Update 'user.js'

This commit is contained in:
Narsil 2020-12-12 07:03:32 -05:00
parent 761fee4fae
commit 8863c77b89
1 changed files with 63 additions and 67 deletions

130
user.js
View File

@ -79,7 +79,7 @@ user_pref("browser.newtabpage.activity-stream.default.sites", "");
// https://wiki.mozilla.org/Private_Browsing // https://wiki.mozilla.org/Private_Browsing
// https://spreadprivacy.com/is-private-browsing-really-private/ ***/ // https://spreadprivacy.com/is-private-browsing-really-private/ ***/
// user_pref("browser.privatebrowsing.autostart", true); // user_pref("browser.privatebrowsing.autostart", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// GEOLOCATION ***/ // GEOLOCATION ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable Location-Aware Browsing // Disable Location-Aware Browsing
@ -112,7 +112,7 @@ user_pref("browser.region.update.enabled", false); // [[FF79+]
// Set search region // Set search region
// May not be hidden if Firefox has changed your settings due to your region ***/ // May not be hidden if Firefox has changed your settings due to your region ***/
user_pref("browser.search.region", "US"); // [HIDDEN PREF] user_pref("browser.search.region", "US"); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// LANGUAGE / LOCALE ***/ // LANGUAGE / LOCALE ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Set preferred language for displaying web pages // Set preferred language for displaying web pages
@ -123,7 +123,7 @@ user_pref("intl.accept_languages", "en-US, en");
// [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages // [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/ // https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF] user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// QUIET FOX // QUIET FOX
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable auto-CHECKING for extension and theme updates ***/ // Disable auto-CHECKING for extension and theme updates ***/
@ -292,7 +292,7 @@ user_pref("app.support.baseURL", "");
// Disable report browser errors to Mozilla // Disable report browser errors to Mozilla
// https://bugzilla.mozilla.org/show_bug.cgi?id=1426482 // https://bugzilla.mozilla.org/show_bug.cgi?id=1426482
user_pref("browser.chrome.errorReporter.infoURL", ""); user_pref("browser.chrome.errorReporter.infoURL", "");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SAFE BROWSING (SB) // SAFE BROWSING (SB)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable SB (Safe Browsing) // Disable SB (Safe Browsing)
@ -343,7 +343,7 @@ user_pref("browser.safebrowsing.provider.google4.advisoryURL", "");
user_pref("browser.safebrowsing.blockedURIs.enabled", false); user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.provider.mozilla.gethashURL", ""); user_pref("browser.safebrowsing.provider.mozilla.gethashURL", "");
user_pref("browser.safebrowsing.provider.mozilla.updateURL", ""); user_pref("browser.safebrowsing.provider.mozilla.updateURL", "");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SYSTEM ADD-ONS / EXPERIMENTS // SYSTEM ADD-ONS / EXPERIMENTS
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable Normandy/Shield [FF60+] // Disable Normandy/Shield [FF60+]
@ -381,7 +381,7 @@ user_pref("extensions.formautofill.heuristics.enabled", false); // [FF55+]
// Disable Web Compatibility Reporter [FF56+] // Disable Web Compatibility Reporter [FF56+]
// Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla ***/ // Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla ***/
user_pref("extensions.webcompat-reporter.enabled", false); user_pref("extensions.webcompat-reporter.enabled", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/ // BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable link prefetching // Disable link prefetching
@ -405,7 +405,7 @@ user_pref("network.http.speculative-parallel-limit", 0);
// https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/ ***/ // https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/ ***/
user_pref("browser.send_pings", false); // [DEFAULT: false] user_pref("browser.send_pings", false); // [DEFAULT: false]
user_pref("browser.send_pings.require_same_host", true); // defense-in-depth user_pref("browser.send_pings.require_same_host", true); // defense-in-depth
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/ // HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable IPv6 // Disable IPv6
@ -476,13 +476,8 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
// See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-https // See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-https
user_pref("network.trr.mode", 0); user_pref("network.trr.mode", 0);
user_pref("network.trr.uri", ""); user_pref("network.trr.uri", "");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS // LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS
// Change items to suit for privacy vs convenience and functionality. Consider
// your environment (no unwanted eyeballs), your device (restricted access), your device's
// unattended state (locked, encrypted, forensic hardened).
