Update 'config/mozilla.cfg'
✅ Sanitized almost all URLs for requests to Mozilla servers from LOCALE ✅ Synced all the buildIDs with Tor's ones ⛔️ Removed all the warnings on quit and from accessing about:config page ⛔️ Disabled more unwanted connections ⛔️ Disabled vendor useragent info leakage to Mozilla ⛔️ Disabled entering in safe mode ⛔️ Disabled completely PingCentre telemetry (used in several System Add-ons) ℹ️ Moved some preferences from FF69+ into deprecated section (keeping them active for ESR60.x and ESR68.x) ℹ️ Added new links for better descriptions
This commit is contained in:
parent
439cb92289
commit
0e18822393
|
@ -110,8 +110,8 @@ lockPref("browser.startup.homepage_override.mstone", "ignore");
|
|||
// lockPref("app.update.auto", false); // [DESKTOP]
|
||||
// lockPref("app.update.autodownload", "never"); // [TEST] // [FENNEC]
|
||||
// lockPref("app.update.channel", "");
|
||||
lockPref("app.update.url", "https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] // [DESKTOP]
|
||||
lockPref("app.update.url.details", "https://www.mozilla.org/firefox/notes"); // [URL SANITIZED] // [DESKTOP]
|
||||
lockPref("app.update.url", "https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] // [DESKTOP]
|
||||
lockPref("app.update.url.details", "https://www.mozilla.org/en-US/firefox/notes"); // [URL SANITIZED] // [DESKTOP]
|
||||
// lockPref("app.update.url.manual", ""); // [DESKTOP]
|
||||
// lockPref("app.update.url.android", ""); // [FENNEC]
|
||||
// lockPref("app.update.staging.enabled", false); // [DESKTOP]
|
||||
|
@ -338,14 +338,17 @@ lockPref("browser.discovery.enabled", false); // [DEFAULT: false]
|
|||
// -------------------------------------
|
||||
// Pref : Disable Crash Reports
|
||||
lockPref("breakpad.reportURL", "");
|
||||
lockPref("browser.tabs.crashReporting.email", ""); // [DESKTOP]
|
||||
lockPref("browser.tabs.crashReporting.emailMe", false); // [DESKTOP]
|
||||
lockPref("browser.tabs.crashReporting.includeURL", false); // [DESKTOP]
|
||||
lockPref("browser.tabs.crashReporting.requestEmail", false); // [DESKTOP]
|
||||
lockPref("browser.tabs.crashReporting.sendReport", false); // [DESKTOP]
|
||||
lockPref("browser.crashReports.unsubmittedCheck.enabled", false); // [DESKTOP]
|
||||
lockPref("toolkit.crashreporter.infoURL", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable automatic captive portal detection
|
||||
// https://en.wikipedia.org/wiki/Captive_portal
|
||||
// https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
|
||||
// https://wiki.mozilla.org/Necko/CaptivePortal
|
||||
// https://trac.torproject.org/projects/tor/ticket/21790
|
||||
lockPref("captivedetect.canonicalURL", "");
|
||||
lockPref("network.captive-portal-service.enabled", false);
|
||||
lockPref("network.captive-portal-service.backoffFactor", "");
|
||||
|
@ -407,7 +410,7 @@ lockPref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", false)
|
|||
// -------------------------------------
|
||||
// Pref : Disable send content blocking log to about:protections
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1549832
|
||||
lockPref("browser.contentblocking.database.enabled", false);
|
||||
lockPref("browser.contentblocking.database.enabled", false); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Onboarding tour disable because of included telemetry
|
||||
// [NOTE] This setting is just in case it comeback
|
||||
|
@ -440,6 +443,7 @@ defaultPref("layout.spellcheckDefault", 0); // [DESKTOP]
|
|||
// Pref : Disable Firefox internal page warnings
|
||||
lockPref("network.warnOnAboutNetworking", false);
|
||||
lockPref("general.warnOnAboutConfig", false);
|
||||
lockPref("browser.aboutConfig.showWarning", false); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable recent Highlights in the Library
|
||||
lockPref("browser.library.activity-stream.enabled", false); // [DESKTOP]
|
||||
|
@ -448,6 +452,7 @@ lockPref("browser.library.activity-stream.enabled", false); // [DESKTOP]
|
|||
lockPref("browser.tabs.warnOnClose", false); // [DESKTOP]
|
||||
lockPref("browser.tabs.warnOnCloseOtherTabs", false); // [DESKTOP]
