Update 'user.js'

This commit is contained in:
quindecim 2020-05-07 13:42:34 -04:00
parent 81d9818271
commit f287a96740
1 changed files with 95 additions and 31 deletions

126
user.js
View File

@ -119,6 +119,7 @@ user_pref("browser.startup.homepage_override.mstone", "ignore");
// https://bugzilla.mozilla.org/show_bug.cgi?id=1617783 // https://bugzilla.mozilla.org/show_bug.cgi?id=1617783
user_pref("browser.aboutwelcome.enabled", false); // [DESKTOP] user_pref("browser.aboutwelcome.enabled", false); // [DESKTOP]
user_pref("browser.aboutwelcome.log", ""); // [DESKTOP] user_pref("browser.aboutwelcome.log", ""); // [DESKTOP]
user_pref("trailhead.firstrun.branches", ""); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Quiet Fox // Section : Quiet Fox
@ -127,12 +128,11 @@ user_pref("browser.aboutwelcome.log", ""); // [DESKTOP]
// true=application updates are installed without user approval. // true=application updates are installed without user approval.
// false=application updates are downloaded but the user can choose when to install the update. // false=application updates are downloaded but the user can choose when to install the update.
user_pref("app.update.auto", false); // [DESKTOP] user_pref("app.update.auto", false); // [DESKTOP]
user_pref("app.update.autodownload", "never"); // [FENNEC] user_pref("app.update.autodownload", "never"); // [FENIX]
user_pref("app.update.channel", ""); user_pref("app.update.channel", "");
user_pref("app.update.url", ""); // [DESKTOP]
user_pref("app.update.url.details", ""); // [DESKTOP] user_pref("app.update.url.details", ""); // [DESKTOP]
user_pref("app.update.url.manual", ""); // [DESKTOP] user_pref("app.update.url.manual", ""); // [DESKTOP]
user_pref("app.update.url.android", ""); // [FENNEC] user_pref("app.update.url.android", ""); // [FENIX]
user_pref("app.update.staging.enabled", false); // [DESKTOP] user_pref("app.update.staging.enabled", false); // [DESKTOP]
user_pref("app.update.log.file", false); // [DESKTOP] user_pref("app.update.log.file", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
@ -325,6 +325,7 @@ user_pref("toolkit.telemetry.geckoview.streaming", false);
user_pref("toolkit.telemetry.isGeckoViewMode", false); user_pref("toolkit.telemetry.isGeckoViewMode", false);
user_pref("toolkit.telemetry.testing.overrideProductsCheck", false); user_pref("toolkit.telemetry.testing.overrideProductsCheck", false);
user_pref("security.app_menu.recordEventTelemetry", false); // [DESKTOP] user_pref("security.app_menu.recordEventTelemetry", false); // [DESKTOP]
user_pref("browser.urlbar.eventTelemetry.enabled", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable Telemetry Coverage // Pref : Disable Telemetry Coverage
// https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ // https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/
@ -950,16 +951,22 @@ user_pref("dom.ipc.processPriorityManager.enabled", true); // [DESKTOP] // [TEST
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false] user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
// ------------------------------------- // -------------------------------------
// Pref : Disable purge site data after identifying tracking site via cookies // Pref : Disable purge site data after identifying tracking site via cookies
// [NOTE] Relax this with 'privacy.clearOnShutdown.*' enabled // [NOTE] Relax this with 'privacy.clearOnShutdown.*' enabled
// https://bugzilla.mozilla.org/show_bug.cgi?id=1599262 // https://bugzilla.mozilla.org/show_bug.cgi?id=1599262
// https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/ // https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/
user_pref("privacy.purge_trackers.enabled", false); user_pref("privacy.purge_trackers.enabled", false);
