✅ Fully synced with gHacks and pyllukko user.js
✅ Reviewed and added all the "HIDDEN PREFS" from gHacks and pyllyukko
✅ Reordered some prefs and fixed some text descriptions
✅ Enabled only whitelisted URL protocol handlers
✅ Enabled CSP 1.1 script-nonce directive support
✅ Enabled OCSP Must-Staple support
✅ Enabled Subresource Integrity by default
✅ Enabled GCM, ECDHE and key size > 128bits, ChaCha20 and Poly1305 ciphers
✅ reEnabled ssl3.rsa_aes_128/256_sha due compatibility reasons
✅ Enforce US English locale regardless of the system locale (hidden pref)
✅ Enforced websites to ask to store data for offline use
⛔️ Disabled SSDP (Simple Service Discovery Protocol)
⛔️ Disable auto updating of lightweight themes [FENNEC]
⛔️ Romeved some unused prefs
⛔️ Disabled page thumbnail collection
⛔️ Disabled automatic send selection to clipboard (autocopy)
⛔️Disabled middle mouse click paste (useless on android)
⛔️ Disabled clipboard commands (cut/copy) from "non-privileged" content
⛔️ Disabled WebAssembly
⛔️ Disabled DNS prefetching from HTTPS too
⛔️ Disable SSL session tracking by default
⛔️ Disabled GIO as a potential proxy bypass vector
⛔️ Disabled one more GeoIP lookup on your address (hidden pref)
⛔️ Rejected .onion hostnames before passing the to DNS
ℹ️ Set to "2" bookmarks backups in case of system crash
ℹ️ Removed Set browser, os and app locale prefs (figure out that are useless)
ℹ️ Set how often in minutes Firefox should ask for the master password = 1
ℹ️ Set "Delete Search and Form History" from "180" days to "0"
✅ reEnabled download and share images
✅ Enabled HSTS preload list
⛔️ Disabled Telemetry Coverage (hidden pref, I'm not sure that it is also present in fennec but for safety I added it)
⛔️ Set max popups from a single non-click event from 2 to 0 (default 20)
⛔️ Removed limits of the amount of entries in your DNS cache
⛔️ Disabled navigator.registerProtocolHandler (can no longer be used on insecure sites)
(thanks to https://github.com/v1nc for these suggestions)
✅ Enabled addons autoupdate (need tests)
✅ Sanitized FFox blocklist URL (so it won't send identifiable information)
✅ Enforced the proxy server to do any DNS lookups when using SOCKS
✅ Added some descriptions into OCSP section
✅ Enabled require a valid OCSP
✅ Added OrangeManBad in credits
✅ Sorted and fixed some prefs response for OCSP enabled certificates
⛔️ Disabled more webspeech prefs
⛔️ Disabled some more webgl prefs
✅ Added dividing lines for each prefs to make it easier to read.
✅ Sorted rules
✅ General text optimization
✅ Added MIT license
no prefs has been added or modified in this update. I prefer to isolate it from future changes as it would be difficult and uncomfortable to find what has changed due to the addition of all the divisors.
✅ reEnabled touch(screen) events [set to 1(enabled) instead 2(autodetect)]
✅ Added a dedicated rule in about:config to test user.js
✅ Removed some duplicated and incorrect rules
✅ Started to refine timeout parameters "1" to "-1"
⛔️ Blocked more unwanted connections [FENNEC]
⛔️ Disabled more feedback
✅ Sorted lot of rules and sections
✅ Adjusted credits (added pyllyukko)
✅ Control TLS versions with min (1.2) and max (1.3)
✅ Added some descriptions
✅ Enebled warn the user when server doesn't support RFC 5746 ("safe" renegotiation)
✅ Set control "Add Security Exception" dialog on SSL warnings to "pre-populate url" only
✅ Enabled display advanced information on Insecure Connection warning pages
⛔️ Disabled old SSL/TLS "insecure" renegotiation
⛔️ Disabled SSL Error Reporting
⛔️ Disabled TLS1.3 0-RTT (round-trip time)
⛔️ Disallowed SHA-1
⛔️ Disabled Family Safety cert
⛔️ Disabled 3DES, 128 bits, DHE (Diffie-Hellman Key Exchange), and the remaining non-modern cipher suites
⛔️ Disabled resource timing API
⛔️ Disabled sensor API
⛔️ Disabled gamepad API (USB device ID enumeration)
⛔️ Disabled "dom.netinfo" (giving away network info)
⛔️ Disabled video statistics (JS performance fingerprinting)
⛔️ Disabled touch(screen) events
⛔️ Disabled MediaDevices change detection
⛔️ Disabled WebGL debug info being available to websites
⛔️ Disabled PointerEvents
✅ Sorted a lot of rules and fixed some parameters
✅ Enabled window.opener protection
⛔️ Disabled Service Workers
⛔️ Disabled Web Notifications
⛔️ Disabled Push Notifications
⛔️ Disabled "Confirm you want to leave" dialog on page close
⛔️ Disabled asm.js
⛔️ Disabled Intersection Observer API
✅ Sorted a lot of rules and refined various parameters
✅ Set max popups from a single non-click event (from 3 to 2)
⛔️ Disabled Network Connectivity checks
⛔️ Disable Web Compatibility Reporter
⛔️ Prevent websites from disabling new window features
⛔️ Blocked popup windows during load
⛔️ Limited events that can cause a popup
✅ reEnabled datatime picker
✅ reEnabled top search bar to using words instead url only
⛔️ Limited more info sended and disabled more unwanted connection
⛔️ Disabled completely snippets [FENNEC]
✅ Credits adjusted
✅ Sorted some rules and added some descriptions
✅ Set Browser locale (fennec exclusive)
✅ Added Headers/Referers section to limit sended info
⛔️ Disabled search suggestions / forms / limited history contents and more..
quindecim
dimqua