forked from d3cim/mozilla.cfg
Update 'config/mozilla.cfg'
⛔️ Disabled `PiP` (Picture-in-Picture) feature ⛔️ Disabled autoplay of HTML5 media if you interacted with the site | FF78 ⛔️ Disabled using the OS's geolocation service | FF78 ⛔️ Disabled one more webextension sync process | FF78 ⛔️ Disabled Top Sites as suggestion from the search bar | FF78 ⛔️ Disabled chrome animations (RFP spoofs this for web content) ⛔️ Disabled FF from sending search terms to ISPs | FF77 ⛔️ Disabled new contentblocking report connections prefs | FF78 ⛔️ Disabled "Open with PdfJS" dialog | FF78 ⛔️ Disabled new stories related activity-stream prefs | FF78 ℹ️ Grouped CBC ciphers ℹ️ Modified some links, tag and descriptions ℹ️ Moved some preferences from FF77+ into deprecated section (keeping them active for ESR68.x.x)
This commit is contained in:
parent
11f1133aa4
commit
1be62ea706
|
@ -14,7 +14,6 @@
|
||||||
// Librefox : https://github.com/intika/Librefox
|
// Librefox : https://github.com/intika/Librefox
|
||||||
// pyllyukko : https://github.com/pyllyukko/user.js
|
// pyllyukko : https://github.com/pyllyukko/user.js
|
||||||
// OrangeManBad : https://git.nixnet.xyz/OrangeManBad/user.js
|
// OrangeManBad : https://git.nixnet.xyz/OrangeManBad/user.js
|
||||||
// CHEF-KOCH : https://github.com/CHEF-KOCH/FFCK/tree/master/user.js
|
|
||||||
//
|
//
|
||||||
// License : https://git.nixnet.xyz/quindecim/mozilla.cfg/src/branch/master/LICENSE.txt
|
// License : https://git.nixnet.xyz/quindecim/mozilla.cfg/src/branch/master/LICENSE.txt
|
||||||
//
|
//
|
||||||
|
@ -107,6 +106,10 @@ lockPref("browser.newtabpage.activity-stream.discoverystream.region-basic-layout
|
||||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-layout-config", ""); // [DESKTOP]
|
lockPref("browser.newtabpage.activity-stream.discoverystream.region-layout-config", ""); // [DESKTOP]
|
||||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-spocs-config", ""); // [DESKTOP]
|
lockPref("browser.newtabpage.activity-stream.discoverystream.region-spocs-config", ""); // [DESKTOP]
|
||||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-stories-config", ""); // [DESKTOP]
|
lockPref("browser.newtabpage.activity-stream.discoverystream.region-stories-config", ""); // [DESKTOP]
|
||||||
|
lockPref("browser.newtabpage.activity-stream.discoverystream.recs.personalized", false); // [DESKTOP]
|
||||||
|
lockPref("browser.newtabpage.activity-stream.discoverystream.spocs.personalized", false); // [DESKTOP]
|
||||||
|
lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false); // [DESKTOP]
|
||||||
|
lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable new tab tile ads & preload
|
// Pref : Disable new tab tile ads & preload
|
||||||
// https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping
|
// https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping
|
||||||
|
@ -125,6 +128,7 @@ lockPref("browser.startup.homepage_override.mstone", "ignore");
|
||||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1617783
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1617783
|
||||||
lockPref("browser.aboutwelcome.enabled", false); // [DESKTOP]
|
lockPref("browser.aboutwelcome.enabled", false); // [DESKTOP]
|
||||||
lockPref("trailhead.firstrun.branches", ""); // [DESKTOP]
|
lockPref("trailhead.firstrun.branches", ""); // [DESKTOP]
|
||||||
|
lockPref("browser.aboutwelcome.overrideContent", ""); // [DESKTOP]
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : Quiet Fox
|
// Section : Quiet Fox
|
||||||
|
@ -422,7 +426,6 @@ lockPref("extensions.abuseReport.enabled", false);
|
||||||
lockPref("extensions.abuseReport.url", "");
|
lockPref("extensions.abuseReport.url", "");
|
||||||
lockPref("extensions.abuseReport.amoDetailsURL", "");
|
lockPref("extensions.abuseReport.amoDetailsURL", "");
|
||||||
lockPref("extensions.abuseReport.amWebAPI.enabled", false);
|
lockPref("extensions.abuseReport.amWebAPI.enabled", false);
|
||||||
lockPref("extensions.abuseReport.openDialog", false);
|
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable Firefox Hello metrics collection
|
// Pref : Disable Firefox Hello metrics collection
|
||||||
// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion
|
// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion
|
||||||
|
@ -446,6 +449,9 @@ lockPref("browser.contentblocking.report.social.url", ""); // [DESKTOP]
|
||||||
lockPref("browser.contentblocking.report.tracker.url", ""); // [DESKTOP]
|
lockPref("browser.contentblocking.report.tracker.url", ""); // [DESKTOP]
|
||||||
lockPref("browser.contentblocking.allowlist.annotations.enabled", false); // [FENNEC]
|
lockPref("browser.contentblocking.allowlist.annotations.enabled", false); // [FENNEC]
|
||||||
lockPref("browser.contentblocking.allowlist.storage.enabled", false); // [FENNEC]
|
lockPref("browser.contentblocking.allowlist.storage.enabled", false); // [FENNEC]
|
||||||
|
lockPref("browser.contentblocking.report.endpoint_url", ""); // [DESKTOP]
|
||||||
|
lockPref("browser.contentblocking.report.monitor.home_page_url", ""); // [DESKTOP]
|
||||||
|
lockPref("browser.contentblocking.report.monitor.preferences_url", ""); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable lockwise app callout to the ETP card