user_pref("privacy.purge_trackers.logging.enabled", false); user_pref("privacy.purge_trackers.logging.enabled", false);
user_pref("privacy.purge_trackers.logging.level", "");
// ------------------------------------- // -------------------------------------
// Pref : Disable permissions delegation // Pref : Disable permissions delegation
// Currently applies to cross-origin geolocation, camera, mic and screen-sharing permissions, and fullscreen requests. Disabling delegation means any prompts for these will show/use their correct 3rd party origin // Currently applies to cross-origin geolocation, camera, mic and screen-sharing permissions, and fullscreen requests. Disabling delegation means any prompts for these will show/use their correct 3rd party origin
// https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion // https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
user_pref("permissions.delegation.enabled", false); user_pref("permissions.delegation.enabled", false);
// -------------------------------------
// Pref : Disable the default checkedness for "Save card and address to Firefox" checkboxes
// https://bugzilla.mozilla.org/show_bug.cgi?id=1477106
user_pref("dom.payments.defaults.saveAddress", false);
user_pref("dom.payments.defaults.saveCreditCard", false);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Web Workers // Section : Web Workers
@ -1004,7 +1011,7 @@ user_pref("browser.download.hide_plugins_without_extensions", false); // [DESKTO
user_pref("dom.event.contextmenu.enabled", false); user_pref("dom.event.contextmenu.enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable website access to clipboard events/content // Pref : Disable website access to clipboard events/content
// This applies to onCut/onCopy/onPaste events - i.e. it requires interaction with the website // [NOTE] This will break some sites' functionality e.g. Outlook, Twitter, Facebook, Wordpress
// [WARNING] If both 'middlemouse.paste' and 'general.autoScroll' are true (at least one is default (false) then enabling this pref can leak clipboard content // [WARNING] If both 'middlemouse.paste' and 'general.autoScroll' are true (at least one is default (false) then enabling this pref can leak clipboard content
// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled // https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled
// https://www.ghacks.net/2014/01/08/block-websites-reading-modifying-clipboard-contents-firefox/ // https://www.ghacks.net/2014/01/08/block-websites-reading-modifying-clipboard-contents-firefox/
@ -1034,11 +1041,13 @@ user_pref("dom.vibrator.enabled", false);
user_pref("javascript.options.asmjs", false); user_pref("javascript.options.asmjs", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable Ion, baseline JIT and RegExp to help harden JS against exploits // Pref : Disable Ion, baseline JIT and RegExp to help harden JS against exploits
// [NOTE] In FF75+, when (both) Ion and JIT are disabled, **and** the new hidden pref is enabled, then Ion can still be used by extensions
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss // [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817 // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
// https://trac.torproject.org/projects/tor/ticket/26019 // https://trac.torproject.org/projects/tor/ticket/26019
user_pref("javascript.options.ion", false); // [DESKTOP - BUG] Navigation issues user_pref("javascript.options.ion", false);
// user_pref("javascript.options.baselinejit", false); // [BUG] Addons issues // user_pref("javascript.options.baselinejit", false); // [FENNEC - BUG] Addons issues
// user_pref("javascript.options.jit_trustedprincipals", true); // [HIDDEN PREF] // [DESKTOP ?]
