Update 'user.js'
This commit is contained in:
parent
a409696eee
commit
b64a6e6237
186
user.js
186
user.js
|
@ -729,9 +729,6 @@ user_pref("browser.shell.shortcutFavicons", false);
|
||||||
// control that instead; e.g. disable history, clear history on close, use PB mode
|
// control that instead; e.g. disable history, clear history on close, use PB mode
|
||||||
// [NOTE] favicons.sqlite is sanitized on Firefox close, not in-session ***/
|
// [NOTE] favicons.sqlite is sanitized on Firefox close, not in-session ***/
|
||||||
user_pref("browser.chrome.site_icons", false);
|
user_pref("browser.chrome.site_icons", false);
|
||||||
// -------------------------------------
|
|
||||||
// Disable favicons in web notifications ***/
|
|
||||||
user_pref("alerts.showFavicons", false); // [DEFAULT: false]
|
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
|
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
|
||||||
|
@ -853,13 +850,12 @@ user_pref("security.mixed_content.block_active_content", true); // [DEFAULT: tru
|
||||||
// Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/
|
// Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/
|
||||||
user_pref("security.mixed_content.block_display_content", true);
|
user_pref("security.mixed_content.block_display_content", true);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Enable HTTPS-Only mode [FF76+]
|
// Enable HTTPS-Only mode in all windows [FF76+]
|
||||||
// When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
|
// When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
|
||||||
// [SETTING] to add site exceptions: Ctrl+I>HTTPS-Only mode>On/Off/Off temporarily
|
// [SETTING] to add site exceptions: Ctrl+I>HTTPS-Only mode>On (after "Continue to HTTP Site")
|
||||||
// [SETTING] Privacy & Security>HTTPS-Only Mode
|
// [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
|
||||||
// [TEST] http://example.com [upgrade]
|
// [TEST] http://example.com [upgrade]
|
||||||
// [TEST] http://neverssl.org/ [no upgrade]
|
// http://neverssl.com/ [no upgrade]
|
||||||
// https://bugzilla.mozilla.org/1613063 [META] ***/
|
|
||||||
user_pref("dom.security.https_only_mode", true); // [FF76+]
|
user_pref("dom.security.https_only_mode", true); // [FF76+]
|
||||||
user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
|
user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -879,27 +875,7 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
|
||||||
// user_pref("dom.securecontext.whitelist_onions", true);
|
// user_pref("dom.securecontext.whitelist_onions", true);
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// CIPHERS
|
// UI (User Interface)
|
||||||
// [WARNING: DO NOT USE
|
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
|
||||||
// Disable 3DES (effective key size < 128 and no PFS)
|
|
||||||
// https://en.wikipedia.org/wiki/3des#Security
|
|
||||||
// https://en.wikipedia.org/wiki/Meet-in-the-middle_attack
|
|
||||||
// https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/
|
|
||||||
// user_pref("security.ssl3.rsa_des_ede3_sha", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable the remaining non-modern cipher suites as of FF78 (in order of preferred by FF) ***/
|
|
||||||
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
|
|
||||||
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
|
|
||||||
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
|
|
||||||
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
|
|
||||||
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
|
|
||||||
// user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
|
|
||||||
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
|
|
||||||
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
|
|
||||||
//
|
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
||||||
// UI (User Interface) ***/
|
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Display warning on the padlock for "broken security"
|
// Display warning on the padlock for "broken security"
|
||||||
// Bug: warning padlock not indicated for subresources on a secure page!
|
// Bug: warning padlock not indicated for subresources on a secure page!