// [NOTE] The urlbar is also commonly referred to as the location bar and address bar
// #Required reading [#] https://xkcd.com/538/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable location bar using search // Disable location bar using search
// Don't leak URL typos to a search engine, give an error message instead. // Don't leak URL typos to a search engine, give an error message instead.
@ -563,7 +558,7 @@ user_pref("browser.taskbar.lists.tasks.enabled", false);
// ------------------------------------- // -------------------------------------
// Disable Windows taskbar preview [WINDOWS] ***/ // Disable Windows taskbar preview [WINDOWS] ***/
user_pref("browser.taskbar.previews.enable", false); user_pref("browser.taskbar.previews.enable", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PASSWORDS ***/ // PASSWORDS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable saving passwords and password alerts. // Disable saving passwords and password alerts.
@ -602,7 +597,7 @@ user_pref("signon.formlessCapture.enabled", false);
// 1=don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs // 1=don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs
// 2=allow sub-resources to open HTTP authentication credentials dialogs (default) // 2=allow sub-resources to open HTTP authentication credentials dialogs (default)
user_pref("network.auth.subresource-http-auth-allow", 1); user_pref("network.auth.subresource-http-auth-allow", 1);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CACHE ***/ // CACHE ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable disk cache // Disable disk cache
@ -626,7 +621,7 @@ user_pref("browser.cache.disk.enable", false);
// [SETUP-WEB] ESR78: playback might break on subsequent loading ***/ // [SETUP-WEB] ESR78: playback might break on subsequent loading ***/
user_pref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] user_pref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
user_pref("media.memory_cache_max_size", 65536); user_pref("media.memory_cache_max_size", 65536);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SESSIONS & SESSION RESTORE ***/ // SESSIONS & SESSION RESTORE ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Exclude "Undo Closed Tabs" in Session Restore ***/ // Exclude "Undo Closed Tabs" in Session Restore ***/
@ -653,7 +648,7 @@ user_pref("browser.sessionstore.interval", 30000);
// Disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS] // Disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS]
// https://bugzilla.mozilla.org/603903 ***/ // https://bugzilla.mozilla.org/603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false); user_pref("toolkit.winRegisterApplicationRestart", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FAVICONS ***/ // FAVICONS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable favicons in shortcuts // Disable favicons in shortcuts
@ -671,7 +666,7 @@ user_pref("browser.chrome.site_icons", false);
// ------------------------------------- // -------------------------------------
// Disable favicons in web notifications ***/ // Disable favicons in web notifications ***/
user_pref("alerts.showFavicons", false); // [DEFAULT: false] user_pref("alerts.showFavicons", false); // [DEFAULT: false]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/ // SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Require safe negotiation // Require safe negotiation
@ -715,7 +710,7 @@ user_pref("security.ssl.errorReporting.url", "");
// https://github.com/tlswg/tls13-spec/issues/1001 // https://github.com/tlswg/tls13-spec/issues/1001
// https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ ***/ // https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ ***/
user_pref("security.tls.enable_0rtt_data", false); user_pref("security.tls.enable_0rtt_data", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// OCSP (Online Certificate Status Protocol) // OCSP (Online Certificate Status Protocol)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enable OCSP Stapling // Enable OCSP Stapling
@ -738,7 +733,7 @@ user_pref("security.OCSP.enabled", 0);
// https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ // https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
// https://www.imperialviolet.org/2014/04/19/revchecking.html ***/ // https://www.imperialviolet.org/2014/04/19/revchecking.html ***/
user_pref("security.OCSP.require", false); user_pref("security.OCSP.require", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CERTS / HPKP (HTTP Public Key Pinning) ***/ // CERTS / HPKP (HTTP Public Key Pinning) ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable or limit SHA-1 certificates // Disable or limit SHA-1 certificates
@ -771,7 +766,7 @@ user_pref("security.family_safety.mode", 0);
// by inspecting ALL your web traffic, then leave at current default=1 // by inspecting ALL your web traffic, then leave at current default=1
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206 ***/ // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206 ***/
