Update 'config/mozilla.cfg'

 Added, but not enabled, HTTPS-only-mode (experimental) | FF76
 Enabled Ion for installed extensions only | FF76
️ Disabled compatibility heuristics to 3rd-party cookie blocking | FF76
️ Disabled the default checkedness for "Save card and address to Firefox" checkboxes
️ Disabled permissions manager from writing to disk
️ Disabled media cache from writing to disk in Private Browsing
️ Disabled purge trackers logging (main pref already disabled) | FF76
️ Disabled staging auto-updates | FF76
️ Disable (temporarily) "Megabar" design
️ Disable Ion and baseline JIT to help harden JS against exploits
️ Disabled one more telemetry pref | FF76
️ Disabled one more pref related to the new about:welcome page | FF76
️ Disabled ExperimentManager and relative API | FF76
ℹ️ Removed few duplicates
ℹ️ Modified some links, tag and descriptions
ℹ️ Moved some preferences from FF75+ into deprecated section (keeping them active for ESR68.x.x)
This commit is contained in:
quindecim 2020-05-07 13:43:04 -04:00
parent e1816c3e68
commit eb26dfff02
1 changed files with 97 additions and 33 deletions

View File

@ -125,6 +125,7 @@ lockPref("browser.startup.homepage_override.mstone", "ignore");
// https://bugzilla.mozilla.org/show_bug.cgi?id=1617783 // https://bugzilla.mozilla.org/show_bug.cgi?id=1617783
lockPref("browser.aboutwelcome.enabled", false); // [DESKTOP] lockPref("browser.aboutwelcome.enabled", false); // [DESKTOP]
lockPref("browser.aboutwelcome.log", ""); // [DESKTOP] lockPref("browser.aboutwelcome.log", ""); // [DESKTOP]
lockPref("trailhead.firstrun.branches", ""); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Quiet Fox // Section : Quiet Fox
@ -133,13 +134,12 @@ lockPref("browser.aboutwelcome.log", ""); // [DESKTOP]
// true=application updates are installed without user approval. // true=application updates are installed without user approval.
// false=application updates are downloaded but the user can choose when to install the update. // false=application updates are downloaded but the user can choose when to install the update.
lockPref("app.update.auto", false); // [DESKTOP] lockPref("app.update.auto", false); // [DESKTOP]
// lockPref("app.update.autodownload", "never"); // [FENNEC] lockPref("app.update.autodownload", "never"); // [FENIX]
// lockPref("app.update.channel", ""); // lockPref("app.update.channel", "");
lockPref("app.update.url", "https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] // [DESKTOP]
lockPref("app.update.url.details", "https://www.mozilla.org/en-US/firefox/notes"); // [URL SANITIZED] // [DESKTOP] lockPref("app.update.url.details", "https://www.mozilla.org/en-US/firefox/notes"); // [URL SANITIZED] // [DESKTOP]
// lockPref("app.update.url.manual", ""); // [DESKTOP] // lockPref("app.update.url.manual", ""); // [DESKTOP]
// lockPref("app.update.url.android", ""); // [FENNEC] lockPref("app.update.url.android", ""); // [FENIX]
// lockPref("app.update.staging.enabled", false); // [DESKTOP] lockPref("app.update.staging.enabled", false); // [DESKTOP]
lockPref("app.update.log.file", false); // [DESKTOP] lockPref("app.update.log.file", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable sync // Pref : Disable sync
@ -331,6 +331,7 @@ lockPref("toolkit.telemetry.geckoview.streaming", false);
lockPref("toolkit.telemetry.isGeckoViewMode", false); lockPref("toolkit.telemetry.isGeckoViewMode", false);
lockPref("toolkit.telemetry.testing.overrideProductsCheck", false); lockPref("toolkit.telemetry.testing.overrideProductsCheck", false);
lockPref("security.app_menu.recordEventTelemetry", false); // [DESKTOP] lockPref("security.app_menu.recordEventTelemetry", false); // [DESKTOP]
lockPref("browser.urlbar.eventTelemetry.enabled", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable Telemetry Coverage // Pref : Disable Telemetry Coverage
// https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ // https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/
@ -956,16 +957,22 @@ lockPref("dom.ipc.processPriorityManager.enabled", true); // [DESKTOP] // [TEST]
lockPref("browser.display.use_system_colors", false); // [DEFAULT: false] lockPref("browser.display.use_system_colors", false); // [DEFAULT: false]
// ------------------------------------- // -------------------------------------