|
// Pref : Disable lockwise app callout to the ETP card
|
||||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1612091
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1612091
|
||||||
|
@ -562,6 +568,12 @@ lockPref("security.remote_settings.crlite_filters.signer", "");
|
||||||
// Pref : Disable Default Browser Agent
|
// Pref : Disable Default Browser Agent
|
||||||
// https://firefox-source-docs.mozilla.org/main/latest/toolkit/mozapps/defaultagent/default-browser-agent/index.html
|
// https://firefox-source-docs.mozilla.org/main/latest/toolkit/mozapps/defaultagent/default-browser-agent/index.html
|
||||||
lockPref("default-browser-agent.enabled", false); // [WINDOWS] // [DESKTOP]
|
lockPref("default-browser-agent.enabled", false); // [WINDOWS] // [DESKTOP]
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Disable location bar leaking single words to a DNS provider (after searching)
|
||||||
|
// 0=never resolve single words, 1=heuristic (default), 2=always resolve
|
||||||
|
// [NOTE] For FF78 value 1 and 2 are the same and always resolve but that will change in future versions
|
||||||
|
// https://bugzilla.mozilla.org/1642623
|
||||||
|
lockPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); // [DESKTOP]
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : IJWY To Shut Up
|
// Section : IJWY To Shut Up
|
||||||
|
@ -717,6 +729,7 @@ lockPref("browser.snippets.syncPromo.enabled", false); // [FENNEC]
|
||||||
// Pref : Disable Webextensions sync
|
// Pref : Disable Webextensions sync
|
||||||
lockPref("webextensions.storage.sync.enabled", false); // [DESKTOP]
|
lockPref("webextensions.storage.sync.enabled", false); // [DESKTOP]
|
||||||
lockPref("webextensions.storage.sync.serverURL", "");
|
lockPref("webextensions.storage.sync.serverURL", "");
|
||||||
|
lockPref("webextensions.storage.sync.kinto", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Force Punycode for Internationalized Domain Names
|
// Pref : Force Punycode for Internationalized Domain Names
|
||||||
// https://www.xudongz.com/blog/2017/idn-phishing/
|
// https://www.xudongz.com/blog/2017/idn-phishing/
|
||||||
|
@ -750,7 +763,7 @@ lockPref("media.webspeech.test.fake_recognition_service", false); // [DEFAULT: f
|
||||||
lockPref("browser.search.geoSpecificDefaults", false);
|
lockPref("browser.search.geoSpecificDefaults", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Don't monitor OS online/offline connection state
|
// Pref : Don't monitor OS online/offline connection state
|
||||||
// https://trac.torproject.org/projects/tor/ticket/18945
|
// https://gitlab.torproject.org/legacy/trac/-/issues/18945
|
||||||
lockPref("network.manage-offline-status", false); // [DEFAULT: true]
|
lockPref("network.manage-offline-status", false); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Set File URI Origin Policy
|
// Pref : Set File URI Origin Policy
|
||||||
|
@ -766,7 +779,7 @@ lockPref("security.dialog_enable_delay", 700);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable ADB extension download
|
// Pref : Disable ADB extension download
|
||||||
// https://developer.mozilla.org/docs/Tools/WebIDE
|
// https://developer.mozilla.org/docs/Tools/WebIDE
|
||||||
// https://trac.torproject.org/projects/tor/ticket/16222
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16222
|
||||||
defaultPref("devtools.debugger.remote-enabled", false);
|
defaultPref("devtools.debugger.remote-enabled", false);
|
||||||
lockPref("devtools.remote.adb.extensionURL", ""); // [DESKTOP]
|
lockPref("devtools.remote.adb.extensionURL", ""); // [DESKTOP]
|
||||||
lockPref("devtools.remote.adb.extensionID", ""); // [DESKTOP]
|
lockPref("devtools.remote.adb.extensionID", ""); // [DESKTOP]
|
||||||
|
@ -799,7 +812,7 @@ lockPref("mathml.disabled", true);
|
||||||
lockPref("middlemouse.paste", false);
|
lockPref("middlemouse.paste", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable middle mouse click opening links from clipboard
|
// Pref : Disable middle mouse click opening links from clipboard
|
||||||
// https://trac.torproject.org/projects/tor/ticket/10089
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10089
|
||||||
lockPref("middlemouse.contentLoadURL", false);
|
lockPref("middlemouse.contentLoadURL", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
|
// Pref : Limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
|
||||||
|
@ -920,6 +933,7 @@ lockPref("browser.urlbar.filter.javascript", true); // [DESKTOP]
|
||||||
defaultPref("pdfjs.disabled", true); // [DEFAULT: false] // [DESKTOP]
|
defaultPref("pdfjs.disabled", true); // [DEFAULT: false] // [DESKTOP]
|
||||||
lockPref("pdfjs.enabledCache.state", false); // [DESKTOP]
|
lockPref("pdfjs.enabledCache.state", false); // [DESKTOP]
|
||||||
lockPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); // [DESKTOP]
|
lockPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); // [DESKTOP]
|
||||||
|
defaultPref("browser.helperApps.showOpenOptionForPdfJS", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable exposure of system colors to CSS or canvas
|
// Pref : Disable exposure of system colors to CSS or canvas
|
||||||
// [NOTE] See second listed bug: may cause black on black for elements with undefined colors