user_pref("security.cert_pinning.enforcement_level", 2); user_pref("security.cert_pinning.enforcement_level", 2);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MIXED CONTENT ***/ // MIXED CONTENT ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enforce no insecure active content on https pages // Enforce no insecure active content on https pages
@ -804,7 +799,7 @@ user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
// This is done to avoid waiting for a timeout which takes 90 seconds // This is done to avoid waiting for a timeout which takes 90 seconds
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/ // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/
user_pref("dom.security.https_only_mode_send_http_background_request", false); user_pref("dom.security.https_only_mode_send_http_background_request", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CIPHERS [WARNING: do not meddle with your cipher suite] // CIPHERS [WARNING: do not meddle with your cipher suite]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable 3DES (effective key size < 128 and no PFS) // Disable 3DES (effective key size < 128 and no PFS)
@ -820,7 +815,7 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS // user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS // user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UI (User Interface) ***/ // UI (User Interface) ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Display warning on the padlock for "broken security" // Display warning on the padlock for "broken security"
@ -845,7 +840,7 @@ user_pref("browser.xul.error_pages.expert_bad_cert", true);
// Display "insecure" icon and "Not Secure" text on HTTP sites ***/ // Display "insecure" icon and "Not Secure" text on HTTP sites ***/
// user_pref("security.insecure_connection_icon.enabled", true); // [FF59+] [DEFAULT: true] // user_pref("security.insecure_connection_icon.enabled", true); // [FF59+] [DEFAULT: true]
user_pref("security.insecure_connection_text.enabled", true); // [FF60+] user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FONTS ***/ // FONTS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable websites choosing fonts (0=block, 1=allow) // Disable websites choosing fonts (0=block, 1=allow)
@ -875,32 +870,32 @@ user_pref("gfx.font_rendering.graphite.enabled", false);
// [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis // [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis
// https://bugzilla.mozilla.org/1121643 ***/ // https://bugzilla.mozilla.org/1121643 ***/
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF] // user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HEADERS / REFERERS // HEADERS / REFERERS
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// ALL: control when images/links send a referer // Control when images/links send a referer
// 0=never, 1=send only when links are clicked, 2=for links and images (default) ***/ // 0=never, 1=send only when links are clicked, 2=for links and images (default) ***/
// user_pref("network.http.sendRefererHeader", 2); // [DEFAULT: 2] // user_pref("network.http.sendRefererHeader", 2); // [DEFAULT: 2]
// ------------------------------------- // -------------------------------------
// ALL: control the amount of information to send // Control the amount of information to send
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/ // 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/
user_pref("network.http.referer.trimmingPolicy", 2); // [DEFAULT: 0] user_pref("network.http.referer.trimmingPolicy", 2); // [DEFAULT: 0]
// ------------------------------------- // -------------------------------------
// CROSS ORIGIN: control when to send a referer // Control when to send a referer
// 0=always (default), 1=only if base domains match, 2=only if hosts match // 0=always (default), 1=only if base domains match, 2=only if hosts match
// [SETUP-WEB] Known to cause issues with older modems/routers and some sites e.g vimeo, icloud ***/ // [SETUP-WEB] Known to cause issues with older modems/routers and some sites e.g vimeo, icloud ***/
user_pref("network.http.referer.XOriginPolicy", 2); user_pref("network.http.referer.XOriginPolicy", 2);
// ------------------------------------- // -------------------------------------
// CROSS ORIGIN: control the amount of information to send [FF52+] // Control the amount of information to send [FF52+]
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/ // 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/
user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // [DEFAULT: 0] user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // [DEFAULT: 0]
// ------------------------------------- // -------------------------------------
// ALL: disable spoofing a referer // Disable spoofing a referer
// [WARNING] Do not set this to true, as spoofing effectively disables the anti-CSRF // [WARNING] Do not set this to true, as spoofing effectively disables the anti-CSRF
// (Cross-Site Request Forgery) protections that some sites may rely on ***/ // (Cross-Site Request Forgery) protections that some sites may rely on ***/