user_pref("javascript.options.native_regexp", false); user_pref("javascript.options.native_regexp", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable WebAssembly // Pref : Disable WebAssembly
@ -1145,7 +1154,6 @@ user_pref("gfx.offscreencanvas.enabled", false); // [DEFAULT: false]
// 0=Allow all, 1=Block non-muted media, 5=Block all // 0=Allow all, 1=Block non-muted media, 5=Block all
// [NOTE] You can set exceptions under site permissions // [NOTE] You can set exceptions under site permissions
user_pref("media.autoplay.default", 5); user_pref("media.autoplay.default", 5);
user_pref("media.autoplay.allow-muted", false); // [FENNEC]
user_pref("media.autoplay.block-event.enabled", true); // [DEFAULT: false] user_pref("media.autoplay.block-event.enabled", true); // [DEFAULT: false]
user_pref("media.autoplay.block-webaudio", true); // [DEFAULT: false] user_pref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
// ------------------------------------- // -------------------------------------
@ -1182,14 +1190,14 @@ user_pref("browser.sessionhistory.max_entries", 4); // [DEFAULT: 50]
// https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector // https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector
user_pref("layout.css.visited_links_enabled", false); user_pref("layout.css.visited_links_enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable search suggestions in the search bar // Pref : Disable live search suggestions
user_pref("browser.search.suggest.enabled", false); user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.suggest.enabled.private", false); user_pref("browser.search.suggest.enabled.private", false);
user_pref("browser.search.suggest.prompted", true); // [FENNEC]
// -------------------------------------
// Pref : Disable "Show search suggestions in location bar results"
user_pref("browser.urlbar.suggest.searches", false); // [DESKTOP] user_pref("browser.urlbar.suggest.searches", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable "Would you like to turn on search suggestions" prompt message
user_pref("browser.search.suggest.prompted", true); // [FENNEC]
// -------------------------------------
// Pref : Disable information entered in web page forms and the search bar // Pref : Disable information entered in web page forms and the search bar
// [NOTE] You can clear formdata on exiting Firefox // [NOTE] You can clear formdata on exiting Firefox
user_pref("browser.formfill.enable", false); user_pref("browser.formfill.enable", false);
@ -1226,8 +1234,9 @@ user_pref("browser.urlbar.usepreloadedtopurls.enabled", false); // [DESKTOP]
user_pref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); // [DESKTOP] user_pref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); // [DESKTOP]
user_pref("browser.urlbar.searchSuggestionsChoice", false); // [DESKTOP] user_pref("browser.urlbar.searchSuggestionsChoice", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable history/bookmarks/opened pages suggestions dropdown from URL bar // Pref : Disable URL bar autocomplete and history/bookmarks suggestions dropdown
// [NOTE] This does not cause privacy/leaking issue // http://kb.mozillazine.org/Disabling_autocomplete_-_Firefox#Firefox_3.5
user_pref("browser.urlbar.autocomplete.enabled", false); // [FENNEC]
user_pref("browser.urlbar.suggest.history", false); // [DESKTOP] user_pref("browser.urlbar.suggest.history", false); // [DESKTOP]
user_pref("browser.urlbar.suggest.bookmark", false); // [DESKTOP] user_pref("browser.urlbar.suggest.bookmark", false); // [DESKTOP]
user_pref("browser.urlbar.suggest.openpage", false); // [DESKTOP] user_pref("browser.urlbar.suggest.openpage", false); // [DESKTOP]
@ -1329,6 +1338,8 @@ user_pref("toolkit.startup.max_resumed_crashes", -1); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Force Encrypted Server Name Indication (eSNI) for TLS 1.3 if TRR/DoH is enabled // Pref : Force Encrypted Server Name Indication (eSNI) for TLS 1.3 if TRR/DoH is enabled
// [NOTE] I don't encourage DoH (but it is a useful and valid mechanism for those who need it) // [NOTE] I don't encourage DoH (but it is a useful and valid mechanism for those who need it)
// https://wiki.mozilla.org/Trusted_Recursive_Resolver#ESNI
// https://en.wikipedia.org/wiki/Server_Name_Indication#Security_implications_(ESNI)
user_pref("network.security.esni.enabled", true); user_pref("network.security.esni.enabled", true);
// ------------------------------------- // -------------------------------------
// Pref : Disable ping to Mozilla for Man-in-the-Middle detection // Pref : Disable ping to Mozilla for Man-in-the-Middle detection
@ -1366,7 +1377,6 @@ user_pref("network.http.speculative-parallel-limit", 0);
// Pref : Disable predictor / prefetching // Pref : Disable predictor / prefetching
// Network predicator load pages before they are opened with mose hover for example // Network predicator load pages before they are opened with mose hover for example
user_pref("network.predictor.enabled", false); user_pref("network.predictor.enabled", false);
user_pref("network.predictor.cleaned-up", true);
user_pref("network.predictor.enable-prefetch", false); user_pref("network.predictor.enable-prefetch", false);
user_pref("network.predictor.enable-hover-on-ssl", false); user_pref("network.predictor.enable-hover-on-ssl", false);
// //
@ -1435,6 +1445,12 @@ user_pref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // [DESKTOP]
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : HTTPS (SSL/TLS / OCSP / Certs / HPKP / Ciphers) // Section : HTTPS (SSL/TLS / OCSP / Certs / HPKP / Ciphers)
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Enable HTTPS-only-mode
// [NOTE] This is experimental
// https://www.ghacks.net/2020/03/24/firefox-76-gets-optional-https-only-mode/
// https://bugzilla.mozilla.org/1613063
// user_pref("dom.security.https_only_mode", true);
// -------------------------------------
// Pref : Require safe negotiation // Pref : Require safe negotiation
// Blocks connections to servers that don't support RFC 5746 as they're potentially vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack if it disables renegotiations but the problem is that the browser can't know that. // Blocks connections to servers that don't support RFC 5746 as they're potentially vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack if it disables renegotiations but the problem is that the browser can't know that.