|
// [NOTE] See second listed bug: may cause black on black for elements with undefined colors
|
||||||
|
@ -998,6 +1012,14 @@ lockPref("dom.push.udp.wakeupEnabled", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable hiding mime types not associated with a plugin
|
// Pref : Disable hiding mime types not associated with a plugin
|
||||||
lockPref("browser.download.hide_plugins_without_extensions", false); // [DESKTOP]
|
lockPref("browser.download.hide_plugins_without_extensions", false); // [DESKTOP]
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Disable PiP (Picture-in-picture)
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.enabled", false);
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.video-toggle.enabled", false);
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.video-toggle.flyout-enabled", false); // [FENIX]
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.audio-toggle.enabled", false); // [DESKTOP]
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.keyboard-controls.enabled", false); // [DESKTOP]
|
||||||
|
lockPref("media.videocontrols.picture-in-picture.video-toggle.always-show", false); // [DESKTOP]
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : DOM (Document Object Model) & Javascript
|
// Section : DOM (Document Object Model) & Javascript
|
||||||
|
@ -1039,7 +1061,7 @@ lockPref("javascript.options.asmjs", false);
|
||||||
// [NOTE] In FF75+, when (both) Ion and JIT are disabled, **and** the new hidden pref is enabled, then Ion can still be used by extensions
|
// [NOTE] In FF75+, when (both) Ion and JIT are disabled, **and** the new hidden pref is enabled, then Ion can still be used by extensions
|
||||||
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
|
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
|
||||||
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
|
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
|
||||||
// https://trac.torproject.org/projects/tor/ticket/26019
|
// https://gitlab.torproject.org/legacy/trac/-/issues/26019
|
||||||
lockPref("javascript.options.ion", false);
|
lockPref("javascript.options.ion", false);
|
||||||
lockPref("javascript.options.baselinejit", false); // [FENNEC - BUG] Addons issues
|
lockPref("javascript.options.baselinejit", false); // [FENNEC - BUG] Addons issues
|
||||||
lockPref("javascript.options.jit_trustedprincipals", true); // [HIDDEN PREF] // [DESKTOP ?]
|
lockPref("javascript.options.jit_trustedprincipals", true); // [HIDDEN PREF] // [DESKTOP ?]
|
||||||
|
@ -1049,7 +1071,7 @@ lockPref("javascript.options.native_regexp", false);
|
||||||
// https://webassembly.org/
|
// https://webassembly.org/
|
||||||
// https://developer.mozilla.org/docs/WebAssembly
|
// https://developer.mozilla.org/docs/WebAssembly
|
||||||
// https://en.wikipedia.org/wiki/WebAssembly
|
// https://en.wikipedia.org/wiki/WebAssembly
|
||||||
// https://trac.torproject.org/projects/tor/ticket/21549
|
// https://gitlab.torproject.org/legacy/trac/-/issues/21549
|
||||||
lockPref("javascript.options.wasm", false);
|
lockPref("javascript.options.wasm", false);
|
||||||
lockPref("javascript.options.wasm_baselinejit", false);
|
lockPref("javascript.options.wasm_baselinejit", false);
|
||||||
lockPref("javascript.options.wasm_cranelift", false);
|
lockPref("javascript.options.wasm_cranelift", false);
|
||||||
|
@ -1058,6 +1080,7 @@ lockPref("javascript.options.wasm_ionjit", false);
|
||||||
lockPref("javascript.options.wasm_reftypes", false);
|
lockPref("javascript.options.wasm_reftypes", false);
|
||||||
lockPref("javascript.options.wasm_trustedprincipals", false);
|
lockPref("javascript.options.wasm_trustedprincipals", false);
|
||||||
lockPref("javascript.options.wasm_verbose", false);
|
lockPref("javascript.options.wasm_verbose", false);
|
||||||
|
lockPref("javascript.options.wasm_multi_value", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable Intersection Observer API
|
// Pref : Disable Intersection Observer API
|
||||||
// Almost a year to complete, three versions late to stable (as default false), number #1 cause of crashes in nightly numerous times, and is (primarily) an ad network API for "ad viewability checks" down to a pixel level
|
// Almost a year to complete, three versions late to stable (as default false), number #1 cause of crashes in nightly numerous times, and is (primarily) an ad network API for "ad viewability checks" down to a pixel level
|
||||||
|
@ -1069,7 +1092,7 @@ lockPref("dom.IntersectionObserver.enabled", false);
|
||||||
// Pref : Disable Shared Memory (Spectre mitigation)
|
// Pref : Disable Shared Memory (Spectre mitigation)
|
||||||
// https://github.com/tc39/ecmascript_sharedmem/blob/master/TUTORIAL.md
|
// https://github.com/tc39/ecmascript_sharedmem/blob/master/TUTORIAL.md
|
||||||
// https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
|
// https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
|
||||||
lockPref("javascript.options.shared_memory", false); // [DEFAULT: false]
|
lockPref("javascript.options.shared_memory", false); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Enable (limited but sufficient) window.opener protection
|
// Pref : Enable (limited but sufficient) window.opener protection