// user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false] // user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
// ------------------------------------- // -------------------------------------
// ALL: set the default Referrer Policy [FF59+] // Set the default Referrer Policy [FF59+]
// 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade // 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade
// [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy // [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy
// https://www.w3.org/TR/referrer-policy/ // https://www.w3.org/TR/referrer-policy/
@ -909,17 +904,17 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // [DEFAULT: 0]
// user_pref("network.http.referer.defaultPolicy", 3); // [DEFAULT: 3] // user_pref("network.http.referer.defaultPolicy", 3); // [DEFAULT: 3]
// user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2] // user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2]
// ------------------------------------- // -------------------------------------
// TOR: hide (not spoof) referrer when leaving a .onion domain [FF54+] // Hide (not spoof) referrer when leaving a .onion domain [FF54+]
// [NOTE] Firefox cannot access .onion sites by default. We recommend you use // [NOTE] Firefox cannot access .onion sites by default. We recommend you use
// the Tor Browser which is specifically designed for hidden services // the Tor Browser which is specifically designed for hidden services
// https://bugzilla.mozilla.org/1305144 ***/ // https://bugzilla.mozilla.org/1305144 ***/
user_pref("network.http.referer.hideOnionSource", true); user_pref("network.http.referer.hideOnionSource", true);
// ------------------------------------- // -------------------------------------
// ALL: enable the DNT (Do Not Track) HTTP header // Enable the DNT (Do Not Track) HTTP header
// [NOTE] DNT is enforced with Enhanced Tracking Protection regardless of this pref // [NOTE] DNT is enforced with Enhanced Tracking Protection regardless of this pref
// [SETTING] Privacy & Security>Enhanced Tracking Protection>Send websites a "Do Not Track" signal... ***/ // [SETTING] Privacy & Security>Enhanced Tracking Protection>Send websites a "Do Not Track" signal... ***/
user_pref("privacy.donottrackheader.enabled", false); user_pref("privacy.donottrackheader.enabled", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CONTAINERS // CONTAINERS
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enable Container Tabs setting in preferences [FF50+] // Enable Container Tabs setting in preferences [FF50+]
@ -934,7 +929,7 @@ user_pref("privacy.userContext.enabled", true);
// [NOTE] The menu is always shown on long press and right click // [NOTE] The menu is always shown on long press and right click
// [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/ // [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/
// user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true); // user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PLUGINS ***/ // PLUGINS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable Flash plugin // Disable Flash plugin
@ -959,7 +954,7 @@ user_pref("media.gmp-manager.url.override", "");
// [SETTING] General>DRM Content>Play DRM-controlled content // [SETTING] General>DRM Content>Play DRM-controlled content
// https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next ***/ // https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next ***/
user_pref("media.eme.enabled", false); user_pref("media.eme.enabled", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MEDIA / CAMERA / MIC ***/ // MEDIA / CAMERA / MIC ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable WebRTC (Web Real-Time Communication) // Disable WebRTC (Web Real-Time Communication)
@ -1017,7 +1012,7 @@ user_pref("permissions.default.microphone", 2);
// [NOTE] If you have trouble with some video sites, then add an exception // [NOTE] If you have trouble with some video sites, then add an exception
// https://support.mozilla.org/questions/1293231 ***/ // https://support.mozilla.org/questions/1293231 ***/
user_pref("media.autoplay.blocking_policy", 2); user_pref("media.autoplay.blocking_policy", 2);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WINDOW MEDDLING & LEAKS / POPUPS ***/ // WINDOW MEDDLING & LEAKS / POPUPS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Prevent scripts from moving and resizing open windows ***/ // Prevent scripts from moving and resizing open windows ***/
@ -1044,7 +1039,7 @@ user_pref("dom.disable_open_during_load", true);
// Limit events that can cause a popup [SETUP-WEB] // Limit events that can cause a popup [SETUP-WEB]
// default is "change click dblclick auxclick mouseup pointerup notificationclick reset submit touchend contextmenu" ***/ // default is "change click dblclick auxclick mouseup pointerup notificationclick reset submit touchend contextmenu" ***/
user_pref("dom.popup_allowed_events", "click dblclick"); user_pref("dom.popup_allowed_events", "click dblclick");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WEB WORKERS // WEB WORKERS
