Update user.js
✅ Sorted a lot of rules and refined various parameters ✅ Set max popups from a single non-click event (from 3 to 2) ⛔️ Disabled Network Connectivity checks ⛔️ Disable Web Compatibility Reporter ⛔️ Prevent websites from disabling new window features ⛔️ Blocked popup windows during load ⛔️ Limited events that can cause a popup
This commit is contained in:
parent
9ee52dfa2e
commit
f396d8e581
254
user.js
254
user.js
|
@ -9,6 +9,72 @@
|
|||
// Librefox: https://github.com/intika/Librefox
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Quiet Fox
|
||||
// >>>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Disable auto-CHECKING for extension and theme updates
|
||||
// user_pref("extensions.update.enabled", false);
|
||||
// Pref : Disable app from auto-update
|
||||
user_pref("app.update.auto", false);
|
||||
user_pref("app.update.autodownload", "");
|
||||
user_pref("app.update.channel", "");
|
||||
user_pref("app.update.timerFirstInterval", -1);
|
||||
user_pref("app.update.timerMinimumDelay", -1);
|
||||
user_pref("app.update.url.android", "");
|
||||
// Pref : Opt-out of add-on metadata updates
|
||||
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
|
||||
user_pref("extensions.getAddons.cache.enabled", false);
|
||||
user_pref("extensions.getAddons.cache.lastUpdate", 0);
|
||||
user_pref("extensions.getAddons.cache.LastUpdate", 0);
|
||||
// Pref : Never check updates for search engines
|
||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking
|
||||
user_pref("browser.search.update", false);
|
||||
user_pref("browser.search.update.interval", -1);
|
||||
user_pref("browser.search.update.log", false);
|
||||
// Pref : Disable sending Flash Player crash reports
|
||||
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
|
||||
// Pref : Disable sending the URL of the website where a plugin crashed
|
||||
user_pref("dom.ipc.plugins.reportCrashURL", false);
|
||||
// Pref : Disable telemetry
|
||||
user_pref("toolkit.telemetry.enabled", false);
|
||||
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
|
||||
user_pref("toolkit.telemetry.server", "data:,");
|
||||
user_pref("toolkit.telemetry.server_owner", "");
|
||||
user_pref("toolkit.telemetry.unified", false);
|
||||
// Pref : Disable collection/sending of the health report (healthreport.sqlite*)
|
||||
user_pref("datareporting.policy.currentPolicyVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionEnabled", false);
|
||||
user_pref("datareporting.policy.currentPolicyAcceptedVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyBypassNotification", false);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "");
|
||||
user_pref("datareporting.policy.FirstRunURL", "");
|
||||
user_pref("datareporting.policy.firstRunURL", "");
|
||||
user_pref("datareporting.policy.minimumPolicyVersion", 0);
|
||||
user_pref("datareporting.policy.minimumPolicyVersion.channel-beta", 0);
|
||||
// Pref : Disable personalized Extension Recommendations in about:addons and AMO
|
||||
* [NOTE] This pref has no effect when Health Reports are disabled
|
||||
// https://support.mozilla.org/kb/personalized-extension-recommendations
|
||||
user_pref("browser.discovery.enabled", false); // [DEFAULT: false]
|
||||
// Pref : Disable Crash Reports
|
||||
user_pref("breakpad.reportURL", "");
|
||||
// Pref : Disable automatic captive portal detection
|
||||
// https://en.wikipedia.org/wiki/Captive_portal
|
||||
// https://wiki.mozilla.org/Necko/CaptivePortal
|
||||
// https://trac.torproject.org/projects/tor/ticket/21790
|
||||
user_pref("captivedetect.canonicalURL", "");
|
||||
user_pref("network.captive-portal-service.enabled", false);
|
||||
user_pref("network.captive-portal-service.backoffFactor", "");
|
||||
user_pref("network.captive-portal-service.maxInterval", -1);
|
||||
user_pref("network.captive-portal-service.minInterval", -1);
|
||||
// Pref : Disable Network Connectivity checks
|
||||
// https://bugzilla.mozilla.org/1460537
|
||||
user_pref("network.connectivity-service.enabled", false); // [DEFAULT: true]
|
||||
user_pref("network.connectivity-service.IPv4.url", "");
|
||||
user_pref("network.connectivity-service.IPv6.url", "");
|
||||
user_pref("network.connectivity-service.DNSv4.domain", "");
|
||||
user_pref("network.connectivity-service.DNSv6.domain", "");
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : IJWY To Shut Up
|
||||
// I Just Want You To Shut Up : Closing all non necessary communication to mozilla.org etc.