|
||||||
// Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set
|
// Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set
|
||||||
|
@ -1084,7 +1107,7 @@ lockPref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: false]
|
||||||
// lockPref("general.buildID.override", "");
|
// lockPref("general.buildID.override", "");
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable raw TCP socket support (mozTCPSocket)
|
// Pref : Disable raw TCP socket support (mozTCPSocket)
|
||||||
// https://trac.torproject.org/projects/tor/ticket/18863
|
// https://gitlab.torproject.org/legacy/trac/-/issues/18863
|
||||||
// https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
|
// https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
|
||||||
// https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket
|
// https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket
|
||||||
lockPref("dom.mozTCPSocket.enabled", false); // [DESKTOP]
|
lockPref("dom.mozTCPSocket.enabled", false); // [DESKTOP]
|
||||||
|
@ -1139,7 +1162,7 @@ lockPref("media.realtime_decoder.enabled", false); // [DEFAULT: true] // [FENNEC
|
||||||
lockPref("canvas.capturestream.enabled", false);
|
lockPref("canvas.capturestream.enabled", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable camera image capture
|
// Pref : Disable camera image capture
|
||||||
// https://trac.torproject.org/projects/tor/ticket/16339
|
// https://gitlab.torproject.org/legacy/trac/-/issues/16339
|
||||||
lockPref("dom.imagecapture.enabled", false); // [DEFAULT: false]
|
lockPref("dom.imagecapture.enabled", false); // [DEFAULT: false]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable offscreen canvas
|
// Pref : Disable offscreen canvas
|
||||||
|
@ -1154,7 +1177,9 @@ lockPref("media.autoplay.block-event.enabled", true); // [DEFAULT: false]
|
||||||
lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
|
lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable autoplay of HTML5 media if you interacted with the site
|
// Pref : Disable autoplay of HTML5 media if you interacted with the site
|
||||||
lockPref("media.autoplay.enabled.user-gestures-needed", true); // [DEFAULT: true]
|
// 0=sticky (default), 1=transient, 2=user
|
||||||
|
// https://html.spec.whatwg.org/multipage/interaction.html#sticky-activation
|
||||||
|
lockPref("media.autoplay.blocking_policy", 2);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable autoplay of HTML5 media in non-active tabs
|
// Pref : Disable autoplay of HTML5 media in non-active tabs
|
||||||
// https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/
|
// https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/
|
||||||
|
@ -1200,7 +1225,7 @@ defaultPref("browser.formfill.enable", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable date/time picker
|
// Pref : Disable date/time picker
|
||||||
// [WARNING] This can leak your locale if not en-US
|
// [WARNING] This can leak your locale if not en-US
|
||||||
// https://trac.torproject.org/projects/tor/ticket/21787
|
// https://gitlab.torproject.org/legacy/trac/-/issues/21787
|
||||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1287503
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1287503
|
||||||
// lockPref("dom.forms.datetime", false);
|
// lockPref("dom.forms.datetime", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -1236,6 +1261,7 @@ lockPref("browser.urlbar.autocomplete.enabled", false); // [FENNEC]
|
||||||
defaultPref("browser.urlbar.suggest.history", false); // [DESKTOP]
|
defaultPref("browser.urlbar.suggest.history", false); // [DESKTOP]
|
||||||
defaultPref("browser.urlbar.suggest.bookmark", false); // [DESKTOP]
|
defaultPref("browser.urlbar.suggest.bookmark", false); // [DESKTOP]
|
||||||
defaultPref("browser.urlbar.suggest.openpage", false); // [DESKTOP]
|
defaultPref("browser.urlbar.suggest.openpage", false); // [DESKTOP]
|
||||||
|
defaultPref("browser.urlbar.suggest.topsites", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable browsing and download history
|
// Pref : Disable browsing and download history
|
||||||
// lockPref("places.history.enabled", false); // [DESKTOP]
|
// lockPref("places.history.enabled", false); // [DESKTOP]
|
||||||
|
@ -1380,7 +1406,10 @@ lockPref("network.predictor.enable-hover-on-ssl", false);
|
||||||
// Section : HTTP* / TCP/IP / DNS / PROXY / SOCKS etc.
|
// Section : HTTP* / TCP/IP / DNS / PROXY / SOCKS etc.
|
||||||
// >>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>
|
||||||
// Pref : Disable IPv6
|
// Pref : Disable IPv6
|
||||||
// If your OS or ISP does not support IPv6, there is no reason to have this preference set to false.
|
// IPv6 can be abused, especially regarding MAC addresses. They also do not play nice with VPNs. That's even assuming your ISP and/or router and/or website can handle it.
|
||||||
|
// [STATS] Firefox telemetry (June 2020) shows only 5% of all connections are IPv6
|
||||||
|
// [NOTE] This is just an application level fallback. Disabling IPv6 is best done at an OS/network level, and/or configured properly in VPN setups. If you are not masking your IP, then this won't make much difference. If you are masking your IP, then it can only help.