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable service workers [FF32, FF44-compat] // Disable service workers [FF32, FF44-compat]
@ -1084,7 +1079,7 @@ user_pref("dom.push.userAgentID", "");
// [SETTING] to add site exceptions: Page Info>Permissions>Receive Notifications // [SETTING] to add site exceptions: Page Info>Permissions>Receive Notifications
// [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Notifications>Settings ***/ // [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Notifications>Settings ***/
// user_pref("permissions.default.desktop-notification", 2); // user_pref("permissions.default.desktop-notification", 2);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/ // DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable website control over browser right-click context menu // Disable website control over browser right-click context menu
@ -1144,7 +1139,7 @@ user_pref("javascript.options.wasm", false);
// Enable (limited but sufficient) window.opener protection [FF65+] // Enable (limited but sufficient) window.opener protection [FF65+]
// Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/ // Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+] user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HARDWARE FINGERPRINTING ***/ // HARDWARE FINGERPRINTING ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable Battery Status API // Disable Battery Status API
@ -1189,7 +1184,7 @@ user_pref("dom.webaudio.enabled", false);
// [SETTING] to add site exceptions: Page Info>Permissions>Access Virtual Reality Devices // [SETTING] to add site exceptions: Page Info>Permissions>Access Virtual Reality Devices
// [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Virtual Reality>Settings ***/ // [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Virtual Reality>Settings ***/
// user_pref("permissions.default.xr", 0); // user_pref("permissions.default.xr", 0);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MISCELLANEOUS ***/ // MISCELLANEOUS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Prevent accessibility services from accessing your browser [RESTART] // Prevent accessibility services from accessing your browser [RESTART]
@ -1201,7 +1196,7 @@ user_pref("accessibility.force_disabled", 1);
// https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/ // https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/
user_pref("beacon.enabled", false); user_pref("beacon.enabled", false);
// ------------------------------------- // -------------------------------------
// Rremove temp files opened with an external application // Remove temp files opened with an external application
// https://bugzilla.mozilla.org/302433 ***/ // https://bugzilla.mozilla.org/302433 ***/
user_pref("browser.helperApps.deleteTempFileOnExit", true); user_pref("browser.helperApps.deleteTempFileOnExit", true);
// ------------------------------------- // -------------------------------------
@ -1289,11 +1284,12 @@ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
// for these will show/use their correct 3rd party origin // for these will show/use their correct 3rd party origin
// https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion */ // https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion */
user_pref("permissions.delegation.enabled", false); user_pref("permissions.delegation.enabled", false);
// -------------------------------------
// Enable "window.name" protection [FF82+] // Enable "window.name" protection [FF82+]
// If a new page from another domain is loaded into a tab, then window.name is set to an empty string. The original // If a new page from another domain is loaded into a tab, then window.name is set to an empty string. The original
// string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks ***/ // string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks ***/
user_pref("privacy.window.name.update.enabled", true); user_pref("privacy.window.name.update.enabled", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DOWNLOADS ***/ // DOWNLOADS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Discourage downloading to desktop // Discourage downloading to desktop
@ -1312,13 +1308,13 @@ user_pref("browser.download.manager.addToRecentDocs", false);
// Disable hiding mime types (Options>General>Applications) not associated with a plugin ***/ // Disable hiding mime types (Options>General>Applications) not associated with a plugin ***/
user_pref("browser.download.hide_plugins_without_extensions", false); user_pref("browser.download.hide_plugins_without_extensions", false);
// ------------------------------------- // -------------------------------------
// 2654: disable "open with" in download dialog [FF50+] [SETUP-HARDEN] // Disable "open with" in download dialog [FF50+] [SETUP-HARDEN]
// This is very useful to enable when the browser is sandboxed (e.g. via AppArmor) // This is very useful to enable when the browser is sandboxed (e.g. via AppArmor)
// in such a way that it is forbidden to run external applications. // in such a way that it is forbidden to run external applications.
