diff --git a/config/mozilla.cfg b/config/mozilla.cfg index ccf72b0..cf5938b 100644 --- a/config/mozilla.cfg +++ b/config/mozilla.cfg @@ -2,10 +2,12 @@ /********************************************************************************** * mozilla.cfg | Firefox * * * - * https://git.lelux.fi/quindecim/mozilla.cfg * + * https://git.nixnet.xyz/quindecim/mozilla.cfg * *********************************************************************************/ // -// Author : quindecim : https://git.lelux.fi/quindecim +// Author : quindecim : https://git.nixnet.xyz/quindecim +// https://git.lelux.fi/quindecim | MIRROR +// https://git.lushka.al/quindecim | MIRROR // // // Based on : gHacks : https://github.com/ghacksuserjs/ghacks-user.js @@ -14,7 +16,7 @@ // OrangeManBad : https://git.nixnet.xyz/OrangeManBad/user.js // CHEF-KOCH : https://github.com/CHEF-KOCH/FFCK/tree/master/user.js // -// License : https://git.lelux.fi/quindecim/mozilla.cfg/src/branch/master/LICENSE.txt +// License : https://git.nixnet.xyz/quindecim/mozilla.cfg/src/branch/master/LICENSE.txt // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // PROTECTION @@ -37,10 +39,6 @@ lockPref("browser.newtab.url", "about:blank"); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); // [DESKTOP] // ------------------------------------- -// Pref : Disable Activity Stream -// https://wiki.mozilla.org/Firefox/Activity_Stream -lockPref("browser.newtabpage.activity-stream.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable Activity Stream Top Stories, Pocket-based and/or sponsored content lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", ""); // [DESKTOP] @@ -76,19 +74,16 @@ lockPref("browser.newtabpage.activity-stream.feeds.prefs", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.sections", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false); // [DESKTOP] -lockPref("browser.newtabpage.activity-stream.feeds.theme", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.topsites", false); // [DESKTOP] // ------------------------------------- // Pref : Disable Activity Stream (others) lockPref("browser.newtabpage.activity-stream.messageCenterExperimentEnabled", false); -lockPref("browser.newtabpage.activity-stream.prerender", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.showSearch", false); // [DESKTOP] -lockPref("browser.newtabpage.activity-stream.showTopSites", false); // [DESKTOP] -lockPref("browser.newtabpage.activity-stream.tippyTop.service.endpoint", ""); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.discoverystream.config", ""); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", ""); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.discoverystream.rec.impressions", ""); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.discoverystream.spoc.impressions", ""); // [DESKTOP] +lockPref("browser.newtabpage.activity-stream.discoverystream.endpointSpocsClear", ""); lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); // [DESKTOP] @@ -99,11 +94,8 @@ lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", // https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping // https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-source // https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-ping -lockPref("browser.newtabpage.enhanced", false); // [DESKTOP] lockPref("browser.newtab.preload", false); // [DESKTOP] lockPref("browser.newtabpage.directory.ping", ""); // [DESKTOP] -lockPref("browser.newtabpage.directory.source", "data:text/plain,{}"); // [DESKTOP] -lockPref("browser.newtabpage.activity-stream.aboutHome.enabled", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.asrouter.messageProviders", ""); // [DESKTOP] // ------------------------------------- // Pref : Don't reveal build ID @@ -122,7 +114,6 @@ lockPref("app.update.url", "https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION lockPref("app.update.url.details", "https://www.mozilla.org/firefox/notes"); // [URL SANITIZED] // [DESKTOP] // lockPref("app.update.url.manual", ""); // [DESKTOP] // lockPref("app.update.url.android", ""); // [FENNEC] -lockPref("app.update.silent", false); // [DESKTOP] // lockPref("app.update.staging.enabled", false); // [DESKTOP] lockPref("app.update.log.file", false); // [DESKTOP] // ------------------------------------- @@ -163,7 +154,6 @@ lockPref("services.sync.prefs.sync.browser.newtabpage.enabled", false); // [DESK lockPref("services.sync.prefs.sync.browser.newtabpage.pinned", false); // [DESKTOP] lockPref("services.sync.prefs.sync.browser.offline-apps.notify", false); // [DESKTOP] lockPref("services.sync.prefs.sync.browser.search.update", false); // [DESKTOP] -lockPref("services.sync.prefs.sync.browser.sessionstore.restore_on_demand", false); // [DESKTOP] lockPref("services.sync.prefs.sync.browser.startup.homepage", false); // [DESKTOP] lockPref("services.sync.prefs.sync.browser.startup.page", false); // [DESKTOP] lockPref("services.sync.prefs.sync.browser.tabs.loadInBackground", false); // [DESKTOP] @@ -267,6 +257,11 @@ lockPref("sync.serverURL", ""); // [DEPRECATED] // [DESKTOP] lockPref("sync.jpake.serverURL", ""); // [DEPRECATED] // [DESKTOP] lockPref("services.sync.prefs.sync.browser.contentblocking.features.strict", false); // [DESKTOP] lockPref("services.sync.prefs.dangerously_allow_arbitrary", false); // [DESKTOP] +lockPref("services.sync.prefs.sync.app.shield.optoutstudies.enabled", false); +lockPref("services.sync.prefs.sync.browser.discovery.enabled", false); +lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.showSponsored", false); +lockPref("services.sync.prefs.sync.browser.search.widget.inNavBar", false); +lockPref("services.sync.prefs.sync.extensions.activeThemeID", false); // ------------------------------------- // Pref : Never check updates for search engines // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking @@ -283,11 +278,6 @@ lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); // Pref : Disable sending the URL of the website where a plugin crashed lockPref("dom.ipc.plugins.reportCrashURL", false); // ------------------------------------- -// Pref : Disable SSDP (Simple Service Discovery Protocol) -// https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol -// https://bugzilla.mozilla.org/show_bug.cgi?id=1111967 -lockPref("browser.casting.enabled", false); // [DEFAULT: true] -// ------------------------------------- // Pref : Disable Telemetry // https://wiki.mozilla.org/Platform/Features/Telemetry // https://wiki.mozilla.org/Privacy/Reviews/Telemetry @@ -314,7 +304,7 @@ lockPref("toolkit.telemetry.hybridContent.enabled", false); // [DESKTOP] lockPref("toolkit.telemetry.previousBuildID", ""); // [DESKTOP] lockPref("toolkit.telemetry.prompted", 2); // [DESKTOP] lockPref("toolkit.telemetry.rejected", true); // [DESKTOP] -lockPref("security.identitypopup.recordEventElemetry", false); // [DESKTOP] +lockPref("security.identitypopup.recordEventTelemetry", false); lockPref("security.certerrors.recordEventTelemetry", false); // [DESKTOP] lockPref("privacy.trackingprotection.origin_telemetry.enabled", false); lockPref("telemetry.origin_telemetry_test_mode.enabled", false); @@ -341,22 +331,6 @@ lockPref("datareporting.policy.firstRunURL", ""); lockPref("datareporting.policy.minimumPolicyVersion", 0); lockPref("datareporting.policy.minimumPolicyVersion.channel-beta", 0); // ------------------------------------- -// Pref : Disable In-Browser Feed Handling -// https://wiki.mozilla.org/Feed_Handling -// http://kb.mozillazine.org/Browser.contentHandlers.types.%2A.uri -lockPref("browser.contentHandlers.types.0.title", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.0.type", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.0.uri", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.1.title", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.1.type", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.1.uri", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.2.title", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.2.type", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.2.uri", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.3.title", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.3.type", ""); // [FENNEC] -lockPref("browser.contentHandlers.types.3.uri", ""); // [FENNEC] -// ------------------------------------- // Pref : Disable personalized Extension Recommendations in about:addons and AMO // [NOTE] This pref has no effect when Health Reports are disabled // https://support.mozilla.org/kb/personalized-extension-recommendations @@ -400,18 +374,10 @@ lockPref("lightweightThemes.recommendedThemes", ""); // [DESKTOP] // Pref : Disable Studies and SHIELD // [NOTE] This pref has no effect when Health Reports are disabled lockPref("app.shield.optoutstudies.enabled", false); // [DESKTOP] -lockPref("extensions.shield-recipe-client.enabled", false); // [DESKTOP] -lockPref("extensions.shield-recipe-client.api_url", ""); // [DESKTOP] // ------------------------------------- // Pref : Disable backlogged Crash Reports -lockPref("browser.crashReports.unsubmittedCheck.autoSubmit", false); // [DESKTOP] lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // [DESKTOP] // ------------------------------------- -// Pref : Disable Heartbeat (Mozilla user rating telemetry) -// https://wiki.mozilla.org/Advocacy/heartbeat -// https://trac.torproject.org/projects/tor/ticket/19047 -lockPref("browser.selfsupport.url", ""); // [DESKTOP] -// ------------------------------------- // Pref : Disable about:addons Recommendations pane (uses Google Analytics) lockPref("extensions.getAddons.showPane", false); // [HIDDEN PREF] // [DESKTOP] lockPref("extensions.webservice.discoverURL", ""); // [DESKTOP] @@ -439,6 +405,10 @@ lockPref("browser.contentblocking.reportBreakage.enabled", false); // [DESKTOP] lockPref("browser.contentblocking.reportBreakage.url", ""); // [DESKTOP] lockPref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", false); // [DESKTOP] // ------------------------------------- +// Pref : Disable send content blocking log to about:protections +// https://bugzilla.mozilla.org/show_bug.cgi?id=1549832 +lockpref("browser.contentblocking.database.enabled", false); +// ------------------------------------- // Pref : Onboarding tour disable because of included telemetry // [NOTE] This setting is just in case it comeback lockPref("browser.onboarding.notification.finished", true); // [DESKTOP] // [DEPRECATED] @@ -467,11 +437,6 @@ lockPref("extensions.screenshots.upload-disabled", true); // [DESKTOP] // https://support.mozilla.org/en-US/kb/how-do-i-use-firefox-spell-checker defaultPref("layout.spellcheckDefault", 0); // [DESKTOP] // ------------------------------------- -// Pref : Disable social integration with FF -lockPref("social.directories", ""); // [DEPRECATED] // [DESKTOP] -lockPref("social.remote-install.enabled", false); // [DEPRECATED] // [DESKTOP] -lockPref("social.whitelist", ""); // [DEPRECATED] // [DESKTOP] -// ------------------------------------- // Pref : Disable Firefox internal page warnings lockPref("network.warnOnAboutNetworking", false); lockPref("general.warnOnAboutConfig", false); @@ -484,9 +449,15 @@ lockPref("browser.tabs.warnOnClose", false); // [DESKTOP] lockPref("browser.tabs.warnOnCloseOtherTabs", false); // [DESKTOP] lockPref("browser.tabs.warnOnOpen", false); // [DESKTOP] // ------------------------------------- -// Pref : Disables warnings by entering full screen mode +// Pref : Disable warnings by entering full screen mode lockPref("full-screen-api.warning.delay", 0); lockPref("full-screen-api.warning.timeout", 0); +// ------------------------------------- +// Pref : Disable WebVTT logging and test events +// https://developer.mozilla.org/en-US/docs/Web/API/WebVTT_API +// https://git.sny.no/gecko/commit/?id=5701a142f2a5e89b1b716e0edec0f18d5e513678 +lockPref("media.webvtt.debug.logging", false); +lockPref("media.webvtt.testing.events", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : IJWY To Shut Up @@ -518,10 +489,7 @@ lockPref("extensions.getAddons.themes.browseURL", ""); // [DESKTOP] lockPref("security.content.signature.root_hash", ""); lockPref("identity.mobilepromo.android", ""); // [DESKTOP] lockPref("identity.mobilepromo.ios", ""); // [DESKTOP] -lockPref("prio.publicKeyA", ""); // [DESKTOP] -lockPref("prio.publicKeyB", ""); // [DESKTOP] lockPref("toolkit.datacollection.infoURL", ""); // [DESKTOP] -lockPref("toolkit.telemetry.infoURL", ""); // [DESKTOP] lockPref("dom.keyboardevent.keypress.hack.dispatch_non_printable_keys", ""); lockPref("dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode", ""); lockPref("startup.homepage_welcome_url", ""); // [DESKTOP] @@ -531,7 +499,6 @@ lockPref("startup.homepage_override_url", ""); // [DESKTOP] // Pref : Devtools cleanup lockPref("devtools.devices.url", ""); lockPref("devtools.devedition.promo.url", ""); // [DESKTOP] -lockPref("devtools.telemetry.supported_performance_marks", ""); // [DESKTOP] lockPref("devtools.performance.recording.ui-base-url", ""); // [DESKTOP] // ------------------------------------- // Pref : Disable website protocol handlers @@ -545,13 +512,6 @@ lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // [DESKTOP] lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); // [DESKTOP] lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", ""); // [DESKTOP] // ------------------------------------- -// Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface) -// https://wiki.mozilla.org/FlyWeb -// https://wiki.mozilla.org/FlyWeb/Security_scenarios -// https://docs.google.com/document/d/1eqLb6cGjDL9XooSYEEo7mE-zKQ-o-AuDTcEyNhfBMBM/edit -// http://www.ghacks.net/2016/07/26/firefox-flyweb -lockPref("dom.flyweb.