|
||||||
|
// [TEST] https://ipleak.org/
|
||||||
lockPref("network.dns.disableIPv6", true);
|
lockPref("network.dns.disableIPv6", true);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable HTTP2 (which was based on SPDY which is now deprecated)
|
// Pref : Disable HTTP2 (which was based on SPDY which is now deprecated)
|
||||||
|
@ -1423,7 +1452,7 @@ defaultPref("network.trr.resolvers", "[]");
|
||||||
lockPref("security.sri.enable", true); // [DEFAULT: true]
|
lockPref("security.sri.enable", true); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable using UNC (Uniform Naming Convention) paths
|
// Pref : Disable using UNC (Uniform Naming Convention) paths
|
||||||
// https://trac.torproject.org/projects/tor/ticket/26424
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424
|
||||||
lockPref("network.file.disable_unc_paths", true); // [HIDDEN PREF] // [DESKTOP]
|
lockPref("network.file.disable_unc_paths", true); // [HIDDEN PREF] // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable HTTP Alternative Services
|
// Pref : Disable HTTP Alternative Services
|
||||||
|
@ -1456,14 +1485,6 @@ lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // [DESKTOP]
|
||||||
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||||
lockPref("security.ssl.require_safe_negotiation", true);
|
lockPref("security.ssl.require_safe_negotiation", true);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Control TLS versions with min and max
|
|
||||||
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
|
|
||||||
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
|
|
||||||
// Firefox telemetry (April 2020) shows only 0.25% of TLS web traffic uses 1.0 or 1.1
|
|
||||||
// https://www.ssllabs.com/ssl-pulse/
|
|
||||||
// lockPref("security.tls.version.min", 3);
|
|
||||||
// lockPref("security.tls.version.max", 4);
|
|
||||||
// -------------------------------------
|
|
||||||
// Pref : Enforce TLS 1.0 and 1.1 downgrades as session only
|
// Pref : Enforce TLS 1.0 and 1.1 downgrades as session only
|
||||||
lockPref("security.tls.version.enable-deprecated", false);
|
lockPref("security.tls.version.enable-deprecated", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -1528,7 +1549,7 @@ lockPref("security.pki.sha1_enforcement_level", 1);
|
||||||
// 0=disable detecting Family Safety mode and importing the root
|
// 0=disable detecting Family Safety mode and importing the root
|
||||||
// 1=only attempt to detect Family Safety mode (don't import the root)
|
// 1=only attempt to detect Family Safety mode (don't import the root)
|
||||||
// 2=detect Family Safety mode and import the root
|
// 2=detect Family Safety mode and import the root
|
||||||
// https://trac.torproject.org/projects/tor/ticket/21686
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21686
|
||||||
lockPref("security.family_safety.mode", 0);
|
lockPref("security.family_safety.mode", 0);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Enfore Public Key Pinning
|
// Pref : Enfore Public Key Pinning
|
||||||
|
@ -1538,7 +1559,7 @@ lockPref("security.family_safety.mode", 0);
|
||||||
lockPref("security.cert_pinning.enforcement_level", 2);
|
lockPref("security.cert_pinning.enforcement_level", 2);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable insecure active content on https pages
|
// Pref : Disable insecure active content on https pages
|
||||||
// https://trac.torproject.org/projects/tor/ticket/21323
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206
|
||||||
lockPref("security.mixed_content.block_active_content", true); // [DEFAULT: true]
|
lockPref("security.mixed_content.block_active_content", true); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable insecure passive content (such as images) on https pages
|
// Pref : Disable insecure passive content (such as images) on https pages
|
||||||
|
@ -1589,15 +1610,11 @@ lockPref("security.ssl3.ecdhe_ecdsa_null_sha", false); // [DESKTOP]
|
||||||
lockPref("security.ssl3.ecdh_rsa_null_sha", false); // [DESKTOP]
|
lockPref("security.ssl3.ecdh_rsa_null_sha", false); // [DESKTOP]
|
||||||
lockPref("security.ssl3.ecdh_ecdsa_null_sha", false); // [DESKTOP]
|
lockPref("security.ssl3.ecdh_ecdsa_null_sha", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Enable GCM ciphers (TLSv1.2 only)
|
// Pref : Enable GCM ciphers (TLS 1.2 only)
|
||||||
// https://en.wikipedia.org/wiki/Galois/Counter_Mode
|
// https://en.wikipedia.org/wiki/Galois/Counter_Mode
|
||||||
lockPref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); // [DEFAULT: true]
|
lockPref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); // [DEFAULT: true]
|
||||||
lockPref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); // [DEFAULT: true]
|
lockPref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable ciphers with ECDHE and key size > 128bits
|
|
||||||
lockPref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // [DEFAULT: true]
|
|
||||||
lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: true]
|
|
||||||
// -------------------------------------
|
|
||||||
// Pref : Enable ChaCha20 and Poly1305
|
// Pref : Enable ChaCha20 and Poly1305
|
||||||
// https://www.mozilla.org/en-US/firefox/47.0/releasenotes/
|
// https://www.mozilla.org/en-US/firefox/47.0/releasenotes/
|
||||||
// https://tools.ietf.org/html/rfc7905
|
// https://tools.ietf.org/html/rfc7905
|
||||||
|
@ -1607,9 +1624,11 @@ lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: true]
|
||||||
lockPref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true);
|
lockPref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true);
|
||||||
lockPref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true);
|
lockPref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable the remaining non-modern cipher suites (fallbacks)
|
// Pref : Ciphers with CBC & SHA-1 (disabled)
|
||||||
lockPref("security.ssl3.rsa_aes_128_sha", false);
|
lockPref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // [DEFAULT: true]
|
||||||
lockPref("security.ssl3.rsa_aes_256_sha", false);
|
lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: true]
|
||||||
|
lockPref("security.ssl3.rsa_aes_128_sha", false); // [DEFAULT: true]
|
||||||
|
lockPref("security.ssl3.rsa_aes_256_sha", false); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable ciphers with DSA (max 1024 bits)
|
// Pref : Disable ciphers with DSA (max 1024 bits)
|
||||||
lockPref("security.ssl3.dhe_dss_aes_128_sha", false); // [DESKTOP]
|
lockPref("security.ssl3.dhe_dss_aes_128_sha", false); // [DESKTOP]
|
||||||
|
@ -1640,8 +1659,10 @@ lockPref("security.ssl3.rsa_rc4_128_sha", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Display warning on the padlock for "broken security"
|
// Pref : Display warning on the padlock for "broken security"
|
||||||
// [BUG] Warning padlock not indicated for subresources on a secure page!