// Pref : Disable purge site data after identifying tracking site via cookies // Pref : Disable purge site data after identifying tracking site via cookies
// [NOTE] Relax this with 'privacy.clearOnShutdown.*' enabled // [NOTE] Relax this with 'privacy.clearOnShutdown.*' enabled
// https://bugzilla.mozilla.org/show_bug.cgi?id=1599262 // https://bugzilla.mozilla.org/show_bug.cgi?id=1599262
// https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/ // https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/
lockPref("privacy.purge_trackers.enabled", false); lockPref("privacy.purge_trackers.enabled", false);
lockPref("privacy.purge_trackers.logging.enabled", false); lockPref("privacy.purge_trackers.logging.enabled", false);
lockPref("privacy.purge_trackers.logging.level", "");
// ------------------------------------- // -------------------------------------
// Pref : Disable permissions delegation // Pref : Disable permissions delegation
// Currently applies to cross-origin geolocation, camera, mic and screen-sharing permissions, and fullscreen requests. Disabling delegation means any prompts for these will show/use their correct 3rd party origin // Currently applies to cross-origin geolocation, camera, mic and screen-sharing permissions, and fullscreen requests. Disabling delegation means any prompts for these will show/use their correct 3rd party origin
// https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion // https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
lockPref("permissions.delegation.enabled", false); lockPref("permissions.delegation.enabled", false);
// -------------------------------------
// Pref : Disable the default checkedness for "Save card and address to Firefox" checkboxes
// https://bugzilla.mozilla.org/show_bug.cgi?id=1477106
lockPref("dom.payments.defaults.saveAddress", false);
lockPref("dom.payments.defaults.saveCreditCard", false);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Web Workers // Section : Web Workers
@ -1010,7 +1017,7 @@ lockPref("browser.download.hide_plugins_without_extensions", false); // [DESKTOP
lockPref("dom.event.contextmenu.enabled", false); lockPref("dom.event.contextmenu.enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable website access to clipboard events/content // Pref : Disable website access to clipboard events/content
// This applies to onCut/onCopy/onPaste events - i.e. it requires interaction with the website // [NOTE] This will break some sites' functionality e.g. Outlook, Twitter, Facebook, Wordpress
// [WARNING] If both 'middlemouse.paste' and 'general.autoScroll' are true (at least one is default (false) then enabling this pref can leak clipboard content // [WARNING] If both 'middlemouse.paste' and 'general.autoScroll' are true (at least one is default (false) then enabling this pref can leak clipboard content
// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled // https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled
// https://www.ghacks.net/2014/01/08/block-websites-reading-modifying-clipboard-contents-firefox/ // https://www.ghacks.net/2014/01/08/block-websites-reading-modifying-clipboard-contents-firefox/
@ -1040,11 +1047,13 @@ lockPref("dom.vibrator.enabled", false);
lockPref("javascript.options.asmjs", false); lockPref("javascript.options.asmjs", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable Ion, baseline JIT and RegExp to help harden JS against exploits // Pref : Disable Ion, baseline JIT and RegExp to help harden JS against exploits
// [NOTE] In FF75+, when (both) Ion and JIT are disabled, **and** the new hidden pref is enabled, then Ion can still be used by extensions
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss // [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817 // https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
// https://trac.torproject.org/projects/tor/ticket/26019 // https://trac.torproject.org/projects/tor/ticket/26019
// lockPref("javascript.options.ion", false); // [DESKTOP - BUG] Navigation issues lockPref("javascript.options.ion", false);
// lockPref("javascript.options.baselinejit", false); // [BUG] Addons issues lockPref("javascript.options.baselinejit", false); // [FENNEC - BUG] Addons issues
lockPref("javascript.options.jit_trustedprincipals", true); // [HIDDEN PREF] // [DESKTOP ?]
