Update 'user.js'

This commit is contained in:
Narsil 2020-12-12 07:03:32 -05:00
parent 761fee4fae
commit 8863c77b89
1 changed files with 63 additions and 67 deletions

130
user.js
View File

@ -79,7 +79,7 @@ user_pref("browser.newtabpage.activity-stream.default.sites", "");
// https://wiki.mozilla.org/Private_Browsing
// https://spreadprivacy.com/is-private-browsing-really-private/ ***/
// user_pref("browser.privatebrowsing.autostart", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// GEOLOCATION ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable Location-Aware Browsing
@ -112,7 +112,7 @@ user_pref("browser.region.update.enabled", false); // [[FF79+]
// Set search region
// May not be hidden if Firefox has changed your settings due to your region ***/
user_pref("browser.search.region", "US"); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// LANGUAGE / LOCALE ***/
// >>>>>>>>>>>>>>>>>>>>>
// Set preferred language for displaying web pages
@ -123,7 +123,7 @@ user_pref("intl.accept_languages", "en-US, en");
// [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// QUIET FOX
// >>>>>>>>>>>>>>>>>>>>>
// Disable auto-CHECKING for extension and theme updates ***/
@ -292,7 +292,7 @@ user_pref("app.support.baseURL", "");
// Disable report browser errors to Mozilla
// https://bugzilla.mozilla.org/show_bug.cgi?id=1426482
user_pref("browser.chrome.errorReporter.infoURL", "");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SAFE BROWSING (SB)
// >>>>>>>>>>>>>>>>>>>>>
// Disable SB (Safe Browsing)
@ -343,7 +343,7 @@ user_pref("browser.safebrowsing.provider.google4.advisoryURL", "");
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
user_pref("browser.safebrowsing.provider.mozilla.gethashURL", "");
user_pref("browser.safebrowsing.provider.mozilla.updateURL", "");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SYSTEM ADD-ONS / EXPERIMENTS
// >>>>>>>>>>>>>>>>>>>>>
// Disable Normandy/Shield [FF60+]
@ -381,7 +381,7 @@ user_pref("extensions.formautofill.heuristics.enabled", false); // [FF55+]
// Disable Web Compatibility Reporter [FF56+]
// Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla ***/
user_pref("extensions.webcompat-reporter.enabled", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable link prefetching
@ -405,7 +405,7 @@ user_pref("network.http.speculative-parallel-limit", 0);
// https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/ ***/
user_pref("browser.send_pings", false); // [DEFAULT: false]
user_pref("browser.send_pings.require_same_host", true); // defense-in-depth
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable IPv6
@ -476,13 +476,8 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
// See for details: https://support.mozilla.org/en-US/kb/firefox-dns-over-https
user_pref("network.trr.mode", 0);
user_pref("network.trr.uri", "");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS
// Change items to suit for privacy vs convenience and functionality. Consider
// your environment (no unwanted eyeballs), your device (restricted access), your device's
// unattended state (locked, encrypted, forensic hardened).
// [NOTE] The urlbar is also commonly referred to as the location bar and address bar
// #Required reading [#] https://xkcd.com/538/
// >>>>>>>>>>>>>>>>>>>>>
// Disable location bar using search
// Don't leak URL typos to a search engine, give an error message instead.
@ -563,7 +558,7 @@ user_pref("browser.taskbar.lists.tasks.enabled", false);
// -------------------------------------
// Disable Windows taskbar preview [WINDOWS] ***/
user_pref("browser.taskbar.previews.enable", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PASSWORDS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable saving passwords and password alerts.