|
||||
// >>>>>>>>>>>>>>>>>>>>>
|
||||
|
@ -70,48 +136,14 @@ user_pref("urlclassifier.phishTable", "");
|
|||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Miscellaneous
|
||||
// >>>>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Disable speculative pre-connections
|
||||
// Disable prefetch link on hover.
|
||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=814169
|
||||
user_pref("network.http.speculative-parallel-limit", 0);
|
||||
// Pref : Disable predictor / prefetching
|
||||
// Network predicator load pages before they are opened
|
||||
// with mose hover for example
|
||||
user_pref("network.predictor.enabled", false);
|
||||
user_pref("network.predictor.cleaned-up", true);
|
||||
// Pref : Disable prefetching of <link rel="next"> URLs
|
||||
// http://kb.mozillazine.org/Network.prefetch-next
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F
|
||||
// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited,
|
||||
// so the browser downloads them immediately so they can be displayed immediately when the user requests it.
|
||||
user_pref("network.prefetch-next", false);
|
||||
// Pref : Disable telemetry
|
||||
user_pref("toolkit.telemetry.enabled", false);
|
||||
user_pref("toolkit.telemetry.reportingpolicy.firstRun", false);
|
||||
user_pref("toolkit.telemetry.server", "data:,");
|
||||
user_pref("toolkit.telemetry.server_owner", "");
|
||||
user_pref("toolkit.telemetry.unified", false);
|
||||
// Pref :
|
||||
// Pref : Disable Web Compatibility Reporter
|
||||
// Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla
|
||||
user_pref("extensions.webcompat-reporter.enabled", false);
|
||||
user_pref("extensions.webcompat-reporter.newIssueEndpoint", "");
|
||||
// Pref : Disable System Add-on updates
|
||||
user_pref("extensions.systemAddon.update.url", "");
|
||||
// Pref :
|
||||
user_pref("app.feedback.baseURL", "");
|
||||
// Pref : Disable app from auto-update
|
||||
user_pref("app.update.auto", false);
|
||||
user_pref("app.update.autodownload", "");
|
||||
user_pref("app.update.channel", "");
|
||||
user_pref("app.update.lastUpdateTime.auto-addon-background-update-timer", 0);
|
||||
user_pref("app.update.lastUpdateTime.search-engine-update-timer", 0);
|
||||
user_pref("app.update.lastUpdateTime.services-settings-poll-changes", 0);
|
||||
user_pref("app.update.lastUpdateTime.user-agent-updates-timer", 0);
|
||||
user_pref("app.update.lastUpdateTime-xpi-signature-verification", 0);
|
||||
user_pref("app.update.timerFirstInterval", 0);
|
||||
user_pref("app.update.timerMinimumDelay", 0);
|
||||
user_pref("app.update.url.android", "");
|
||||
// Pref :
|
||||
user_pref("breakpad.reportURL", "");
|
||||
// Pref :
|
||||
user_pref("captivedetect.canonicalURL", "");
|
||||
// Pref :
|
||||
user_pref("devtools.devices.url", "");
|
||||
// Pref :
|
||||
|
@ -134,12 +166,6 @@ user_pref("identity.fxaccounts.remote.oauth.uri", "");
|
|||
user_pref("identity.fxaccounts.remote.profile.uri", "");
|
||||
// [FENNEC][BUG] If empty "Settings" faded
|
||||
user_pref("identity.fxaccounts.remote.webchannel.uri", "https://0.0.0.0");
|
||||
// Pref : Disable predictor / prefetching
|
||||
// Network predicator load pages before they are opened
|
||||
// with mose hover for example
|
||||
user_pref("network.predictor.enabled", false);
|
||||
user_pref("network.predictor.cleaned-up", true);
|
||||
user_pref("network.predictor.enable-prefetch", false);
|
||||
// Pref : Disable sync
|
||||
user_pref("services.sync.enabled", false);
|
||||
user_pref("browser.startup.homepage_override.mstone", "ignore");
|
||||
|
@ -148,22 +174,12 @@ user_pref("webextensions.storage.sync.serverURL", "");
|
|||
user_pref("privacy.item.syncAccount", false);
|
||||
// Pref : [FENNEC] Disable snippets
|
||||
user_pref("browser.snippets.enabled", false);
|
||||
user_pref("browser.snippets.firstrunHomepage.enabled", false);
|
||||
user_pref("browser.snippets.firstrunHomepageenabled", false);
|
||||
user_pref("browser.snippets.statsUrl", "");
|
||||
user_pref("browser.snippets.updateInterval", -1);
|
||||
user_pref("browser.snippets.updateUrl", "");
|
||||
user_pref("browser.snippets.syncPromo.enabled", false);
|
||||
// Pref : Disable collection/sending of the health report (healthreport.sqlite*)