lockPref("javascript.options.native_regexp", false); lockPref("javascript.options.native_regexp", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable WebAssembly // Pref : Disable WebAssembly
@ -1151,7 +1160,6 @@ lockPref("gfx.offscreencanvas.enabled", false); // [DEFAULT: false]
// 0=Allow all, 1=Block non-muted media, 5=Block all // 0=Allow all, 1=Block non-muted media, 5=Block all
// [NOTE] You can set exceptions under site permissions // [NOTE] You can set exceptions under site permissions
lockPref("media.autoplay.default", 5); lockPref("media.autoplay.default", 5);
lockPref("media.autoplay.allow-muted", false); // [FENNEC]
lockPref("media.autoplay.block-event.enabled", true); // [DEFAULT: false] lockPref("media.autoplay.block-event.enabled", true); // [DEFAULT: false]
lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false] lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
// ------------------------------------- // -------------------------------------
@ -1188,14 +1196,14 @@ lockPref("browser.sessionhistory.max_entries", 4); // [DEFAULT: 50]
// https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector // https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector
lockPref("layout.css.visited_links_enabled", false); lockPref("layout.css.visited_links_enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable search suggestions in the search bar // Pref : Disable live search suggestions
lockPref("browser.search.suggest.enabled", false); lockPref("browser.search.suggest.enabled", false);
lockPref("browser.search.suggest.enabled.private", false); lockPref("browser.search.suggest.enabled.private", false);
lockPref("browser.search.suggest.prompted", true); // [FENNEC]
// -------------------------------------
// Pref : Disable "Show search suggestions in location bar results"
lockPref("browser.urlbar.suggest.searches", false); // [DESKTOP] lockPref("browser.urlbar.suggest.searches", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable "Would you like to turn on search suggestions" prompt message
lockPref("browser.search.suggest.prompted", true); // [FENNEC]
// -------------------------------------
// Pref : Disable information entered in web page forms and the search bar // Pref : Disable information entered in web page forms and the search bar
// [NOTE] You can clear formdata on exiting Firefox // [NOTE] You can clear formdata on exiting Firefox
defaultPref("browser.formfill.enable", false); defaultPref("browser.formfill.enable", false);
@ -1232,8 +1240,9 @@ lockPref("browser.urlbar.usepreloadedtopurls.enabled", false); // [DESKTOP]
lockPref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); // [DESKTOP] lockPref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); // [DESKTOP]
lockPref("browser.urlbar.searchSuggestionsChoice", false); // [DESKTOP] lockPref("browser.urlbar.searchSuggestionsChoice", false); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Disable history/bookmarks/opened pages suggestions dropdown from URL bar // Pref : Disable URL bar autocomplete and history/bookmarks suggestions dropdown
// [NOTE] This does not cause privacy/leaking issue // http://kb.mozillazine.org/Disabling_autocomplete_-_Firefox#Firefox_3.5
lockPref("browser.urlbar.autocomplete.enabled", false); // [FENNEC]
defaultPref("browser.urlbar.suggest.history", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.history", false); // [DESKTOP]
defaultPref("browser.urlbar.suggest.bookmark", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.bookmark", false); // [DESKTOP]
defaultPref("browser.urlbar.suggest.openpage", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.openpage", false); // [DESKTOP]
@ -1335,6 +1344,8 @@ lockPref("toolkit.startup.max_resumed_crashes", -1); // [DESKTOP]
// ------------------------------------- // -------------------------------------
// Pref : Force Encrypted Server Name Indication (eSNI) for TLS 1.3 if TRR/DoH is enabled // Pref : Force Encrypted Server Name Indication (eSNI) for TLS 1.3 if TRR/DoH is enabled
// [NOTE] I don't encourage DoH (but it is a useful and valid mechanism for those who need it) // [NOTE] I don't encourage DoH (but it is a useful and valid mechanism for those who need it)
// https://wiki.mozilla.org/Trusted_Recursive_Resolver#ESNI
// https://en.wikipedia.org/wiki/Server_Name_Indication#Security_implications_(ESNI)
lockPref("network.security.esni.enabled", true); lockPref("network.security.esni.enabled", true);
// ------------------------------------- // -------------------------------------
// Pref : Disable ping to Mozilla for Man-in-the-Middle detection // Pref : Disable ping to Mozilla for Man-in-the-Middle detection
@ -1372,7 +1383,6 @@ lockPref("network.http.speculative-parallel-limit", 0);
// Pref : Disable predictor / prefetching // Pref : Disable predictor / prefetching
// Network predicator load pages before they are opened with mose hover for example // Network predicator load pages before they are opened with mose hover for example