// [WARNING] This may interfere with some users' workflow or methods // [WARNING] This may interfere with some users' workflow or methods
// https://bugzilla.mozilla.org/1281959 ***/ // https://bugzilla.mozilla.org/1281959 ***/
// user_pref("browser.download.forbid_open_with", true); // user_pref("browser.download.forbid_open_with", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// EXTENSIONS ***/ // EXTENSIONS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Lock down allowed extension directories // Lock down allowed extension directories
@ -1332,7 +1328,7 @@ user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
// Disable webextension restrictions on certain mozilla domains [FF60+] // Disable webextension restrictions on certain mozilla domains [FF60+]
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/ // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
// user_pref("extensions.webextensions.restrictedDomains", ""); // user_pref("extensions.webextensions.restrictedDomains", "");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SECURITY ***/ // SECURITY ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enforce CSP (Content Security Policy) // Enforce CSP (Content Security Policy)
@ -1343,7 +1339,7 @@ user_pref("security.csp.enable", true); // [DEFAULT: true]
// Enforce a security delay on some confirmation dialogs such as install, open/save // Enforce a security delay on some confirmation dialogs such as install, open/save
// https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/ // https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 700); user_pref("security.dialog_enable_delay", 700);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PERSISTENT STORAGE // PERSISTENT STORAGE
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable 3rd-party cookies and site-data [SETUP-WEB] // Disable 3rd-party cookies and site-data [SETUP-WEB]
@ -1398,7 +1394,7 @@ user_pref("browser.cache.offline.storage.enable", false); // [FF71+] [DEFAULT: f
// ------------------------------------- // -------------------------------------
// Enable Local Storage Next Generation (LSNG) [FF65+] ***/ // Enable Local Storage Next Generation (LSNG) [FF65+] ***/
user_pref("dom.storage.next_gen", true); user_pref("dom.storage.next_gen", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SHUTDOWN // SHUTDOWN
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enable Firefox to clear items on shutdown // Enable Firefox to clear items on shutdown
@ -1449,7 +1445,7 @@ user_pref("privacy.cpd.siteSettings", false); // Site Preferences
// [NOTE] The values 5 + 6 are not listed in the dropdown, which will display a // [NOTE] The values 5 + 6 are not listed in the dropdown, which will display a
// blank value if they are used, but they do work as advertised ***/ // blank value if they are used, but they do work as advertised ***/
user_pref("privacy.sanitize.timeSpan", 0); user_pref("privacy.sanitize.timeSpan", 0);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FPI (FIRST PARTY ISOLATION) // FPI (FIRST PARTY ISOLATION)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enable First Party Isolation [FF51+] // Enable First Party Isolation [FF51+]
@ -1467,6 +1463,7 @@ user_pref("privacy.firstparty.isolate", true);
// https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/ // https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/
// user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true] // user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
// user_pref("privacy.firstparty.isolate.block_post_message", true); // user_pref("privacy.firstparty.isolate.block_post_message", true);
// -------------------------------------
// Enable scheme with FPI [FF78+] // Enable scheme with FPI [FF78+]
// [NOTE] Experimental: existing data and site permissions are incompatible // [NOTE] Experimental: existing data and site permissions are incompatible
// and some site exceptions may not work e.g. HTTPS-only mode ***/ // and some site exceptions may not work e.g. HTTPS-only mode ***/
@ -1475,7 +1472,7 @@ user_pref("privacy.firstparty.isolate", true);
// Enable site partitioning (FF78+) // Enable site partitioning (FF78+)
// https://bugzilla.mozilla.org/1590107 [META] */ // https://bugzilla.mozilla.org/1590107 [META] */
user_pref("privacy.partition.network_state", true); user_pref("privacy.partition.network_state", true);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP (RESIST FINGERPRINTING) // RFP (RESIST FINGERPRINTING)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Enable privacy.resistFingerprinting [FF41+] // Enable privacy.resistFingerprinting [FF41+]
