Update 'user.js'

user.js

@@ -283,6 +283,7 @@ user_pref("security.remote_settings.crlite_filters.enabled", false);
 user_pref("security.remote_settings.crlite_filters.bucket", "");
 user_pref("security.remote_settings.crlite_filters.collection", "");
 user_pref("security.remote_settings.crlite_filters.signer", "");
+user_pref("security.pki.crlite_mode", 2);
 // -------------------------------------
 // Pref : Block unwanted connections
 user_pref("app.feedback.baseURL", "");
@@ -797,14 +798,24 @@ user_pref("security.mixed_content.block_object_subrequest", true);
 // -------------------------------------
 // Enable HTTPS-Only mode [FF76+]
 // When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
-// [WARNING] This is experimental [1] and you can't set exceptions if FPI is enabled (fixed in FF83)
-// [SETTING] to add site exceptions: Page Info>Permissions>Use insecure HTTP (FF80+)
+// [SETTING] to add site exceptions: Page Info>HTTPS-Only mode>On/Off/Off temporarily
 // [SETTING] Privacy & Security>HTTPS-Only Mode
+// [TEST] http://example.com [upgrade]
+// [TEST] http://neverssl.org/ [no upgrade]
 // https://bugzilla.mozilla.org/1613063 [META]
 // https://bugzilla.mozilla.org/1647829 ***/
 user_pref("dom.security.https_only_mode", true); // [FF76+]
 user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
-user_pref("dom.security.https_only_mode.upgrade_local", true); // [FF77+]
+// -------------------------------------
+// Enable HTTPS-Only mode for local resources [FF77+] ***/
+// user_pref("dom.security.https_only_mode.upgrade_local", true);
+// -------------------------------------
+// Disable HTTP background requests [FF82+]
+// When attempting to upgrade, if the server doesn't respond within 3 seconds, firefox
+// sends HTTP requests requests in order to check if the server supports HTTPS or not.
+// This is done to avoid waiting for a timeout which takes 90 seconds
+// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/
+user_pref("dom.security.https_only_mode_send_http_background_request", false);
 // >>>>>>>>>>>>>>>>>>>>>
 // CIPHERS [WARNING: do not meddle with your cipher suite]
 // >>>>>>>>>>>>>>>>>>>>>
@@ -1375,8 +1386,10 @@ user_pref("network.cookie.lifetimePolicy", 2);
 // You are better off using an extension for more granular control ***/
 // user_pref("dom.storage.enabled", false);
 // -------------------------------------
-// Disable offline cache ***/
-user_pref("browser.cache.offline.enable", false);
+// Enforce no offline cache storage (appCache)
+// The API is easily fingerprinted, use the "storage" pref instead ***/
+// user_pref("browser.cache.offline.enable", false);
+user_pref("browser.cache.offline.storage.enable", false); // [FF71+] [DEFAULT: false FF84+]
 // -------------------------------------
 // Disable service worker cache and cache storage
 // [NOTE] We clear service worker cache on exiting Firefox
@@ -1468,6 +1481,10 @@ user_pref("privacy.firstparty.isolate", true);
 // https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/
 // user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
 // user_pref("privacy.firstparty.isolate.block_post_message", true);
+// Enable scheme with FPI [FF78+]
+// [NOTE] Experimental: existing data and site permissions are incompatible
+// and some site exceptions may not work e.g. HTTPS-only mode ***/
+// user_pref("privacy.firstparty.isolate.use_site", true);
 // -------------------------------------
 // Enable site partitioning (FF78+)
 // https://bugzilla.mozilla.org/1590107 [META] */