|
||||||
|
@ -926,7 +902,7 @@ user_pref("security.insecure_connection_text.enabled", true); // [FF60+]
|
||||||
user_pref("security.insecure_connection_text.pbmode.enabled", true);
|
user_pref("security.insecure_connection_text.pbmode.enabled", true);
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// FONTS ***/
|
// FONTS
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Disable rendering of SVG OpenType fonts
|
// Disable rendering of SVG OpenType fonts
|
||||||
// https://wiki.mozilla.org/SVGOpenTypeFonts - iSECPartnersReport recommends to disable this ***/
|
// https://wiki.mozilla.org/SVGOpenTypeFonts - iSECPartnersReport recommends to disable this ***/
|
||||||
|
@ -939,7 +915,7 @@ user_pref("gfx.font_rendering.opentype_svg.enabled", false);
|
||||||
user_pref("gfx.font_rendering.graphite.enabled", false);
|
user_pref("gfx.font_rendering.graphite.enabled", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Limit font visibility (Windows, Mac, some Linux) [FF79+]
|
// Limit font visibility (Windows, Mac, some Linux) [FF79+]
|
||||||
// [NOTE] IN FF8)+ RFP ignores the pref and uses value 1
|
// [NOTE] IN FF80+ RFP ignores the pref and uses value 1
|
||||||
// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts, bundled fonts are auto-allowed
|
// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts, bundled fonts are auto-allowed
|
||||||
// 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
|
// 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
|
||||||
// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
|
// https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
|
||||||
|
@ -1095,7 +1071,7 @@ user_pref("dom.push.serverURL", "");
|
||||||
user_pref("dom.push.userAgentID", "");
|
user_pref("dom.push.userAgentID", "");
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT ***/
|
// DOM (DOCUMENT OBJECT MODEL) & JAVASCRIPT
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Disable website control over browser right-click context menu
|
// Disable website control over browser right-click context menu
|
||||||
// [NOTE] Shift-Right-Click will always bring up the browser right-click context menu ***/
|
// [NOTE] Shift-Right-Click will always bring up the browser right-click context menu ***/
|
||||||
|
@ -1160,7 +1136,7 @@ user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN
|
||||||
user_pref("javascript.options.wasm", false);
|
user_pref("javascript.options.wasm", false);
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// HARDWARE FINGERPRINTING ***/
|
// FINGERPRINTING
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Disable Battery Status API
|
// Disable Battery Status API
|
||||||
// Initially a Linux issue (high precision readout) that was fixed.
|
// Initially a Linux issue (high precision readout) that was fixed.
|
||||||
|
@ -1170,34 +1146,17 @@ user_pref("javascript.options.wasm", false);
|
||||||
// https://bugzilla.mozilla.org/1313580 ***/
|
// https://bugzilla.mozilla.org/1313580 ***/
|
||||||
user_pref("dom.battery.enabled", false);
|
user_pref("dom.battery.enabled", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Disable hardware acceleration [SETUP-HARDEN]
|
|
||||||
// WARNING] Affects rendering and performance
|
|
||||||
// and parts of Quantum that utilize the GPU will also be affected as they are rolled out
|
|
||||||
// [SETTING] General>Performance>Custom>Use hardware acceleration when available
|
|
||||||
// https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration ***/
|
|
||||||
// user_pref("gfx.direct2d.disabled", true);
|
|
||||||
// user_pref("layers.acceleration.disabled", true);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable Media Capabilities API [FF63+]
|
|
||||||
// [WARNING] The API state is fingerprintable and disabling may affect performance
|
|
||||||
// https://github.com/WICG/media-capabilities
|
|
||||||
// https://wicg.github.io/media-capabilities/#security-privacy-considerations ***/
|
|
||||||
// user_pref("media.media-capabilities.enabled", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable WebGL (Web Graphics Library)
|
|
||||||
// [SETUP-WEB] When disabled, may break some websites. When enabled, provides high entropy,
|
|
||||||
// especially with readPixels(). Some of the other entropy is lessened with RFP
|
|
||||||
// https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/
|
|
||||||
// https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern ***/
|
|
||||||
user_pref("webgl.disabled", true);
|
|
||||||
user_pref("webgl.enable-webgl2", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Limit WebGL
|
|
||||||
// user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+]
|
|
||||||
// -------------------------------------
|
|
||||||
// Enforce no system colors
|
// Enforce no system colors
|
||||||
// [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors
|
// [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors
|
||||||
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
|
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
|
||||||
|
// -------------------------------------
|
||||||
|
// Enforce non-native widget theme
|
||||||
|
// Security: removes/reduces system API calls, e.g. win32k API
|
||||||
|
// Fingerprinting: provides a uniform look and feel across platforms
|
||||||
|
// https://bugzilla.mozilla.org/1381938
|
||||||
|
// https://bugzilla.mozilla.org/1411425
|
||||||
|
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true FF89+]
|
||||||
|
// -------------------------------------
|
||||||
// Open links targeting new windows in a new tab instead
|
// Open links targeting new windows in a new tab instead
|
||||||
// Stops malicious window sizes and some screen resolution leaks.
|
// Stops malicious window sizes and some screen resolution leaks.