@ -602,7 +597,7 @@ user_pref("signon.formlessCapture.enabled", false);
// 1=don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs
// 2=allow sub-resources to open HTTP authentication credentials dialogs (default)
user_pref("network.auth.subresource-http-auth-allow", 1);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CACHE ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable disk cache
@ -626,7 +621,7 @@ user_pref("browser.cache.disk.enable", false);
// [SETUP-WEB] ESR78: playback might break on subsequent loading ***/
user_pref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
user_pref("media.memory_cache_max_size", 65536);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SESSIONS & SESSION RESTORE ***/
// >>>>>>>>>>>>>>>>>>>>>
// Exclude "Undo Closed Tabs" in Session Restore ***/
@ -653,7 +648,7 @@ user_pref("browser.sessionstore.interval", 30000);
// Disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS]
// https://bugzilla.mozilla.org/603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FAVICONS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable favicons in shortcuts
@ -671,7 +666,7 @@ user_pref("browser.chrome.site_icons", false);
// -------------------------------------
// Disable favicons in web notifications ***/
user_pref("alerts.showFavicons", false); // [DEFAULT: false]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
// >>>>>>>>>>>>>>>>>>>>>
// Require safe negotiation
@ -715,7 +710,7 @@ user_pref("security.ssl.errorReporting.url", "");
// https://github.com/tlswg/tls13-spec/issues/1001
// https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ ***/
user_pref("security.tls.enable_0rtt_data", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// OCSP (Online Certificate Status Protocol)
// >>>>>>>>>>>>>>>>>>>>>
// Enable OCSP Stapling
@ -738,7 +733,7 @@ user_pref("security.OCSP.enabled", 0);
// https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
// https://www.imperialviolet.org/2014/04/19/revchecking.html ***/
user_pref("security.OCSP.require", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CERTS / HPKP (HTTP Public Key Pinning) ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable or limit SHA-1 certificates
@ -771,7 +766,7 @@ user_pref("security.family_safety.mode", 0);
// by inspecting ALL your web traffic, then leave at current default=1
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206 ***/
user_pref("security.cert_pinning.enforcement_level", 2);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MIXED CONTENT ***/
// >>>>>>>>>>>>>>>>>>>>>
// Enforce no insecure active content on https pages
@ -804,7 +799,7 @@ user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
// This is done to avoid waiting for a timeout which takes 90 seconds
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/
user_pref("dom.security.https_only_mode_send_http_background_request", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CIPHERS [WARNING: do not meddle with your cipher suite]
// >>>>>>>>>>>>>>>>>>>>>
// Disable 3DES (effective key size < 128 and no PFS)
@ -820,7 +815,7 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UI (User Interface) ***/
// >>>>>>>>>>>>>>>>>>>>>
// Display warning on the padlock for "broken security"
@ -845,7 +840,7 @@ user_pref("browser.xul.error_pages.expert_bad_cert", true);
// Display "insecure" icon and "Not Secure" text on HTTP sites ***/
// user_pref("security.insecure_connection_icon.enabled", true); // [FF59+] [DEFAULT: true]
user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FONTS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable websites choosing fonts (0=block, 1=allow)
@ -875,32 +870,32 @@ user_pref("gfx.font_rendering.graphite.enabled", false);
// [WARNING] **DO NOT USE**: in FF80+ RFP covers this, and non-RFP users should use font vis
// https://bugzilla.mozilla.org/1121643 ***/
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HEADERS / REFERERS
// >>>>>>>>>>>>>>>>>>>>>
// ALL: control when images/links send a referer
// Control when images/links send a referer
// 0=never, 1=send only when links are clicked, 2=for links and images (default) ***/
// user_pref("network.http.sendRefererHeader", 2); // [DEFAULT: 2]
// -------------------------------------
// ALL: control the amount of information to send
// Control the amount of information to send
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/
user_pref("network.http.referer.trimmingPolicy", 2); // [DEFAULT: 0]
// -------------------------------------
// CROSS ORIGIN: control when to send a referer
// Control when to send a referer
// 0=always (default), 1=only if base domains match, 2=only if hosts match
// [SETUP-WEB] Known to cause issues with older modems/routers and some sites e.g vimeo, icloud ***/
user_pref("network.http.referer.XOriginPolicy", 2);
// -------------------------------------
// CROSS ORIGIN: control the amount of information to send [FF52+]
// Control the amount of information to send [FF52+]
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/
user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // [DEFAULT: 0]
// -------------------------------------
// ALL: disable spoofing a referer
// Disable spoofing a referer
// [WARNING] Do not set this to true, as spoofing effectively disables the anti-CSRF
// (Cross-Site Request Forgery) protections that some sites may rely on ***/
// user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
// -------------------------------------
// ALL: set the default Referrer Policy [FF59+]
// Set the default Referrer Policy [FF59+]
// 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade
// [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy