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable browser translate integration // https://www.ghacks.net/2018/09/09/mozilla-working-on-google-translate-integration-in-firefox/ lockPref("browser.translation.engine", ""); // [DESKTOP] @@ -610,7 +570,6 @@ lockPref("identity.fxaccounts.auth.uri", ""); lockPref("identity.fxaccounts.remote.oauth.uri", ""); lockPref("identity.fxaccounts.remote.profile.uri", ""); lockPref("identity.sync.tokenserver.uri", ""); -lockPref("identity.fxaccounts.remote.webchannel.uri", ""); lockPref("identity.fxaccounts.remote.root", ""); // [DESKTOP] lockPref("identity.fxaccounts.pairing.enabled", false); // [DESKTOP] lockPref("identity.fxaccounts.remote.pairing.uri", ""); // [DESKTOP] @@ -690,7 +649,6 @@ lockPref("security.dialog_enable_delay", 700); defaultPref("devtools.debugger.remote-enabled", false); lockPref("devtools.webide.enabled", false); // [DESKTOP] lockPref("devtools.webide.autoinstallADBExtension", false); // [DESKTOP] -lockPref("devtools.webide.autoinstallFxdtAdapters", false); // [DESKTOP] lockPref("devtools.remote.adb.extensionURL", ""); // [DESKTOP] lockPref("devtools.remote.adb.extensionID", ""); // [DESKTOP] lockPref("devtools.webide.adaptersAddonURL", ""); // [DESKTOP] @@ -852,10 +810,6 @@ defaultPref("pdfjs.disabled", true); // [DEFAULT: false] // [DESKTOP] lockPref("pdfjs.enabledCache.state", false); // [DESKTOP] lockPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); // [DESKTOP] // ------------------------------------- -// Pref : Disable Scripting of Plugins by JavaScript -// http://forums.mozillazine.org/viewtopic.php?f=7&t=153889 -lockPref("security.xpconnect.plugin.unrestricted", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable exposure of system colors to CSS or canvas // [NOTE] See second listed bug: may cause black on black for elements with undefined colors // https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 @@ -934,7 +888,7 @@ lockPref("dom.disable_beforeunload", true); lockPref("dom.vibrator.enabled", false); // ------------------------------------- // Pref : Disable clipboard commands (cut/copy) from "non-privileged" content -// This disables document.execCommand("cut"/"copy") to protect your clipboard +// This disable document.execCommand("cut"/"copy") to protect your clipboard // https://bugzilla.mozilla.org/1170911 // lockPref("dom.allow_cut_copy", false); // ------------------------------------- @@ -987,11 +941,6 @@ lockPref("media.gmp-manager.buildID", "20190307010101"); // [DESKTOP] lockPref("extensions.lastAppBuildID", "20190307010101"); lockPref("browser.sessionstore.upgradeBackup.latestBuildID", "20190307010101"); // [DESKTOP] // ------------------------------------- -// Pref : Disable Archive API -// https://wiki.mozilla.org/WebAPI/ArchiveAPI -// https://bugzilla.mozilla.org/show_bug.cgi?id=1342361 -lockPref("dom.archivereader.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable raw TCP socket support (mozTCPSocket) // https://trac.torproject.org/projects/tor/ticket/18863 // https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/ @@ -1029,6 +978,10 @@ lockPref("webgl.can-lose-context-in-foreground", false); // [DEFAULT: true] lockPref("webgl.force-enabled", false); lockPref("webgl.vendor-string-override", " "); lockPref("webgl.renderer-string-override", " "); +lockPref("webgl.all-angle-options", false); +lockPref("webgl.allow-immediate-queries", false); +lockPref("webgl.default-antialias", false); +lockPref("webgl.enable-surface-texture", false); // ------------------------------------- // Pref : Disable screensharing and audiocapture lockPref("media.getusermedia.screensharing.enabled", false); // [DESKTOP] @@ -1039,9 +992,6 @@ lockPref("media.getusermedia.audiocapture.enabled", false); lockPref("device.camera.enabled", false); // [DEFAULT: true] // [FENNEC] lockPref("media.realtime_decoder.enabled", false); // [DEFAULT: true] // [FENNEC] // ------------------------------------- -// Pref : Disable face detection -lockPref("camera.control.face_detection.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable canvas capture stream // https://developer.mozilla.org/docs/Web/API/HTMLCanvasElement/captureStream lockPref("canvas.capturestream.enabled", false); @@ -1526,7 +1476,6 @@ lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); // [DESKTOP] lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); // [DESKTOP] lockPref("security.ssl3.rsa_rc4_128_md5", false); // [DESKTOP] lockPref("security.ssl3.rsa_rc4_128_sha", false); // [DESKTOP] -lockPref("security.tls.unrestricted_rc4_fallback", false); // [DESKTOP] // ------------------------------------- // Pref : Warn the user when server doesn't support RFC 5746 ("safe" renegotiation) // https://wiki.mozilla.org/Security:Renegotiation#security.ssl.treat_unsafe_negotiation_as_broken @@ -1556,7 +1505,7 @@ lockPref("network.gio.supported-protocols", ""); // [HIDDEN PREF] // Section : User Settings // >>>>>>>>>>>>>>>>>>>> // Pref : Set long press behaviour on "+ Tab" button to display container menu -// 0=disables long press, 1=when clicked, the menu is shown +// 0=disabled long press, 1=when clicked, the menu is shown // 2=the menu is shown after X milliseconds // [NOTE] The menu does not contain a non-container tab option // https://bugzilla.mozilla.org/1328756 @@ -1582,6 +1531,13 @@ lockPref("privacy.firstparty.isolate.restrict_opener_access", true); // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Passwords // >>>>>>>>>>>>>>>>>>>> +// Pref : Disable about:logins (Firefox Lockwise) +// https://lockwise.firefox.com/ +// https://support.mozilla.org/en-US/kb/firefox-lockwise-managing-account-data +lockPref("signon.management.page.enabled", false); // [DESKTOP] +lockPref("signon.management.page.faqURL", ""); // [DESKTOP] +lockPref("signon.management.page.feedbackURL", ""); // [DESKTOP] +// ------------------------------------- // Pref : Disable autofilling saved passwords on HTTP pages and show warning // https://bugzilla.mozilla.org/buglist.cgi?bug_id=1217152,1319119 lockPref("signon.autofillForms.http", false); @@ -1635,6 +1591,12 @@ lockPref("network.auth.subresource-http-auth-allow", 1); // Pref : Prevent cross-origin images from triggering an HTTP-Authentication prompt // https://bugzilla.mozilla.org/1357835 lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false); // [DEPRECATED] // [DESKTOP] +// ------------------------------------- +// Pref : Disable Firefox built-in password generator +// https://wiki.mozilla.org/Toolkit:Password_Manager/Password_Generation +// [NOTE] Best still create passwords with random characters and numbers in sequence by yourself +defaultPref("signon.generation.available", false); +defaultPref("signon.generation.enabled", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Window Meddling & Leaks / Popups @@ -1875,9 +1837,6 @@ lockPref("media.gmp.trial-create.enabled", false); // [WINDOWS] // [DESKTOP] // https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next defaultPref("media.eme.enabled", false); // ------------------------------------- -// Pref : Disable Adobe Primetime -lockPref("media.gmp-eme-adobe.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable the OpenH264 Video Codec by Cisco to "Never Activate". // This is the bundled codec used for video chat in WebRTC. lockPref("media.gmp-gmpopenh264.enabled", false); @@ -2056,6 +2015,14 @@ lockPref("privacy.trackingprotection.fingerprinting.enabled", false); lockPref("urlclassifier.features.fingerprinting.blacklistTables", ""); lockPref("urlclassifier.features.fingerprinting.whitelistTables", ""); // ------------------------------------- +// Pref : Disable social trackingprotection +// [NOTE] uBlock is far superior and you can customize the lists as you wish +// https://m.wiki.mozilla.org/Security/Tracking_protection#Lists +// https://github.com/AdroitAdorKhan/EnergizedProtection +// https://github.com/theel0ja/firefox-recommendations/blob/master/README.md +lockPref("privacy.trackingprotection.socialtracking.annotate.enabled", false); +lockPref("privacy.trackingprotection.socialtracking.enabled", false); +// ------------------------------------- // Pref : Disable PingCentre telemetry (used in several System Add-ons) // Currently blocked by 'datareporting.healthreport.uploadEnabled' lockPref("browser.ping-centre.telemetry", false); // [DESKTOP] @@ -2225,7 +2192,7 @@ lockPref("network.http.referer.XOriginTrimmingPolicy", 2); // https://github.com/pyllyukko/user.js/issues/94 // [NOTE] Spoofing referers breaks functionality on websites relying on authentic referer headers // [NOTE] Spoofing referers breaks visualisation of 3rd-party sites on the Lightbeam addon -// [NOTE] Spoofing referers disables CSRF protection on some login pages not implementing origin-header/cookie+token based CSRF protection +// [NOTE] Spoofing referers disable CSRF protection on some login pages not implementing origin-header/cookie+token based CSRF protection lockPref("network.http.referer.spoofSource", true); // [DEFAULT: false] // ------------------------------------- // Pref : Set the default Referrer Policy @@ -2314,6 +2281,8 @@ lockPref("dom.gamepad.enabled", false); // [DEFAULT: true] lockPref("dom.gamepad.extensions.enabled", false); // [DEFAULT: true] lockPref("dom.gamepad.haptic_feedback.enabled", false); // [DEFAULT: false] lockPref("dom.gamepad.test.enabled", false); // [DEFAULT: true] +lockPref("dom.gamepad.extensions.lightindicator", false); // [DEFAULT: false] +lockPref("dom.gamepad.extensions.multitouch", false); // [DEFAULT: false] // ------------------------------------- // Pref : Disable giving away network info // e.g. bluetooth, cellular, ethernet, wifi, wimax, other, mixed, unknown, none @@ -2338,10 +2307,9 @@ lockPref("media.video_stats.enabled", false); // [DEFAULT: true] // Fingerprinting attack vector - leaks screen res & actual screen coordinates. // 0=disabled, 1=enabled, 2=autodetect // This pref is set to 2 by default, which results in the Touch API being exposed only when touch hardware is present. So