|
// [BUG] Warning padlock not indicated for subresources on a secure page!
|
||||||
|
// [STATS] SSL Labs (June 2020) reports 98.8% of sites have secure renegotiation
|
||||||
// https://wiki.mozilla.org/Security:Renegotiation
|
// https://wiki.mozilla.org/Security:Renegotiation
|
||||||
// https://bugzilla.mozilla.org/1353705
|
// https://bugzilla.mozilla.org/1353705
|
||||||
|
// https://www.ssllabs.com/ssl-pulse/
|
||||||
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Control "Add Security Exception" dialog on SSL warnings
|
// Pref : Control "Add Security Exception" dialog on SSL warnings
|
||||||
|
@ -1657,7 +1678,7 @@ lockPref("browser.xul.error_pages.expert_bad_cert", true);
|
||||||
// Pref : Disable GIO as a potential proxy bypass vector
|
// Pref : Disable GIO as a potential proxy bypass vector
|
||||||
// Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda, gphoto2, trash, etc. By default only smb and sftp protocols are accepted so far.
|
// Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda, gphoto2, trash, etc. By default only smb and sftp protocols are accepted so far.
|
||||||
// https://bugzilla.mozilla.org/1433507
|
// https://bugzilla.mozilla.org/1433507
|
||||||
// https://trac.torproject.org/23044
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424
|
||||||
// https://en.wikipedia.org/wiki/GVfs
|
// https://en.wikipedia.org/wiki/GVfs
|
||||||
// https://en.wikipedia.org/wiki/GIO_(software)
|
// https://en.wikipedia.org/wiki/GIO_(software)
|
||||||
lockPref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
|
lockPref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
|
||||||
|
@ -1773,7 +1794,7 @@ lockPref("dom.disable_window_move_resize", true); // [DEFAULT: true]
|
||||||
// This stops malicious window sizes and some screen resolution leaks.
|
// This stops malicious window sizes and some screen resolution leaks.
|
||||||
// You can still right-click a link and open in a new window.
|
// You can still right-click a link and open in a new window.
|
||||||
// [TEST] https://people.torproject.org/~gk/misc/entire_desktop.html
|
// [TEST] https://people.torproject.org/~gk/misc/entire_desktop.html
|
||||||
// https://trac.torproject.org/projects/tor/ticket/9881
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881
|
||||||
defaultPref("browser.link.open_newwindow", 3); // [DEFAULT: 3]
|
defaultPref("browser.link.open_newwindow", 3); // [DEFAULT: 3]
|
||||||
defaultPref("browser.link.open_newwindow.restriction", 0); // [DEFAULT: 0]
|
defaultPref("browser.link.open_newwindow.restriction", 0); // [DEFAULT: 0]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -1900,8 +1921,10 @@ lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] // [DESKTOP]
|
||||||
lockPref("geo.provider.use_corelocation", false); // [MAC] // [DESKTOP]
|
lockPref("geo.provider.use_corelocation", false); // [MAC] // [DESKTOP]
|
||||||
lockPref("geo.provider.use_gpsd", false); // [LINUX] // [DESKTOP]
|
lockPref("geo.provider.use_gpsd", false); // [LINUX] // [DESKTOP]
|
||||||
lockPref("geo.provider.network.url", "");
|
lockPref("geo.provider.network.url", "");
|
||||||
lockPref("geo.provider-country.network.scan", false);
|
lockPref("browser.region.update.enabled", false); // [FENIX]
|
||||||
lockPref("geo.provider-country.network.url", "");
|
lockPref("browser.region.log", false);
|
||||||
|
lockPref("browser.region.network.scan", false);
|
||||||
|
lockPref("browser.region.network.url", "");
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable logging geolocation to the console
|
// Pref : Disable logging geolocation to the console
|
||||||
lockPref("geo.provider.network.logging.enabled", false); // [HIDDEN PREF] // [DESKTOP]
|
lockPref("geo.provider.network.logging.enabled", false); // [HIDDEN PREF] // [DESKTOP]
|
||||||
|
@ -1909,7 +1932,7 @@ lockPref("geo.provider.network.logging.enabled", false); // [HIDDEN PREF] // [DE
|
||||||
// Pref : Enforce fallback text encoding to match en-US
|
// Pref : Enforce fallback text encoding to match en-US
|
||||||
// When the content or server doesn't declare a charset the browser will fallback to the "Current locale" based on your application language
|
// When the content or server doesn't declare a charset the browser will fallback to the "Current locale" based on your application language
|
||||||
// [TEST] https://hsivonen.com/test/moz/check-charset.htm
|
// [TEST] https://hsivonen.com/test/moz/check-charset.htm
|
||||||
// https://trac.torproject.org/projects/tor/ticket/20025
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025
|
||||||
lockPref("intl.charset.fallback.override", "windows-1252");
|
lockPref("intl.charset.fallback.override", "windows-1252");
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
|
@ -1932,7 +1955,7 @@ lockPref("font.name.monospace.x-western", "Lucida Console"); // [DEFAULT: Courie
|
||||||
// Pref : Disable icon fonts (glyphs) and local fallback rendering
|
// Pref : Disable icon fonts (glyphs) and local fallback rendering
|
||||||
// [NOTE] You can do this with uBlock Origin
|
// [NOTE] You can do this with uBlock Origin
|
||||||
// https://bugzilla.mozilla.org/789788
|
// https://bugzilla.mozilla.org/789788
|
||||||
// https://trac.torproject.org/projects/tor/ticket/8455
|
// https://gitlab.torproject.org/legacy/trac/-/issues/8455
|
||||||
// https://github.com/gorhill/uBlock/wiki/Per-site-switches#no-remote-fonts
|
// https://github.com/gorhill/uBlock/wiki/Per-site-switches#no-remote-fonts
|
||||||
// defaultPref("gfx.downloadable_fonts.enabled", false);
|
// defaultPref("gfx.downloadable_fonts.enabled", false);
|
||||||
// defaultPref("gfx.downloadable_fonts.fallback_delay", -1);
|
// defaultPref("gfx.downloadable_fonts.fallback_delay", -1);
|
||||||
|
@ -2408,8 +2431,8 @@ lockPref("media.navigator.video.enabled", false);
|
||||||
// [NOTE] *may* affect core performance, will affect content.