// https://www.w3.org/TR/referrer-policy/
@ -909,17 +904,17 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2); // [DEFAULT: 0]
// user_pref("network.http.referer.defaultPolicy", 3); // [DEFAULT: 3]
// user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2]
// -------------------------------------
// TOR: hide (not spoof) referrer when leaving a .onion domain [FF54+]
// Hide (not spoof) referrer when leaving a .onion domain [FF54+]
// [NOTE] Firefox cannot access .onion sites by default. We recommend you use
// the Tor Browser which is specifically designed for hidden services
// https://bugzilla.mozilla.org/1305144 ***/
user_pref("network.http.referer.hideOnionSource", true);
// -------------------------------------
// ALL: enable the DNT (Do Not Track) HTTP header
// Enable the DNT (Do Not Track) HTTP header
// [NOTE] DNT is enforced with Enhanced Tracking Protection regardless of this pref
// [SETTING] Privacy & Security>Enhanced Tracking Protection>Send websites a "Do Not Track" signal... ***/
user_pref("privacy.donottrackheader.enabled", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CONTAINERS
// >>>>>>>>>>>>>>>>>>>>>
// Enable Container Tabs setting in preferences [FF50+]
@ -934,7 +929,7 @@ user_pref("privacy.userContext.enabled", true);
// [NOTE] The menu is always shown on long press and right click
// [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/
// user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PLUGINS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable Flash plugin
@ -959,7 +954,7 @@ user_pref("media.gmp-manager.url.override", "");
// [SETTING] General>DRM Content>Play DRM-controlled content
// https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next ***/
user_pref("media.eme.enabled", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MEDIA / CAMERA / MIC ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable WebRTC (Web Real-Time Communication)
@ -1017,7 +1012,7 @@ user_pref("permissions.default.microphone", 2);
// [NOTE] If you have trouble with some video sites, then add an exception
// https://support.mozilla.org/questions/1293231 ***/
user_pref("media.autoplay.blocking_policy", 2);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WINDOW MEDDLING & LEAKS / POPUPS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Prevent scripts from moving and resizing open windows ***/
@ -1044,7 +1039,7 @@ user_pref("dom.disable_open_during_load", true);
// Limit events that can cause a popup [SETUP-WEB]
// default is "change click dblclick auxclick mouseup pointerup notificationclick reset submit touchend contextmenu" ***/
user_pref("dom.popup_allowed_events", "click dblclick");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WEB WORKERS
// >>>>>>>>>>>>>>>>>>>>>
// Disable service workers [FF32, FF44-compat]
@ -1084,7 +1079,7 @@ user_pref("dom.push.userAgentID", "");
// [SETTING] to add site exceptions: Page Info>Permissions>Receive Notifications
// [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Notifications>Settings ***/
// user_pref("permissions.default.desktop-notification", 2);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable website control over browser right-click context menu
@ -1144,7 +1139,7 @@ user_pref("javascript.options.wasm", false);
// Enable (limited but sufficient) window.opener protection [FF65+]
// Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// HARDWARE FINGERPRINTING ***/
// >>>>>>>>>>>>>>>>>>>>>
// Disable Battery Status API
@ -1189,7 +1184,7 @@ user_pref("dom.webaudio.enabled", false);
// [SETTING] to add site exceptions: Page Info>Permissions>Access Virtual Reality Devices
// [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Virtual Reality>Settings ***/
// user_pref("permissions.default.xr", 0);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// MISCELLANEOUS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Prevent accessibility services from accessing your browser [RESTART]
@ -1201,7 +1196,7 @@ user_pref("accessibility.force_disabled", 1);
// https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/
user_pref("beacon.enabled", false);
// -------------------------------------
// Rremove temp files opened with an external application
// Remove temp files opened with an external application
// https://bugzilla.mozilla.org/302433 ***/
user_pref("browser.helperApps.deleteTempFileOnExit", true);
// -------------------------------------
@ -1289,11 +1284,12 @@ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
// for these will show/use their correct 3rd party origin
// https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion */
user_pref("permissions.delegation.enabled", false);
// -------------------------------------
// Enable "window.name" protection [FF82+]
// If a new page from another domain is loaded into a tab, then window.name is set to an empty string. The original
// string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks ***/
user_pref("privacy.window.name.update.enabled", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DOWNLOADS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Discourage downloading to desktop
@ -1312,13 +1308,13 @@ user_pref("browser.download.manager.addToRecentDocs", false);
// Disable hiding mime types (Options>General>Applications) not associated with a plugin ***/
user_pref("browser.download.hide_plugins_without_extensions", false);
// -------------------------------------
// 2654: disable "open with" in download dialog [FF50+] [SETUP-HARDEN]
// Disable "open with" in download dialog [FF50+] [SETUP-HARDEN]
// This is very useful to enable when the browser is sandboxed (e.g. via AppArmor)
// in such a way that it is forbidden to run external applications.
