Update user.js

 Credits adjusted
 Sorted some rules and added some descriptions
 Set Browser locale (fennec exclusive)
 Added Headers/Referers section to limit sended info
️ Disabled search suggestions / forms / limited history contents and more..
This commit is contained in:
quindecim 2019-04-25 16:58:17 +00:00 committed by GitHub
parent 130b27e17a
commit a09b3c5d90
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 70 additions and 23 deletions

93
user.js
View File

@ -1,8 +1,8 @@
// //
/****************************************************************************** /******************************************************************************
* * * * * * * * * * * * * * @quindecim | user.js * * * * * * * * * * * * * * * * * * * * * * * * * * * * @quindecim | user.js * * * * * * * * * * * * * *
* for Fennec F-Droid * * *
* * * * * a project based on gHacks user.js and Librefox Browser * * * * * * * project based on gHacksuser.js and Librefox Browser. Redesigned for Fennec *
******************************************************************************/ ******************************************************************************/
// //
// gHacks: https://github.com/ghacksuserjs/ghacks-user.js // gHacks: https://github.com/ghacksuserjs/ghacks-user.js
@ -111,8 +111,6 @@ user_pref("app.update.url.android", "");
// Pref : // Pref :
user_pref("breakpad.reportURL", ""); user_pref("breakpad.reportURL", "");
// Pref : // Pref :
user_pref("browser.search.suggest.enabled", false);
// Pref :
user_pref("captivedetect.canonicalURL", ""); user_pref("captivedetect.canonicalURL", "");
// Pref : // Pref :
user_pref("devtools.devices.url", ""); user_pref("devtools.devices.url", "");
@ -136,8 +134,6 @@ user_pref("identity.fxaccounts.remote.oauth.uri", "");
user_pref("identity.fxaccounts.remote.profile.uri", ""); user_pref("identity.fxaccounts.remote.profile.uri", "");
// [FENNEC][BUG] If empty "Settings" faded // [FENNEC][BUG] If empty "Settings" faded
user_pref("identity.fxaccounts.remote.webchannel.uri", "https://127.0.0.1"); user_pref("identity.fxaccounts.remote.webchannel.uri", "https://127.0.0.1");
// Pref :
user_pref("layout.css.visited_links_enabled", false);
// Pref : Disable predictor / prefetching // Pref : Disable predictor / prefetching
// Network predicator load pages before they are opened // Network predicator load pages before they are opened
// with mose hover for example // with mose hover for example
@ -150,9 +146,6 @@ user_pref("browser.snippets.syncPromo.enabled", false);
user_pref("webextensions.storage.sync.enabled", false); user_pref("webextensions.storage.sync.enabled", false);
user_pref("webextensions.storage.sync.serverURL", ""); user_pref("webextensions.storage.sync.serverURL", "");
user_pref("privacy.item.syncAccount", false); user_pref("privacy.item.syncAccount", false);
// Pref : Referer: ALL: control the amount of information to send
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port
user_pref("network.http.referer.trimmingPolicy", 0);
// Pref : Disable collection/sending of the health report (healthreport.sqlite*) // Pref : Disable collection/sending of the health report (healthreport.sqlite*)
user_pref("datareporting.policy.currentPolicyVersion", 0); user_pref("datareporting.policy.currentPolicyVersion", 0);
user_pref("datareporting.policy.dataSubmissionEnabled", false); user_pref("datareporting.policy.dataSubmissionEnabled", false);
@ -213,12 +206,6 @@ user_pref("media.webspeech.recognition.enable", false);
user_pref("dom.vibrator.enabled", false); user_pref("dom.vibrator.enabled", false);
// Pref : Don't use Mozilla-provided location-specific search engines // Pref : Don't use Mozilla-provided location-specific search engines
user_pref("browser.search.geoSpecificDefaults", false); user_pref("browser.search.geoSpecificDefaults", false);
// Pref : Don't trim HTTP off of URLs in the address bar.
// https://bugzilla.mozilla.org/show_bug.cgi?id=665580
user_pref("browser.urlbar.trimURLs", false);
// Pref : Don't try to guess domain names when entering an invalid domain name in URL bar
// http://www-archive.mozilla.org/docs/end-user/domain-guessing.html
user_pref("browser.fixup.alternate.enabled", false);
// Pref : Don't monitor OS online/offline connection state // Pref : Don't monitor OS online/offline connection state
// https://trac.torproject.org/projects/tor/ticket/18945 // https://trac.torproject.org/projects/tor/ticket/18945
user_pref("network.manage-offline-status", false); user_pref("network.manage-offline-status", false);
@ -390,6 +377,39 @@ user_pref("media.autoplay.enabled.user-gestures-needed", false);
user_pref("media.block-autoplay-until-in-foreground", true); user_pref("media.block-autoplay-until-in-foreground", true);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Location Bar / Search Bar / Suggestions / History / Forms
// >>>>>>>>>>>>>>>>>>>>
// Pref : Disable location bar using search
// Don't leak typos to a search engine, give an error message instead
user_pref("keyword.enabled", false);
// Pref : Don't try to guess domain names when entering an invalid domain name in URL bar
// http://www-archive.mozilla.org/docs/end-user/domain-guessing.html
user_pref("browser.fixup.alternate.enabled", false);
// Pref : Don't trim HTTP off of URLs in the address bar
// https://bugzilla.mozilla.org/show_bug.cgi?id=665580
user_pref("browser.urlbar.trimURLs", false);
// Pref : Limit history leaks via enumeration (PER TAB: back/forward)
