From b0f71bfb7dfd62dfe812cd008718d01c47872dbf Mon Sep 17 00:00:00 2001 From: Narsil Date: Mon, 7 Dec 2020 13:32:45 -0500 Subject: [PATCH] Update 'user.js' --- user.js | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/user.js b/user.js index 56cb4b3..993d228 100644 --- a/user.js +++ b/user.js @@ -121,8 +121,7 @@ user_pref("intl.accept_languages", "en-US, en"); // ------------------------------------- // Enforce US English locale regardless of the system locale // [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages -// https://bugzilla.mozilla.org/867501 -// https://bugzilla.mozilla.org/1629630 ***/ +// https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/ user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF] // >>>>>>>>>>>>>>>>>>>>> // QUIET FOX @@ -283,7 +282,7 @@ user_pref("security.remote_settings.crlite_filters.enabled", false); user_pref("security.remote_settings.crlite_filters.bucket", ""); user_pref("security.remote_settings.crlite_filters.collection", ""); user_pref("security.remote_settings.crlite_filters.signer", ""); -user_pref("security.pki.crlite_mode", 2); +user_pref("security.pki.crlite_mode", 1); // ------------------------------------- // Block unwanted connections user_pref("app.feedback.baseURL", ""); @@ -316,7 +315,7 @@ user_pref("browser.safebrowsing.downloads.remote.url", ""); user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); // ------------------------------------- -// Disable 'ignore this warning' on SB warnings +// Disable 'ignore this warning' on SB warnings [FF45+] // If clicked, it bypasses the block for that session. This is a means for admins to enforce SB // https://bugzilla.mozilla.org/1226490 ***/ user_pref("browser.safebrowsing.allowOverride", false); @@ -411,7 +410,7 @@ user_pref("browser.send_pings.require_same_host", true); // defense-in-depth // Disable IPv6 // IPv6 can be abused, especially with MAC addresses, and they do not play nice with VPNs. That's // even assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 -// [STATS] Firefox telemetry (June 2020) shows only 5% of all connections are IPv6 +// STATS] Firefox telemetry (Dec 2020) shows ~8% of all connections are IPv6 // [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an // OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, // then this won't make much difference. If you are masking your IP, then it can only help. @@ -697,7 +696,6 @@ user_pref("security.ssl.require_safe_negotiation", true); // ------------------------------------- // Control TLS versions with min and max // 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3 -// [STATS] Firefox telemetry (June 2020) shows only 0.16% of SSL handshakes use 1.0 or 1.1 // [WARNING] Leave these at default, otherwise you alter your TLS fingerprint. // https://www.ssllabs.com/ssl-pulse/ ***/ // user_pref("security.tls.version.min", 3); // [DEFAULT: 3] @@ -802,8 +800,7 @@ user_pref("security.mixed_content.block_object_subrequest", true); // [SETTING] Privacy & Security>HTTPS-Only Mode // [TEST] http://example.com [upgrade] // [TEST] http://neverssl.org/ [no upgrade] -// https://bugzilla.mozilla.org/1613063 [META] -// https://bugzilla.mozilla.org/1647829 ***/ +// https://bugzilla.mozilla.org/1613063 [META] ***/ user_pref("dom.security.https_only_mode", true); // [FF76+] user_pref("dom.security.https_only_mode_pbm", true); // [FF80+] // ------------------------------------- @@ -837,7 +834,7 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false); // >>>>>>>>>>>>>>>>>>>>> // Display warning on the padlock for "broken security" // Bug: warning padlock not indicated for subresources on a secure page! -// [STATS] SSL Labs (June 2020) reports 98.8% of sites have secure renegotiation +// [STATS] SSL Labs (Dec 2020) reports 99.0% of sites have secure renegotiation // https://wiki.mozilla.org/Security:Renegotiation // https://bugzilla.mozilla.org/1353705 // https://www.ssllabs.com/ssl-pulse/ ***/ @@ -1466,8 +1463,7 @@ user_pref("privacy.sanitize.timeSpan", 0); // >>>>>>>>>>>>>>>>>>>>> // Enable First Party Isolation [FF51+] // [SETUP-WEB] May break cross-domain logins and site functionality until perfected -// https://bugzilla.mozilla.org/1260931 -// https://bugzilla.mozilla.org/1299996 [META] ***/ +// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1260931,1299996 ***/ user_pref("privacy.firstparty.isolate", true); // ------------------------------------- // Enforce FPI restriction for window.opener [FF54+] @@ -1501,8 +1497,7 @@ user_pref("privacy.resistFingerprinting", true); // Set new window sizes to round to hundreds [FF55+] [SETUP-CHROME] // Width will round down to multiples of 200s and height to 100s, to fit your screen. // The override values are a starting point to round from if you want some control -// https://bugzilla.mozilla.org/1330882 -// https://hardware.metrics.mozilla.com/ ***/ +// https://bugzilla.mozilla.org/1330882 ***/ // user_pref("privacy.window.maxInnerWidth", 1000); // user_pref("privacy.window.maxInnerHeight", 1000); // -------------------------------------