we should either set it to "1" (enable) or "0" (disable) to ensure that JS code can't fingerprint the user's hardware. -// [FENNEC - BUG] If disabled, unables you to copy or paste any text. // https://developer.mozilla.org/docs/Web/API/Touch_events // https://trac.torproject.org/projects/tor/ticket/10286 -defaultPref("dom.w3c_touch_events.enabled", 0); // [DEFAULT: 2] +defaultPref("dom.w3c_touch_events.enabled", 0); // [DEFAULT: 2] // [FENNEC - BUG] ff disabled, disallow copy/paste any text // ------------------------------------- // Pref : Disable MediaDevices change detection // https://developer.mozilla.org/docs/Web/Events/devicechange @@ -2369,7 +2337,6 @@ lockPref("dom.battery.enabled", false); // [DEFAULT: true] // https://developer.mozilla.org/en-US/docs/Web/API/WebVR_API lockPref("dom.vr.enabled", false); // [DEFAULT: true] lockPref("dom.vr.autoactivate.enabled", false); -lockPref("dom.vr.external.enabled", false); lockPref("dom.vr.oculus.enabled", false); lockPref("dom.vr.oculus.invisible.enabled", false); lockPref("dom.vr.openvr.action_input", false); @@ -2378,8 +2345,6 @@ lockPref("dom.vr.osvr.enabled", false); lockPref("dom.vr.poseprediction.enabled", false); lockPref("dom.vr.puppet.enabled", false); lockPref("dom.vr.require-gesture", true); -lockPref("dom.vr.service.enabled", false); -lockPref("dom.vr.test.enabled", false); lockPref("gfx.vr.osvr.clientKitLibPath", ""); lockPref("gfx.vr.osvr.clientLibPath", ""); lockPref("gfx.vr.osvr.commonLibPath", ""); @@ -2412,10 +2377,6 @@ lockPref("browser.startup.blankWindow", false); // [DESKTOP] // https://developer.mozilla.org/en-US/docs/Web/API/Connection/onchange // https://www.torproject.org/projects/torbrowser/design/#fingerprinting-defenses lockPref("dom.network.enabled", false); // [DESKTOP] -// ------------------------------------- -// Pref : Disable telephony API -// https://wiki.mozilla.org/WebAPI/Security/WebTelephony -lockPref("dom.telephony.enabled", false); // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : UI (User Interface) @@ -2435,9 +2396,6 @@ defaultPref("browser.download.autohideButton", false); // [DESKTOP] // Pref : Disable browser animation // https://bugzilla.mozilla.org/show_bug.cgi?id=1352069 defaultPref("toolkit.cosmeticAnimations.enabled", false); // [DESKTOP] -// ------------------------------------- -// Pref : Displaying small density by default -defaultPref("browser.uidensity", 1); // [DEFAULT: 0] // [DESKTOP] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Personal @@ -2481,9 +2439,6 @@ defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // [DESKTOP] // Pref : Display long lines in view-source page defaultPref("view_source.wrap_long_lines", true); // ------------------------------------- -// Pref : Enable dark mode in all about:* pages -defaultPref("browser.in-content.dark-mode", true); -// ------------------------------------- // Pref : Enable one-click select all URL bar defaultPref("browser.urlbar.clickSelectsAll", true); // ------------------------------------- @@ -2495,26 +2450,147 @@ defaultPref("browser.urlbar.doubleClickSelectsAll", false); // [DESKTOP] // ESR60.x still uses all the following prefs // >>>>>>>>>>>>>>>>>>>> // ------------------------------------- +// FF52+ +// ------------------------------------- +// Pref : Disable telephony API +// https://wiki.mozilla.org/WebAPI/Security/WebTelephony +lockPref("dom.telephony.enabled", false); +// ------------------------------------- +// Pref : Disable Adobe Primetime +lockPref("media.gmp-eme-adobe.enabled", false); +lockPref("media.gmp-eme-adobe.visible", false); +// ------------------------------------- +// FF53+ +// ------------------------------------- +// Pref : Disable RC4 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1130670 +// https://hg.mozilla.org/mozilla-central/rev/1f7832017dbb +lockPref("security.tls.unrestricted_rc4_fallback", false); +// ------------------------------------- +// FF54+ +// ------------------------------------- +// Pref : Disable Archive API +// https://bugzilla.mozilla.org/show_bug.cgi?id=1342361 +// https://hg.mozilla.org/mozilla-central/rev/fe12200aa33a +lockPref("dom.archivereader.enabled", false); +// ------------------------------------- +// FF55+ +// ------------------------------------- +// Pref : Disable Heartbeat (Mozilla user rating telemetry) +// https://bugzilla.mozilla.org/show_bug.cgi?id=1361578 +// https://hg.mozilla.org/mozilla-central/rev/5a8f2dcbeac0 +lockPref("browser.selfsupport.enabled", false); +lockPref("browser.selfsupport.url", ""); +// ------------------------------------- +// FF57+ +// ------------------------------------- +// Pref : Disable SSDP (Simple Service Discovery Protocol) +// https://bugzilla.mozilla.org/show_bug.cgi?id=1393582 +// https://hg.mozilla.org/mozilla-central/rev/bf7793529f82 +lockPref("browser.casting.enabled", false); +// ------------------------------------- +// Pref : Disable WebIDE to prevent remote debugging and ADB extension download +// https://bugzilla.mozilla.org/show_bug.cgi?id=1393497 +// https://hg.mozilla.org/mozilla-central/rev/9815926c3bc1 +lockPref("devtools.webide.autoinstallFxdtAdapters", false); +// ------------------------------------- +// Pref : Disable social integration with FF +// https://bugzilla.mozilla.org/show_bug.cgi?id=1406193 +// https://hg.mozilla.org/mozilla-central/rev/125a67a1750f +lockPref("social.directories", ""); +lockPref("social.remote-install.enabled", false); +lockPref("social.whitelist", ""); +// ------------------------------------- +// FF58+ +// ------------------------------------- +// Pref : Disable backlogged Crash Reports +// https://bugzilla.mozilla.org/show_bug.cgi?id=1424373 +// https://hg.mozilla.org/releases/mozilla-esr52/rev/292a2d5bcb1f4a07e875b0b60a925f31992e898f +// https://hg.mozilla.org/releases/mozilla-esr52/rev/19ea736e7e3d20555ee6633b9d7803c1225979e1 +lockPref("browser.crashReports.unsubmittedCheck.autoSubmit", false); +// ------------------------------------- +// FF59+ +// ------------------------------------- +// Pref : Devtools cleanup +// https://bugzilla.mozilla.org/show_bug.cgi?id=1416703 +// https://hg.mozilla.org/mozilla-central/rev/cf62d0c0ce5a +lockPref("devtools.telemetry.supported_performance_marks", ""); +// ------------------------------------- +// Pref : Disable face detection +// https://bugzilla.mozilla.org/show_bug.cgi?id=1416703 +// https://hg.mozilla.org/integration/mozilla-inbound/rev/27b171e4cd2d1d51e95df1bfb6fc567500b6284d +lockPref("camera.control.face_detection.enabled", false); +// ------------------------------------- +// Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface) +// https://bugzilla.mozilla.org/show_bug.cgi?id=1374574 +// https://hg.mozilla.org/mozilla-central/rev/07ca590ac669 +// https://hg.mozilla.org/mozilla-central/rev/ff75ef015293 +// https://hg.mozilla.org/mozilla-central/rev/5a8a3d887e19 +lockPref("dom.flyweb.enabled", false); +// ------------------------------------- +// Pref : Disable Scripting of Plugins by JavaScript +// https://bugzilla.mozilla.org/show_bug.cgi?id=1416703 +// https://hg.mozilla.org/mozilla-central/rev/eb9c29a3067d +lockPref("security.xpconnect.plugin.unrestricted", false); +// ------------------------------------- +// FF60+ +// ------------------------------------- +// Pref : Disable Activity Stream +// https://bugzilla.mozilla.org/show_bug.cgi?id=1433324 +// https://hg.mozilla.org/mozilla-central/rev/f3069763fab6 +// https://hg.mozilla.org/mozilla-central/rev/088e727e5cf7 +lockPref("browser.newtabpage.activity-stream.enabled", false); +// ------------------------------------- +// Pref : Disable new tab tile ads & preload +// https://bugzilla.mozilla.org/show_bug.cgi?id=1433324 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1433133 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1370930 +// https://hg.mozilla.org/mozilla-central/rev/ad6392e366d4 +lockPref("browser.newtabpage.activity-stream.aboutHome.enabled", false); +lockPref("browser.newtabpage.directory.source", "data:text/plain,{}"); +lockPref("browser.newtabpage.enhanced", false); +// ------------------------------------- +// Pref : Disable Studies and SHIELD +// https://bugzilla.mozilla.org/show_bug.cgi?id=1436113 +// https://hg.mozilla.org/mozilla-central/rev/94f5c92fc711 +lockPref("extensions.shield-recipe-client.enabled", false); +lockPref("extensions.shield-recipe-client.api_url", ""); +// ------------------------------------- +// Pref : Disable Firefox Accounts and Sync +// https://bugzilla.mozilla.org/show_bug.cgi?id=1427674 +// https://hg.mozilla.org/mozilla-central/rev/b014201f939f +lockPref("identity.fxaccounts.remote.webchannel.uri", ""); +// ------------------------------------- // FF61+ // ------------------------------------- // Pref : Disable Experiments -// https://wiki.mozilla.org/Telemetry/Experiments -// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1420908,1450801 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1450801 +// https://hg.mozilla.org/mozilla-central/rev/b81ac6c5c207 +// https://hg.mozilla.org/mozilla-central/rev/9e68f15bcb09 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1420908 +// https://hg.mozilla.org/mozilla-central/rev/98389f291fe6 +// https://hg.mozilla.org/mozilla-central/rev/8a77da7f1488 lockPref("experiments.enabled", false); lockPref("experiments.manifest.uri", ""); lockPref("experiments.supported", false); lockPref("experiments.activeExperiment", false); // ------------------------------------- // Pref : Disable remote