From e416051535c81b27493c6bd9c145c01ffc473e14 Mon Sep 17 00:00:00 2001 From: Narsil Date: Tue, 8 Dec 2020 06:36:06 -0500 Subject: [PATCH] Update 'user.js' --- user.js | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/user.js b/user.js index 993d228..a58caa4 100644 --- a/user.js +++ b/user.js @@ -408,16 +408,15 @@ user_pref("browser.send_pings.require_same_host", true); // defense-in-depth // HTTP* / TCP/IP / DNS / PROXY / SOCKS etc ***/ // >>>>>>>>>>>>>>>>>>>>> // Disable IPv6 -// IPv6 can be abused, especially with MAC addresses, and they do not play nice with VPNs. That's -// even assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 +// IPv6 can be abused, especially with MAC addresses, and can leak with VPNs. That's even +// assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 // STATS] Firefox telemetry (Dec 2020) shows ~8% of all connections are IPv6 // [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an // OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, // then this won't make much difference. If you are masking your IP, then it can only help. // [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT" // [TEST] https://ipleak.org/ -// https://github.com/arkenfox/user.js/issues/437#issuecomment-403740626 -// https://www.internetsociety.org/tag/ipv6-security/ ***/ +// https://www.internetsociety.org/tag/ipv6-security/ user_pref("network.dns.disableIPv6", true); // ------------------------------------- // Disable HTTP2 @@ -483,7 +482,7 @@ user_pref("network.trr.uri", ""); // unattended state (locked, encrypted, forensic hardened). // [NOTE] The urlbar is also commonly referred to as the location bar and address bar // #Required reading [#] https://xkcd.com/538/ -// >>>>>>>>>>>>>>>>>>>>> +// ------------------------------------- // Disable location bar using search // Don't leak URL typos to a search engine, give an error message instead. // Examples: "secretplace,com", "secretplace/com", "secretplace com", "secret place.com"