Update 'user.js'

This commit is contained in:
Narsil 2020-11-25 06:04:21 -05:00
parent ee03c26e23
commit d3f4e483be
1 changed files with 22 additions and 5 deletions

27
user.js
View File

@ -283,6 +283,7 @@ user_pref("security.remote_settings.crlite_filters.enabled", false);
user_pref("security.remote_settings.crlite_filters.bucket", ""); user_pref("security.remote_settings.crlite_filters.bucket", "");
user_pref("security.remote_settings.crlite_filters.collection", ""); user_pref("security.remote_settings.crlite_filters.collection", "");
user_pref("security.remote_settings.crlite_filters.signer", ""); user_pref("security.remote_settings.crlite_filters.signer", "");
user_pref("security.pki.crlite_mode", 2);
// ------------------------------------- // -------------------------------------
// Pref : Block unwanted connections // Pref : Block unwanted connections
user_pref("app.feedback.baseURL", ""); user_pref("app.feedback.baseURL", "");
@ -797,14 +798,24 @@ user_pref("security.mixed_content.block_object_subrequest", true);
// ------------------------------------- // -------------------------------------
// Enable HTTPS-Only mode [FF76+] // Enable HTTPS-Only mode [FF76+]
// When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored // When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
// [WARNING] This is experimental [1] and you can't set exceptions if FPI is enabled (fixed in FF83) // [SETTING] to add site exceptions: Page Info>HTTPS-Only mode>On/Off/Off temporarily
// [SETTING] to add site exceptions: Page Info>Permissions>Use insecure HTTP (FF80+)
// [SETTING] Privacy & Security>HTTPS-Only Mode // [SETTING] Privacy & Security>HTTPS-Only Mode
// [TEST] http://example.com [upgrade]
// [TEST] http://neverssl.org/ [no upgrade]
// https://bugzilla.mozilla.org/1613063 [META] // https://bugzilla.mozilla.org/1613063 [META]
// https://bugzilla.mozilla.org/1647829 ***/ // https://bugzilla.mozilla.org/1647829 ***/
user_pref("dom.security.https_only_mode", true); // [FF76+] user_pref("dom.security.https_only_mode", true); // [FF76+]
user_pref("dom.security.https_only_mode_pbm", true); // [FF80+] user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
user_pref("dom.security.https_only_mode.upgrade_local", true); // [FF77+] // -------------------------------------
// Enable HTTPS-Only mode for local resources [FF77+] ***/
// user_pref("dom.security.https_only_mode.upgrade_local", true);
// -------------------------------------
// Disable HTTP background requests [FF82+]
// When attempting to upgrade, if the server doesn't respond within 3 seconds, firefox
// sends HTTP requests requests in order to check if the server supports HTTPS or not.
// This is done to avoid waiting for a timeout which takes 90 seconds
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/
user_pref("dom.security.https_only_mode_send_http_background_request", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// CIPHERS [WARNING: do not meddle with your cipher suite] // CIPHERS [WARNING: do not meddle with your cipher suite]
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
@ -1375,8 +1386,10 @@ user_pref("network.cookie.lifetimePolicy", 2);
// You are better off using an extension for more granular control ***/ // You are better off using an extension for more granular control ***/
// user_pref("dom.storage.enabled", false); // user_pref("dom.storage.enabled", false);
// ------------------------------------- // -------------------------------------
// Disable offline cache ***/ // Enforce no offline cache storage (appCache)
user_pref("browser.cache.offline.enable", false); // The API is easily fingerprinted, use the "storage" pref instead ***/
// user_pref("browser.cache.offline.enable", false);
user_pref("browser.cache.offline.storage.enable", false); // [FF71+] [DEFAULT: false FF84+]
// ------------------------------------- // -------------------------------------
// Disable service worker cache and cache storage // Disable service worker cache and cache storage
// [NOTE] We clear service worker cache on exiting Firefox // [NOTE] We clear service worker cache on exiting Firefox
@ -1468,6 +1481,10 @@ user_pref("privacy.firstparty.isolate", true);
// https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/ // https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/
// user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true] // user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
// user_pref("privacy.firstparty.isolate.block_post_message", true); // user_pref("privacy.firstparty.isolate.block_post_message", true);
// Enable scheme with FPI [FF78+]
// [NOTE] Experimental: existing data and site permissions are incompatible
// and some site exceptions may not work e.g. HTTPS-only mode ***/
// user_pref("privacy.firstparty.isolate.use_site", true);
// ------------------------------------- // -------------------------------------
// Enable site partitioning (FF78+) // Enable site partitioning (FF78+)
// https://bugzilla.mozilla.org/1590107 [META] */ // https://bugzilla.mozilla.org/1590107 [META] */