Update 'config/mozilla.cfg'
✅ Enforced no system colors (they can be fingerprinted) ⛔️ Disabled Firefox to autoupdate without user consent ⛔️ Disabled Default Browser Agent | FF75 | [WINDOWS] ⛔️ Disabled Crash Report for Reporting API | FF75 ⛔️ Disabled lockwise app callout to the ETP card | FF75 ⛔️ Disabled Remote Settings | FF75 ⛔️ Disabled permissions delegation | FF73 ⛔️ Disabled geo -country.network.scan and -country.network.url ⛔️ Disabled purge site data after identifying tracking site via cookies feature (relax this with privacy.clearOnShutdown.* enabled) ⛔️ Disabled caching content of the homepage (not needed when set to about:blank) | FF75 ⛔️ Disabled few more browser.newtabpage.activity-stream.* prefs | FF75 ⛔️ Disabled JSWindowActors to separate about:welcome page ℹ️ Fixed a typo that didn't allow the correct deactivation of extensions.getAddons.cache.enabled pref ℹ️ Added some links and descriptions ℹ️ Moved some preferences from FF74+ into deprecated section (keeping them active for ESR68.x.x)
This commit is contained in:
quindecim
parent
c758eb5392
commit
7b480248d9
|
|
@ -43,7 +43,7 @@ lockPref("browser.startup.page", 0); // [DESKTOP]
|
|||
lockPref("browser.newtabpage.enabled", false); // [DESKTOP]
|
||||
lockPref("browser.newtab.url", "about:blank"); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Extension Recommendations (CFR: "Contextual Feature Recommender"
|
||||
// Pref : Disable Extension Recommendations (CFR: "Contextual Feature Recommender")
|
||||
// https://support.mozilla.org/en-US/kb/extension-recommendations
|
||||
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); // [DESKTOP]
|
||||
|
|
@ -57,8 +57,9 @@ lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
|
|||
lockPref("browser.newtabpage.activity-stream.pocketCta", ""); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.sectionOrder", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Set Homepage
|
||||
// Pref : Set Homepage and disable caching content
|
||||
lockPref("browser.startup.homepage", "about:blank"); // [DESKTOP]
|
||||
lockPref("browser.startup.homepage.abouthome_cache.enabled", false); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Activity Stream Snippets
|
||||
// Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server
|
||||
|
|
@ -100,6 +101,12 @@ lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks
|
|||
lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.personalization.modelKeys", ""); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.isCollectionDismissible", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-basic-layout", false); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-layout-config", ""); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-spocs-config", ""); // [DESKTOP]
|
||||
lockPref("browser.newtabpage.activity-stream.discoverystream.region-stories-config", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable new tab tile ads & preload
|
||||
// https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping
|
||||
|
|
@ -113,13 +120,20 @@ lockPref("browser.newtabpage.activity-stream.asrouter.messageProviders", ""); //
|
|||
// Value taken from Tor Browser
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=583181
|
||||
lockPref("browser.startup.homepage_override.mstone", "ignore");
|
||||
// -------------------------------------
|
||||
// Pref : Disable separate about:welcome page and log level to console
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1617783
|
||||
lockPref("browser.aboutwelcome.enabled", false); // [DESKTOP]
|
||||
lockPref("browser.aboutwelcome.log", ""); // [DESKTOP]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Quiet Fox
|
||||
// >>>>>>>>>>>>>>>>>>>>>
|
||||
// Pref : Disable app from auto-update
|
||||
// lockPref("app.update.auto", false); // [DESKTOP]
|
||||
// lockPref("app.update.autodownload", "never"); // [TEST] // [FENNEC]
|
||||
// true=application updates are installed without user approval.
|
||||
// false=application updates are downloaded but the user can choose when to install the update.
