Update 'user.js'

This commit is contained in:
Narsil 2021-05-26 18:14:08 +00:00
parent dd423ee983
commit f575549212
1 changed files with 6 additions and 5 deletions

11
user.js
View File

@ -61,7 +61,7 @@ user_pref("browser.newtabpage.activity-stream.feeds.favicon", false);
// Disable Activity Stream Snippets // Disable Activity Stream Snippets
// Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server // Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server
// https://abouthome-snippets-service.readthedocs.io/ ***/ // https://abouthome-snippets-service.readthedocs.io/ ***/
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); user_pref("browser.newtabpage.activity-stream.feeds.snippets", false); // [DEFAULT: false FF89+]
user_pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", ""); user_pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "");
// ------------------------------------- // -------------------------------------
// Disable Activity Stream Top Stories, Pocket-based and/or sponsored content ***/ // Disable Activity Stream Top Stories, Pocket-based and/or sponsored content ***/
@ -829,10 +829,6 @@ user_pref("security.mixed_content.block_active_content", true); // [DEFAULT: tru
// Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/ // Disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/
user_pref("security.mixed_content.block_display_content", true); user_pref("security.mixed_content.block_display_content", true);
// ------------------------------------- // -------------------------------------
// Lock unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+]
// https://bugzilla.mozilla.org/1190623 ***/
user_pref("security.mixed_content.block_object_subrequest", true);
// -------------------------------------
// Enable HTTPS-Only mode [FF76+] // Enable HTTPS-Only mode [FF76+]
// When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored // When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored
// [SETTING] to add site exceptions: Ctrl+I>HTTPS-Only mode>On/Off/Off temporarily // [SETTING] to add site exceptions: Ctrl+I>HTTPS-Only mode>On/Off/Off temporarily
@ -1815,6 +1811,11 @@ user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
// https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed] // https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("dom.ipc.plugins.reportCrashURL", false); user_pref("dom.ipc.plugins.reportCrashURL", false);
// ------------------------------------- // -------------------------------------
// Block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+]
// https://bugzilla.mozilla.org/1190623
// https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("security.mixed_content.block_object_subrequest", true);
// -------------------------------------
// Disable Flash plugin // Disable Flash plugin
// 0=deactivated, 1=ask, 2=enabled // 0=deactivated, 1=ask, 2=enabled
// ESR52.x is the last branch to *fully* support NPAPI, FF52+ stable only supports Flash // ESR52.x is the last branch to *fully* support NPAPI, FF52+ stable only supports Flash