Update 'user.js'
This commit is contained in:
parent
a17bf56c29
commit
cd2a690268
42
user.js
42
user.js
|
@ -49,7 +49,8 @@ user_pref("browser.startup.homepage", "about:blank");
|
|||
user_pref("browser.newtabpage.enabled", false);
|
||||
user_pref("browser.newtab.preload", false);
|
||||
// -------------------------------------
|
||||
// Disable Activity Stream telemetry ***/
|
||||
// Disable some Activity Stream items
|
||||
// Activity Stream is the default homepage/newtab based on metadata and browsing behavior
|
||||
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
||||
user_pref("browser.newtabpage.activity-stream.telemetry", false);
|
||||
user_pref("browser.newtabpage.activity-stream.showSearch", false);
|
||||
|
@ -80,8 +81,8 @@ user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); //
|
|||
user_pref("browser.newtabpage.activity-stream.default.sites", "");
|
||||
// -------------------------------------
|
||||
// Start Firefox in PB (Private Browsing) mode
|
||||
// https://wiki.mozilla.org/Private_Browsing
|
||||
// https://spreadprivacy.com/is-private-browsing-really-private/ ***/
|
||||
// https://wiki.mozilla.org/Private_Browsing
|
||||
// https://spreadprivacy.com/is-private-browsing-really-private/ ***/
|
||||
// user_pref("browser.privatebrowsing.autostart", true);
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
|
@ -247,7 +248,6 @@ user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // [DEFAU
|
|||
// -------------------------------------
|
||||
// Disable Captive Portal detection
|
||||
// https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
|
||||
// https://wiki.mozilla.org/Necko/CaptivePortal ***/
|
||||
user_pref("captivedetect.canonicalURL", "");
|
||||
user_pref("network.captive-portal-service.enabled", false); // [FF52+]
|
||||
// -------------------------------------
|
||||
|
@ -409,8 +409,7 @@ user_pref("browser.safebrowsing.provider.mozilla.updateURL", "");
|
|||
// >>>>>>>>>>>>>>>>>>>>>
|
||||
// Disable Normandy/Shield [FF60+]
|
||||
// Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
|
||||
// https://wiki.mozilla.org/Firefox/Shield
|
||||
// https://github.com/mozilla/normandy ***/
|
||||
// https://mozilla.github.io/normandy/
|
||||
user_pref("app.normandy.enabled", false);
|
||||
user_pref("app.normandy.api_url", "");
|
||||
user_pref("app.normandy.shieldLearnMoreUrl", "");
|
||||
|
@ -821,14 +820,12 @@ user_pref("security.OCSP.require", false);
|
|||
// CERTS / HPKP (HTTP Public Key Pinning) ***/
|
||||
// >>>>>>>>>>>>>>>>>>>>>
|
||||
// Disable or limit SHA-1 certificates
|
||||
// 0=all SHA1 certs are allowed
|
||||
// 1=all SHA1 certs are blocked
|
||||
// 2=deprecated option that now maps to 1
|
||||
// 3=only allowed for locally-added roots (e.g. anti-virus)
|
||||
// 4=only allowed for locally-added roots or for certs in 2015 and earlier
|
||||
// [SETUP-CHROME] When disabled, some man-in-the-middle devices, e.g. security scanners and
|
||||
// antivirus products, may fail to connect to HTTPS sites. SHA-1 is *almost* obsolete
|
||||
// https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/ ***/
|
||||
// 0 = allow all
|
||||
// 1 = block all
|
||||
// 3 = only allow locally-added roots (e.g. anti-virus) (default)
|
||||
// 4 = only allow locally-added roots or for certs in 2015 and earlier
|
||||
// [SETUP-CHROME] If you have problems, update your software: SHA-1 is obsolete
|
||||
// https://blog.mozilla.org/security/2016/10/18/phasing-out-sha-1-on-the-public-web/
|
||||
user_pref("security.pki.sha1_enforcement_level", 1);
|
||||
// -------------------------------------
|
||||
// Disable Windows 8.1's Microsoft Family Safety cert [FF50+] [WINDOWS]
|
||||
|