|
||||
lockPref("app.update.auto", false); // [DESKTOP]
|
||||
// lockPref("app.update.autodownload", "never"); // [FENNEC]
|
||||
// lockPref("app.update.channel", "");
|
||||
lockPref("app.update.url", "https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/en-US/%CHANNEL%/%OS_VERSION%/%SYSTEM_CAPABILITIES%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml"); // [URL SANITIZED] // [DESKTOP]
|
||||
lockPref("app.update.url.details", "https://www.mozilla.org/en-US/firefox/notes"); // [URL SANITIZED] // [DESKTOP]
|
||||
|
|
@ -354,6 +368,10 @@ lockPref("browser.tabs.crashReporting.sendReport", false); // [DESKTOP]
|
|||
lockPref("browser.crashReports.unsubmittedCheck.enabled", false); // [DESKTOP]
|
||||
lockPref("toolkit.crashreporter.infoURL", ""); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Crash Report for Reporting API
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1607364
|
||||
lockPref("dom.reporting.crash.enabled", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable automatic captive portal detection
|
||||
// https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
|
||||
// https://wiki.mozilla.org/Necko/CaptivePortal
|
||||
|
|
@ -418,7 +436,6 @@ lockPref("browser.contentblocking.report.cryptominer.url", ""); // [DESKTOP]
|
|||
lockPref("browser.contentblocking.report.fingerprinter.url", ""); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.lockwise.enabled", false); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.lockwise.how_it_works.url", ""); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.lockwise.url", ""); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.manage_devices.url", ""); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.monitor.enabled", false); // [DESKTOP]
|
||||
lockPref("browser.contentblocking.report.monitor.how_it_works.url", ""); // [DESKTOP]
|
||||
|
|
@ -431,6 +448,15 @@ lockPref("browser.contentblocking.report.tracker.url", ""); // [DESKTOP]
|
|||
lockPref("browser.contentblocking.allowlist.annotations.enabled", false); // [FENNEC]
|
||||
lockPref("browser.contentblocking.allowlist.storage.enabled", false); // [FENNEC]
|
||||
// -------------------------------------
|
||||
// Pref : Disable lockwise app callout to the ETP card
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1612091
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1612088
|
||||
lockPref("browser.contentblocking.report.show_mobile_app", false);
|
||||
lockPref("browser.contentblocking.report.lockwise.mobile-android.url", "");
|
||||
lockPref("browser.contentblocking.report.lockwise.mobile-ios.url", "");
|
||||
lockPref("browser.contentblocking.report.mobile-android.url", "");
|
||||
lockPref("browser.contentblocking.report.mobile-ios.url", "");
|
||||
// -------------------------------------
|
||||
// Pref : Disable send content blocking log to about:protections
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1549832
|
||||
lockPref("browser.contentblocking.database.enabled", false);
|
||||
|
|
@ -521,6 +547,22 @@ lockPref("network.tickle-wifi.enabled", false);
|
|||
// Pref : Disable Corroborate.jsm telemetry
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1608308
|
||||
lockPref("corroborator.enabled", false); // [DESKTOP]
|
||||
// -------------------------------------
|
||||
// Pref : Disable Remote Settings
|
||||
// https://github.com/mozilla-services/remote-settings-lambdas
|
||||
// https://remote-settings.readthedocs.io/en/latest/
|
||||
lockPref("security.remote_settings.intermediates.enabled", false);
|
||||
lockPref("security.remote_settings.intermediates.bucket", "");
|
||||
lockPref("security.remote_settings.intermediates.collection", "");
|
||||
lockPref("security.remote_settings.intermediates.signer", "");
|
||||
lockPref("security.remote_settings.crlite_filters.enabled", false);
|
||||
lockPref("security.remote_settings.crlite_filters.bucket", "");
|
||||
lockPref("security.remote_settings.crlite_filters.collection", "");
|
||||
lockPref("security.remote_settings.crlite_filters.signer", "");
|
||||
// -------------------------------------
|
||||
// Pref : Disable Default Browser Agent
|
||||
// https://firefox-source-docs.mozilla.org/main/latest/toolkit/mozapps/defaultagent/default-browser-agent/index.html
|
||||
lockPref("default-browser-agent.enabled", false); // [WINDOWS] // [DESKTOP]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : IJWY To Shut Up
|
||||
|
|
@ -908,6 +950,22 @@ lockPref("permissions.manager.defaultsUrl", ""); // [DESKTOP]
|
|||
// Pref : Enable FF Process Priority Manager
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1548364
|
||||
lockPref("dom.ipc.processPriorityManager.enabled", true); // [DESKTOP] // [TEST]
|
||||
// -------------------------------------
|
||||
// Pref : Enforce no system colors
|
||||
// [NOTE] They can be fingerprinted
|
||||
lockPref("browser.display.use_system_colors", false); // [DEFAULT: false]
|
||||
// -------------------------------------
|
