From 53ba71d8107dde1e1d896067dcc1790ce4cf4957 Mon Sep 17 00:00:00 2001 From: Narsil Date: Sun, 12 Jun 2022 18:17:30 +0000 Subject: [PATCH] Update 'config/mozilla.cfg' --- config/mozilla.cfg | 38 +++++++++++--------------------------- 1 file changed, 11 insertions(+), 27 deletions(-) diff --git a/config/mozilla.cfg b/config/mozilla.cfg index 15cfb7a..d5a1c53 100644 --- a/config/mozilla.cfg +++ b/config/mozilla.cfg @@ -315,9 +315,6 @@ defaultPref("network.trr.confirmationNS", ""); // Disable location bar domain guessing lockPref("browser.fixup.alternate.enabled", false); // ------------------------------------- -// Display all parts of the url in the location bar -lockPref("browser.urlbar.trimURLs", false); -// ------------------------------------- // Disable live search suggestions defaultPref("browser.search.suggest.enabled", false); defaultPref("browser.urlbar.suggest.searches", false); @@ -427,13 +424,6 @@ defaultPref("security.OCSP.require", false); // // CERTS / HPKP (HTTP Public Key Pinning) // -// Disable or limit SHA-1 certificates -// 0 = allow all -// 1 = block all -// 3 = only allow locally-added roots (e.g. anti-virus) (default) -// 4 = only allow locally-added roots or for certs in 2015 and earlier -defaultPref("security.pki.sha1_enforcement_level", 1); -// ------------------------------------- // Disable Windows 8.1's Microsoft Family Safety cert [FF50+] [WINDOWS] // 0=disable detecting Family Safety mode and importing the root // 1=only attempt to detect Family Safety mode (don't import the root) @@ -660,7 +650,7 @@ defaultPref("extensions.webservice.discoverURL", ""); // >>>>>>>>>>>>>>>>>>>>> // // Enable ETP Strict Mode [FF86+] -defaultPref("browser.contentblocking.category", "strict"); +lockPref("browser.contentblocking.category", "strict"); // ------------------------------------- // Disable ETP web compat features [FF93+] // lockPref("privacy.antitracking.enableWebcompat", false); @@ -680,10 +670,6 @@ defaultPref("network.cookie.lifetimePolicy", 2); // ------------------------------------- // Delete cache on exit [FF96+] // lockPref("privacy.clearsitedata.cache.enabled", true); -// ------------------------------------- -// Set third-party cookies to session-only -lockPref("network.cookie.thirdparty.sessionOnly", true); -lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // [FF58+] // // SANITIZE ON SHUTDOWN : ALL OR NOTHING // @@ -763,12 +749,6 @@ lockPref("browser.link.open_newwindow.restriction", 0); // ------------------------------------- // Disable WebGL (Web Graphics Library) defaultPref("webgl.disabled", true); -// ------------------------------------- -// Enable URL query stripping -lockPref("privacy.query_stripping.enabled", true); -// ------------------------------------- -// Set the strip list for URL query stripping -lockPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid"); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // OPTIONAL OPSEC @@ -881,12 +861,6 @@ lockPref("network.http.referer.spoofSource", true); // [DEFAULT: false] // Enforce a security delay on some confirmation dialogs such as install, open/save lockPref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000] // ------------------------------------- -// Enforce window.opener protection [FF65+] -lockPref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true] -// ------------------------------------- -// Enforce "window.name" protection [FF82+] -lockPref("privacy.window.name.update.enabled", true); // [DEFAULT: true] -// ------------------------------------- // Enforce Local Storage Next Generation (LSNG) [FF65+] lockPref("dom.storage.next_gen", true); // [DEFAULT: true FF92+] // ------------------------------------- @@ -902,13 +876,21 @@ lockPref("security.tls.version.enable-deprecated", false); // [DEFAULT: false] // Enforce disabling of Web Compatibility Reporter [FF56+] lockPref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false] // ------------------------------------- +// Disable SHA-1 certificates +lockPref("security.pki.sha1_enforcement_level", 1); // [DEFAULT: 1 FF102+] +// ------------------------------------- // PrefsCleaner: prefsCleaner: reset items removed from arkenfox FF92+ +// lockPref("browser.urlbar.trimURLs", ""); // lockPref("dom.caches.enabled", ""); // lockPref("dom.storageManager.enabled", ""); // lockPref("dom.storage_access.enabled", ""); +// lockPref("dom.targetBlankNoOpener.enabled", ""); +// lockPref("network.cookie.thirdparty.sessionOnly", ""); +// lockPref("network.cookie.thirdparty.nonsecureSessionOnly", ""); // lockPref("privacy.firstparty.isolate.block_post_message", ""); // lockPref("privacy.firstparty.isolate.restrict_opener_access", ""); // lockPref("privacy.firstparty.isolate.use_site", ""); +// lockPref("privacy.window.name.update.enabled", ""); // lockPref("security.insecure_connection_text.enabled", ""); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -983,6 +965,8 @@ defaultPref("extensions.systemAddon.update.url", ""); // [FF44+] // Customize ETP settings lockPref("network.cookie.cookieBehavior", 5); lockPref("privacy.partition.network_state.ocsp_cache", true); +lockPref("privacy.query_stripping.enabled", true); // [FF101+] [ETP FF102+] +lockPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid"); lockPref("network.http.referer.disallowCrossSiteRelaxingDefault", true); lockPref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+] lockPref("privacy.trackingprotection.enabled", true);