From c166eb13a70a105b709af60eed69cc443b419e7f Mon Sep 17 00:00:00 2001 From: Narsil Date: Sun, 25 Jul 2021 09:26:59 +0000 Subject: [PATCH] Update 'user.js' --- user.js | 42 +++++++++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/user.js b/user.js index 08f9b9e..c16aa0e 100644 --- a/user.js +++ b/user.js @@ -173,6 +173,11 @@ user_pref("services.settings.security.onecrl.signer", ""); // [SETTING] about:addons>Extensions>[cog-wheel-icon]>Update Add-ons Automatically (toggle) user_pref("extensions.update.autoUpdateDefault", false); // ------------------------------------- +// Disable auto-INSTALLING Firefox updates via a background service [FF90+] [WINDOWS] +// [SETTING] General>Firefox Updates>Automatically install updates>When Firefox is not running +// https://support.mozilla.org/kb/enable-background-updates-firefox-windows ***/ +user_pref("app.update.background.scheduling.enabled", false); +// ------------------------------------- // Disable extension metadata // used when installing/updating an extension, and in daily background update checks: // when false, extension detail tabs will have no description @@ -637,7 +642,7 @@ user_pref("browser.urlbar.suggest.engines", false); // [FF85+] // user_pref("browser.urlbar.maxRichResults", 0); // ------------------------------------- // Disable location bar autofill -// https://support.mozilla.org/en-US/kb/address-bar-autocomplete-firefox#w_url-autocomplete +// https://support.mozilla.org/kb/address-bar-autocomplete-firefox#w_url-autocomplete user_pref("browser.urlbar.autoFill", false); // ------------------------------------- // Disable search and form history @@ -808,6 +813,9 @@ user_pref("security.ssl.require_safe_negotiation", true); // user_pref("security.tls.version.min", 3); // [DEFAULT: 3] // user_pref("security.tls.version.max", 4); // ------------------------------------- +// Enforce TLS 1.0 and 1.1 downgrades as session only ***/ +user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false] +// ------------------------------------- // Disable SSL session tracking [FF36+] // SSL Session IDs are unique and last up to 24hrs in Firefox (or longer with prolongation attacks) // These are not used in PB mode. In normal windows they are isolated when using FPI @@ -1111,17 +1119,6 @@ user_pref("media.peerconnection.ice.default_address_only", true); user_pref("media.peerconnection.ice.no_host", true); // [FF51+] user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // [FF70+] // ------------------------------------- -// Disable WebGL (Web Graphics Library) -// [SETUP-WEB] When disabled, may break some websites. When enabled, provides high entropy, -// especially with readPixels(). Some of the other entropy is lessened with RFP -// https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/ -// https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern -user_pref("webgl.disabled", true); -user_pref("webgl.enable-webgl2", false); -// ------------------------------------- -// Limit WebGL -user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+] -// ------------------------------------- // Disable screensharing user_pref("media.getusermedia.screensharing.enabled", false); user_pref("media.getusermedia.browser.enabled", false); @@ -1204,8 +1201,8 @@ user_pref("dom.webnotifications.enabled", false); // [FF22+] // a prompt. Disabling service workers alone doesn't stop Firefox polling the // Mozilla Push Server. To remove all subscriptions, reset your userAgentID (in about:config // or on start), and you will get a new one within a few seconds. -// https://support.mozilla.org/en-US/kb/push-notifications-firefox -// https://developer.mozilla.org/en-US/docs/Web/API/Push_API +// https://support.mozilla.org/kb/push-notifications-firefox +// https://developer.mozilla.org/docs/Web/API/Push_API user_pref("dom.push.enabled", false); user_pref("dom.push.connection.enabled", false); user_pref("dom.push.serverURL", ""); @@ -1314,6 +1311,17 @@ user_pref("dom.battery.enabled", false); // [SETTING] to add site exceptions: Ctrl+I>Permissions>Access Virtual Reality Devices // [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Virtual Reality>Settings // user_pref("permissions.default.xr", 2); +// ------------------------------------- +// Disable WebGL (Web Graphics Library) +// [SETUP-WEB] When disabled, may break some websites. When enabled, provides high entropy, +// especially with readPixels(). Some of the other entropy is lessened with RFP +// https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/ +// https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern +user_pref("webgl.disabled", true); +user_pref("webgl.enable-webgl2", false); +// ------------------------------------- +// Limit WebGL +user_pref("webgl.disable-fail-if-major-performance-caveat", true); // [DEFAULT: true FF86+] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // MISCELLANEOUS @@ -1541,7 +1549,7 @@ user_pref("network.cookie.lifetimePolicy", 2); // user_pref("dom.storageManager.enabled", false); // ------------------------------------- // Disable Storage Access API [FF65+] -// https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API +// https://developer.mozilla.org/docs/Web/API/Storage_Access_API // user_pref("dom.storage_access.enabled", false); // ------------------------------------- // Enable Local Storage Next Generation (LSNG) [FF65+] @@ -1614,7 +1622,7 @@ user_pref("privacy.firstparty.isolate", true); // The 2nd pref removes that limitation and will only allow communication if FPDs also match. // https://bugzilla.mozilla.org/1319773#c22 // https://bugzilla.mozilla.org/1492607 -// https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage +// https://developer.mozilla.org/docs/Web/API/Window/postMessage // user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true] // user_pref("privacy.firstparty.isolate.block_post_message", true); // ------------------------------------- @@ -1757,7 +1765,7 @@ user_pref("webgl.enable-debug-renderer-info", false); user_pref("ui.prefersReducedMotion", 0); // [HIDDEN PREF] // ------------------------------------- // Disable PointerEvents [FF86 or lower] -// https://developer.mozilla.org/en-US/docs/Web/API/PointerEvent +// https://developer.mozilla.org/docs/Web/API/PointerEvent // https://bugzilla.mozilla.org/1688105 user_pref("dom.w3c_pointer_events.enabled", false); // -------------------------------------