JAR files being opened, regardless of content type -// https://bugzilla.mozilla.org/1173171 -// https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ -// https://bugzilla.mozilla.org/1427726 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1427726 +// https://hg.mozilla.org/integration/autoland/rev/a9185d7a30d8 lockPref("network.jar.block-remote-files", true); // ------------------------------------- // Pref : Disable JAR from opening Unsafe File Types -// https://bugzilla.mozilla.org/1427726 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1427726 +// https://hg.mozilla.org/integration/autoland/rev/064ca3f3d42b lockPref("network.jar.open-unsafe-types", false); // ------------------------------------- +// Pref : Disable Activity Stream (others) +lockPref("browser.newtabpage.activity-stream.showTopSites", false); +// ------------------------------------- +// Pref : Block unwanted connections +lockPref("toolkit.telemetry.infoURL", ""); +// ------------------------------------- // FF62+ // ------------------------------------- // Pref : Disable Java plugin @@ -2527,6 +2603,7 @@ lockPref("plugin.state.java", 0); // Pref : DisableGeoIP-based search results // [NOTE] May not be hidden if Firefox has changed your settings due to your locale // https://bugzilla.mozilla.org/1462015 +// https://hg.mozilla.org/mozilla-central/rev/0866ebeda09d lockPref("browser.search.countryCode", "US"); // [HIDDEN PREF] // ------------------------------------- // Pref : Disable app from auto-update @@ -2555,6 +2632,29 @@ lockPref("media.autoplay.enabled", false); // https://bugzilla.mozilla.org/1473595 defaultpref("browser.ctrlTab.previews", true); // ------------------------------------- +// Pref : Disable In-Browser Feed Handling +// https://bugzilla.mozilla.org/show_bug.cgi?id=1477670 +// https://hg.mozilla.org/mozilla-central/rev/5b714ea69f17 +// https://hg.mozilla.org/mozilla-central/rev/04ce1d287d58 +// https://hg.mozilla.org/mozilla-central/rev/3abafc9e0915 +// https://hg.mozilla.org/mozilla-central/rev/452156f0fc6d +lockPref("browser.contentHandlers.types.0.title", ""); +lockPref("browser.contentHandlers.types.0.type", ""); +lockPref("browser.contentHandlers.types.0.uri", ""); +lockPref("browser.contentHandlers.types.1.title", ""); +lockPref("browser.contentHandlers.types.1.type", ""); +lockPref("browser.contentHandlers.types.1.uri", ""); +lockPref("browser.contentHandlers.types.2.title", ""); +lockPref("browser.contentHandlers.types.2.type", ""); +lockPref("browser.contentHandlers.types.2.uri", ""); +lockPref("browser.contentHandlers.types.3.title", ""); +lockPref("browser.contentHandlers.types.3.type", ""); +lockPref("browser.contentHandlers.types.3.uri", ""); +// ------------------------------------- +// Pref : Disable Activity Stream (others) +lockPref("browser.newtabpage.activity-stream.feeds.theme", false); +lockPref("browser.newtabpage.activity-stream.tippyTop.service.endpoint", ""); +// ------------------------------------- // FF64+ // ------------------------------------- // Pref : Disable Onboarding @@ -2631,4 +2731,33 @@ lockPref("lightweightThemes.update.enabled", false); defaultPref("security.csp.experimentalEnabled", true); // ------------------------------------- // FF69+ +// ------------------------------------- +// Pref : Disable app from auto-update +// https://bugzilla.mozilla.org/show_bug.cgi?id=1515484 +// https://hg.mozilla.org/mozilla-central/rev/62e0ef6e50dd +lockPref("app.update.silent", false); +// ------------------------------------- +// Pref : Disable prerendering newtab +// https://bugzilla.mozilla.org/show_bug.cgi?id=1555448 +// https://hg.mozilla.org/mozilla-central/rev/e2f99cd199eb +lockPref("browser.newtabpage.activity-stream.prerender", false); +// ------------------------------------- +// Pref : Disable virtual reality devices APIs +// https://bugzilla.mozilla.org/show_bug.cgi?id=1558358 +// https://hg.mozilla.org/mozilla-central/rev/d97d53e8c4f9 +lockPref("dom.vr.external.enabled", false); +lockPref("dom.vr.service.enabled", false); +lockPref("dom.vr.test.enabled", false); +// ------------------------------------- +// Pref : Disable Telemetry +// https://bugzilla.mozilla.org/show_bug.cgi?id=1548646 +// https://hg.mozilla.org/mozilla-central/rev/4f4de4742c98 +lockPref("security.identitypopup.recordEventElemetry", false); +// ------------------------------------- +// Pref : Disable other sync settings (by prevention) +// https://bugzilla.mozilla.org/show_bug.cgi?id=1560154 +// https://hg.mozilla.org/mozilla-central/rev/68aacb4ba7f9 +lockPref("services.sync.prefs.sync.browser.sessionstore.restore_on_demand", false); +// ------------------------------------- +// FF70+ // ------------------------------------- \ No newline at end of file