lockPref("network.predictor.enabled", false); lockPref("network.predictor.enabled", false);
lockPref("network.predictor.cleaned-up", true);
lockPref("network.predictor.enable-prefetch", false); lockPref("network.predictor.enable-prefetch", false);
lockPref("network.predictor.enable-hover-on-ssl", false); lockPref("network.predictor.enable-hover-on-ssl", false);
// //
@ -1441,6 +1451,12 @@ lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // [DESKTOP]
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : HTTPS (SSL/TLS / OCSP / Certs / HPKP / Ciphers) // Section : HTTPS (SSL/TLS / OCSP / Certs / HPKP / Ciphers)
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Enable HTTPS-only-mode
// [NOTE] This is experimental
// https://www.ghacks.net/2020/03/24/firefox-76-gets-optional-https-only-mode/
// https://bugzilla.mozilla.org/1613063
// defaultPref("dom.security.https_only_mode", true);
// -------------------------------------
// Pref : Require safe negotiation // Pref : Require safe negotiation
// Blocks connections to servers that don't support RFC 5746 as they're potentially vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack if it disables renegotiations but the problem is that the browser can't know that. // Blocks connections to servers that don't support RFC 5746 as they're potentially vulnerable to a MiTM attack. A server *without* RFC 5746 can be safe from the attack if it disables renegotiations but the problem is that the browser can't know that.
// Setting this pref to true is the only way for the browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server. // Setting this pref to true is the only way for the browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server.
@ -1452,6 +1468,7 @@ lockPref("security.ssl.require_safe_negotiation", true);
// Pref : Control TLS versions with min and max // Pref : Control TLS versions with min and max
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3 // 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint. // [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
// Firefox telemetry (April 2020) shows only 0.25% of TLS web traffic uses 1.0 or 1.1
// https://www.ssllabs.com/ssl-pulse/ // https://www.ssllabs.com/ssl-pulse/
// lockPref("security.tls.version.min", 3); // lockPref("security.tls.version.min", 3);
// lockPref("security.tls.version.max", 4); // lockPref("security.tls.version.max", 4);
@ -1802,9 +1819,20 @@ lockPref("browser.cache.disk.smart_size.enabled", false);
lockPref("browser.cache.disk.smart_size.first_run", false); lockPref("browser.cache.disk.smart_size.first_run", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable memory cache // Pref : Disable memory cache
// Capacity: -1=determine dynamically (default), 0=none, n=memory capacity in kilobytes
// lockPref("browser.cache.memory.enable", false); // lockPref("browser.cache.memory.enable", false);
// lockPref("browser.cache.memory.capacity", 0); // [HIDDEN PREF ESR] // lockPref("browser.cache.memory.capacity", 0); // [HIDDEN PREF ESR]
// ------------------------------------- // -------------------------------------
// Pref : Disable permissions manager from writing to disk
// [NOTE] This means any permission changes are session only
// https://bugzilla.mozilla.org/967812
// lockPref("permissions.memory_only", true); // [HIDDEN PREF]
// -------------------------------------
// Pref : Disable media cache from writing to disk in Private Browsing
// [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB
lockPref("browser.privatebrowsing.forceMediaMemoryCache", true);
lockPref("media.memory_cache_max_size", 16384);
// -------------------------------------
// Pref : Disable fastback cache // Pref : Disable fastback cache
// To improve performance when pressing back/forward Firefox stores visited pages so they don't have to be re-parsed. This is not the same as memory cache. // To improve performance when pressing back/forward Firefox stores visited pages so they don't have to be re-parsed. This is not the same as memory cache.
// 0=none, -1=auto (that's minus 1). // 0=none, -1=auto (that's minus 1).
@ -1820,9 +1848,6 @@ lockPref("browser.sessionstore.max_tabs_undo", 0);
// 0=everywhere, 1=unencrypted sites, 2=nowhere // 0=everywhere, 1=unencrypted sites, 2=nowhere
lockPref("browser.sessionstore.privacy_level", 2); lockPref("browser.sessionstore.privacy_level", 2);
// ------------------------------------- // -------------------------------------
// Pref : Disable resuming session from crash
lockPref("browser.sessionstore.resume_from_crash", false);
// -------------------------------------
// Pref : Set the minimum interval between session save operations // Pref : Set the minimum interval between session save operations
// Increasing this can help on older machines and some websites, as well as reducing writes. Default is 15000 (15 secs). Try 30000 (30 secs), 60000 (1 min) etc. // Increasing this can help on older machines and some websites, as well as reducing writes. Default is 15000 (15 secs). Try 30000 (30 secs), 60000 (1 min) etc.
