diff --git a/config/mozilla.cfg b/config/mozilla.cfg index 6ab2c62..a8a9bb5 100644 --- a/config/mozilla.cfg +++ b/config/mozilla.cfg @@ -34,7 +34,6 @@ lockPref("browser.newtab.url", "about:blank"); // [DESKTOP] // ------------------------------------- // Pref : Disable Extension Recommendations (CFR: "Contextual Feature Recommender" // https://support.mozilla.org/en-US/kb/extension-recommendations -lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false); // [DESKTOP]) lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); // [DESKTOP] // ------------------------------------- @@ -55,9 +54,7 @@ lockPref("browser.startup.homepage", "about:blank"); // [DESKTOP] // Pref : Disable Activity Stream Snippets // Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server // https://abouthome-snippets-service.readthedocs.io/ -lockPref("browser.aboutHomeSnippets.updateUrl", ""); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.asrouter.providers.snippets", ""); // [DESKTOP] -lockPref("browser.newtabpage.activity-stream.disableSnippets", true); // [DESKTOP] lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // [DESKTOP] // ------------------------------------- // Pref : Disable Activity Stream telemetry @@ -118,7 +115,6 @@ lockPref("browser.startup.homepage_override.mstone", "ignore"); // Section : Quiet Fox // >>>>>>>>>>>>>>>>>>>>> // Pref : Disable app from auto-update -// lockPref("app.update.enabled", false); // lockPref("app.update.auto", false); // [DESKTOP] // lockPref("app.update.autodownload", "never"); // [TEST] // [FENNEC] // lockPref("app.update.channel", ""); @@ -390,10 +386,6 @@ lockPref("network.connectivity-service.IPv6.url", ""); lockPref("network.connectivity-service.DNSv4.domain", ""); lockPref("network.connectivity-service.DNSv6.domain", ""); // ------------------------------------- -// Pref : Opt-out of themes (Persona) updates -// https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287 -lockPref("lightweightThemes.update.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable auto updating of lightweight themes (LWT) // Not to be confused with themes, which use the Theme API // Mozilla plan to convert existing LWTs and remove LWT support in the future @@ -442,29 +434,11 @@ lockPref("extensions.abuseReport.url", ""); // https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion lockPref("loop.logDomains", false); // [DESKTOP] // ------------------------------------- -// Pref : Disable Browser Error Reporter -// https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection -// https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html -lockPref("browser.chrome.errorReporter.enabled", false); // [DESKTOP] -lockPref("browser.chrome.errorReporter.submitUrl", ""); // [DESKTOP] -lockPref("browser.chrome.errorReporter.infoURL", ""); // [DESKTOP] -// ------------------------------------- // Pref : Disable contentblocking reportBreakage lockPref("browser.contentblocking.reportBreakage.enabled", false); // [DESKTOP] lockPref("browser.contentblocking.reportBreakage.url", ""); // [DESKTOP] lockPref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", false); // [DESKTOP] // ------------------------------------- -// Pref : Disable Onboarding -// [NOTE] This setting is just in case it comeback -// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time -// about:home or about:newtab is opened, the onboarding overlay is injected into that page -// [NOTE] Onboarding uses Google Analytics, and leaks resource://URIs -// https://wiki.mozilla.org/Firefox/Onboarding -// https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf -// https://bugzilla.mozilla.org/863246#c154 -lockPref("browser.onboarding.enabled", false); // [DESKTOP] // [DEPRECATED] -lockPref("browser.onboarding.notification.tour-ids-queue", ""); // [DESKTOP] // [DEPRECATED] -// ------------------------------------- // Pref : Onboarding tour disable because of included telemetry // [NOTE] This setting is just in case it comeback lockPref("browser.onboarding.notification.finished", true); // [DESKTOP] // [DEPRECATED] @@ -493,10 +467,6 @@ lockPref("extensions.screenshots.upload-disabled", true); // [DESKTOP] // https://support.mozilla.org/en-US/kb/how-do-i-use-firefox-spell-checker defaultPref("layout.spellcheckDefault", 0); // [DESKTOP] // ------------------------------------- -// Pref : Disable "Savant" Shield study -// https://bugzilla.mozilla.org/1457226 -lockPref("shield.savant.enabled", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable social integration with FF lockPref("social.directories", ""); // [DEPRECATED] // [DESKTOP] lockPref("social.remote-install.enabled", false); // [DEPRECATED] // [DESKTOP] @@ -720,12 +690,10 @@ lockPref("security.dialog_enable_delay", 700); defaultPref("devtools.debugger.remote-enabled", false); lockPref("devtools.webide.enabled", false); // [DESKTOP] lockPref("devtools.webide.autoinstallADBExtension", false); // [DESKTOP] -lockPref("devtools.webide.autoinstallADBHelper", false); // [DESKTOP] lockPref("devtools.webide.autoinstallFxdtAdapters", false); // [DESKTOP] lockPref("devtools.remote.adb.extensionURL", ""); // [DESKTOP] lockPref("devtools.remote.adb.extensionID", ""); // [DESKTOP] -lockPref("devtools.webide.adaptersAddonURL", ""); // [DESKTOP] // [DEPRECATED] -lockPref("devtools.webide.adbAddonURL", ""); // [DESKTOP] // [DEPRECATED] +lockPref("devtools.webide.adaptersAddonURL", ""); // [DESKTOP] lockPref("devtools.webide.templatesURL", ""); // [DESKTOP] // ------------------------------------- // Pref : Force local debugging @@ -872,16 +840,6 @@ lockPref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false); // [DESKT // http://kb.mozillazine.org/Browser.urlbar.filter.javascript lockPref("browser.urlbar.filter.javascript", true); // [DESKTOP] // ------------------------------------- -// Pref : Disable JAR from opening Unsafe File Types -// https://bugzilla.mozilla.org/1427726 -lockPref("network.jar.open-unsafe-types", false); // [DESKTOP] -// ------------------------------------- -// Pref : Disable remote JAR files being opened, regardless of content type -// https://bugzilla.mozilla.org/1173171 -// https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ -// https://bugzilla.mozilla.org/1427726 -lockPref("network.jar.block-remote-files", true); // [DEPRECATED] // [DESKTOP] -// ------------------------------------- // Pref : Disable Firefox's built-in PDF reader // This setting controls if the option "Display in Firefox" is available in the setting below and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With") // PROS: pdfjs is lightweight, open source, and as secure/vetted as any pdf reader out there (more than most) @@ -1016,10 +974,6 @@ lockPref("dom.IntersectionObserver.enabled", false); // https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/ lockPref("javascript.options.shared_memory", false); // [DEFAULT: false] // ------------------------------------- -// Pref : Enforce DOMHighResTimeStamp API -// [WARNING] Required for normalization of timestamps and any timer resolution mitigations -lockPref("dom.event.highrestimestamp.enabled", true); // [DEFAULT: true] -// ------------------------------------- // Pref : Enable (limited but sufficient) window.opener protection // Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set lockPref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: false] @@ -1113,7 +1067,7 @@ lockPref("media.autoplay.enabled.user-gestures-needed", true); // [DEFAULT: true // ------------------------------------- // Pref : Disable audio autoplay in non-active tabs // https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/ -lockPref("media.block-autoplay-until-in-foreground", true); // [DEFAULT: false] +lockPref("media.block-autoplay-until-in-foreground", true); // [DEFAULT: true] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Location Bar / Search Bar / Suggestions / History / Forms @@ -1187,9 +1141,8 @@ lockPref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); // [DESKTOP] lockPref("browser.urlbar.searchSuggestionsChoice", false); // [DESKTOP] lockPref("browser.urlbar.timesBeforeHidingSuggestionsHint", 0); // [DESKTOP] // ------------------------------------- -// Pref : Disable URL bar autocomplete and history/bookmarks suggestions dropdown +// Pref : Disable history/bookmarks/opened pages suggestions dropdown from URL bar // [NOTE] This does not cause privacy/leaking issue -defaultPref("browser.urlbar.autocomplete.enabled", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.history", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.bookmark", false); // [DESKTOP] defaultPref("browser.urlbar.suggest.openpage", false); // [DESKTOP] @@ -1214,10 +1167,6 @@ lockPref("network.stricttransportsecurity.preloadlist", true); // https://github.com/pyllyukko/user.js/pull/206#issuecomment-280229645 lockPref("security.tls.version.fallback-limit", 3); // ------------------------------------- -// Pref : Enable CSP 1.1 script-nonce directive support -// https://bugzilla.mozilla.org/show_bug.cgi?id=855326 -defaultPref("security.csp.experimentalEnabled", true); -// ------------------------------------- // Pref : Enable OCSP Must-Staple support // https://blog.mozilla.org/security/2015/11/23/improving-revocation-ocsp-must-staple-and-short-lived-certificates/ // https://www.entrust.com/ocsp-must-staple/ @@ -1806,17 +1755,14 @@ lockPref("toolkit.winRegisterApplicationRestart", false); // [WINDOWS] // [DESKT // >>>>>>>>>>>>>>>>>>>> // Pref : Disable geolocation lockPref("geo.enabled", false); -// lockPref("geo.wifi.xhr.timeout", 0); // ------------------------------------- // Pref : Disable GeoIP lookup on your address to set default search engine region // https://trac.torproject.org/projects/tor/ticket/16254 // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine -lockPref("browser.search.countryCode", "US"); // [HIDDEN PREF] lockPref("browser.search.region", "US"); lockPref("browser.search.geoip.url", ""); lockPref("browser.search.geoSpecificDefaults.url", ""); lockPref("browser.snippets.geoUrl", ""); -// lockPref("browser.search.geoip.timeout", 0); // ------------------------------------- // Pref : Set Accept-Language HTTP header defaultPref("intl.accept_languages", "en-US, en"); @@ -1943,11 +1889,6 @@ lockPref("media.gmp-widevinecdm.autoupdate", false); // [DESKTOP] // https://www.ghacks.net/2013/07/09/how-to-make-sure-that-a-firefox-plugin-never-activates-again/ lockPref("plugin.state.flash", 0); // [DESKTOP] // ------------------------------------- -// Pref : Disable Java plugin -// 0=deactivated, 1=ask, 2=enabled -// https://bugzilla.mozilla.org/1461243 -lockPref("plugin.state.java", 0); // [DESKTOP] -// ------------------------------------- // Pref : Disable Gnome Shell Integration NPAPI plugin lockPref("plugin.state.libgnome-shell-browser-plugin",0); // [DESKTOP] // ------------------------------------- @@ -2125,18 +2066,6 @@ lockPref("browser.ping-centre.telemetry", false); // [DESKTOP] lockPref("extensions.systemAddon.update.enabled", false); // [DESKTOP] lockPref("extensions.systemAddon.update.url", ""); // ------------------------------------- -// Pref : Disable Experiments -// https://wiki.mozilla.org/Telemetry/Experiments -// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1420908,1450801 -lockPref("experiments.enabled", false); // [DESKTOP] -lockPref("experiments.manifest.uri", ""); // [DESKTOP] -lockPref("experiments.supported", false); // [DESKTOP] -lockPref("experiments.activeExperiment", false); // [DESKTOP] -// ------------------------------------- -// Pref : Disable Mozilla permission to silently opt you into tests -// https://bugzilla.mozilla.org/1415625 -lockPref("network.allow-experiments", false); // [DESKTOP] -// ------------------------------------- // Pref : Disable Normandy/Shield // Shield is an telemetry system (including Heartbeat) that can also push and test "recipes" // https://wiki.mozilla.org/Firefox/Shield @@ -2240,10 +2169,6 @@ lockPref("offline-apps.allow_by_default", false); // [DEFAULT: true] // Pref : Disable download history lockPref("browser.download.manager.retention", 0); // [DESKTOP] // ------------------------------------- -// Pref : When browser.fixup.alternate.enabled is enabled, strip password from 'user:password@...' URLs -// https://github.com/pyllyukko/user.js/issues/290#issuecomment-303560851 -lockPref("browser.fixup.hide_user_pass", true); // [DESKTOP] -// ------------------------------------- // Pref : Enable Firefox to clear items on shutdown defaultPref("privacy.sanitize.sanitizeOnShutdown", true); // [DESKTOP] // ------------------------------------- @@ -2504,10 +2429,9 @@ defaultPref("browser.download.autohideButton", false); // [DESKTOP] // Pref : Disable browser animation // https://bugzilla.mozilla.org/show_bug.cgi?id=1352069 defaultPref("toolkit.cosmeticAnimations.enabled", false); // [DESKTOP] -defaultPref("browser.tabs.animate", false); // [DESKTOP] // [DEPRECATED] -defaultPref("browser.fullscreen.animate", false); // [DESKTOP] // [DEPRECATED] -defaultPref("browser.download.animateNotifications", false); // [DESKTOP] // [DEPRECATED] -defaultPref("alerts.disableSlidingEffect", false); // [DESKTOP] // [DEPRECATED] +// ------------------------------------- +// Pref : Displaying small density by default +defaultPref("browser.uidensity", 1); // [DEFAULT: 0] // [DESKTOP] // // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Personal @@ -2534,9 +2458,6 @@ lockPref("home.sync.updateMode", 1); // [DEFAULT: 0] // [FENNEC] // Pref : Middle-click mouse enabling auto-scrolling defaultPref("general.autoScroll", true); // [DESKTOP] // ------------------------------------- -// Pref : Displaying small density by default -defaultPref("browser.uidensity", 1); // [DEFAULT: 0] // [DESKTOP] -// ------------------------------------- // Pref : Disable buttons lockPref("pref.general.disable_button.default_browser", true); // [DESKTOP] lockPref("pref.privacy.disable_button.view_passwords", true); // [DESKTOP] @@ -2547,8 +2468,9 @@ lockPref("pref.privacy.disable_button.view_passwords", true); // [DESKTOP] // Pref : Disable dark theme on forms defaultPref("widget.content.gtk-theme-override", "Adwaita"); // [DESKTOP] // ------------------------------------- -// Pref : Disable ctrl+tab back to the old one -lockPref("browser.ctrlTab.recentlyUsedOrder", false); // [DESKTOP] +// Pref: Disable "Ctrl+Tab cycles through tabs in recently used order" +// https://bugzilla.mozilla.org/1473595 +defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // [DESKTOP] // ------------------------------------- // Pref : Display long lines in view-source page defaultPref("view_source.wrap_long_lines", true); @@ -2562,4 +2484,145 @@ defaultPref("browser.urlbar.clickSelectsAll", true); // Pref : Enable double click selects a string segment in URL bar defaultPref("browser.urlbar.doubleClickSelectsAll", false); // [DESKTOP] // -// \ No newline at end of file +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Deprecated / Removed / Legacy / Renamed +// ESR60.x still uses all the following prefs +// >>>>>>>>>>>>>>>>>>>> +// ------------------------------------- +// FF61+ +// ------------------------------------- +// Pref : Disable Experiments +// https://wiki.mozilla.org/Telemetry/Experiments +// https://bugzilla.mozilla.org/buglist.cgi?bug_id=1420908,1450801 +lockPref("experiments.enabled", false); +lockPref("experiments.manifest.uri", ""); +lockPref("experiments.supported", false); +lockPref("experiments.activeExperiment", false); +// ------------------------------------- +// Pref : Disable remote JAR files being opened, regardless of content type +// https://bugzilla.mozilla.org/1173171 +// https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ +// https://bugzilla.mozilla.org/1427726 +lockPref("network.jar.block-remote-files", true); +// ------------------------------------- +// Pref : Disable JAR from opening Unsafe File Types +// https://bugzilla.mozilla.org/1427726 +lockPref("network.jar.open-unsafe-types", false); +// ------------------------------------- +// FF62+ +// ------------------------------------- +// Pref : Disable Java plugin +// 0=deactivated, 1=ask, 2=enabled +// https://bugzilla.mozilla.org/1461243 +lockPref("plugin.state.java", 0); +// ------------------------------------- +// FF63+ +// ------------------------------------- +// Pref : DisableGeoIP-based search results +// [NOTE] May not be hidden if Firefox has changed your settings due to your locale +// https://bugzilla.mozilla.org/1462015 +lockPref("browser.search.countryCode", "US"); // [HIDDEN PREF] +// ------------------------------------- +// Pref : Disable app from auto-update +// lockPref("app.update.enabled", false); +// ------------------------------------- +// Pref : Disable "Savant" Shield study +// https://bugzilla.mozilla.org/1457226 +lockPref("shield.savant.enabled", false); +// ------------------------------------- +// Pref : Disable favicons in tabs and new bookmarks +// Merged into "browser.chrome.site_icons" +// https://bugzilla.mozilla.org/1453751 +lockPref("browser.chrome.favicons", false); +// ------------------------------------- +// Pref : Disable autoplay of HTML5 media +// Replaced by "media.autoplay.default" +// https://bugzilla.mozilla.org/1470082 +lockPref("media.autoplay.enabled", false); +// ------------------------------------- +// Pref: Set cookie lifetime in days +// https://bugzilla.mozilla.org/1457170 +// defaultPref("network.cookie.lifetime.days", 