diff --git a/user.js b/user.js index b7d81d0..11c4b42 100644 --- a/user.js +++ b/user.js @@ -136,6 +136,19 @@ user_pref("extensions.update.enabled", false); // [NOTE] In FF65+ on Windows this SETTING (below) is now stored in a file and the pref was removed // [SETTING] General>Firefox Updates>Check for updates but let you choose to install them ***/ user_pref("app.update.auto", false); +user_pref("app.update.staging.enabled", false); +// ------------------------------------- +// Disable add-on and certificate blocklists (OneCRL) from Mozilla +user_pref("extensions.blocklist.enabled", false); +user_pref("extensions.blocklist.url", ""); +user_pref("services.blocklist.addons.collection", ""); +user_pref("services.blocklist.plugins.collection", ""); +user_pref("services.blocklist.pinning.collection", ""); +user_pref("services.blocklist.gfx.collection", ""); +user_pref("extensions.blocklist.itemURL", ""); +user_pref("services.settings.security.onecrl.bucket", ""); +user_pref("services.settings.security.onecrl.collection", ""); +user_pref("services.settings.security.onecrl.signer", ""); // ------------------------------------- // Disable auto-INSTALLING extension and theme updates // [SETTING] about:addons>Extensions>[cog-wheel-icon]>Update Add-ons Automatically (toggle) ***/ @@ -342,6 +355,7 @@ user_pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); user_pref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); user_pref("browser.safebrowsing.provider.google4.dataSharingURL", ""); user_pref("browser.safebrowsing.provider.google.advisory", ""); +user_pref("browser.safebrowsing.provider.google.advisoryURL", ""); user_pref("browser.safebrowsing.provider.google.gethashURL", ""); user_pref("browser.safebrowsing.provider.google4.advisoryURL", ""); user_pref("browser.safebrowsing.blockedURIs.enabled", false); @@ -382,6 +396,7 @@ user_pref("extensions.formautofill.available", "off"); // [FF56+] user_pref("extensions.formautofill.creditCards.enabled", false); // [FF56+] user_pref("extensions.formautofill.creditCards.available", false); // [FF57+] user_pref("extensions.formautofill.heuristics.enabled", false); // [FF55+] +user_pref("extensions.formautofill.section.enabledScopes", false); // ------------------------------------- // Disable Web Compatibility Reporter [FF56+] // Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla ***/ @@ -684,10 +699,10 @@ user_pref("alerts.showFavicons", false); // [DEFAULT: false] // SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/ // >>>>>>>>>>>>>>>>>>>>> // Require safe negotiation -// Blocks connections to servers that don't support RFC 5746 [2] as they're potentially -// vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack -// if it disables renegotiations but the problem is that the browser can't know that. -// Setting this pref to true is the only way for the browser to ensure there will be +// Blocks connections (SSL_ERROR_UNSAFE_NEGOTIATION) to servers that don't support RFC 5746 +// as they're potentially vulnerable to a MiTM attack [3]. A server without RFC 5746 can be +// safe from the attack if it disables renegotiations but the problem is that the browser can't +// know that. Setting this pref to true is the only way for the browser to ensure there will be // no unsafe renegotiations on the channel between the browser and the server. // https://wiki.mozilla.org/Security:Renegotiation // https://tools.ietf.org/html/rfc5746 @@ -1261,11 +1276,6 @@ user_pref("devtools.webide.autoinstallADBHelper", false); // https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10089 ***/ user_pref("middlemouse.contentLoadURL", false); // ------------------------------------- -// Limit HTTP redirects (this does not control redirects with HTML meta tags or JS) -// [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins) -// To control HTML Meta tag and JS redirects, use an extension. Default is 20 ***/ -user_pref("network.http.redirection-limit", 10); -// ------------------------------------- // Disable websites overriding Firefox's keyboard shortcuts [FF58+] // 0 (default) or 1=allow, 2=block // [SETTING] to add site exceptions: Page Info>Permissions>Override Keyboard Shortcuts ***/