diff --git a/config/mozilla.cfg b/config/mozilla.cfg index 5830f73..458d67b 100644 --- a/config/mozilla.cfg +++ b/config/mozilla.cfg @@ -65,7 +65,7 @@ defaultPref("geo.provider.geoclue.always_high_accuracy", false); // [LINUX] defaultPref("geo.provider.use_geoclue", false); // [FF102+] [LINUX] // ------------------------------------- // Disable region updates -lockPref("browser.region.network.url", ""); // [FF78+] +lockPref("browser.region.network.url", ""); // [FF78+] Defense-in-depth lockPref("browser.region.update.enabled", false); // [FF79+] // ------------------------------------- // Set search region @@ -433,7 +433,7 @@ defaultPref("security.pki.crlite_mode", 0); // MIXED CONTENT // // Disable insecure passive content (such as images) on https pages [SETUP-WEB] -lockPref("security.mixed_content.block_display_content", true); +// defaultPref("security.mixed_content.block_display_content", true); // Defense-in-depth // ------------------------------------- // Enable HTTPS-Only mode in all windows [FF76+] defaultPref("dom.security.https_only_mode", true); // [FF76+] @@ -521,9 +521,6 @@ defaultPref("browser.eme.ui.enabled", false); // Prevent scripts from moving and resizing open windows lockPref("dom.disable_window_move_resize", true); // ------------------------------------- -// Block popup windows -lockPref("dom.disable_open_during_load", true); -// ------------------------------------- // Limit events that can cause a popup [SETUP-WEB] lockPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); // @@ -545,7 +542,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF] // ------------------------------------- // Disable UITour backend so there is no chance that a remote page can use it lockPref("browser.uitour.enabled", false); -lockPref("browser.uitour.url", ""); +lockPref("browser.uitour.url", ""); // Defense-in-depth // ------------------------------------- // Reset remote debugging to disabled defaultPref("devtools.debugger.remote-enabled", false); // [DEFAULT: false] @@ -566,7 +563,7 @@ lockPref("webchannel.allowObject.urlWhitelist", ""); // Use Punycode in Internationalized Domain Names to eliminate possible spoofing lockPref("network.IDN_show_punycode", true); // ------------------------------------- -// Enforce PDFJS, disable PDFJS scripting [SETUP-CHROME] +// Enforce PDFJS, disable PDFJS scripting lockPref("pdfjs.disabled", false); // [DEFAULT: false] lockPref("pdfjs.enableScripting", false); // [FF86+] // ------------------------------------- @@ -619,8 +616,9 @@ lockPref("browser.contentblocking.category", "strict"); lockPref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+] // ------------------------------------- // Enable APS (Always Partitioning Storage) -lockPref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] -lockPref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+]// +lockPref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+} +lockPref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+]// [DEFAULT: false FF109+] +// // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // SHUTDOWN & SANITIZING // >>>>>>>>>>>>>>>>>>>>> @@ -736,7 +734,7 @@ defaultPref("webgl.disabled", true); // lockPref("permissions.memory_only", true); // [HIDDEN PREF] // ------------------------------------- // Disable intermediate certificate caching [FF41+] [RESTART] -// lockPref("security.nocertdb", true); // [HIDDEN PREF in FF101 or lower] +// lockPref("security.nocertdb", true); // ------------------------------------- // Disable favicons in history and bookmarks defaultPref("browser.chrome.site_icons", false); @@ -855,6 +853,7 @@ lockPref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false] // defaultPref("browser.ssl_override_behavior", ""); // defaultPref("devtools.chrome.enabled", ""); // defaultPref("dom.disable_beforeunload", ""); +// defaultPref("dom.disable_open_during_load", ""); // defaultPref("extensions.formautofill.available", ""); // defaultPref("extensions.formautofill.addresses.supported", ""); // defaultPref("extensions.formautofill.creditCards.available", ""); @@ -878,21 +877,21 @@ defaultPref("permissions.default.desktop-notification", 2); defaultPref("permissions.default.xr", 2); // Virtual Reality // ------------------------------------- // Disable non-modern cipher suites -defaultPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); -defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); -defaultPref("security.ssl3.ecdhe_rsa_aes_128_sha", false); -defaultPref("security.ssl3.ecdhe_rsa_aes_256_sha", false); -defaultPref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS -defaultPref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS -defaultPref("security.ssl3.rsa_aes_128_sha", false); // no PFS -defaultPref("security.ssl3.rsa_aes_256_sha", false); // no PFS +// defaultPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // [DEFAULT: false FF109+] +// defaultPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: false FF109+] +// defaultPref("security.ssl3.ecdhe_rsa_aes_128_sha", false); +// defaultPref("security.ssl3.ecdhe_rsa_aes_256_sha", false); +// defaultPref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS +// defaultPref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS +// defaultPref("security.ssl3.rsa_aes_128_sha", false); // no PFS +// defaultPref("security.ssl3.rsa_aes_256_sha", false); // no PFS // ------------------------------------- // Control TLS versions // lockPref("security.tls.version.min", 3); // [DEFAULT: 3] // lockPref("security.tls.version.max", 4); // ------------------------------------- // Disable SSL session IDs [FF36+] -// lockPref("security.ssl.disable_session_identifiers", true); // [HIDDEN PREF in FF101 or lower] +// lockPref("security.ssl.disable_session_identifiers", true); // ------------------------------------- // Onions // lockPref("dom.securecontext.allowlist_onions", true);