@ -1516,7 +1513,7 @@ user_pref("browser.startup.blankWindow", false);
// Disable chrome animations [FF77+] [RESTART] // Disable chrome animations [FF77+] [RESTART]
// [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/ // [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/
user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF] user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP ALTERNATIVES // RFP ALTERNATIVES
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Spoof (or limit?) number of CPU cores [FF48+] // Spoof (or limit?) number of CPU cores [FF48+]
@ -1536,9 +1533,9 @@ user_pref("dom.enable_performance", false);
// ------------------------------------- // -------------------------------------
// Disable device sensor API // Disable device sensor API
// Optional protection depending on your device // Optional protection depending on your device
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758 // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758
// [2] https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/ // https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
// [3] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751 // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
user_pref("device.sensors.enabled", false); user_pref("device.sensors.enabled", false);
// ------------------------------------- // -------------------------------------
// Disable site specific zoom // Disable site specific zoom
@ -1612,7 +1609,7 @@ user_pref("ui.systemUsesDarkTheme", 0); // [HIDDEN PREF]
// [NOTE] Bundled fonts are auto-allowed // [NOTE] Bundled fonts are auto-allowed
// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc // https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
user_pref("layout.css.font-visibility.level", 1); user_pref("layout.css.font-visibility.level", 1);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP ALTERNATIVES (NAVIGATOR / USER AGENT SPOOFING) // RFP ALTERNATIVES (NAVIGATOR / USER AGENT SPOOFING)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Navigator DOM object overrides // Navigator DOM object overrides
@ -1623,14 +1620,14 @@ user_pref("layout.css.font-visibility.level", 1);
// user_pref("general.oscpu.override", ""); // [HIDDEN PREF] // user_pref("general.oscpu.override", ""); // [HIDDEN PREF]
// user_pref("general.platform.override", ""); // [HIDDEN PREF] // user_pref("general.platform.override", ""); // [HIDDEN PREF]
// user_pref("general.useragent.override", ""); // [HIDDEN PREF] // user_pref("general.useragent.override", ""); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PERSONAL // PERSONAL
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.startup.homepage_override.mstone", "ignore"); // master switch user_pref("browser.startup.homepage_override.mstone", "ignore"); // master switch
user_pref("startup.homepage_welcome_url", ""); user_pref("startup.homepage_welcome_url", "");
user_pref("startup.homepage_welcome_url.additional", ""); user_pref("startup.homepage_welcome_url.additional", "");
user_pref("startup.homepage_override_url", ""); // What's New page after updates user_pref("startup.homepage_override_url", ""); // What's New page after updates
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WARNINGS ***/ // WARNINGS ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.tabs.warnOnClose", false); user_pref("browser.tabs.warnOnClose", false);
@ -1639,18 +1636,18 @@ user_pref("browser.tabs.warnOnOpen", false);
user_pref("full-screen-api.warning.delay", 0); user_pref("full-screen-api.warning.delay", 0);
user_pref("full-screen-api.warning.timeout", 0); user_pref("full-screen-api.warning.timeout", 0);
user_pref("browser.warnOnQuit", false); user_pref("browser.warnOnQuit", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// APPEARANCE ***/ // APPEARANCE ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.download.autohideButton", false); // [FF57+] // user_pref("browser.download.autohideButton", false); // [FF57+]
// user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // [FF68+] allow userChrome/userContent // user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // [FF68+] allow userChrome/userContent
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CONTENT BEHAVIOR ***/ // CONTENT BEHAVIOR ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
user_pref("accessibility.typeaheadfind", false); // enable "Find As You Type" user_pref("accessibility.typeaheadfind", false); // enable "Find As You Type"
user_pref("clipboard.autocopy", false); // disable autocopy default [LINUX] user_pref("clipboard.autocopy", false); // disable autocopy default [LINUX]