|
||||||
// You can still right-click a link and open in a new window
|
// You can still right-click a link and open in a new window
|
||||||
|
@ -1205,15 +1164,18 @@ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
|
||||||
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881
|
||||||
user_pref("browser.link.open_newwindow", 3); // 1=most recent window or tab 2=new window, 3=new tab
|
user_pref("browser.link.open_newwindow", 3); // 1=most recent window or tab 2=new window, 3=new tab
|
||||||
user_pref("browser.link.open_newwindow.restriction", 0);
|
user_pref("browser.link.open_newwindow.restriction", 0);
|
||||||
// Enforce non-native widget theme
|
// -------------------------------------
|
||||||
// Security: removes/reduces system API calls, e.g. win32k API
|
// Disable/limit WebGL (Web Graphics Library)
|
||||||
// Fingerprinting: provides a uniform look and feel across platforms
|
// [SETUP-WEB] When disabled, will break some websites. When enabled, provides high entropy,
|
||||||
// https://bugzilla.mozilla.org/1381938
|
// especially with readPixels(). Some of the other entropy is lessened with RFP (4501)
|
||||||
// https://bugzilla.mozilla.org/1411425
|
// https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/
|
||||||
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true FF89+]
|
// https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern
|
||||||
|
user_pref("webgl.disabled", true);
|
||||||
|
// user_pref("webgl.enable-webgl2", false);
|
||||||
|
// user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+]
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// MISCELLANEOUS ***/
|
// MISCELLANEOUS
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Prevent accessibility services from accessing your browser [RESTART]
|
// Prevent accessibility services from accessing your browser [RESTART]
|
||||||
// [SETTING] Privacy & Security>Permissions>Prevent accessibility services from accessing your browser (FF80 or lower)
|
// [SETTING] Privacy & Security>Permissions>Prevent accessibility services from accessing your browser (FF80 or lower)
|
||||||
|
@ -1547,10 +1509,6 @@ user_pref("extensions.webextensions.identity.redirectDomain", "");
|
||||||
// When default true this no longer masks the RFP chrome resizing activity
|
// When default true this no longer masks the RFP chrome resizing activity
|
||||||
// https://bugzilla.mozilla.org/1448423 ***/
|
// https://bugzilla.mozilla.org/1448423 ***/
|
||||||
user_pref("browser.startup.blankWindow", false);
|
user_pref("browser.startup.blankWindow", false);
|
||||||
// -------------------------------------
|
|
||||||
// Disable chrome animations [FF77+] [RESTART]
|
|
||||||
// [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/
|
|
||||||
user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
|
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// WELCOME & WHAT'S NEW NOTICES
|
// WELCOME & WHAT'S NEW NOTICES
|
||||||
|
@ -1573,7 +1531,11 @@ user_pref("browser.warnOnQuit", false);
|
||||||
// APPEARANCE
|
// APPEARANCE
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// user_pref("browser.download.autohideButton", false); // [FF57+]
|
// user_pref("browser.download.autohideButton", false); // [FF57+]
|
||||||
|
// user_pref("ui.systemUsesDarkTheme", 1); // [FF67+] [HIDDEN PREF]
|
||||||
|
// 0=light, 1=dark: with RFP this only affects chrome
|
||||||
// user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // [FF68+] allow userChrome/userContent
|
// user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // [FF68+] allow userChrome/userContent
|
||||||
|
// user_pref("ui.prefersReducedMotion", 1); // disable chrome animations [FF77+] [RESTART] [HIDDEN PREF]
|
||||||
|
// 0=no-preference, 1=reduce: with RFP this only affects chrome
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// CONTENT BEHAVIOR
|
// CONTENT BEHAVIOR
|
||||||
|
@ -1642,78 +1604,50 @@ user_pref("permissions.default.camera", 2);
|
||||||
user_pref("permissions.default.microphone", 2);
|
user_pref("permissions.default.microphone", 2);
|
||||||
user_pref("permissions.default.desktop-notification", 2);
|
user_pref("permissions.default.desktop-notification", 2);
|
||||||
user_pref("permissions.default.xr", 0); // Virtual Reality
|
user_pref("permissions.default.xr", 0); // Virtual Reality
|
||||||
|
// -------------------------------------
|
||||||
|
// Disable non-modern cipher suites
|
||||||
|
// [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks
|
||||||
|
// https://browserleaks.com/ssl
|
||||||
|
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
|
||||||
|
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
|
||||||
|
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
|
||||||
|
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
|
||||||
|
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
|
||||||
|
// user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
|
||||||
|
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
|
||||||
|
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
|
||||||
|
// user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// DON'T BOTHER: NON-RFP
|
// DON'T BOTHER: NON-RFP
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>
|
||||||
// Spoof number of CPU cores [FF48+] ***/
|
// Disable APIs
|
||||||
// user_pref("dom.maxHardwareConcurrency", 2);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable Resource Timing API