// This is a PER TAB session history. You still have a full history stored under all history
// Default=50, minimum=1=currentpage, 2 is the recommended minimum as some pages use it as a means of referral (e.g. hotlinking), 4 or 6 or 10 may be more practical
user_pref("browser.sessionhistory.max_entries", 10);
// Pref : Disable CSS querying page history - CSS history leak
// [NOTE] This has NEVER been fully "resolved": in Mozilla/docs it is stated it's only in 'certain circumstances'
// [TEST] http://lcamtuf.coredump.cx/yahh/ (see github wiki APPENDIX C on how to use)
// https://dbaron.org/mozilla/visited-privacy
// https://bugzilla.mozilla.org/147777
// https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector
user_pref("layout.css.visited_links_enabled", false);
// Pref : Disable search bar LIVE search suggestions
user_pref("browser.search.suggest.enabled", false);
// Pref : Disable search and form history
// [NOTE] You can clear formdata on exiting Firefox
user_pref("browser.formfill.enable", false);
// Pref : Disable date/time picker
// This can leak your locale if not en-US
// https://trac.torproject.org/projects/tor/ticket/21787
user_pref("dom.forms.datetime", false);
//
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Security // Section : Security
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Pre-populate the current URL but do not pre-fetch the certificate in the // Pref : Pre-populate the current URL but do not pre-fetch the certificate in the
@ -502,14 +522,6 @@ user_pref("privacy.firstparty.isolate", true);
user_pref("privacy.firstparty.isolate.restrict_opener_access", true); user_pref("privacy.firstparty.isolate.restrict_opener_access", true);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Locale/Time/UserAgent
// >>>>>>>>>>>>>>>>>>>>
// Pref : Disable date/time picker
// This can leak your locale if not en-US
// https://trac.torproject.org/projects/tor/ticket/21787
user_pref("dom.forms.datetime", false);
//
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Passwords // Section : Passwords
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Disable autofilling saved passwords on HTTP pages and show warning // Pref : Disable autofilling saved passwords on HTTP pages and show warning
@ -603,6 +615,8 @@ user_pref("browser.search.geoip.url", "");
user_pref("browser.search.geoip.timeout", 0); user_pref("browser.search.geoip.timeout", 0);
user_pref("browser.search.geoSpecificDefaults.url", ""); user_pref("browser.search.geoSpecificDefaults.url", "");
user_pref("browser.snippets.geoUrl", ""); user_pref("browser.snippets.geoUrl", "");
// Pref : [FENNEC] Set Browser locale
user_pref("intl.locale.os", "en-US");
// Pref : Set OS & APP locale // Pref : Set OS & APP locale
// If set to empty, the OS locales are used. If not set at all, default locale is used // If set to empty, the OS locales are used. If not set at all, default locale is used
user_pref("intl.locale.requested", "en-US"); user_pref("intl.locale.requested", "en-US");
@ -864,6 +878,39 @@ user_pref("dom.storageManager.enabled", false);
user_pref("dom.storage_access.enabled", false); user_pref("dom.storage_access.enabled", false);
// //
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Headers / Referers
// >>>>>>>>>>>>>>>>>>>>
// Pref : Control when images/links send a referer
// 0=never, 1=send only when links are clicked, 2=for links and images (default)
user_pref("network.http.sendRefererHeader", 2);
// Pref : Control the amount of information to send
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port
user_pref("network.http.referer.trimmingPolicy", 0);
// Pref : Control when to send a referer
// 0=always (default), 1=only if base domains match, 2=only if hosts match
user_pref("network.http.referer.XOriginPolicy", 1);
// Pref : Control the amount of information to send
// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port
user_pref("network.http.referer.XOriginTrimmingPolicy", 0);
// Pref : Disable spoofing a referer
// [WARNING] Do not set this to true, as spoofing effectively disables the anti-CSRF (Cross-Site Request Forgery) protections that some sites may rely on
user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
// Pref : Set the default Referrer Policy [FF59+]
// 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade
// [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy
// https://www.w3.org/TR/referrer-policy/
// https://developer.mozilla.org/docs/Web/HTTP/Headers/Referrer-Policy
// https://blog.mozilla.org/security/2018/01/31/preventing-data-leaks-by-stripping-path-information-in-http-referrers/
user_pref("network.http.referer.defaultPolicy", 3); // [DEFAULT: 3]
user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2]
// Pref : Hide (not spoof) referrer when leaving a .onion domain
// [NOTE] Firefox cannot access .onion sites by default. We recommend you use the Tor Browser which is specifically designed for hidden services
// https://bugzilla.mozilla.org/1305144
user_pref("network.http.referer.hideOnionSource", true); // [DEFAULT: false]
// Pref : Disable the DNT (Do Not Track) HTTP header
user_pref("privacy.donottrackheader.enabled", false); // [DEFAULT: true]
//
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Resist Fingerprinting // Section : Resist Fingerprinting
// >>>>>>>>>>>>>>>>>>>> // >>>>>>>>>>>>>>>>>>>>
// Pref : Enable hardening against various fingerprinting vectors (Tor Uplift project) // Pref : Enable hardening against various fingerprinting vectors (Tor Uplift project)