|
// [NOTE] *may* affect core performance, will affect content.
|
||||||
// Default settings seems to be the best
|
// Default settings seems to be the best
|
||||||
// https://bugzilla.mozilla.org/1008453
|
// https://bugzilla.mozilla.org/1008453
|
||||||
// https://trac.torproject.org/projects/tor/ticket/21675
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21675
|
||||||
// https://trac.torproject.org/projects/tor/ticket/22127
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22127
|
||||||
// https://html.spec.whatwg.org/multipage/workers.html#navigator.hardwareconcurrency
|
// https://html.spec.whatwg.org/multipage/workers.html#navigator.hardwareconcurrency
|
||||||
// lockPref("dom.maxHardwareConcurrency", 2);
|
// lockPref("dom.maxHardwareConcurrency", 2);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -2424,7 +2447,7 @@ lockPref("dom.enable_performance", false); // [DEFAULT: true]
|
||||||
lockPref("dom.enable_performance_navigation_timing", false); // [DEFAULT: true]
|
lockPref("dom.enable_performance_navigation_timing", false); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable sensor API
|
// Pref : Disable sensor API
|
||||||
// https://trac.torproject.org/projects/tor/ticket/15758
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758
|
||||||
// https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
|
// https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
|
||||||
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
|
// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
|
||||||
lockPref("device.sensors.enabled", false); // [DEFAULT: true]
|
lockPref("device.sensors.enabled", false); // [DEFAULT: true]
|
||||||
|
@ -2436,7 +2459,7 @@ lockPref("device.sensors.test.events", false); // [DEFAULT: false]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable gamepad API - USB device ID enumeration
|
// Pref : Disable gamepad API - USB device ID enumeration
|
||||||
// Optional protection depending on your connected devices
|
// Optional protection depending on your connected devices
|
||||||
// https://trac.torproject.org/projects/tor/ticket/13023
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/13023
|
||||||
lockPref("dom.gamepad.enabled", false); // [DEFAULT: true]
|
lockPref("dom.gamepad.enabled", false); // [DEFAULT: true]
|
||||||
lockPref("dom.gamepad.extensions.enabled", false); // [DEFAULT: true]
|
lockPref("dom.gamepad.extensions.enabled", false); // [DEFAULT: true]
|
||||||
lockPref("dom.gamepad.haptic_feedback.enabled", false); // [DEFAULT: false]
|
lockPref("dom.gamepad.haptic_feedback.enabled", false); // [DEFAULT: false]
|
||||||
|
@ -2459,7 +2482,7 @@ lockPref("media.webspeech.synth.enabled", false); // [DEFAULT: true]
|
||||||
lockPref("media.webspeech.synth_force_global_queue", false); // [DEFAULT: false]
|
lockPref("media.webspeech.synth_force_global_queue", false); // [DEFAULT: false]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable video statistics - JS performance fingerprinting
|
// Pref : Disable video statistics - JS performance fingerprinting
|
||||||
// https://trac.torproject.org/projects/tor/ticket/15757
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15757
|
||||||
// https://bugzilla.mozilla.org/654550
|
// https://bugzilla.mozilla.org/654550
|
||||||
lockPref("media.video_stats.enabled", false); // [DEFAULT: true]
|
lockPref("media.video_stats.enabled", false); // [DEFAULT: true]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -2468,7 +2491,7 @@ lockPref("media.video_stats.enabled", false); // [DEFAULT: true]
|
||||||
// 0=disabled, 1=enabled, 2=autodetect
|
// 0=disabled, 1=enabled, 2=autodetect
|
||||||
// This pref is set to 2 by default, which results in the Touch API being exposed only when touch hardware is present. So we should either set it to "1" (enable) or "0" (disable) to ensure that JS code can't fingerprint the user's hardware.
|
// This pref is set to 2 by default, which results in the Touch API being exposed only when touch hardware is present. So we should either set it to "1" (enable) or "0" (disable) to ensure that JS code can't fingerprint the user's hardware.