|
||||
lockPref("browser.tabs.warnOnOpen", false); // [DESKTOP]
|
||||
lockPref("browser.warnOnQuit", false); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable warnings by entering full screen mode
|
||||
lockPref("full-screen-api.warning.delay", 0);
|
||||
|
@ -495,6 +500,8 @@ lockPref("dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode", "");
|
|||
lockPref("startup.homepage_welcome_url", ""); // [DESKTOP]
|
||||
lockPref("startup.homepage_welcome_url.additional", ""); // [DESKTOP]
|
||||
lockPref("startup.homepage_override_url", ""); // [DESKTOP]
|
||||
lockPref("browser.search.param.yahoo-fr", ""); // [DESKTOP]
|
||||
lockPref("privacy.restrict3rdpartystorage.partitionedHosts", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Devtools cleanup
|
||||
lockPref("devtools.devices.url", "");
|
||||
|
@ -524,6 +531,12 @@ lockPref("general.useragent.updates.enabled", false); // [FENNEC]
|
|||
lockPref("general.useragent.site_specific_overrides", false); // [DESKTOP]
|
||||
lockPref("general.useragent.updates.url", ""); // [FENNEC]
|
||||
// -------------------------------------
|
||||
// Pref : Decrease vendor useragent info leakage to Mozilla
|
||||
// https://github.com/pyllyukko/user.js/issues/299
|
||||
lockPref("general.useragent.vendor", ""); // [DESKTOP]
|
||||
lockPref("general.useragent.vendorComment", ""); // [DESKTOP]
|
||||
lockPref("general.useragent.vendorSub", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable mailnews
|
||||
lockPref("mailnews.messageid_browser.url", ""); // [DESKTOP]
|
||||
lockPref("mailnews.mx_service_url", ""); // [DESKTOP]
|
||||
|
@ -544,8 +557,16 @@ lockPref("_config.applied", true);
|
|||
lockPref("extensions.update.enabled", true);
|
||||
lockPref("extensions.autoupdate.enabled", true);
|
||||
// -------------------------------------
|
||||
// Pref : Decrease system information leakage to Mozilla extensions update servers
|
||||
lockPref("extensions.update.url", "https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=en-US¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%"); // [URL SANITIZED]
|
||||
lockPref("extensions.update.background.url", "https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=en-US¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%"); // [URL SANITIZED]
|
||||
// -------------------------------------
|
||||
// Pref : Decrease system information leakage to Mozilla addons update servers
|
||||
lockPref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/firefox/search?q=%TERMS%"); // [URL SANITIZED]
|
||||
lockPref("extensions.getAddons.browseAddons", "https://addons.mozilla.org/en-US/firefox/collections/4757633/mob/?page=1&collection_sort=-popularity"); // [URL SANITIZED] // [FENNEC]
|
||||
lockPref("extensions.getAddons.get.url", "https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=en-US"); // [URL SANITIZED]
|
||||
lockPref("extensions.getAddons.link.url", "https://addons.mozilla.org/en-US/firefox/"); // [URL SANITIZED]
|
||||
lockPref("extensions.getAddons.search.browseURL", "https://addons.mozilla.org/en-US/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%"); // [URL SANITIZED]
|
||||
lockPref("extensions.getAddons.compatOverides.url", "https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=en-US"); // [URL SANITIZED]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Web Compatibility Reporter
|
||||
// Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla
|
||||
|
@ -936,10 +957,10 @@ lockPref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: false]
|
|||
// Value taken from Tor Browser
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=583181
|
||||
lockPref("general.buildID.override", "20100101");
|
||||
lockPref("browser.startup.homepage_override.buildID", "20100101");
|
||||
lockPref("media.gmp-manager.buildID", "20190307010101"); // [DESKTOP]
|
||||
lockPref("extensions.lastAppBuildID", "20190307010101");
|
||||
lockPref("browser.sessionstore.upgradeBackup.latestBuildID", "20190307010101"); // [DESKTOP]
|
||||
lockPref("browser.startup.homepage_override.buildID", "20190307050101");
