Update 'user.js'

This commit is contained in:
Narsil 2021-08-07 09:40:24 +00:00
parent 87cf6f6431
commit 87c76ecf2d
1 changed files with 11 additions and 9 deletions

20
user.js
View File

@ -512,7 +512,7 @@ user_pref("network.http.speculative-parallel-limit", 0);
// Disable IPv6 // Disable IPv6
// IPv6 can be abused, especially with MAC addresses, and can leak with VPNs. That's even // IPv6 can be abused, especially with MAC addresses, and can leak with VPNs. That's even
// assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4 // assuming your ISP and/or router and/or website can handle it. Sites will fall back to IPv4
// STATS] Firefox telemetry (Dec 2020) shows ~8% of all connections are IPv6 // [STATS] Firefox telemetry (July 2021) shows ~10% of all connections are IPv6
// [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an // [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an
// OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, // OS/network level, and/or configured properly in VPN setups. If you are not masking your IP,
// then this won't make much difference. If you are masking your IP, then it can only help. // then this won't make much difference. If you are masking your IP, then it can only help.
@ -525,7 +525,7 @@ user_pref("network.dns.disableIPv6", true);
// HTTP2 raises concerns with "multiplexing" and "server push", does nothing to // HTTP2 raises concerns with "multiplexing" and "server push", does nothing to
// enhance privacy, and opens up a number of server-side fingerprinting opportunities. // enhance privacy, and opens up a number of server-side fingerprinting opportunities.
// [WARNING] Don't disable HTTP2. Don't be that one person using HTTP1.1 on HTTP2 sites // [WARNING] Don't disable HTTP2. Don't be that one person using HTTP1.1 on HTTP2 sites
// [STATS] Over 50% of sites (April 2021) and growing // [STATS] ~46% of sites (July 2021)
// https://http2.github.io/faq/ // https://http2.github.io/faq/
// https://blog.scottlogic.com/2014/11/07/http-2-a-quick-look.html // https://blog.scottlogic.com/2014/11/07/http-2-a-quick-look.html
// https://http2.github.io/http2-spec/#rfc.section.10.8 // https://http2.github.io/http2-spec/#rfc.section.10.8
@ -707,8 +707,9 @@ user_pref("signon.formlessCapture.enabled", false);
// 2=allow sub-resources to open HTTP authentication credentials dialogs (default) // 2=allow sub-resources to open HTTP authentication credentials dialogs (default)
user_pref("network.auth.subresource-http-auth-allow", 1); user_pref("network.auth.subresource-http-auth-allow", 1);
// ------------------------------------- // -------------------------------------
// Disable automatic authentication on Microsoft sites [FF91+] [WINDOWS] // Disable automatic authentication on Microsoft sites [FF91+] [WINDOWS 10+]
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1695693,1719301 ***/ // [SETTING] Privacy & Security>Logins and Passwords>Allow Windows single sign-on for...
// https://support.mozilla.org/kb/windows-sso ***/
user_pref("network.http.windows-sso.enabled", false); user_pref("network.http.windows-sso.enabled", false);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
@ -962,7 +963,7 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Display warning on the padlock for "broken security" // Display warning on the padlock for "broken security"
// Bug: warning padlock not indicated for subresources on a secure page! // Bug: warning padlock not indicated for subresources on a secure page!
// [STATS] SSL Labs (Dec 2020) reports 99.0% of sites have secure renegotiation // [STATS] SSL Labs (July 2021) reports over 99% of sites have secure renegotiation
// https://wiki.mozilla.org/Security:Renegotiation // https://wiki.mozilla.org/Security:Renegotiation
// https://bugzilla.mozilla.org/1353705 // https://bugzilla.mozilla.org/1353705
// https://www.ssllabs.com/ssl-pulse/ // https://www.ssllabs.com/ssl-pulse/
@ -1257,9 +1258,10 @@ user_pref("javascript.options.asmjs", false);
// hidden pref is enabled, then Ion can still be used by extensions (1599226) // hidden pref is enabled, then Ion can still be used by extensions (1599226)
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss // [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817 // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
// user_pref("javascript.options.ion", false); user_pref("javascript.options.ion", false);
// user_pref("javascript.options.baselinejit", false); user_pref("javascript.options.baselinejit", false);
// user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF] user_pref("javascript.options.native_regexp", false);
user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
// ------------------------------------- // -------------------------------------
// Disable WebAssembly [FF52+] [SETUP-PERF] // Disable WebAssembly [FF52+] [SETUP-PERF]
// Vulnerabilities have increasingly been found, including those known and fixed // Vulnerabilities have increasingly been found, including those known and fixed
@ -1363,7 +1365,7 @@ user_pref("devtools.selfxss.count", 0);
// Disable MathML (Mathematical Markup Language) [FF51+] [SETUP-HARDEN] // Disable MathML (Mathematical Markup Language) [FF51+] [SETUP-HARDEN]
// [TEST] https://arkenfox.github.io/TZP/tzp.html#misc // [TEST] https://arkenfox.github.io/TZP/tzp.html#misc
// https://bugzilla.mozilla.org/1173199 // https://bugzilla.mozilla.org/1173199
// user_pref("mathml.disabled", true); user_pref("mathml.disabled", true);
// ------------------------------------- // -------------------------------------
// Disable in-content SVG (Scalable Vector Graphics) [FF53+] // Disable in-content SVG (Scalable Vector Graphics) [FF53+]
// [WARNING] Expect breakage incl. youtube player controls. Best left for a "hardened" profile. // [WARNING] Expect breakage incl. youtube player controls. Best left for a "hardened" profile.