// [WARNING] This may interfere with some users' workflow or methods
// https://bugzilla.mozilla.org/1281959 ***/
// user_pref("browser.download.forbid_open_with", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// EXTENSIONS ***/
// >>>>>>>>>>>>>>>>>>>>>
// Lock down allowed extension directories
@ -1332,7 +1328,7 @@ user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
// Disable webextension restrictions on certain mozilla domains [FF60+]
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
// user_pref("extensions.webextensions.restrictedDomains", "");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SECURITY ***/
// >>>>>>>>>>>>>>>>>>>>>
// Enforce CSP (Content Security Policy)
@ -1343,7 +1339,7 @@ user_pref("security.csp.enable", true); // [DEFAULT: true]
// Enforce a security delay on some confirmation dialogs such as install, open/save
// https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 700);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PERSISTENT STORAGE
// >>>>>>>>>>>>>>>>>>>>>
// Disable 3rd-party cookies and site-data [SETUP-WEB]
@ -1398,7 +1394,7 @@ user_pref("browser.cache.offline.storage.enable", false); // [FF71+] [DEFAULT: f
// -------------------------------------
// Enable Local Storage Next Generation (LSNG) [FF65+] ***/
user_pref("dom.storage.next_gen", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// SHUTDOWN
// >>>>>>>>>>>>>>>>>>>>>
// Enable Firefox to clear items on shutdown
@ -1449,7 +1445,7 @@ user_pref("privacy.cpd.siteSettings", false); // Site Preferences
// [NOTE] The values 5 + 6 are not listed in the dropdown, which will display a
// blank value if they are used, but they do work as advertised ***/
user_pref("privacy.sanitize.timeSpan", 0);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// FPI (FIRST PARTY ISOLATION)
// >>>>>>>>>>>>>>>>>>>>>
// Enable First Party Isolation [FF51+]
@ -1467,6 +1463,7 @@ user_pref("privacy.firstparty.isolate", true);
// https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/
// user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
// user_pref("privacy.firstparty.isolate.block_post_message", true);
// -------------------------------------
// Enable scheme with FPI [FF78+]
// [NOTE] Experimental: existing data and site permissions are incompatible
// and some site exceptions may not work e.g. HTTPS-only mode ***/
@ -1475,7 +1472,7 @@ user_pref("privacy.firstparty.isolate", true);
// Enable site partitioning (FF78+)
// https://bugzilla.mozilla.org/1590107 [META] */
user_pref("privacy.partition.network_state", true);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP (RESIST FINGERPRINTING)
// >>>>>>>>>>>>>>>>>>>>>
// Enable privacy.resistFingerprinting [FF41+]
@ -1516,7 +1513,7 @@ user_pref("browser.startup.blankWindow", false);
// Disable chrome animations [FF77+] [RESTART]
// [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/
user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP ALTERNATIVES
// >>>>>>>>>>>>>>>>>>>>>
// Spoof (or limit?) number of CPU cores [FF48+]
@ -1536,9 +1533,9 @@ user_pref("dom.enable_performance", false);
// -------------------------------------
// Disable device sensor API
// Optional protection depending on your device
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758
// [2] https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
// [3] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758
// https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
user_pref("device.sensors.enabled", false);
// -------------------------------------
// Disable site specific zoom
@ -1612,7 +1609,7 @@ user_pref("ui.systemUsesDarkTheme", 0); // [HIDDEN PREF]
// [NOTE] Bundled fonts are auto-allowed
// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
user_pref("layout.css.font-visibility.level", 1);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// RFP ALTERNATIVES (NAVIGATOR / USER AGENT SPOOFING)
// >>>>>>>>>>>>>>>>>>>>>
// Navigator DOM object overrides
@ -1623,14 +1620,14 @@ user_pref("layout.css.font-visibility.level", 1);
// user_pref("general.oscpu.override", ""); // [HIDDEN PREF]