// This can also affect entries in the "Recently Closed Tabs" feature: i.e. the longer the interval the more chance a quick tab open/close won't be captured. // This can also affect entries in the "Recently Closed Tabs" feature: i.e. the longer the interval the more chance a quick tab open/close won't be captured.
@ -1867,10 +1892,7 @@ lockPref("browser.sessionstore.resume_session_once", false); // [DESKTOP]
// Pref : Disable geolocation // Pref : Disable geolocation
lockPref("geo.enabled", false); lockPref("geo.enabled", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable GeoIP lookup on your address to set default search engine region // Pref : Disable geographically specific results/search engines e.g. "browser.search.*.US", i.e. ignore all of Mozilla's various search engines in multiple locales
// https://trac.torproject.org/projects/tor/ticket/16254
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
lockPref("browser.search.region", "US");
lockPref("browser.search.geoSpecificDefaults.url", ""); lockPref("browser.search.geoSpecificDefaults.url", "");
lockPref("browser.snippets.geoUrl", ""); lockPref("browser.snippets.geoUrl", "");
// ------------------------------------- // -------------------------------------
@ -1878,7 +1900,9 @@ lockPref("browser.snippets.geoUrl", "");
defaultPref("intl.accept_languages", "en-US, en"); defaultPref("intl.accept_languages", "en-US, en");
// ------------------------------------- // -------------------------------------
// Pref : Enforce US English locale regardless of the system locale // Pref : Enforce US English locale regardless of the system locale
// [NOTE] May break some input methods e.g xim/ibus for CJK languages
// https://bugzilla.mozilla.org/867501 // https://bugzilla.mozilla.org/867501
// https://bugzilla.mozilla.org/1629630
lockPref("javascript.use_us_english_locale", true); // [HIDDEN PREF] lockPref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// ------------------------------------- // -------------------------------------
// Pref : Disable using the OS's geolocation service // Pref : Disable using the OS's geolocation service
@ -2033,7 +2057,6 @@ lockPref("extensions.blocklist.lastModified", ""); // [DESKTOP]
lockPref("extensions.blocklist.itemURL", ""); lockPref("extensions.blocklist.itemURL", "");
lockPref("extensions.blocklist.enabled", false); lockPref("extensions.blocklist.enabled", false);
lockPref("extensions.blocklist.detailsURL", ""); lockPref("extensions.blocklist.detailsURL", "");
lockPref("extensions.blocklist.useXML", false);
lockPref("services.settings.security.onecrl.bucket", ""); lockPref("services.settings.security.onecrl.bucket", "");
lockPref("services.settings.security.onecrl.collection", ""); lockPref("services.settings.security.onecrl.collection", "");
lockPref("services.settings.security.onecrl.signer", ""); lockPref("services.settings.security.onecrl.signer", "");
@ -2056,11 +2079,6 @@ lockPref("urlclassifier.trackingAnnotationWhitelistTable", "");
lockPref("urlclassifier.trackingTable", ""); lockPref("urlclassifier.trackingTable", "");
lockPref("urlclassifier.trackingWhitelistTable", ""); lockPref("urlclassifier.trackingWhitelistTable", "");
// ------------------------------------- // -------------------------------------
// Pref : Decrease system information leakage to Mozilla blocklist update servers
// https://trac.torproject.org/projects/tor/ticket/16931
// https://old.reddit.com/r/firefox/comments/9v5lue/firefox_tip_sanitize_firefox_blocklist_url_so_it/
lockPref("extensions.blocklist.url", ""); // [URL SANITIZED: https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%20/%20/]
// -------------------------------------
// Pref : Opt-out of add-on metadata updates // Pref : Opt-out of add-on metadata updates
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
lockPref("extensions.getAddons.cache.enabled", false); lockPref("extensions.getAddons.cache.enabled", false);
@ -2180,7 +2198,7 @@ lockPref("browser.contentblocking.features.strict", ""); // [DESKTOP]
// https://github.com/pyllyukko/user.js/issues/419 // https://github.com/pyllyukko/user.js/issues/419
// https://dxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/AddonManager.jsm#1248-1257 // https://dxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/AddonManager.jsm#1248-1257