||||
// Pref : Disable purge site data after identifying tracking site via cookies
|
||||
// [NOTE] Relax this with 'privacy.clearOnShutdown.*' enabled
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1599262
|
||||
// https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/
|
||||
lockPref("privacy.purge_trackers.enabled", false);
|
||||
lockPref("privacy.purge_trackers.logging.enabled", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable permissions delegation
|
||||
// Currently applies to cross-origin geolocation, camera, mic and screen-sharing permissions, and fullscreen requests. Disabling delegation means any prompts for these will show/use their correct 3rd party origin
|
||||
// https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
|
||||
lockPref("permissions.delegation.enabled", false);
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Web Workers
|
||||
|
|
@ -982,7 +1040,7 @@ lockPref("dom.vibrator.enabled", false);
|
|||
lockPref("javascript.options.asmjs", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable Ion, baseline JIT and RegExp to help harden JS against exploits
|
||||
// If false, causes the odd site issue and there is also a performance loss
|
||||
// [WARNING] Disabling Ion/JIT can cause some site issues and performance loss
|
||||
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
|
||||
// https://trac.torproject.org/projects/tor/ticket/26019
|
||||
// lockPref("javascript.options.ion", false); // [DESKTOP - BUG] Navigation issues
|
||||
|
|
@ -1093,7 +1151,7 @@ lockPref("gfx.offscreencanvas.enabled", false); // [DEFAULT: false]
|
|||
// 0=Allow all, 1=Block non-muted media, 5=Block all
|
||||
// [NOTE] You can set exceptions under site permissions
|
||||
lockPref("media.autoplay.default", 5);
|
||||
lockPref("media.autoplay.allow-muted", false);
|
||||
lockPref("media.autoplay.allow-muted", false); // [FENNEC]
|
||||
lockPref("media.autoplay.block-event.enabled", true); // [DEFAULT: false]
|
||||
lockPref("media.autoplay.block-webaudio", true); // [DEFAULT: false]
|
||||
// -------------------------------------
|
||||
|
|
@ -1391,7 +1449,14 @@ lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // [DESKTOP]
|
|||
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||
lockPref("security.ssl.require_safe_negotiation", true);
|
||||
// -------------------------------------
|
||||
// Pref : Disable deprecated TLS versions
|
||||
// Pref : Control TLS versions with min and max
|
||||
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
|
||||
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
|
||||
// https://www.ssllabs.com/ssl-pulse/
|
||||
// lockPref("security.tls.version.min", 3);
|
||||
// lockPref("security.tls.version.max", 4);
|
||||
// -------------------------------------
|
||||
// Pref : Enforce TLS 1.0 and 1.1 downgrades as session only
|
||||
lockPref("security.tls.version.enable-deprecated", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable SSL Error Reporting
|
||||
|
|
@ -1756,7 +1821,7 @@ lockPref("browser.sessionstore.max_tabs_undo", 0);
|
|||
lockPref("browser.sessionstore.privacy_level", 2);
|
||||
// -------------------------------------
|
||||
// Pref : Disable resuming session from crash
|
||||
// lockPref("browser.sessionstore.resume_from_crash", false);
|
||||
lockPref("browser.sessionstore.resume_from_crash", false);
|
||||
// -------------------------------------
|
||||
// Pref : Set the minimum interval between session save operations
|
||||
// Increasing this can help on older machines and some websites, as well as reducing writes. Default is 15000 (15 secs). Try 30000 (30 secs), 60000 (1 min) etc.
|
||||
|
|
@ -1806,7 +1871,6 @@ lockPref("geo.enabled", false);
|
|||
// https://trac.torproject.org/projects/tor/ticket/16254
|
||||
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine
|
||||
lockPref("browser.search.region", "US");
|
||||
lockPref("browser.search.geoip.url", "");
|
||||
lockPref("browser.search.geoSpecificDefaults.url", "");
|
||||
lockPref("browser.snippets.geoUrl", "");
|
||||
// -------------------------------------
|
||||
|
|
@ -1822,8 +1886,8 @@ lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] // [DESKTOP]
|
|||
lockPref("geo.provider.use_corelocation", false); // [MAC] // [DESKTOP]
|
||||
lockPref("geo.provider.use_gpsd", false); // [LINUX] // [DESKTOP]
|
||||
lockPref("geo.provider.network.url", "");
|
||||
lockPref("geo.provider-country.network.scan", false); // [FENIX]
|
||||
lockPref("geo.provider-country.network.url", ""); // [FENIX]
|
||||
lockPref("geo.provider-country.network.scan", false);
|
||||
lockPref("geo.provider-country.network.url", "");
|
||||
// -------------------------------------
|
||||
// Pref : Disable logging geolocation to the console
|
||||
lockPref("geo.provider.network.logging.enabled", false); // [HIDDEN PREF] // [DESKTOP]
|
||||
|
|
@ -1999,7 +2063,7 @@ lockPref("extensions.blocklist.url", ""); // [URL SANITIZED: https://blocklists.