|
||||
user_pref("datareporting.policy.currentPolicyVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionEnabled", false);
|
||||
user_pref("datareporting.policy.currentPolicyAcceptedVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 0);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyBypassNotification", false);
|
||||
user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "");
|
||||
user_pref("datareporting.policy.FirstRunURL", "");
|
||||
user_pref("datareporting.policy.firstRunURL", "");
|
||||
user_pref("datareporting.policy.minimumPolicyVersion", 0);
|
||||
user_pref("datareporting.policy.minimumPolicyVersion.channel-beta", 0);
|
||||
// Pref : Disable right-click menu manipulation via JavaScript (disabled)
|
||||
user_pref("dom.event.contextmenu.enabled", false);
|
||||
// Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
|
||||
|
@ -179,12 +195,6 @@ user_pref("dom.event.clipboardevents.enabled", false);
|
|||
// https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
|
||||
// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.6
|
||||
user_pref("network.IDN_show_punycode", true);
|
||||
// Pref : Disable pinging URIs specified in HTML <a> ping= attributes
|
||||
// http://kb.mozillazine.org/Browser.send_pings
|
||||
user_pref("browser.send_pings", false);
|
||||
// Pref : When browser pings are enabled, only allow pinging the same host as the origin page
|
||||
// http://kb.mozillazine.org/Browser.send_pings.require_same_host
|
||||
user_pref("browser.send_pings.require_same_host", true);
|
||||
// Pref : Disable prefetching of <link rel="next"> URLs
|
||||
// http://kb.mozillazine.org/Network.prefetch-next
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F
|
||||
|
@ -228,14 +238,6 @@ user_pref("gfx.font_rendering.opentype_svg.enabled", false);
|
|||
// http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
|
||||
// http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
|
||||
user_pref("security.dialog_enable_delay", 700);
|
||||
// Pref : Opt-out of add-on metadata updates
|
||||
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
|
||||
user_pref("extensions.getAddons.cache.enabled", false);
|
||||
user_pref("extensions.getAddons.cache.lastUpdate", 0);
|
||||
// Pref : Disable sending Flash Player crash reports
|
||||
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
|
||||
// Pref : When Flash crash reports are enabled, don't send the visited URL in the crash report
|
||||
user_pref("dom.ipc.plugins.reportCrashURL", false);
|
||||
// Default Value
|
||||
// 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E
|
||||
user_pref("services.blocklist.addons.signer", "");
|
||||
|
@ -261,17 +263,6 @@ user_pref("devtools.debugger.remote-enabled", false);
|
|||
// https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop
|
||||
// https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings
|
||||
user_pref("devtools.debugger.force-local", true);
|
||||
// Pref : Never check updates for search engines
|
||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking
|
||||
user_pref("browser.search.update", false);
|
||||
user_pref("browser.search.update.interval", 0);
|
||||
user_pref("browser.search.update.log", false);
|
||||
// Pref : Disable automatic captive portal detection (Firefox >= 52.0)
|
||||
// https://support.mozilla.org/en-US/questions/1157121
|
||||
user_pref("network.captive-portal-service.enabled", false);
|
||||
user_pref("network.captive-portal-service.backoffFactor", "");
|
||||
user_pref("network.captive-portal-service.maxInterval", 0);
|
||||
user_pref("network.captive-portal-service.minInterval", 0);
|
||||
// Pref : Prevent accessibility services from accessing your browser
|
||||
// https://support.mozilla.org/kb/accessibility-services
|
||||
user_pref("accessibility.force_disabled", 1);
|
||||
|
@ -477,14 +468,68 @@ user_pref("security.tls.version.min", 2);
|
|||
user_pref("network.dnsCacheEntries", 100);
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : User Settings
|
||||
// Section : Block Implicit Outbound
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// If your OS or ISP does not support IPv6, there is no reason to have this preference set to false.