@ -1216,8 +1213,8 @@ user_pref("javascript.options.wasm", false);
|
|||
// https://bugzilla.mozilla.org/1313580 ***/
|
||||
user_pref("dom.battery.enabled", false);
|
||||
// -------------------------------------
|
||||
// Disable hardware acceleration to reduce graphics fingerprinting [SETUP-HARDEN]
|
||||
// [WARNING] Affects text rendering (fonts will look different), impacts video performance,
|
||||
// Disable hardware acceleration [SETUP-HARDEN]
|
||||
// WARNING] Affects rendering and performance
|
||||
// and parts of Quantum that utilize the GPU will also be affected as they are rolled out
|
||||
// [SETTING] General>Performance>Custom>Use hardware acceleration when available
|
||||
// https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration ***/
|
||||
|
@ -1225,15 +1222,15 @@ user_pref("dom.battery.enabled", false);
|
|||
// user_pref("layers.acceleration.disabled", true);
|
||||
// -------------------------------------
|
||||
// Disable Media Capabilities API [FF63+]
|
||||
// [WARNING] This *may* affect media performance if disabled, no one is sure
|
||||
// [WARNING] The API state is fingerprintable and disabling may affect performance
|
||||
// https://github.com/WICG/media-capabilities
|
||||
// https://wicg.github.io/media-capabilities/#security-privacy-considerations ***/
|
||||
// user_pref("media.media-capabilities.enabled", false);
|
||||
// -------------------------------------
|
||||
// Disable virtual reality devices
|
||||
// Optional protection depending on your connected devices
|
||||
// [WARNING] The API state is fingerprintable
|
||||
// https://developer.mozilla.org/docs/Web/API/WebVR_API ***/
|
||||
// user_pref("dom.vr.enabled", false);
|
||||
user_pref("dom.vr.enabled", false);
|
||||
// -------------------------------------
|
||||
// Set a default permission for Virtual Reality [FF73+]
|
||||
// 0=always ask (default), 1=allow, 2=block
|
||||
|
@ -1249,8 +1246,8 @@ user_pref("dom.battery.enabled", false);
|
|||
user_pref("webgl.disabled", true);
|
||||
user_pref("webgl.enable-webgl2", false);
|
||||
// -------------------------------------
|
||||
// Limit WebGL ***/
|
||||
user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+]
|
||||
// Limit WebGL
|
||||
// user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+]
|
||||
// -------------------------------------
|
||||
// Enforce no system colors
|
||||
// [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors
|
||||
|
@ -1334,7 +1331,6 @@ user_pref("permissions.manager.defaultsUrl", "");
|
|||
user_pref("webchannel.allowObject.urlWhitelist", "");
|
||||
// -------------------------------------
|
||||
// Use Punycode in Internationalized Domain Names to eliminate possible spoofing
|
||||
// Firefox has *some* protections, but it is better to be safe than sorry
|
||||
// [SETUP-WEB] Might be undesirable for non-latin alphabet users since legitimate IDN's are also punycoded
|
||||
// [TEST] https://www.xn--80ak6aa92e.com/ (www.apple.com)
|
||||
// https://wiki.mozilla.org/IDN_Display_Algorithm
|
||||
|
@ -1819,7 +1815,7 @@ user_pref("security.mixed_content.block_object_subrequest", true);
|
|||
// -------------------------------------
|
||||
// Disable Flash plugin
|
||||
// 0=deactivated, 1=ask, 2=enabled
|
||||
// ESR52.x is the last branch to *fully* support NPAPI, FF52+ stable only supports Flash
|
||||
// ESR52.x is the last branch to fully support NPAPI, FF52+ stable only supports Flash
|
||||
// [NOTE] You can still override individual sites via site permissions
|
||||
// https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
|
||||
user_pref("plugin.state.flash", 0); // [DEFAULT: 1]
|
||||
|
|
Loading…
Reference in New Issue