forked from d3cim/mobile_user.js
Update 'user.js (less connections)'
This commit is contained in:
parent
bab17fe352
commit
222729fde2
|
@ -1045,14 +1045,17 @@ user_pref("javascript.options.asmjs", false);
|
|||
// https://gitlab.torproject.org/legacy/trac/-/issues/26019
|
||||
user_pref("javascript.options.ion", false);
|
||||
// user_pref("javascript.options.baselinejit", false); // [BUG] Addons issues
|
||||
// user_pref("javascript.options.jit_trustedprincipals", true); // [HIDDEN PREF] // [DESKTOP ?]
|
||||
// user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [DESKTOP HIDDEN PREF]
|
||||
user_pref("javascript.options.native_regexp", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable WebAssembly
|
||||
// https://webassembly.org/
|
||||
// Vulnerabilities have increasingly been found, including those known and fixed
|
||||
// in native programs years ago [2]. WASM has powerful low-level access, making
|
||||
// certain attacks (brute-force) and vulnerabilities more possible
|
||||
// [STATS] ~0.2% of websites, about half of which are for crytopmining / malvertising [2][3]
|
||||
// https://developer.mozilla.org/docs/WebAssembly
|
||||
// https://en.wikipedia.org/wiki/WebAssembly
|
||||
// https://gitlab.torproject.org/legacy/trac/-/issues/21549
|
||||
// https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
|
||||
// https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/
|
||||
user_pref("javascript.options.wasm", false);
|
||||
user_pref("javascript.options.wasm_baselinejit", false);
|
||||
user_pref("javascript.options.wasm_cranelift", false);
|
||||
|
@ -1382,6 +1385,7 @@ user_pref("network.predictor.enable-hover-on-ssl", false);
|
|||
// * IPv6 can be abused, especially with MAC addresses, and they do not play nice with VPNs. That's even assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4
|
||||
// [STATS] Firefox telemetry (June 2020) shows only 5% of all connections are IPv6
|
||||
// [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, then this won't make much difference. If you are masking your IP, then it can only help.
|
||||
// [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
|
||||
// [TEST] https://ipleak.org/
|
||||
user_pref("network.dns.disableIPv6", true);
|
||||
// -------------------------------------
|
||||
|
|
Loading…
Reference in New Issue