Commit Graph

214 Commits

Author SHA1 Message Date
quindecim fea114e16a
Update user.js
 Fully synced with gHacks and pyllukko user.js
 Reviewed and added all the "HIDDEN PREFS" from gHacks and pyllyukko
 Reordered some prefs and fixed some text descriptions
 Enabled only whitelisted URL protocol handlers
 Enabled CSP 1.1 script-nonce directive support
 Enabled OCSP Must-Staple support
 Enabled Subresource Integrity by default
 Enabled GCM, ECDHE and key size > 128bits, ChaCha20 and Poly1305 ciphers
 reEnabled ssl3.rsa_aes_128/256_sha due compatibility reasons
 Enforce US English locale regardless of the system locale (hidden pref)
 Enforced websites to ask to store data for offline use

️ Disabled SSDP (Simple Service Discovery Protocol)
️ Disable auto updating of lightweight themes [FENNEC]
️ Romeved some unused prefs
️ Disabled page thumbnail collection
️ Disabled automatic send selection to clipboard (autocopy)
️Disabled middle mouse click paste (useless on android)
️ Disabled clipboard commands (cut/copy) from "non-privileged" content
️ Disabled WebAssembly
️ Disabled DNS prefetching from HTTPS too
️ Disable SSL session tracking by default
️ Disabled GIO as a potential proxy bypass vector
️ Disabled one more GeoIP lookup on your address (hidden pref)
️ Rejected .onion hostnames before passing the to DNS

ℹ️ Set to "2" bookmarks backups in case of system crash
ℹ️ Removed Set browser, os and app locale prefs (figure out that are useless)
ℹ️ Set how often in minutes Firefox should ask for the master password = 1
ℹ️ Set "Delete Search and Form History" from "180" days to "0"
2019-05-07 08:26:05 +00:00
quindecim 8cd60245ec
Update user.js
 reEnabled download and share images
 Enabled HSTS preload list
️ Disabled Telemetry Coverage (hidden pref, I'm not sure that it is also present in fennec but for safety I added it)
️ Set max popups from a single non-click event from 2 to 0 (default 20) 
️ Removed limits of the amount of entries in your DNS cache
️ Disabled navigator.registerProtocolHandler (can no longer be used on insecure sites)

 (thanks to https://github.com/v1nc for these suggestions)
2019-05-06 07:59:33 +00:00
quindecim faac2e2858
Update user.js
 Enabled addons autoupdate (need tests)
 Sanitized FFox blocklist URL (so it won't send identifiable information)
 Enforced the proxy server to do any DNS lookups when using SOCKS
 Added some descriptions into OCSP section
 Enabled require a valid OCSP
 Added OrangeManBad in credits
 Sorted and fixed some prefs response for OCSP enabled certificates
️ Disabled more webspeech prefs
️ Disabled some more webgl prefs
2019-05-04 17:30:35 +00:00
quindecim 61386840c9
Update user.js
 Added dividing lines for each prefs to make it easier to read.
 Sorted rules
 General text optimization
 Added MIT license

no prefs has been added or modified in this update. I prefer to isolate it from future changes as it would be difficult and uncomfortable to find what has changed due to the addition of all the divisors.
2019-05-02 09:06:56 +00:00
quindecim be066db48c
Added MIT license 2019-05-01 21:19:59 +00:00
quindecim f72caeb4e2
Update user.js
 Sorted some prefs
 Added new section: "Personal", with some personal prefs
 Removed some incorrect prefs
 Refined all timeout parameters "1" to "-1"
 Enabled "Always enable zoom" feature by default
️ Disabled In-Browser Feed Handling
️ Disable more unwanted connections [FENNEC]
️ Disabled widevine CDM (Content Decryption Module)
️ Disabled location bar autocomplete
2019-05-01 09:22:54 +00:00
quindecim cda2ae9c2e
Update user.js
 reEnabled touch(screen) events [set to 1(enabled) instead 2(autodetect)]
 Added a dedicated rule in about:config to test user.js
 Removed some duplicated and incorrect rules
 Started to refine timeout parameters "1" to "-1"
️ Blocked more unwanted connections [FENNEC]
️ Disabled more feedback
2019-04-30 18:29:58 +02:00
quindecim 96da182e37
Update user.js
 Sorted lot of rules and sections
 Adjusted credits (added pyllyukko)
 Control TLS versions with min (1.2) and max (1.3)
 Added some descriptions
 Enebled warn the user when server doesn't support RFC 5746 ("safe" renegotiation)
 Set control "Add Security Exception" dialog on SSL warnings to "pre-populate url" only
 Enabled display advanced information on Insecure Connection warning pages
️ Disabled old SSL/TLS "insecure" renegotiation
️ Disabled SSL Error Reporting
️ Disabled TLS1.3 0-RTT (round-trip time)
️ Disallowed SHA-1
️ Disabled Family Safety cert
️ Disabled 3DES, 128 bits, DHE (Diffie-Hellman Key Exchange), and the remaining non-modern cipher suites
️ Disabled resource timing API
️ Disabled sensor API
️ Disabled gamepad API (USB device ID enumeration)
️ Disabled "dom.netinfo" (giving away network info)
️ Disabled video statistics (JS performance fingerprinting)
️ Disabled touch(screen) events
️ Disabled MediaDevices change detection
️ Disabled WebGL debug info being available to websites
️ Disabled PointerEvents
2019-04-28 23:52:16 +00:00
quindecim 8ad625e231
Update user.js
 Sorted a lot of rules and fixed some parameters
 Enabled window.opener protection
️ Disabled Service Workers
️ Disabled Web Notifications
️ Disabled Push Notifications
️ Disabled "Confirm you want to leave" dialog on page close
️ Disabled asm.js
️ Disabled Intersection Observer API
2019-04-27 17:36:54 +00:00
quindecim c37fe0699b
[HOTFIX] Update user.js
 Fixed typing error
2019-04-27 09:34:46 +00:00
quindecim f396d8e581
Update user.js
 Sorted a lot of rules and refined various parameters
 Set max popups from a single non-click event (from 3 to 2)
️ Disabled Network Connectivity checks
️ Disable Web Compatibility Reporter
️ Prevent websites from disabling new window features
️ Blocked popup windows during load
️ Limited events that can cause a popup
2019-04-27 09:27:34 +00:00
quindecim 9ee52dfa2e
Update user.js
 reEnabled datatime picker
 reEnabled top search bar to using words instead url only
️ Limited more info sended and disabled more unwanted connection
️ Disabled completely snippets [FENNEC]
2019-04-26 00:08:12 +00:00
quindecim a09b3c5d90
Update user.js
 Credits adjusted
 Sorted some rules and added some descriptions
 Set Browser locale (fennec exclusive)
 Added Headers/Referers section to limit sended info
️ Disabled search suggestions / forms / limited history contents and more..
2019-04-25 16:58:17 +00:00
quindecim 130b27e17a added the base file
the project was born on telegram, and there were published the first changelogs from creation. 
@fennec_fdroid
2019-04-24 23:38:24 +00:00