// [NOTE] Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation) // [NOTE] Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation)
// lockPref("extensions.systemAddon.update.enabled", false); // [DESKTOP] // lockPref("extensions.systemAddon.update.enabled", false);
lockPref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] lockPref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED]
// ------------------------------------- // -------------------------------------
// Pref : Disable Normandy/Shield // Pref : Disable Normandy/Shield
@ -2203,6 +2221,11 @@ lockPref("extensions.formautofill.addresses.enabled", false); // [DESKTOP]
lockPref("extensions.formautofill.available", "off"); // [DESKTOP] lockPref("extensions.formautofill.available", "off"); // [DESKTOP]
lockPref("extensions.formautofill.creditCards.enabled", false); // [DESKTOP] lockPref("extensions.formautofill.creditCards.enabled", false); // [DESKTOP]
lockPref("extensions.formautofill.heuristics.enabled", false); // [DESKTOP] lockPref("extensions.formautofill.heuristics.enabled", false); // [DESKTOP]
// -------------------------------------
// Pref : Disable ExperimentManager and relative API
// https://bugzilla.mozilla.org/show_bug.cgi?id=1620021
lockPref("messaging-system.rsexperimentloader.enabled", false); // [DESKTOP]
lockPref("messaging-system.log", ""); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Persistent Storage // Section : Persistent Storage
@ -2221,6 +2244,10 @@ lockPref("network.cookie.lifetimePolicy", 2);
// [NOTE] Can breaks payment gateways // [NOTE] Can breaks payment gateways
defaultPref("network.cookie.cookieBehavior", 1); defaultPref("network.cookie.cookieBehavior", 1);
// ------------------------------------- // -------------------------------------
// Pref : Disable compatibility heuristics to 3rd-party cookie blocking
// https://bugzilla.mozilla.org/show_bug.cgi?id=1625568
lockPref("network.cookie.rejectForeignWithExceptions.enabled", false);
// -------------------------------------
// Pref : Set third-party cookies (i.e ALL) (if enabled) to session-only and set third-party non-secure (i.e HTTP) cookies to session-only // Pref : Set third-party cookies (i.e ALL) (if enabled) to session-only and set third-party non-secure (i.e HTTP) cookies to session-only
// [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and .nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones // [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and .nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones
// https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ // https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/
@ -2248,6 +2275,7 @@ lockPref("browser.cache.offline.enable", false);
lockPref("browser.cache.offline.capacity", 0); lockPref("browser.cache.offline.capacity", 0);
// ------------------------------------- // -------------------------------------
// Pref : Disable service workers cache and cache storage // Pref : Disable service workers cache and cache storage
// [NOTE] Service worker cache are cleared on exit
// https://w3c.github.io/ServiceWorker/#privacy // https://w3c.github.io/ServiceWorker/#privacy
// lockPref("dom.caches.enabled", false); // lockPref("dom.caches.enabled", false);
// ------------------------------------- // -------------------------------------
@ -2345,7 +2373,7 @@ lockPref("privacy.donottrackheader.enabled", false); // [DEFAULT: true]
// Section : FPI (First Party Isolation) // Section : FPI (First Party Isolation)
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Enable FPI (First Party Isolation) // Pref : Enable FPI (First Party Isolation)
// [SETUP-WEB] May break cross-domain logins and site functionality until perfected // [NOTE] May break cross-domain logins and site functionality until perfected
// https://bugzilla.mozilla.org/1260931 // https://bugzilla.mozilla.org/1260931
lockPref("privacy.firstparty.isolate", true); lockPref("privacy.firstparty.isolate", true);
// ------------------------------------- // -------------------------------------
@ -2504,7 +2532,7 @@ lockPref("permissions.default.xr", 2); // [DESKTOP]