|
|
||||||
// user_pref("dom.enable_resource_timing", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable Navigation Timing API
|
|
||||||
// user_pref("dom.enable_performance", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable device Sensor APIs
|
|
||||||
user_pref("device.sensors.enabled", false);
|
user_pref("device.sensors.enabled", false);
|
||||||
// -------------------------------------
|
// user_pref("dom.enable_performance", false);
|
||||||
// Disable remembering site specific zoom
|
// user_pref("dom.enable_resource_timing", false);
|
||||||
// user_pref("browser.zoom.siteSpecific", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable gamepad API to prevent USB device ID enumeration
|
|
||||||
// user_pref("dom.gamepad.enabled", false);
|
// user_pref("dom.gamepad.enabled", false);
|
||||||
// -------------------------------------
|
|
||||||
// Disable Network Information API [FF31+]
|
|
||||||
user_pref("dom.netinfo.enabled", false); // [DEFAULT: true on Android]
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable the SpeechSynthesis (Text-to-Speech) part of the Web Speech API
|
|
||||||
// user_pref("media.webspeech.synth.enabled", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable video statistics to mitigate JS performance fingerprinting [FF25+]
|
|
||||||
// user_pref("media.video_stats.enabled", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable touch events: 0=disabled, 1=enabled, 2=autodetect [FENNEC BUG]
|
|
||||||
user_pref("dom.w3c_touch_events.enabled", 1);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable media device enumeration [FF29+]
|
|
||||||
user_pref("media.navigator.enabled", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable MediaDevices change detection [FF51+]
|
|
||||||
// user_pref("media.ondevicechange.enabled", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable WebGL debug info being available to websites
|
|
||||||
// user_pref("webgl.enable-debug-renderer-info", false);
|
|
||||||
// -------------------------------------
|
|
||||||
// Enforce prefers-reduced-motion as no-preference: 0=no-preference, 1=reduce [FF63+] [RESTART]
|
|
||||||
// user_pref("ui.prefersReducedMotion", 0); // [HIDDEN PREF]
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable exposure of system colors to CSS or canvas [FF44+]
|
|
||||||
// user_pref("ui.use_standins_for_native_colors", true);
|
|
||||||
// -------------------------------------
|
|
||||||
// Enforce prefers-color-scheme as light: 0=light, 1=dark [FF67+]
|
|
||||||
// user_pref("ui.systemUsesDarkTheme", 0); // [HIDDEN PREF]
|
|
||||||
// -------------------------------------
|
|
||||||
// Disable Web Audio API [FF51+]
|
|
||||||
user_pref("dom.webaudio.enabled", false);
|
user_pref("dom.webaudio.enabled", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Disable websites choosing fonts (0=block, 1=allow) ***/
|
// Disable other
|
||||||
// user_pref("browser.display.use_document_fonts", 0);
|
// user_pref("browser.display.use_document_fonts", 0);
|
||||||
|
// user_pref("browser.zoom.siteSpecific", false);
|
||||||
|
// user_pref("media.webspeech.synth.enabled", false);
|
||||||
|
user_pref("dom.w3c_touch_events.enabled", 0);
|
||||||
|
user_pref("media.navigator.enabled", false);
|
||||||
|
// user_pref("media.ondevicechange.enabled", false);
|
||||||
|
// user_pref("media.video_stats.enabled", false);
|
||||||
|
// user_pref("media.webspeech.synth.enabled", false);
|
||||||
|
// user_pref("webgl.enable-debug-renderer-info", false);
|
||||||
|
user_pref("dom.webaudio.enabled", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Limit system font exposure to a whitelist [FF52+] [RESTART]
|
// Spoof
|
||||||
// If the whitelist is empty, then whitelisting is considered disabled and all fonts are allowed
|
|
||||||
// [NOTE] In FF81+ the whitelist overrides RFP and font visibility
|
|
||||||
// https://bugzilla.mozilla.org/1121643
|
|
||||||
// user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
|
|
||||||
// -------------------------------------
|
|
||||||
// Navigator DOM object overrides
|
|
||||||
// [WHY] These prefs are insufficient and leak
|
|
||||||
// user_pref("general.appname.override", ""); // [HIDDEN PREF]
|
// user_pref("general.appname.override", ""); // [HIDDEN PREF]
|
||||||
// user_pref("general.appversion.override", ""); // [HIDDEN PREF]
|
// user_pref("general.appversion.override", ""); // [HIDDEN PREF]
|
||||||
user_pref("general.buildID.override", "20181001000000"); // [HIDDEN PREF]
|
user_pref("general.buildID.override", "20181001000000"); // [HIDDEN PREF]
|
||||||
// user_pref("general.oscpu.override", ""); // [HIDDEN PREF]
|
// user_pref("general.oscpu.override", ""); // [HIDDEN PREF]
|
||||||
// user_pref("general.platform.override", ""); // [HIDDEN PREF]
|
// user_pref("general.platform.override", ""); // [HIDDEN PREF]
|
||||||
user_pref("general.useragent.override", "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0"); // [HIDDEN PREF]
|
user_pref("general.useragent.override", "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0"); // [HIDDEN PREF]
|
||||||
|
// user_pref("ui.use_standins_for_native_colors", true);
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// DEPRECATED / REMOVED / LEGACY / RENAMED
|
// DEPRECATED / REMOVED / LEGACY / RENAMED
|
||||||
|
|
Loading…
Reference in New Issue