90); // [DEFAULT: 90] +// ------------------------------------- +// Pref: Enable "Ctrl+Tab cycles through tabs in recently used order" +// Rreplaced by "browser.ctrlTab.recentlyUsedOrder" +// https://bugzilla.mozilla.org/1473595 +defaultpref("browser.ctrlTab.previews", true); +// ------------------------------------- +// FF64+ +// ------------------------------------- +// Pref : Disable Onboarding +// [NOTE] This setting is just in case it comeback +// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time +// about:home or about:newtab is opened, the onboarding overlay is injected into that page +// [NOTE] Onboarding uses Google Analytics, and leaks resource://URIs +// https://wiki.mozilla.org/Firefox/Onboarding +// https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf +// https://bugzilla.mozilla.org/863246#c154 +lockPref("browser.onboarding.enabled", false); +lockPref("browser.onboarding.notification.tour-ids-queue", ""); +// ------------------------------------- +// Pref : Disable WebIDE to prevent remote debugging and ADB extension download +// https://developer.mozilla.org/docs/Tools/WebIDE +// https://trac.torproject.org/projects/tor/ticket/16222 +lockPref("devtools.webide.autoinstallADBHelper", false); +lockPref("devtools.webide.adbAddonURL", ""); +// ------------------------------------- +// Pref : Disable CSP violation events +// https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent +// https://bugzilla.mozilla.org/1488165 +lockPref("security.csp.enable_violation_events", false); +// ------------------------------------- +// FF65+ +// ------------------------------------- +// Pref : Disable location bar autocomplete and suggestion types +// https://bugzilla.mozilla.org/1502392 +defaultPref("browser.urlbar.autocomplete.enabled", false); +// ------------------------------------- +// Pref : When "browser.fixup.alternate.enabled" is enabled, strip password from 'user:password@...' URLs +// https://github.com/pyllyukko/user.js/issues/290#issuecomment-303560851 +lockPref("browser.fixup.hide_user_pass", true); +// ------------------------------------- +// FF66+ +// ------------------------------------- +// Pref : Disable Browser Error Reporter +// https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection +// https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html +lockPref("browser.chrome.errorReporter.enabled", false); +lockPref("browser.chrome.errorReporter.submitUrl", ""); +lockPref("browser.chrome.errorReporter.infoURL", ""); +// ------------------------------------- +// Pref : Disable Mozilla permission to silently opt you into tests +// https://bugzilla.mozilla.org/1415625 +lockPref("network.allow-experiments", false); +// ------------------------------------- +// FF67+ +// ------------------------------------- +// Pref : Enforce DOMHighResTimeStamp API +// [WARNING] Required for normalization of timestamps and any timer resolution mitigations +lockPref("dom.event.highrestimestamp.enabled", true); // [DEFAULT: true] +// ------------------------------------- +// Pref : Disable Extension Recommendations (CFR: "Contextual Feature Recommender" +// https://support.mozilla.org/en-US/kb/extension-recommendations +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false); +// ------------------------------------- +// FF68+ +// ------------------------------------- +// Pref : Disable Activity Stream Snippets +// Runs code received from a server (aka Remote Code Execution) and sends information back to a metrics server +// https://abouthome-snippets-service.readthedocs.io/ +lockPref("browser.aboutHomeSnippets.updateUrl", ""); +lockPref("browser.newtabpage.activity-stream.disableSnippets", true); +// ------------------------------------- +// Pref : Disable auto updating of lightweight themes (LWT) +// https://blog.mozilla.org/addons/2018/09/20/future-themes-here/ +// https://bugzilla.mozilla.org/1525762 +lockPref("lightweightThemes.update.enabled", false); +// ------------------------------------- +// Pref : Enable CSP 1.1 experimental hash-source directive +// https://bugzilla.mozilla.org/buglist.cgi?bug_id=855326,883975 +// https://bugzilla.mozilla.org/1386214 +defaultPref("security.csp.experimentalEnabled", true); +// ------------------------------------- +// FF69+ +// ------------------------------------- \ No newline at end of file