|
||||
lockPref("media.gmp-manager.buildID", "20190307050101"); // [DESKTOP]
|
||||
lockPref("extensions.lastAppBuildID", "20190307050101");
|
||||
lockPref("browser.sessionstore.upgradeBackup.latestBuildID", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable raw TCP socket support (mozTCPSocket)
|
||||
// https://trac.torproject.org/projects/tor/ticket/18863
|
||||
|
@ -1005,17 +1026,16 @@ lockPref("dom.imagecapture.enabled", false); // [DEFAULT: false]
|
|||
lockPref("gfx.offscreencanvas.enabled", false); // [DEFAULT: false]
|
||||
// -------------------------------------
|
||||
// Pref : Disable autoplay of HTML5 media
|
||||
// 0=Allowed, 1=Blocked, 2=Prompt
|
||||
// 0=Allow all, 1=Block non-muted media, 5=Block all
|
||||
// [NOTE] You can set exceptions under site permissions
|
||||
lockPref("media.autoplay.default", 1);
|
||||
lockPref("media.autoplay.allow-muted", false); // [DEFAULT: true]
|
||||
lockPref("media.autoplay.default", 5);
|
||||
lockPref("media.autoplay.block-event.enabled", true); // [DEFAULT: false]
|
||||
lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
|
||||
// -------------------------------------
|
||||
// Pref : Disable autoplay of HTML5 media if you interacted with the site
|
||||
lockPref("media.autoplay.enabled.user-gestures-needed", true); // [DEFAULT: true]
|
||||
// -------------------------------------
|
||||
// Pref : Disable audio autoplay in non-active tabs
|
||||
// Pref : Disable autoplay of HTML5 media in non-active tabs
|
||||
// https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/
|
||||
lockPref("media.block-autoplay-until-in-foreground", true); // [DEFAULT: true]
|
||||
//
|
||||
|
@ -1190,6 +1210,11 @@ lockPref("remote.log.level", ""); // [DESKTOP]
|
|||
// "browser.safebrowsing.allowOverride" prevents selecting "ignore the risk" and visiting a harmful site anyway.
|
||||
lockPref("browser.safebrowsing.allowOverride", false); // [DESKTOP]
|
||||
lockPref("security.certerror.hideAddException", true); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable safe mode
|
||||
// In case of a crash, we don't want to prompt for a safe-mode browser that has extensions disabled.
|
||||
// https://support.mozilla.org/en-US/questions/951221#answer-410562
|
||||
lockPref("toolkit.startup.max_resumed_crashes", -1); // [DESKTOP]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Block Implicit Outbound
|
||||
|
@ -1778,9 +1803,6 @@ lockPref("font.name.monospace.x-western", "Lucida Console"); // [DEFAULT: Courie
|
|||
// defaultPref("gfx.downloadable_fonts.enabled", false);
|
||||
// defaultPref("gfx.downloadable_fonts.fallback_delay", 0);
|
||||
// -------------------------------------
|
||||
// Pref : Disable WOFF2 (Web Open Font Format)
|
||||
defaultPref("gfx.downloadable_fonts.woff2.enabled", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable CSS Font Loading API
|
||||
// [NOTE] Disabling fonts can uglify the web a fair bit.
|
||||
defaultPref("layout.css.font-loading-api.enabled", false);
|
||||
|
@ -1816,12 +1838,6 @@ lockPref("plugin.defaultXpi.state", 0);
|
|||
// Pref : Disable scanning for plugins
|
||||
lockPref("plugin.scan.plid.all", false); // [WINDOWS] // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Enable plugins click-to-play
|
||||
// https://wiki.mozilla.org/Firefox/Click_To_Play
|
||||
// https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/
|
||||
lockPref("plugins.click_to_play", true);
|
||||
lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0);
|
||||
// -------------------------------------
|
||||
// Pref : Disable all GMP (Gecko Media Plugins)
|
||||
lockPref("media.gmp-provider.enabled", false);
|
||||
lockPref("media.gmp-manager.certs.1.issuerName", "");
|
||||
|
@ -2026,6 +2042,8 @@ lockPref("privacy.trackingprotection.socialtracking.enabled", false);
|
|||
// Pref : Disable PingCentre telemetry (used in several System Add-ons)
|
||||
// Currently blocked by 'datareporting.healthreport.uploadEnabled'
|
||||
lockPref("browser.ping-centre.telemetry", false); // [DESKTOP]
|
||||
lockPref("browser.ping-centre.production.endpoint", ""); // [DESKTOP]
