From f72caeb4e2595f56dda46126863e83a24685ae54 Mon Sep 17 00:00:00 2001
From: quindecim <49964366+quindecim@users.noreply.github.com>
Date: Wed, 1 May 2019 09:22:54 +0000
Subject: [PATCH] Update user.js
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

✅ Sorted some prefs
✅ Added new section: "Personal", with some personal prefs
✅ Removed some incorrect prefs
✅ Refined all timeout parameters "1" to "-1"
✅ Enabled "Always enable zoom" feature by default
⛔️ Disabled In-Browser Feed Handling
⛔️ Disable more unwanted connections [FENNEC]
⛔️ Disabled widevine CDM (Content Decryption Module)
⛔️ Disabled location bar autocomplete
---
 user.js | 127 ++++++++++++++++++++++++++++++++++----------------------
 1 file changed, 77 insertions(+), 50 deletions(-)

diff --git a/user.js b/user.js
index de5937c..cb2f5ac 100644
--- a/user.js
+++ b/user.js
@@ -28,13 +28,14 @@ user_pref("app.update.url.android", "");
 // Pref : Opt-out of add-on metadata updates
 // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
 user_pref("extensions.getAddons.cache.enabled", false);
-user_pref("extensions.getAddons.cache.lastUpdate", 0);
-user_pref("extensions.getAddons.cache.LastUpdate", 0);
 // Pref : Never check updates for search engines
 // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking
 user_pref("browser.search.update", false);
 user_pref("browser.search.update.interval", -1);
 user_pref("browser.search.update.log", false);
+// Pref : Tell the search service that we don't really expose the "current engine"
+// [FENNEC]
+user_pref("browser.search.noCurrentEngine", true); // [DEFAULT: true]
 // Pref : Disable sending Flash Player crash reports
 user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
 // Pref : Disable sending the URL of the website where a plugin crashed
@@ -56,6 +57,22 @@ user_pref("datareporting.policy.FirstRunURL", "");
 user_pref("datareporting.policy.firstRunURL", "");
 user_pref("datareporting.policy.minimumPolicyVersion", 0);
 user_pref("datareporting.policy.minimumPolicyVersion.channel-beta", 0);
+// Pref : Disable In-Browser Feed Handling
+// https://wiki.mozilla.org/Feed_Handling
+// http://kb.mozillazine.org/Browser.contentHandlers.types.%2A.uri
+// [FENNEC]
+user_pref("browser.contentHandlers.types.0.title", "");
+user_pref("browser.contentHandlers.types.0.type", "");
+user_pref("browser.contentHandlers.types.0.uri", "");
+user_pref("browser.contentHandlers.types.1.title", "");
+user_pref("browser.contentHandlers.types.1.type", "");
+user_pref("browser.contentHandlers.types.1.uri", "");
+user_pref("browser.contentHandlers.types.2.title", "");
+user_pref("browser.contentHandlers.types.2.type", "");
+user_pref("browser.contentHandlers.types.2.uri", "");
+user_pref("browser.contentHandlers.types.3.title", "");
+user_pref("browser.contentHandlers.types.3.type", "");
+user_pref("browser.contentHandlers.types.3.uri", "");
 // Pref : Disable personalized Extension Recommendations in about:addons and AMO
 // [NOTE] This pref has no effect when Health Reports are disabled
 // https://support.mozilla.org/kb/personalized-extension-recommendations
@@ -83,14 +100,20 @@ user_pref("network.connectivity-service.DNSv6.domain", "");
 // Section : IJWY To Shut Up   
 // I Just Want You To Shut Up : Closing all non necessary communication to mozilla.org etc.
