Update 'user.js'

This commit is contained in:
Narsil 2021-04-04 13:40:11 -04:00
parent d2ccf08051
commit 9a721a792a
1 changed files with 21 additions and 12 deletions

33
user.js
View File

@ -896,6 +896,10 @@ user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
// This is done to avoid waiting for a timeout which takes 90 seconds // This is done to avoid waiting for a timeout which takes 90 seconds
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945
user_pref("dom.security.https_only_mode_send_http_background_request", false); user_pref("dom.security.https_only_mode_send_http_background_request", false);
// Treat .onion as a secure context [FF60+] [TOR]
// [NOTE] Firefox cannot access .onion sites by default: it is strongly recommended you just use Tor Browser
// https://bugzilla.mozilla.org/1382359
// user_pref("dom.securecontext.whitelist_onions", true);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// CIPHERS [WARNING: do not meddle with your cipher suite] // CIPHERS [WARNING: do not meddle with your cipher suite]
@ -1006,9 +1010,8 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
// user_pref("network.http.referer.defaultPolicy", 2); // [DEFAULT: 2 FF87+] // user_pref("network.http.referer.defaultPolicy", 2); // [DEFAULT: 2 FF87+]
// user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2] // user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2]
// ------------------------------------- // -------------------------------------
// Hide (not spoof) referrer when leaving a .onion domain [FF54+] // Hide (not spoof) referrer when leaving a .onion domain [FF54+] [TOR]
// [NOTE] Firefox cannot access .onion sites by default. We recommend you use // [NOTE] Firefox cannot access .onion sites by default: it is strongly recommended you just use Tor Browser
// the Tor Browser which is specifically designed for hidden services
// https://bugzilla.mozilla.org/1305144 // https://bugzilla.mozilla.org/1305144
// user_pref("network.http.referer.hideOnionSource", true); // user_pref("network.http.referer.hideOnionSource", true);
// ------------------------------------- // -------------------------------------
@ -1058,6 +1061,7 @@ user_pref("media.gmp-manager.url.override", "");
// Disable all DRM content (EME: Encryption Media Extension) // Disable all DRM content (EME: Encryption Media Extension)
// [SETUP-WEB] e.g. Netflix, Amazon Prime, Hulu, HBO, Disney+, Showtime, Starz, DirectTV // [SETUP-WEB] e.g. Netflix, Amazon Prime, Hulu, HBO, Disney+, Showtime, Starz, DirectTV
// [SETTING] General>DRM Content>Play DRM-controlled content // [SETTING] General>DRM Content>Play DRM-controlled content
// [TEST] https://bitmovin.com/demos/drm
// https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next // https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next
user_pref("media.eme.enabled", false); user_pref("media.eme.enabled", false);
// //
@ -1202,8 +1206,8 @@ user_pref("dom.push.userAgentID", "");
// Disable website access to clipboard events/content [SETUP-HARDEN] // Disable website access to clipboard events/content [SETUP-HARDEN]
// [NOTE] This will break some sites' functionality e.g. Outlook, Twitter, Facebook, Wordpress // [NOTE] This will break some sites' functionality e.g. Outlook, Twitter, Facebook, Wordpress
// This applies to onCut/onCopy/onPaste events - i.e. it requires interaction with the website // This applies to onCut/onCopy/onPaste events - i.e. it requires interaction with the website
// [WARNING] If both 'middlemouse.paste' and 'general.autoScroll' are true (at least one // [WARNING] In FF88 or lower, with clipboardevents enabled, if both 'middlemouse.paste' and
// is default false) then enabling this pref can leak clipboard content // 'general.autoScroll' are true (at least one is default false) then the clipboard can leak
// https://bugzilla.mozilla.org/1528289 // https://bugzilla.mozilla.org/1528289
user_pref("dom.event.clipboardevents.enabled", false); user_pref("dom.event.clipboardevents.enabled", false);
// ------------------------------------- // -------------------------------------
@ -1457,12 +1461,17 @@ user_pref("security.dialog_enable_delay", 700);
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// PERSISTENT STORAGE // PERSISTENT STORAGE
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
// Disable 3rd-party cookies and site-data [SETUP-WEB] // Disable or isolate 3rd-party cookies and site-data [SETUP-WEB]
// 0=Accept cookies and site data, 1=(Block) All third-party cookies, 2=(Block) All cookies, // 0 = Accept cookies and site data
// 3=(Block) Cookies from unvisited websites, 4=(Block) Cross-site and social media trackers (default) // 1 = (Block) All third-party cookies
// [NOTE] You can set exceptions under site permissions or use an extension // 2 = (Block) All cookies
// [NOTE] Enforcing category to custom ensures ETP related prefs are always honored // 3 = (Block) Cookies from unvisited websites
// [SETTING] Privacy & Security>Enhanced Tracking Protection>Custom>Cookies // 4 = (Block) Cross-site tracking cookies (default)
// 5 = (Isolate All) Cross-site cookies (TCP: Total Cookie Protection / dFPI: dynamic FPI)(FF86+)
// Option 5 with FPI enabled is ignored and not shown, and option 4 used instead
// [NOTE] You can set cookie exceptions under site permissions or use an extension
// SETTING] Privacy & Security>Enhanced Tracking Protection>Custom>Cookies
// https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
user_pref("network.cookie.cookieBehavior", 1); user_pref("network.cookie.cookieBehavior", 1);
user_pref("browser.contentblocking.category", "custom"); user_pref("browser.contentblocking.category", "custom");
// ------------------------------------- // -------------------------------------
@ -1789,7 +1798,7 @@ user_pref("layout.spellcheckDefault", 0); // 0=none, 1-multi-line, 2=multi-line
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// UX FEATURES: Disable and hide the icons and menus // UX FEATURES: Disable and hide the icons and menus
// >>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>
user_pref("browser.messaging-system.whatsNewPanel.enabled", false); // What's New [FF69+] user_pref("browser.messaging-system.whatsNewPanel.enabled", false); // What's New toolbar icon [FF69+]
user_pref("messaging-system.rsexperimentloader.enabled", false); user_pref("messaging-system.rsexperimentloader.enabled", false);
user_pref("extensions.pocket.enabled", false); // Pocket Account [FF46+] user_pref("extensions.pocket.enabled", false); // Pocket Account [FF46+]
user_pref("identity.fxaccounts.enabled", false); // Firefox Accounts & Sync [FF60+] [RESTART] user_pref("identity.fxaccounts.enabled", false); // Firefox Accounts & Sync [FF60+] [RESTART]