// Setting this pref to true is the only way for the browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server. // Setting this pref to true is the only way for the browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server.
@ -1446,6 +1462,7 @@ user_pref("security.ssl.require_safe_negotiation", true);
// Pref : Control TLS versions with min and max // Pref : Control TLS versions with min and max
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3 // 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint. // [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
// Firefox telemetry (April 2020) shows only 0.25% of TLS web traffic uses 1.0 or 1.1
// https://www.ssllabs.com/ssl-pulse/ // https://www.ssllabs.com/ssl-pulse/
// user_pref("security.tls.version.min", 3); // user_pref("security.tls.version.min", 3);
// user_pref("security.tls.version.max", 4); // user_pref("security.tls.version.max", 4);
@ -1796,9 +1813,20 @@ user_pref("browser.cache.disk.smart_size.enabled", false);
user_pref("browser.cache.disk.smart_size.first_run", false); user_pref("browser.cache.disk.smart_size.first_run", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable memory cache // Pref : Disable memory cache
// Capacity: -1=determine dynamically (default), 0=none, n=memory capacity in kilobytes
// user_pref("browser.cache.memory.enable", false); // user_pref("browser.cache.memory.enable", false);
// user_pref("browser.cache.memory.capacity", 0); // [HIDDEN PREF ESR] // user_pref("browser.cache.memory.capacity", 0); // [HIDDEN PREF ESR]
// ------------------------------------- // -------------------------------------
// Pref : Disable permissions manager from writing to disk
// [NOTE] This means any permission changes are session only
// https://bugzilla.mozilla.org/967812
// user_pref("permissions.memory_only", true); // [HIDDEN PREF]
// -------------------------------------
// Pref : Disable media cache from writing to disk in Private Browsing
// [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB
user_pref("browser.privatebrowsing.forceMediaMemoryCache", true);
user_pref("media.memory_cache_max_size", 16384);
// -------------------------------------
// Pref : Disable fastback cache // Pref : Disable fastback cache
// To improve performance when pressing back/forward Firefox stores visited pages so they don't have to be re-parsed. This is not the same as memory cache. // To improve performance when pressing back/forward Firefox stores visited pages so they don't have to be re-parsed. This is not the same as memory cache.
// 0=none, -1=auto (that's minus 1). // 0=none, -1=auto (that's minus 1).