user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line & single-line user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line & single-line
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UX BEHAVIOR ***/ // UX BEHAVIOR ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.backspace_action", 2); // 0=previous page, 1=scroll up, 2=do nothing // user_pref("browser.backspace_action", 2); // 0=previous page, 1=scroll up, 2=do nothing
@ -1660,7 +1657,7 @@ user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line
// user_pref("general.autoScroll", false); // middle-click enabling auto-scrolling [DEFAULT: false on Linux] // user_pref("general.autoScroll", false); // middle-click enabling auto-scrolling [DEFAULT: false on Linux]
// user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar [RESTART] // user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar [RESTART]
// user_pref("view_source.tab", false); // view "page/selection source" in a new window [FF68+, FF59 and under] // user_pref("view_source.tab", false); // view "page/selection source" in a new window [FF68+, FF59 and under]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UX FEATURES: Disable and hide the icons and menus ***/ // UX FEATURES: Disable and hide the icons and menus ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.messaging-system.whatsNewPanel.enabled", false); // What's New [FF69+] user_pref("browser.messaging-system.whatsNewPanel.enabled", false); // What's New [FF69+]
@ -1668,7 +1665,7 @@ user_pref("messaging-system.rsexperimentloader.enabled", false);
user_pref("extensions.pocket.enabled", false); // Pocket Account [FF46+] user_pref("extensions.pocket.enabled", false); // Pocket Account [FF46+]
user_pref("identity.fxaccounts.enabled", false); // Firefox Accounts & Sync [FF60+] [RESTART] user_pref("identity.fxaccounts.enabled", false); // Firefox Accounts & Sync [FF60+] [RESTART]
user_pref("reader.parse-on-load.enabled", false); // Reader View user_pref("reader.parse-on-load.enabled", false); // Reader View
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// OTHER ***/ // OTHER ***/
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.bookmarks.max_backups", 2); // user_pref("browser.bookmarks.max_backups", 2);
@ -1679,24 +1676,23 @@ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features",
// [SETTING] General>Browsing>Recommend features as you browse // [SETTING] General>Browsing>Recommend features as you browse
user_pref("network.manage-offline-status", false); // see bugzilla 620472 user_pref("network.manage-offline-status", false); // see bugzilla 620472
// user_pref("xpinstall.signatures.required", false); // enforced extension signing (Nightly/ESR) // user_pref("xpinstall.signatures.required", false); // enforced extension signing (Nightly/ESR)
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DEPRECATED / REMOVED / LEGACY / RENAMED // DEPRECATED / REMOVED / LEGACY / RENAMED
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// ESR78.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF79 // FF79
// 0212: enforce fallback text encoding to match en-US // Enforce fallback text encoding to match en-US
// When the content or server doesn't declare a charset the browser will // When the content or server doesn't declare a charset the browser will
// fallback to the "Current locale" based on your application language // fallback to the "Current locale" based on your application language
// [TEST] https://hsivonen.com/test/moz/check-charset.htm // [TEST] https://hsivonen.com/test/moz/check-charset.htm
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025 // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025
// https://bugzilla.mozilla.org/1603712 // https://bugzilla.mozilla.org/1603712
user_pref("intl.charset.fallback.override", "windows-1252"); user_pref("intl.charset.fallback.override", "windows-1252");
// -------------------------------------
// FF82 // FF82
// Disable geographically specific results/search engines e.g. "browser.search.*.US" // Disable geographically specific results/search engines e.g. "browser.search.*.US"
// i.e. ignore all of Mozilla's various search engines in multiple locales // i.e. ignore all of Mozilla's various search engines in multiple locales
// https://bugzilla.mozilla.org/1619926 // https://bugzilla.mozilla.org/1619926
user_pref("browser.search.geoSpecificDefaults", false); user_pref("browser.search.geoSpecificDefaults", false);
user_pref("browser.search.geoSpecificDefaults.url", ""); user_pref("browser.search.geoSpecificDefaults.url", "");
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// //