// https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration // https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration
defaultPref("gfx.direct2d.disabled", true); // [DESKTOP] // [WINDOWS] defaultPref("gfx.direct2d.disabled", true); // [DESKTOP] // [WINDOWS]
defaultPref("layers.acceleration.disabled", true); // [DEFAULT: false] defaultPref("layers.acceleration.disabled", true); // [DEFAULT: false]
defaultPref("layers.acceleration.force-enabled", false); defaultPref("layers.acceleration.force-enabled", false); // [FENNEC - BUG] Force close during startup
// ------------------------------------- // -------------------------------------
// Pref : Disable Web Audio API // Pref : Disable Web Audio API
// https://bugzilla.mozilla.org/show_bug.cgi?id=1288359 // https://bugzilla.mozilla.org/show_bug.cgi?id=1288359
@ -2541,6 +2569,13 @@ defaultPref("browser.download.autohideButton", false); // [DESKTOP]
// Pref : Disable browser animation // Pref : Disable browser animation
// https://bugzilla.mozilla.org/show_bug.cgi?id=1352069 // https://bugzilla.mozilla.org/show_bug.cgi?id=1352069
defaultPref("toolkit.cosmeticAnimations.enabled", false); defaultPref("toolkit.cosmeticAnimations.enabled", false);
// -------------------------------------
// Pref : Disable (temporarily) "Megabar" design
// https://support.mozilla.org/en-US/questions/1284354
defaultPref("browser.urlbar.openViewOnFocus", false); // [DESKTOP]
defaultPref("browser.urlbar.update1", false); // [DESKTOP]
defaultPref("browser.urlbar.update1.interventions", false); // [DESKTOP]
defaultPref("browser.urlbar.update1.searchTips", false); // [DESKTOP]
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Personal // Section : Personal
@ -2630,7 +2665,7 @@ lockPref("plugins.click_to_play", true);
// Pref : Disable autoplay of HTML5 media // Pref : Disable autoplay of HTML5 media
// https://bugzilla.mozilla.org/1562331 // https://bugzilla.mozilla.org/1562331
// https://hg.mozilla.org/mozilla-central/rev/3780202d7104 // https://hg.mozilla.org/mozilla-central/rev/3780202d7104
lockPref("media.autoplay.allow-muted", false); // [FENNEC] lockPref("media.autoplay.allow-muted", false);
// ------------------------------------- // -------------------------------------
// FF70+ // FF70+
// ------------------------------------- // -------------------------------------
@ -2845,5 +2880,34 @@ defaultPref("browser.urlbar.doubleClickSelectsAll", false);
// https://hg.mozilla.org/mozilla-central/rev/bb85b121d2ac // https://hg.mozilla.org/mozilla-central/rev/bb85b121d2ac
lockPref("dom.vr.openvr.action_input", false); lockPref("dom.vr.openvr.action_input", false);
// ------------------------------------- // -------------------------------------
// Pref : Disable GeoIP-based search defaults
// [NOTE] May not be hidden if Firefox has changed your settings due to your locale
// https://trac.torproject.org/projects/tor/ticket/16254
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
// lockPref("browser.search.region", "US"); // [HIDDEN PREF]
// -------------------------------------
// FF76+ // FF76+
// ------------------------------------- // -------------------------------------
// Pref : Decrease system information leakage to Mozilla blocklist update servers
// https://bugzilla.mozilla.org/show_bug.cgi?id=1618188
// https://hg.mozilla.org/mozilla-central/rev/06ca3c111fc7
lockPref("extensions.blocklist.url", "");
// -------------------------------------
// Pref : Disable app from auto-update
// https://bugzilla.mozilla.org/show_bug.cgi?id=1568994
// https://hg.mozilla.org/mozilla-central/rev/12efcfc5555a
// https://hg.mozilla.org/mozilla-central/rev/cd6bf21b54db
lockPref("app.update.url", "");
// -------------------------------------
// Pref : Disable add-on and certificate blocklists (OneCRL) from Mozilla
// https://bugzilla.mozilla.org/show_bug.cgi?id=1618188
// https://hg.mozilla.org/mozilla-central/rev/06ca3c111fc7
lockPref("extensions.blocklist.useXML", false);
// -------------------------------------
// Pref : Disable predictor / prefetching
// https://bugzilla.mozilla.org/show_bug.cgi?id=1544868
// https://hg.mozilla.org/mozilla-central/rev/3763471a8781
lockPref("network.predictor.cleaned-up", true);
// -------------------------------------
// FF77+
// -------------------------------------