@ -1814,9 +1842,6 @@ user_pref("browser.sessionstore.max_tabs_undo", 0);
// 0=everywhere, 1=unencrypted sites, 2=nowhere // 0=everywhere, 1=unencrypted sites, 2=nowhere
user_pref("browser.sessionstore.privacy_level", 2); user_pref("browser.sessionstore.privacy_level", 2);
// ------------------------------------- // -------------------------------------
// Pref : Disable resuming session from crash
user_pref("browser.sessionstore.resume_from_crash", false);
// -------------------------------------
// Pref : Set the minimum interval between session save operations // Pref : Set the minimum interval between session save operations
// Increasing this can help on older machines and some websites, as well as reducing writes. Default is 15000 (15 secs). Try 30000 (30 secs), 60000 (1 min) etc. // Increasing this can help on older machines and some websites, as well as reducing writes. Default is 15000 (15 secs). Try 30000 (30 secs), 60000 (1 min) etc.
// This can also affect entries in the "Recently Closed Tabs" feature: i.e. the longer the interval the more chance a quick tab open/close won't be captured. // This can also affect entries in the "Recently Closed Tabs" feature: i.e. the longer the interval the more chance a quick tab open/close won't be captured.
@ -1861,10 +1886,7 @@ user_pref("browser.sessionstore.resume_session_once", false); // [DESKTOP]
// Pref : Disable geolocation // Pref : Disable geolocation
user_pref("geo.enabled", false); user_pref("geo.enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable GeoIP lookup on your address to set default search engine region // Pref : Disable geographically specific results/search engines e.g. "browser.search.*.US", i.e. ignore all of Mozilla's various search engines in multiple locales
// https://trac.torproject.org/projects/tor/ticket/16254
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
user_pref("browser.search.region", "US");
user_pref("browser.search.geoSpecificDefaults.url", ""); user_pref("browser.search.geoSpecificDefaults.url", "");
user_pref("browser.snippets.geoUrl", ""); user_pref("browser.snippets.geoUrl", "");
// ------------------------------------- // -------------------------------------
@ -1872,7 +1894,9 @@ user_pref("browser.snippets.geoUrl", "");
user_pref("intl.accept_languages", "en-US, en"); user_pref("intl.accept_languages", "en-US, en");
// ------------------------------------- // -------------------------------------
// Pref : Enforce US English locale regardless of the system locale // Pref : Enforce US English locale regardless of the system locale
// [NOTE] May break some input methods e.g xim/ibus for CJK languages
// https://bugzilla.mozilla.org/867501 // https://bugzilla.mozilla.org/867501
// https://bugzilla.mozilla.org/1629630
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF] user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// ------------------------------------- // -------------------------------------
// Pref : Disable using the OS's geolocation service // Pref : Disable using the OS's geolocation service
@ -2027,7 +2051,6 @@ user_pref("extensions.blocklist.lastModified", ""); // [DESKTOP]
user_pref("extensions.blocklist.itemURL", ""); user_pref("extensions.blocklist.itemURL", "");
user_pref("extensions.blocklist.enabled", false); user_pref("extensions.blocklist.enabled", false);
user_pref("extensions.blocklist.detailsURL", ""); user_pref("extensions.blocklist.detailsURL", "");
user_pref("extensions.blocklist.useXML", false);
user_pref("services.settings.security.onecrl.bucket", ""); user_pref("services.settings.security.onecrl.bucket", "");
user_pref("services.settings.security.onecrl.collection", ""); user_pref("services.settings.security.onecrl.collection", "");
user_pref("services.settings.security.onecrl.signer", ""); user_pref("services.settings.security.onecrl.signer", "");
@ -2050,11 +2073,6 @@ user_pref("urlclassifier.trackingAnnotationWhitelistTable", "");
user_pref("urlclassifier.trackingTable", ""); user_pref("urlclassifier.trackingTable", "");
user_pref("urlclassifier.trackingWhitelistTable", ""); user_pref("urlclassifier.trackingWhitelistTable", "");
// ------------------------------------- // -------------------------------------