|
||||||
// https://developer.mozilla.org/docs/Web/API/Touch_events
|
// https://developer.mozilla.org/docs/Web/API/Touch_events
|
||||||
// https://trac.torproject.org/projects/tor/ticket/10286
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10286
|
||||||
defaultPref("dom.w3c_touch_events.enabled", 0); // [DEFAULT: 2] // [FENNEC - BUG] ff disabled, disallow copy/paste any text
|
defaultPref("dom.w3c_touch_events.enabled", 0); // [DEFAULT: 2] // [FENNEC - BUG] ff disabled, disallow copy/paste any text
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable MediaDevices change detection
|
// Pref : Disable MediaDevices change detection
|
||||||
|
@ -2544,9 +2567,9 @@ lockPref("browser.startup.blankWindow", false); // [DESKTOP]
|
||||||
// https://www.torproject.org/projects/torbrowser/design/#fingerprinting-defenses
|
// https://www.torproject.org/projects/torbrowser/design/#fingerprinting-defenses
|
||||||
lockPref("dom.network.enabled", false); // [DESKTOP]
|
lockPref("dom.network.enabled", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Enforce prefers-reduced-motion as no-preference
|
// Pref : Disable chrome animations
|
||||||
// 0=no-preference, 1=reduce
|
// 0=no-preference, 1=reduce. RFP spoofs this for web content
|
||||||
lockPref("ui.prefersReducedMotion", 0); // [HIDDEN PREF]
|
lockPref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : UI (User Interface)
|
// Section : UI (User Interface)
|
||||||
|
@ -2559,10 +2582,6 @@ lockPref("browser.contentblocking.trackingprotection.ui.enabled", false); // [DE
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable auto hide download button
|
// Pref : Disable auto hide download button
|
||||||
defaultPref("browser.download.autohideButton", false); // [DESKTOP]
|
defaultPref("browser.download.autohideButton", false); // [DESKTOP]
|
||||||
// -------------------------------------
|
|
||||||
// Pref : Disable browser animation
|
|
||||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1352069
|
|
||||||
defaultPref("toolkit.cosmeticAnimations.enabled", false);
|
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : Personal
|
// Section : Personal
|
||||||
|
@ -2606,14 +2625,6 @@ defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // [DESKTOP]
|
||||||
defaultPref("view_source.wrap_long_lines", true);
|
defaultPref("view_source.wrap_long_lines", true);
|
||||||
//
|
//
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||||
// Section : Hotfix
|
|
||||||
// >>>>>>>>>>>>>>>>>>>>>
|
|
||||||
// Pref : Disable UNC
|
|
||||||
// [NOTE] Disabling UNC can cause extension storage to fail
|
|
||||||
// https://github.com/ghacksuserjs/ghacks-user.js/issues/923
|
|
||||||
lockPref("network.file.disable_unc_paths", false); // [HIDDEN PREF]
|
|
||||||
//
|
|
||||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
||||||
// Section : Deprecated / Removed / Legacy / Renamed
|
// Section : Deprecated / Removed / Legacy / Renamed
|
||||||
// >>>>>>>>>>>>>>>>>>>>
|
// >>>>>>>>>>>>>>>>>>>>
|
||||||
// ESR68.x still uses all the following prefs
|
// ESR68.x still uses all the following prefs
|
||||||
|
@ -2877,7 +2888,7 @@ lockPref("dom.vr.openvr.action_input", false);
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// Pref : Disable GeoIP-based search defaults
|
// Pref : Disable GeoIP-based search defaults
|
||||||
// [NOTE] May not be hidden if Firefox has changed your settings due to your locale
|
// [NOTE] May not be hidden if Firefox has changed your settings due to your locale
|
||||||
// https://trac.torproject.org/projects/tor/ticket/16254
|
// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206
|
||||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
|
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
|
||||||
// lockPref("browser.search.region", "US"); // [HIDDEN PREF]
|
// lockPref("browser.search.region", "US"); // [HIDDEN PREF]
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
@ -2928,3 +2939,36 @@ lockPref("signon.management.overrideURI", "");
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
// FF78+
|
// FF78+
|
||||||
// -------------------------------------
|
// -------------------------------------
|
||||||
|
// Pref : Disable autoplay of HTML5 media if you interacted with the site
|
||||||
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1509933
|
||||||
|
// https://hg.mozilla.org/mozilla-central/rev/5b34a70e2378
|
||||||
|
// https://hg.mozilla.org/mozilla-central/rev/95805db3a142
|
||||||
|
lockPref("media.autoplay.enabled.user-gestures-needed", true);
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Disable browser animations
|
||||||
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1640501
|
||||||
|
// https://hg.mozilla.org/comm-central/rev/4d4bad93b27d
|
||||||
|
lockPref("toolkit.cosmeticAnimations.enabled", false);
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Control TLS versions with min and max
|
||||||
|
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
|
||||||
|
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
|
||||||
|
// Firefox telemetry (April 2020) shows only 0.25% of TLS web traffic uses 1.0 or 1.1
|
||||||
|
// https://www.ssllabs.com/ssl-pulse/
|
||||||
|
// lockPref("security.tls.version.min", 3);
|
||||||
|
// lockPref("security.tls.version.max", 4);
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Disable extension's report option in about:addons
|
||||||
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1614653
|
||||||
|
// https://hg.mozilla.org/mozilla-central/rev/92e149d41267
|
||||||
|
// https://hg.mozilla.org/mozilla-central/rev/682318515715
|
||||||
|
lockPref("extensions.abuseReport.openDialog", false);
|
||||||
|
// -------------------------------------
|
||||||
|
// Pref : Disable using the OS's geolocation service
|
||||||
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1627538
|
||||||
|
// https://hg.mozilla.org/mozilla-central/rev/710b5a3282f8
|
||||||
|
lockPref("geo.provider-country.network.scan", false);
|
||||||
|
lockPref("geo.provider-country.network.url", "");
|
||||||
|
// -------------------------------------
|
||||||
|
// FF79+
|
||||||
|
// -------------------------------------
|
||||||
|
|
Loading…
Reference in New Issue