 // >>>>>>>>>>>>>>>>>>>>>
-// Pref : [FENNEC] Block unwanted connections
+// Pref : Block unwanted connections
+// [FENNEC]
 user_pref("app.feedback.baseURL", "");
 user_pref("app.feedbackURL", "");
+user_pref("app.channelURL", "");
+user_pref("app.creditsURL", "");
+user_pref("app.faqURL", "");
+user_pref("app.privacyURL", "");
+user_pref("app.releaseNotesURL", "");
+user_pref("app.support.baseURL", "");
+user_pref("app.supportURL", "");
 // Pref : 
 user_pref("urlclassifier.passwordAllowTable", ""); // [DEFAULT: goog-passwordwhite-proto]
 // Pref : 
-user_pref("app.support.baseURL", ""); // [DEFAULT: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/]
-// Pref : 
 user_pref("extensions.getAddons.compatOverides.url", ""); // [DEFAULT: https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=%LOCALE%]
 // Pref : 
 user_pref("extensions.getAddons.get.url", ""); // [DEFAULT: https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE%]
@@ -118,7 +141,8 @@ user_pref("urlclassifier.phishTable", ""); // [DEFAULT: goog-phish-proto,test-ph
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Miscellaneous
 // >>>>>>>>>>>>>>>>>>>>>>
-// Pref : [FENNEC] Test user.js in about:config
+// Pref : Test user.js in about:config
+// [FENNEC]
 user_pref("user.js.applied", true);
 // Pref : Disable Web Compatibility Reporter
 // Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla
@@ -135,8 +159,6 @@ user_pref("layout.accessiblecaret.hapticfeedback", false); // [DEFAULT: true]
 // Pref :
 user_pref("dom.registerProtocolHandler.insecure.enabled", true);
 // Pref : Block list url disabled
-// gHacks tune this to minimize privacy issue.. its complitely disabled here
-// Disabled complitely
 user_pref("extensions.blocklist.url", "");
 user_pref("extensions.blocklist.detailsURL", "");
 user_pref("extensions.blocklist.itemURL", "");
@@ -146,7 +168,8 @@ user_pref("extensions.getAddons.browseAddons", "");
 user_pref("identity.fxaccounts.auth.uri", "");
 user_pref("identity.fxaccounts.remote.oauth.uri", "");
 user_pref("identity.fxaccounts.remote.profile.uri", "");
-// [FENNEC][BUG] If empty "Settings" faded
+// If empty "Settings" faded
+// [FENNEC][BUG]
 user_pref("identity.fxaccounts.remote.webchannel.uri", "https://0.0.0.0");
 // Pref : Disable sync
 user_pref("services.sync.enabled", false);
@@ -154,7 +177,8 @@ user_pref("browser.startup.homepage_override.mstone", "ignore");
 user_pref("webextensions.storage.sync.enabled", false);
 user_pref("webextensions.storage.sync.serverURL", "");
 user_pref("privacy.item.syncAccount", false);
-// Pref : [FENNEC] Disable snippets
+// Pref : Disable snippets
+// [FENNEC]
 user_pref("browser.snippets.enabled", false);
 user_pref("browser.snippets.firstrunHomepage.enabled", false);
 user_pref("browser.snippets.statsUrl", "");
@@ -172,11 +196,9 @@ user_pref("network.IDN_show_punycode", true);
 // Pref : Disable prefetching of <link rel="next"> URLs
 // http://kb.mozillazine.org/Network.prefetch-next
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F
-// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, 
-// so the browser downloads them immediately so they can be displayed immediately when the user requests it.
+// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user requests it.
 user_pref("network.prefetch-next", false);
 // Pref : Disable speculative pre-connections
-// Disable prefetch link on hover.
 // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections
 // https://bugzilla.mozilla.org/show_bug.cgi?id=814169
 user_pref("network.http.speculative-parallel-limit", 0);
@@ -204,29 +226,10 @@ user_pref("gfx.font_rendering.opentype_svg.enabled", false);
 // Pref : Ensure you have a security delay when installing add-ons (milliseconds)
 // http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
 // http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
-user_pref("security.dialog_enable_delay", 700);
-// Default Value
-// 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E
-user_pref("services.blocklist.addons.signer", "");
-// Default Value
-// remote-settings.content-signature.mozilla.org
-// Pref : 
-user_pref("services.blocklist.gfx.signer", "");
-// Default Value
-// remote-settings.content-signature.mozilla.org
-// Pref : 
-user_pref("services.blocklist.onecrl.signer", "");
-// Default Value
-// onecrl.content-signature.mozilla.org
-// Pref : 
-user_pref("services.blocklist.pinning.signer", "");
-// Default Value
-// pinning-preload.content-signature.mozilla.org
-// Pref : 
-user_pref("services.blocklist.plugins.signer", "");
-// Pref : Debugging settings
-user_pref("devtools.debugger.remote-enabled", false);
+user_pref("security.dialog_enable_delay", 700); // [DEFAULT: 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E]
 // Pref : Disable remote debugging
+user_pref("devtools.debugger.remote-enabled", false);
+// Pref : Force local debugging
 // https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop
 // https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings
 user_pref("devtools.debugger.force-local", true);
@@ -268,14 +271,12 @@ user_pref("browser.download.useDownloadDir", false);
 // Pref : Disable adding downloads to the system's "recent documents" list
 user_pref("browser.download.manager.addToRecentDocs", false);
 // Pref : Disable "open with" in download dialog
-// This is very useful to enable when the browser is sandboxed (e.g. via AppArmor)
-// in such a way that it is forbidden to run external applications.
+// This is very useful to enable when the browser is sandboxed (e.g. via AppArmor) in such a way that it is forbidden to run external applications.
