // Use Punycode in Internationalized Domain Names to eliminate possible spoofing
 lockPref("network.IDN_show_punycode", true);
 // -------------------------------------
-// Enforce PDFJS, disable PDFJS scripting [SETUP-CHROME]
+// Enforce PDFJS, disable PDFJS scripting
 lockPref("pdfjs.disabled", false); // [DEFAULT: false]
 lockPref("pdfjs.enableScripting", false); // [FF86+]
 // -------------------------------------
@@ -620,8 +617,8 @@ lockPref("browser.contentblocking.category", "strict");
 defaultPref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+]
 // -------------------------------------
 // Enable APS (Always Partitioning Storage)
-lockPref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+]
-lockPref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+]//
+lockPref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+}
+lockPref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+]
 //
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // SHUTDOWN & SANITIZING
@@ -738,7 +735,7 @@ defaultPref("webgl.disabled", true);
 // lockPref("permissions.memory_only", true); // [HIDDEN PREF]
 // -------------------------------------
 // Disable intermediate certificate caching [FF41+] [RESTART]
-// lockPref("security.nocertdb", true); // [HIDDEN PREF in FF101 or lower]
+// lockPref("security.nocertdb", true);
 // -------------------------------------
 // Disable favicons in history and bookmarks
 defaultPref("browser.chrome.site_icons", false);
@@ -857,6 +854,7 @@ lockPref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false]
 // defaultPref("browser.ssl_override_behavior", "");
 // defaultPref("devtools.chrome.enabled", "");
 // defaultPref("dom.disable_beforeunload", "");
+// defaultPref("dom.disable_open_during_load", "");
 // defaultPref("extensions.formautofill.available", "");
 // defaultPref("extensions.formautofill.addresses.supported", "");
 // defaultPref("extensions.formautofill.creditCards.available", "");
@@ -880,21 +878,21 @@ defaultPref("permissions.default.desktop-notification", 2);
 defaultPref("permissions.default.xr", 2); // Virtual Reality
 // -------------------------------------
 // Disable non-modern cipher suites
-defaultPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
-defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
-defaultPref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
-defaultPref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
-defaultPref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
-defaultPref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
-defaultPref("security.ssl3.rsa_aes_128_sha", false); // no PFS
-defaultPref("security.ssl3.rsa_aes_256_sha", false); // no PFS
+// defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // [DEFAULT: false FF109+]
+// defaultPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: false FF109+]
+// defaultPref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
+// defaultPref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
+// defaultPref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
+// defaultPref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
+// defaultPref("security.ssl3.rsa_aes_128_sha", false); // no PFS
+// defaultPref("security.ssl3.rsa_aes_256_sha", false); // no PFS
 // -------------------------------------
 // Control TLS versions
 // lockPref("security.tls.version.min", 3); // [DEFAULT: 3]
 // lockPref("security.tls.version.max", 4);
 // -------------------------------------
 // Disable SSL session IDs [FF36+]
-// lockPref("security.ssl.disable_session_identifiers", true); // [HIDDEN PREF in FF101 or lower]
+// lockPref("security.ssl.disable_session_identifiers", true);
 // -------------------------------------
 // Onions
 // lockPref("dom.securecontext.allowlist_onions", true);