|
|||
// -------------------------------------
|
||||
// Pref : Opt-out of add-on metadata updates
|
||||
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
|
||||
lockPref("extensions.getAddons.cache.enabled", false)
|
||||
lockPref("extensions.getAddons.cache.enabled", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable Google Safe Browsing (Block dangerous and deceptive contents)
|
||||
lockPref("browser.safebrowsing.enabled", false); // [DESKTOP]
|
||||
|
|
@ -2417,7 +2481,6 @@ lockPref("dom.vr.enabled", false); // [DEFAULT: true]
|
|||
lockPref("dom.vr.autoactivate.enabled", false);
|
||||
lockPref("dom.vr.oculus.enabled", false);
|
||||
lockPref("dom.vr.oculus.invisible.enabled", false);
|
||||
lockPref("dom.vr.openvr.action_input", false);
|
||||
lockPref("dom.vr.openvr.enabled", false);
|
||||
lockPref("dom.vr.osvr.enabled", false);
|
||||
lockPref("dom.vr.poseprediction.enabled", false);
|
||||
|
|
@ -2519,12 +2582,6 @@ defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // [DESKTOP]
|
|||
// -------------------------------------
|
||||
// Pref : Display long lines in view-source page
|
||||
defaultPref("view_source.wrap_long_lines", true);
|
||||
// -------------------------------------
|
||||
// Pref : Enable one-click select all URL bar
|
||||
defaultPref("browser.urlbar.clickSelectsAll", true);
|
||||
// -------------------------------------
|
||||
// Pref : Enable double click selects a string segment in URL bar
|
||||
defaultPref("browser.urlbar.doubleClickSelectsAll", false); // [DESKTOP]
|
||||
//
|
||||
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
||||
// Section : Deprecated / Removed / Legacy / Renamed
|
||||
|
|
@ -2573,7 +2630,7 @@ lockPref("plugins.click_to_play", true);
|
|||
// Pref : Disable autoplay of HTML5 media
|
||||
// https://bugzilla.mozilla.org/1562331
|
||||
// https://hg.mozilla.org/mozilla-central/rev/3780202d7104
|
||||
lockPref("media.autoplay.allow-muted", false);
|
||||
lockPref("media.autoplay.allow-muted", false); // [FENNEC]
|
||||
// -------------------------------------
|
||||
// FF70+
|
||||
// -------------------------------------
|
||||
|
|
@ -2761,12 +2818,32 @@ lockPref("geo.wifi.logging.enabled", false); // [HIDDEN PREF]
|
|||
// https://hg.mozilla.org/mozilla-central/rev/4a6071f143a5
|
||||
defaultPref("privacy.userContext.longPressBehavior", 2);
|
||||
// -------------------------------------
|
||||
// Pref : Control TLS versions with min and max
|
||||
// 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
|
||||
// [WARNING] Leave these at default, otherwise you alter your TLS fingerprint.
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1606734
|
||||
// lockPref("security.tls.version.min", 3);
|
||||
// lockPref("security.tls.version.max", 4);
|
||||
// -------------------------------------
|
||||
// FF75+
|
||||
// -------------------------------------
|
||||
// Pref : Disable contentblocking reports
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1612088
|
||||
// https://hg.mozilla.org/mozilla-central/rev/b582c518daeb
|
||||
lockPref("browser.contentblocking.report.lockwise.url", "");
|
||||
// -------------------------------------
|
||||
// Pref : Disable GeoIP lookup on your address to set default search engine region
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1589618
|
||||
// https://hg.mozilla.org/mozilla-central/rev/eeda4bdcd130
|
||||
lockPref("browser.search.geoip.url", "");
|
||||
// -------------------------------------
|
||||
// Pref : Enable one-click select all URL bar
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=333714
|
||||
// https://hg.mozilla.org/mozilla-central/rev/9d574c79405d
|
||||
defaultPref("browser.urlbar.clickSelectsAll", true);
|
||||
// -------------------------------------
|
||||
// Pref : Enable double click selects a string segment in URL bar
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=333714
|
||||
// https://hg.mozilla.org/mozilla-central/rev/9d574c79405d
|
||||
defaultPref("browser.urlbar.doubleClickSelectsAll", false);
|
||||
// -------------------------------------
|
||||
// Pref : Disable virtual reality devices APIs
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=1602102
|
||||
// https://hg.mozilla.org/mozilla-central/rev/bb85b121d2ac
|
||||
lockPref("dom.vr.openvr.action_input", false);
|
||||
// -------------------------------------
|
||||
// FF76+
|
||||
// -------------------------------------
|
||||
Reference in New Issue