 // [NOTE] This may interfere with some users' workflow or methods
 // https://bugzilla.mozilla.org/1281959
 user_pref("browser.download.forbid_open_with", true);
 // Pref : Lock down allowed extension directories
-// [SETUP-CHROME] This will break extensions, language packs, themes and any other XPI files which are
-// installed outside of profile directories
+// This will break extensions, language packs, themes and any other XPI files which are installed outside of profile directories
 // https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
 // archived: https://archive.is/DYjAM
 user_pref("extensions.enabledScopes", 1); // [DEFAULT: 1]
@@ -290,6 +291,10 @@ user_pref("security.csp.enable", true); // [DEFAULT: true]
 // https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
 // https://www.fxsitecompat.com/en-CA/docs/2017/data-url-navigations-on-top-level-window-will-be-blocked/
 user_pref("security.data_uri.block_toplevel_data_uri_navigations", true); // [DEFAULT: true]
+// Pref : Block web content in file processes
+// You may want to disable this for corporate or developer environments
+// https://bugzilla.mozilla.org/1343184
+// user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false); // [DEFAULT: true]
 //
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Web Workers
@@ -438,7 +443,7 @@ user_pref("browser.sessionhistory.max_entries", 10);
 // https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector
 user_pref("layout.css.visited_links_enabled", false);
 // Pref : Disable search bar LIVE search suggestions
-user_pref("browser.search.suggest.enabled", false);
+user_pref("browser.search.suggest.enabled", false); // [DEFAULT: true]
 // Pref : Disable search and form history
 // [NOTE] You can clear formdata on exiting Firefox
 user_pref("browser.formfill.enable", false);
@@ -479,10 +484,6 @@ user_pref("network.prefetch-next", false);
 // http://kb.mozillazine.org/Network.dns.disablePrefetch
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching
 user_pref("network.dns.disablePrefetch", true);
-// Pref : Disable Seer/Necko
-// https://developer.mozilla.org/docs/Mozilla/Projects/Necko 
-user_pref("network.predictor.enabled", false);
-user_pref("network.predictor.cleaned-up", true);
 // Pref : Disable speculative pre-connections
 // Disable prefetch link on hover.
 // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections
@@ -496,6 +497,8 @@ user_pref("browser.send_pings", false);
 user_pref("browser.send_pings.require_same_host", true);
 // Pref : Disable predictor / prefetching
 // Network predicator load pages before they are opened with mose hover for example
+user_pref("network.predictor.enabled", false);
+user_pref("network.predictor.cleaned-up", true);
 user_pref("network.predictor.enable-prefetch", false);
 //
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
@@ -795,16 +798,17 @@ user_pref("alerts.showFavicons", false);
 // >>>>>>>>>>>>>>>>>>>>
 // Pref : Disable location
 user_pref("geo.enabled", false);
-user_pref("geo.wifi.xhr.timeout", 0);
+user_pref("geo.wifi.xhr.timeout", -1);
 // Pref : Disable GeoIP lookup on your address to set default search engine region
 // https://trac.torproject.org/projects/tor/ticket/16254
 // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
 user_pref("browser.search.region", "US");
 user_pref("browser.search.geoip.url", "");
-user_pref("browser.search.geoip.timeout", 0);
+user_pref("browser.search.geoip.timeout", -1);
 user_pref("browser.search.geoSpecificDefaults.url", "");
 user_pref("browser.snippets.geoUrl", "");
-// Pref : [FENNEC] Set Browser locale
+// Pref : Set Browser locale
+// [FENNEC]
 user_pref("intl.locale.os", "en-US");
 // Pref : Set OS & APP locale
 // If set to empty, the OS locales are used. If not set at all, default locale is used
@@ -881,6 +885,8 @@ user_pref("media.eme.enabled", false);
 // Pref : Disable the OpenH264 Video Codec by Cisco to "Never Activate".
 // This is the bundled codec used for video chat in WebRTC.
 user_pref("media.gmp-gmpopenh264.enabled", false);
+// Pref : Disable widevine CDM (Content Decryption Module)
+user_pref("media.mediadrm-widevinecdm.visible", false); // [DEFAULT: true]
 //
 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
 // Section : Blocklists / Safe Browsing / Tracking Protection
@@ -888,7 +894,6 @@ user_pref("media.gmp-gmpopenh264.enabled", false);
 // This section has security & tracking protection implications vs privacy concerns vs effectiveness vs 3rd party 'censorship'. If you disable Tracking Protection (TP) and/or Safe Browsing (SB), REQUIRES YOU HAVE uBLOCK ORIGIN INSTALLED.