// Pref : Decrease system information leakage to Mozilla blocklist update servers
// https://trac.torproject.org/projects/tor/ticket/16931
// https://old.reddit.com/r/firefox/comments/9v5lue/firefox_tip_sanitize_firefox_blocklist_url_so_it/
user_pref("extensions.blocklist.url", ""); // [URL SANITIZED: https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%20/%20/]
// -------------------------------------
// Pref : Opt-out of add-on metadata updates // Pref : Opt-out of add-on metadata updates
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
user_pref("extensions.getAddons.cache.enabled", false); user_pref("extensions.getAddons.cache.enabled", false);
@ -2174,7 +2192,7 @@ user_pref("browser.contentblocking.features.strict", ""); // [DESKTOP]
// https://github.com/pyllyukko/user.js/issues/419 // https://github.com/pyllyukko/user.js/issues/419
// https://dxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/AddonManager.jsm#1248-1257 // https://dxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/AddonManager.jsm#1248-1257
// [NOTE] Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation) // [NOTE] Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation)
// user_pref("extensions.systemAddon.update.enabled", false); // [DESKTOP] // user_pref("extensions.systemAddon.update.enabled", false);
user_pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] user_pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED]
// ------------------------------------- // -------------------------------------
// Pref : Disable Normandy/Shield // Pref : Disable Normandy/Shield
@ -2197,6 +2215,11 @@ user_pref("extensions.formautofill.addresses.enabled", false); // [DESKTOP]
user_pref("extensions.formautofill.available", "off"); // [DESKTOP] user_pref("extensions.formautofill.available", "off"); // [DESKTOP]
user_pref("extensions.formautofill.creditCards.enabled", false); // [DESKTOP] user_pref("extensions.formautofill.creditCards.enabled", false); // [DESKTOP]
user_pref("extensions.formautofill.heuristics.enabled", false); // [DESKTOP] user_pref("extensions.formautofill.heuristics.enabled", false); // [DESKTOP]
// -------------------------------------
// Pref : Disable ExperimentManager and relative API
// https://bugzilla.mozilla.org/show_bug.cgi?id=1620021
user_pref("messaging-system.rsexperimentloader.enabled", false); // [DESKTOP]
user_pref("messaging-system.log", ""); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Persistent Storage // Section : Persistent Storage
@ -2215,6 +2238,10 @@ user_pref("network.cookie.lifetimePolicy", 2);
// [NOTE] Can breaks payment gateways // [NOTE] Can breaks payment gateways
user_pref("network.cookie.cookieBehavior", 1); user_pref("network.cookie.cookieBehavior", 1);
// ------------------------------------- // -------------------------------------
// Pref : Disable compatibility heuristics to 3rd-party cookie blocking
// https://bugzilla.mozilla.org/show_bug.cgi?id=1625568
user_pref("network.cookie.rejectForeignWithExceptions.enabled", false);
// -------------------------------------
// Pref : Set third-party cookies (i.e ALL) (if enabled) to session-only and set third-party non-secure (i.e HTTP) cookies to session-only // Pref : Set third-party cookies (i.e ALL) (if enabled) to session-only and set third-party non-secure (i.e HTTP) cookies to session-only
// [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and .nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones // [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and .nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones
// https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ // https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/
@ -2242,6 +2269,7 @@ user_pref("browser.cache.offline.enable", false);
user_pref("browser.cache.offline.capacity", 0); user_pref("browser.cache.offline.capacity", 0);
// ------------------------------------- // -------------------------------------
// Pref : Disable service workers cache and cache storage // Pref : Disable service workers cache and cache storage
// [NOTE] Service worker cache are cleared on exit
// https://w3c.github.io/ServiceWorker/#privacy // https://w3c.github.io/ServiceWorker/#privacy
// user_pref("dom.caches.enabled", false); // user_pref("dom.caches.enabled", false);
