From f575549212bcdf56fa09c7be39484703160c005c Mon Sep 17 00:00:00 2001
From: Narsil <narsil@noreply@nixnet.servcies>
Date: Wed, 26 May 2021 18:14:08 +0000
Subject: [PATCH] Update 'user.js'

---
 user.js | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/user.js b/user.js
index 59dc110..299343b 100644
--- a/user.js
+++ b/user.js
@@ -61,7 +61,7 @@ user_pref("browser.newtabpage.activity-stream.feeds.favicon", false);
 // Disable Activity Stream Snippets
 // Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server
 // https://abouthome-snippets-service.readthedocs.io/ ***/
-user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
+user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); // [DEFAULT: false FF89+]
 user_pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "");
 // -------------------------------------
 // Disable Activity Stream Top Stories, Pocket-based and/or sponsored content ***/
@@ -829,10 +829,6 @@ user_pref("security.mixed_content.block_active_content", true); // [DEFAULT: tru
 // Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/
 user_pref("security.mixed_content.block_display_content", true);
 // -------------------------------------
-// Lock unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+]
-// https://bugzilla.mozilla.org/1190623 ***/
-user_pref("security.mixed_content.block_object_subrequest", true);
-// -------------------------------------
 // Enable HTTPS-Only mode [FF76+]
 // When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
 // [SETTING] to add site exceptions: Ctrl+I>HTTPS-Only mode>On/Off/Off temporarily
@@ -1815,6 +1811,11 @@ user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
 // https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
 user_pref("dom.ipc.plugins.reportCrashURL", false);
 // -------------------------------------
+// Block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+]
+// https://bugzilla.mozilla.org/1190623
+// https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
+user_pref("security.mixed_content.block_object_subrequest", true);
+// -------------------------------------
 // Disable Flash plugin
 // 0=deactivated, 1=ask, 2=enabled
 // ESR52.x is the last branch to *fully* support NPAPI, FF52+ stable only supports Flash