// user_pref("general.platform.override", ""); // [HIDDEN PREF]
// user_pref("general.useragent.override", ""); // [HIDDEN PREF]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PERSONAL
// >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.startup.homepage_override.mstone", "ignore"); // master switch
user_pref("startup.homepage_welcome_url", "");
user_pref("startup.homepage_welcome_url.additional", "");
user_pref("startup.homepage_override_url", ""); // What's New page after updates
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// WARNINGS ***/
// >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.tabs.warnOnClose", false);
@ -1639,18 +1636,18 @@ user_pref("browser.tabs.warnOnOpen", false);
user_pref("full-screen-api.warning.delay", 0);
user_pref("full-screen-api.warning.timeout", 0);
user_pref("browser.warnOnQuit", false);
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// APPEARANCE ***/
// >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.download.autohideButton", false); // [FF57+]
// user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // [FF68+] allow userChrome/userContent
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CONTENT BEHAVIOR ***/
// >>>>>>>>>>>>>>>>>>>>>
user_pref("accessibility.typeaheadfind", false); // enable "Find As You Type"
user_pref("clipboard.autocopy", false); // disable autocopy default [LINUX]
user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line & single-line
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UX BEHAVIOR ***/
// >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.backspace_action", 2); // 0=previous page, 1=scroll up, 2=do nothing
@ -1660,7 +1657,7 @@ user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line
// user_pref("general.autoScroll", false); // middle-click enabling auto-scrolling [DEFAULT: false on Linux]
// user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar [RESTART]
// user_pref("view_source.tab", false); // view "page/selection source" in a new window [FF68+, FF59 and under]
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UX FEATURES: Disable and hide the icons and menus ***/
// >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.messaging-system.whatsNewPanel.enabled", false); // What's New [FF69+]
@ -1668,7 +1665,7 @@ user_pref("messaging-system.rsexperimentloader.enabled", false);
user_pref("extensions.pocket.enabled", false); // Pocket Account [FF46+]
user_pref("identity.fxaccounts.enabled", false); // Firefox Accounts & Sync [FF60+] [RESTART]
user_pref("reader.parse-on-load.enabled", false); // Reader View
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// OTHER ***/
// >>>>>>>>>>>>>>>>>>>>>
// user_pref("browser.bookmarks.max_backups", 2);
@ -1679,24 +1676,23 @@ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features",
// [SETTING] General>Browsing>Recommend features as you browse
user_pref("network.manage-offline-status", false); // see bugzilla 620472
// user_pref("xpinstall.signatures.required", false); // enforced extension signing (Nightly/ESR)
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// DEPRECATED / REMOVED / LEGACY / RENAMED
// >>>>>>>>>>>>>>>>>>>>>
// ESR78.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF79
// 0212: enforce fallback text encoding to match en-US
// Enforce fallback text encoding to match en-US
// When the content or server doesn't declare a charset the browser will
// fallback to the "Current locale" based on your application language
// [TEST] https://hsivonen.com/test/moz/check-charset.htm
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025
// https://bugzilla.mozilla.org/1603712
user_pref("intl.charset.fallback.override", "windows-1252");
// -------------------------------------
// FF82
// Disable geographically specific results/search engines e.g. "browser.search.*.US"
// i.e. ignore all of Mozilla's various search engines in multiple locales
// https://bugzilla.mozilla.org/1619926
user_pref("browser.search.geoSpecificDefaults", false);
user_pref("browser.search.geoSpecificDefaults.url", "");
// >>>>>>>>>>>>>>>>>>>>>
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
//