// ------------------------------------- // -------------------------------------
@ -2339,7 +2367,7 @@ user_pref("privacy.donottrackheader.enabled", false); // [DEFAULT: true]
// Section : FPI (First Party Isolation) // Section : FPI (First Party Isolation)
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Enable FPI (First Party Isolation) // Pref : Enable FPI (First Party Isolation)
// [SETUP-WEB] May break cross-domain logins and site functionality until perfected // [NOTE] May break cross-domain logins and site functionality until perfected
// https://bugzilla.mozilla.org/1260931 // https://bugzilla.mozilla.org/1260931
user_pref("privacy.firstparty.isolate", true); user_pref("privacy.firstparty.isolate", true);
// ------------------------------------- // -------------------------------------
@ -2535,6 +2563,13 @@ user_pref("browser.download.autohideButton", false); // [DESKTOP]
// Pref : Disable browser animation // Pref : Disable browser animation
// https://bugzilla.mozilla.org/show_bug.cgi?id=1352069 // https://bugzilla.mozilla.org/show_bug.cgi?id=1352069
user_pref("toolkit.cosmeticAnimations.enabled", false); user_pref("toolkit.cosmeticAnimations.enabled", false);
// -------------------------------------
// Pref : Disable (temporarily) "Megabar" design
// https://support.mozilla.org/en-US/questions/1284354
user_pref("browser.urlbar.openViewOnFocus", false); // [DESKTOP]
user_pref("browser.urlbar.update1", false); // [DESKTOP]
user_pref("browser.urlbar.update1.interventions", false); // [DESKTOP]
user_pref("browser.urlbar.update1.searchTips", false); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Personal // Section : Personal
@ -2624,7 +2659,7 @@ user_pref("plugins.click_to_play", true);
// Pref : Disable autoplay of HTML5 media // Pref : Disable autoplay of HTML5 media
// https://bugzilla.mozilla.org/1562331 // https://bugzilla.mozilla.org/1562331
// https://hg.mozilla.org/mozilla-central/rev/3780202d7104 // https://hg.mozilla.org/mozilla-central/rev/3780202d7104
user_pref("media.autoplay.allow-muted", false); // [FENNEC] user_pref("media.autoplay.allow-muted", false);
// ------------------------------------- // -------------------------------------
// FF70+ // FF70+
// ------------------------------------- // -------------------------------------
@ -2839,5 +2874,34 @@ user_pref("browser.urlbar.doubleClickSelectsAll", false);
// https://hg.mozilla.org/mozilla-central/rev/bb85b121d2ac // https://hg.mozilla.org/mozilla-central/rev/bb85b121d2ac
user_pref("dom.vr.openvr.action_input", false); user_pref("dom.vr.openvr.action_input", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable GeoIP-based search defaults
// [NOTE] May not be hidden if Firefox has changed your settings due to your locale
// https://trac.torproject.org/projects/tor/ticket/16254
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
// user_pref("browser.search.region", "US"); // [HIDDEN PREF]
// -------------------------------------
// FF76+ // FF76+
// -------------------------------------
// Pref : Decrease system information leakage to Mozilla blocklist update servers
// https://bugzilla.mozilla.org/show_bug.cgi?id=1618188
// https://hg.mozilla.org/mozilla-central/rev/06ca3c111fc7
user_pref("extensions.blocklist.url", "");
// -------------------------------------
// Pref : Disable app from auto-update
// https://bugzilla.mozilla.org/show_bug.cgi?id=1568994
// https://hg.mozilla.org/mozilla-central/rev/12efcfc5555a
// https://hg.mozilla.org/mozilla-central/rev/cd6bf21b54db
user_pref("app.update.url", "");
// -------------------------------------
// Pref : Disable add-on and certificate blocklists (OneCRL) from Mozilla
// https://bugzilla.mozilla.org/show_bug.cgi?id=1618188
// https://hg.mozilla.org/mozilla-central/rev/06ca3c111fc7
user_pref("extensions.blocklist.useXML", false);
// -------------------------------------
// Pref : Disable predictor / prefetching
// https://bugzilla.mozilla.org/show_bug.cgi?id=1544868
// https://hg.mozilla.org/mozilla-central/rev/3763471a8781
user_pref("network.predictor.cleaned-up", true);
// -------------------------------------
// FF77+
// ------------------------------------- // -------------------------------------