 // Pref : Enable add-on and certificate blocklists (OneCRL) from Mozilla
 // Updated at interval defined in extensions.blocklist.interval
-user_pref("app.update.lastUpdateTime-blocklist-background-update-timer", 0);
 user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 0);
 user_pref("extensions.blocklist.enabled", false);
 user_pref("extensions.blocklist.interval", 0);
@@ -896,8 +901,10 @@ user_pref("extensions.blocklist.level", 0);
 user_pref("extensions.blocklist.pingCountTotal", 0);
 user_pref("extensions.blocklist.pingCountVersion", 0);
 user_pref("extensions.blocklist.url", "");
-user_pref("services.blocklist.addons.signer", "");
+user_pref("services.blocklist.addons.signer", ""); // [DEFAULT: remote-settings.content-signature.mozilla.org]
 user_pref("services.blocklist.bucket", "");
+user_pref("services.blocklist.plugins.signer", "");
+user_pref("services.blocklist.pinning.signer", ""); // [DEFAULT: pinning-preload.content-signature.mozilla.org]
 user_pref("services.blocklist.pinning.bucket", "");
 user_pref("services.blocklist.pinning.checked", 0);
 user_pref("services.blocklist.pinning.collection", "");
@@ -907,10 +914,12 @@ user_pref("services.blocklist.plugins.collection", "");
 // Pref : Disable individual unwanted/unneeded parts of the Kinto blocklists
 // What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications
 // As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes
+user_pref("services.blocklist.onecrl.signer", ""); // [DEFAULT: onecrl.content-signature.mozilla.org]
 user_pref("services.blocklist.onecrl.checked", 0);
 user_pref("services.blocklist.onecrl.collection", "");
 user_pref("services.blocklist.addons.checked", 0);
 user_pref("services.blocklist.addons.collection", "");
+user_pref("services.blocklist.gfx.signer", ""); // [DEFAULT: remote-settings.content-signature.mozilla.org]
 user_pref("services.blocklist.gfx.checked", 0);
 user_pref("services.blocklist.gfx.collection", "");
 // Pref : Disable Google Safe Browsing (Block dangerous and deceptive contents)
@@ -924,7 +933,7 @@ user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", fa
 user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
 user_pref("browser.safebrowsing.downloads.remote.enabled", false);
 user_pref("browser.safebrowsing.downloads.remote.url", "");
-user_pref("browser.safebrowsing.downloads.remote.timeout_ms", 0);
+user_pref("browser.safebrowsing.downloads.remote.timeout_ms", -1);
 user_pref("browser.safebrowsing.id", "");
 user_pref("browser.safebrowsing.malware.enabled", false);
 user_pref("browser.safebrowsing.passwords.enabled", false);
@@ -1015,6 +1024,9 @@ user_pref("browser.cache.offline.capacity", 0);
 // Pref : Disable offline cache on insecure sites
 // https://blog.mozilla.org/security/2018/02/12/restricting-appcache-secure-contexts/ 
 user_pref("browser.cache.offline.insecure.enable", false);
+// Pref: Display a notification bar when websites offer data for offline use
+// http://kb.mozillazine.org/Browser.offline-apps.notify
+user_pref("browser.offline-apps.notify", true); // [DEFAULT: true]
 // Pref : Enforce websites to ask to store data for offline use
 // https://support.mozilla.org/questions/1098540
 // https://bugzilla.mozilla.org/959985
@@ -1098,6 +1110,7 @@ user_pref("dom.enable_performance_navigation_timing", false); // [DEFAULT: true]
 // https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/
 // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751
 user_pref("device.sensors.enabled", false); // [DEFAULT: true]
+user_pref("device.sensors.ambientLight.enabled", false); // [DEFAULT: false]
 // Pref : Disable gamepad API - USB device ID enumeration
 // Optional protection depending on your connected devices
 // https://trac.torproject.org/projects/tor/ticket/13023
@@ -1163,3 +1176,17 @@ user_pref("dom.webaudio.enabled", false); // [DEFAULT: true]
 // https://github.com/WICG/media-capabilities
 // https://wicg.github.io/media-capabilities/#security-privacy-considerations
 // user_pref("media.media-capabilities.enabled", false); // [DEFAULT: true]
+//
+// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
+// Section : Personal
+// >>>>>>>>>>>>>>>>>>>>
+// Pref : Enable "Always enable zoom" feature by default
+// Just for a better experience
+// [FENNEC]
+user_pref("browser.ui.zoom.force-user-scalable", true); // [DEFAULT: false]
+// Pref : Disable location bar autocomplete and suggestion types
+// https://bugzilla.mozilla.org/1502392
+// http://kb.mozillazine.org/Disabling_autocomplete_-_Firefox#Firefox_3.5
+user_pref("browser.urlbar.autocomplete.enabled", false); // [DEFAULT: true]
+//
+//