|
||||
lockPref("browser.ping-centre.staging.endpoint", ""); // [DESKTOP]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : System add-ons / Experiments
|
||||
|
@ -2037,7 +2055,7 @@ lockPref("browser.ping-centre.telemetry", false); // [DESKTOP]
|
|||
// https://dxr.mozilla.org/mozilla-central/source/toolkit/mozapps/extensions/AddonManager.jsm#1248-1257
|
||||
// [NOTE] Disabling system add-on updates prevents Mozilla from "hotfixing" your browser to patch critical problems (one possible use case from the documentation)
|
||||
// lockPref("extensions.systemAddon.update.enabled", false); // [DESKTOP]
|
||||
lockPref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED]
|
||||
lockPref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Normandy/Shield
|
||||
// Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
|
||||
|
@ -2070,6 +2088,8 @@ lockPref("extensions.formautofill.heuristics.enabled", false); // [DESKTOP]
|
|||
// defaultPref("network.cookie.lifetimePolicy", 2);
|
||||
// -------------------------------------
|
||||
// Pref : Disable 3rd-party cookies and site-data
|
||||
// 0=(Allow) cookies and site data, 1=(Block) All third-party cookies, 2=(Block) All cookies, 3=(Block) Cookies from unvisited sites, 4=(Block) Third-party trackers
|
||||
// [NOTE] Value 4 is tied to the Tracking Protection lists
|
||||
// [NOTE] Can breaks payment gateways
|
||||
defaultPref("network.cookie.cookieBehavior", 1);
|
||||
// -------------------------------------
|
||||
|
@ -2447,8 +2467,8 @@ defaultPref("browser.urlbar.doubleClickSelectsAll", false); // [DESKTOP]
|
|||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Deprecated / Removed / Legacy / Renamed
|
||||
// ESR60.x still uses all the following prefs
|
||||
// >>>>>>>>>>>>>>>>>>>>
|
||||
// ESR60.x still uses all the following prefs
|
||||
// -------------------------------------
|
||||
// FF52+
|
||||
// -------------------------------------
|
||||
|
@ -2630,7 +2650,7 @@ lockPref("media.autoplay.enabled", false);
|
|||
// Pref: Enable "Ctrl+Tab cycles through tabs in recently used order"
|
||||
// Rreplaced by "browser.ctrlTab.recentlyUsedOrder"
|
||||
// https://bugzilla.mozilla.org/1473595
|
||||
defaultpref("browser.ctrlTab.previews", true);
|
||||
defaultPref("browser.ctrlTab.previews", true);
|
||||
// -------------------------------------
|
||||
// Pref : Disable In-Browser Feed Handling
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1477670
|
||||
|
@ -2730,6 +2750,8 @@ lockPref("lightweightThemes.update.enabled", false);
|
|||
// https://bugzilla.mozilla.org/1386214
|
||||
defaultPref("security.csp.experimentalEnabled", true);
|
||||
// -------------------------------------
|
||||
// ESR68.x still uses all the following prefs
|
||||
// -------------------------------------
|
||||
// FF69+
|
||||
// -------------------------------------
|
||||
// Pref : Disable app from auto-update
|
||||
|
@ -2759,5 +2781,20 @@ lockPref("security.identitypopup.recordEventElemetry", false);
|
|||
// https://hg.mozilla.org/mozilla-central/rev/68aacb4ba7f9
|
||||
lockPref("services.sync.prefs.sync.browser.sessionstore.restore_on_demand", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable WOFF2 (Web Open Font Format)
|
||||
// https://bugzilla.mozilla.org/1556991
|
||||
// https://hg.mozilla.org/mozilla-central/rev/69d1b01b2847
|
||||
lockPref("gfx.downloadable_fonts.woff2.enabled", false);
|
||||
// -------------------------------------
|
||||
// Pref : Enable plugins click-to-play
|
||||
// https://bugzilla.mozilla.org/1519434
|
||||
// https://hg.mozilla.org/mozilla-central/rev/38fc0d299eb0
|
||||
lockPref("plugins.click_to_play", true);
|
||||
// -------------------------------------
|
||||
// Pref : Disable autoplay of HTML5 media
|
||||
// https://bugzilla.mozilla.org/1562331
|
||||
// https://hg.mozilla.org/mozilla-central/rev/3780202d7104
|
||||
lockPref("media.autoplay.allow-muted", false);
|
||||
// -------------------------------------
|
||||
// FF70+
|
||||
// -------------------------------------
|
Reference in New Issue