|
||||
user_pref("network.dns.disableIPv6", true);
|
||||
// Pref : Disable prefetching of <link rel="next"> URLs
|
||||
// http://kb.mozillazine.org/Network.prefetch-next
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F
|
||||
// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user requests it.
|
||||
user_pref("network.prefetch-next", false);
|
||||
// Pref : Disable DNS prefetching
|
||||
// http://kb.mozillazine.org/Network.dns.disablePrefetch
|
||||
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching
|
||||
user_pref("network.dns.disablePrefetch", true);
|
||||
// Pref : Disable Seer/Necko
|
||||
// https://developer.mozilla.org/docs/Mozilla/Projects/Necko
|
||||
user_pref("network.predictor.enabled", false);
|
||||
user_pref("network.predictor.cleaned-up", true);
|
||||
// Pref : Disable speculative pre-connections
|
||||
// Disable prefetch link on hover.
|
||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=814169
|
||||
user_pref("network.http.speculative-parallel-limit", 0);
|
||||
// Pref : Disable pinging URIs specified in HTML <a> ping= attributes
|
||||
// http://kb.mozillazine.org/Browser.send_pings
|
||||
user_pref("browser.send_pings", false);
|
||||
// Pref : When browser pings are enabled, only allow pinging the same host as the origin page
|
||||
// http://kb.mozillazine.org/Browser.send_pings.require_same_host
|
||||
user_pref("browser.send_pings.require_same_host", true);
|
||||
// Pref : Disable predictor / prefetching
|
||||
// Network predicator load pages before they are opened with mose hover for example
|
||||
user_pref("network.predictor.enable-prefetch", false);
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : HTTP / TCP/IP / DNS / PROXY / SOCKS etc.
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Disable IPv6
|
||||
// If your OS or ISP does not support IPv6, there is no reason to have this preference set to false.
|
||||
user_pref("network.dns.disableIPv6", true);
|
||||
// Pref : Disable HTTP2 (which was based on SPDY which is now deprecated)
|
||||
// HTTP2 raises concerns with "multiplexing" and "server push", does nothing to enhance privacy, and in fact opens up a number of server-side fingerprinting opportunities.
|
||||
// [SETUP-PERF] Relax this if you have FPI enabled and you understand the consequences. FPI isolates these, but it was designed with the Tor protocol in mind, and the Tor Browser has extra protection, including enhanced sanitizing per Identity.
|
||||
// https://http2.github.io/faq/
|
||||
// https://blog.scottlogic.com/2014/11/07/http-2-a-quick-look.html
|
||||
// https://queue.acm.org/detail.cfm?id=2716278
|
||||
// https://github.com/ghacksuserjs/ghacks-user.js/issues/107
|
||||
// user_pref("network.http.spdy.enabled", false);
|
||||
// user_pref("network.http.spdy.enabled.deps", false);
|
||||
// user_pref("network.http.spdy.enabled.http2", false);
|
||||
// user_pref("network.http.spdy.websockets", false);
|
||||
// Pref : Disable HTTP Alternative Services
|
||||
// [SETUP-PERF] Relax this if you have FPI enabled and you understand the consequences. FPI isolates these, but it was designed with the Tor protocol in mind, and the Tor Browser has extra protection, including enhanced sanitizing per Identity.
|
||||
// https://tools.ietf.org/html/rfc7838#section-9
|
||||
// https://www.mnot.net/blog/2016/03/09/alt-svc
|
||||
// user_pref("network.http.altsvc.enabled", false);
|
||||
// user_pref("network.http.altsvc.oe", false);
|
||||
// Pref : Enforce the proxy server to do any DNS lookups when using SOCKS
|
||||
// e.g. in Tor, this stops your local DNS server from knowing your Tor destination as a remote Tor node will handle the DNS request
|
||||
// http://kb.mozillazine.org/Network.proxy.socks_remote_dns
|
||||
// https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers
|
||||
// user_pref("network.proxy.socks_remote_dns", true);
|
||||
// Pref : Remove paths when sending URLs to PAC scripts
|
||||
// CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC)
|
||||
// https://bugzilla.mozilla.org/1255474
|
||||
user_pref("network.proxy.autoconfig_url.include_path", false); // [DEFAULT: false]
|
||||
// Pref : Disable (or setup) DNS-over-HTTPS (DoH)
|
||||
// TRR = Trusted Recursive Resolver
|
||||
// .mode: 0=off, 1=race, 2=TRR first, 3=TRR only, 4=race for stats, but always use native result
|
||||
|
@ -497,6 +542,10 @@ user_pref("network.dns.disablePrefetch", true);
|
|||
user_pref("network.trr.mode", 0);
|
||||
user_pref("network.trr.bootstrapAddress", "");
|
||||
user_pref("network.trr.uri", "");
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : User Settings
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Do No Tracker enabled by default
|
||||
user_pref("privacy.donottrackheader.enabled", false);
|
||||
// Pref : Enable Container Tabs
|
||||
|
@ -564,9 +613,44 @@ user_pref("signon.formlessCapture.enabled", false);
|
|||
user_pref("network.auth.subresource-http-auth-allow", 1);
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Window Meddling & Leaks / Popups
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Prevent websites from disabling new window features
|
||||
// http://kb.mozillazine.org/Prevent_websites_from_disabling_new_window_features
|
||||
user_pref("dom.disable_window_open_feature.close", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.menubar", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.minimizable", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.personalbar", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.resizable", true); // [DEFAULT: true]
|
||||
user_pref("dom.disable_window_open_feature.status", true); // [DEFAULT: true]
|
||||
user_pref("dom.disable_window_open_feature.titlebar", true); // [DEFAULT: false]
|
||||
user_pref("dom.disable_window_open_feature.toolbar", true); // [DEFAULT: false]
|
||||
// Pref : Prevent scripts from moving and resizing open windows
|
||||
user_pref("dom.disable_window_move_resize", true); // [DEFAULT: true]
|
||||
// Pref : Open links targeting new windows in a new tab instead
|
||||
// This stops malicious window sizes and some screen resolution leaks.
|
||||
// You can still right-click a link and open in a new window.
|
||||
// [TEST] https://people.torproject.org/~gk/misc/entire_desktop.html
|
||||
// https://trac.torproject.org/projects/tor/ticket/9881
|
||||
user_pref("browser.link.open_newwindow", 2); // [DEFAULT: 3]
|
||||
user_pref("browser.link.open_newwindow.restriction", 0); // [DEFAULT: 0]
|
||||
// Pref : Disable Fullscreen API (requires user interaction) to prevent screen-resolution leaks
|
||||
// [NOTE] You can still manually toggle the browser's fullscreen state, but this pref will disable embedded video fullscreen controls, e.g. youtube
|
||||
// [TEST] https://developer.mozilla.org/samples/domref/fullscreen.html
|
||||
// user_pref("full-screen-api.enabled", false);
|
||||
// Pref : Block popup windows
|
||||
user_pref("dom.disable_open_during_load", true); // [DEFAULT: true]
|
||||
// Pref : Set max popups from a single non-click event
|
||||
user_pref("dom.popup_maximum", 3); // [DEFAULT: 4]
|
||||
// Pref : Limit events that can cause a popup
|
||||
// http://kb.mozillazine.org/Dom.popup_allowed_events
|
||||
user_pref("dom.popup_allowed_events", "click dblclick"); // [DEFAULT: "change click dblclick mouseup pointerup notificationclick reset submit touchend"]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Cache / Session (Re)Store / Favicons
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// ETAG and other cache tracking/fingerprinting techniques can be averted by disabling *BOTH* disk (1001) and memory (1003) cache. ETAGs can also be neutralized by modifying response headers. Another solution is to use a hardened configuration with Temporary Containers. Alternatively, you can *LIMIT* exposure by clearing cache on close. Or on a regular basis manually or with an extension.
|
||||
// ETAG and other cache tracking/fingerprinting techniques can be averted by disabling *BOTH* disk and memory cache. ETAGs can also be neutralized by modifying response headers. Another solution is to use a hardened configuration with Temporary Containers. Alternatively, you can *LIMIT* exposure by clearing cache on close. Or on a regular basis manually or with an extension.
|
||||
// https://en.wikipedia.org/wiki/HTTP_ETag#Tracking_using_ETags
|
||||
// https://robertheaton.com/2014/01/20/cookieless-user-tracking-for-douchebags/
|
||||
// https://www.grepular.com/Preventing_Web_Tracking_via_the_Browser_Cache
|
||||
|
|
Reference in New Issue