⛔️ Disabled Cryptomining and Fingerprinting trackingprotection
⛔️ Disabled OfferToSaveLogins by default
⛔️ Disabled PasswordManager (remove access to the password manager via preferences and blocks about:logins)
✅ Enforced fallback text encoding to match en-US
✅ Forced Encrypted Server Name Indication (eSNI) (for TLS 1.3 if TRR/DoH is enabled)
✅ Enabled (again) disk cache for SSL page - READ HERE
(https://github.com/ghacksuserjs/ghacks-user.js/issues/792)✅ Synced all the buildIDs with Tor's ones
⛔️ Disabled remaining Activity Stream (order and Pocket)
⛔️ Disabled more telemetry | FF70+
⛔️ Disabled all the contentblocking reports
⛔️ Disabled check route, IPv4 and IPv6, to akamaitechnologies.com | FF70+
⛔️ Disabled new FF accounts and sync prefs | FF70+
⛔️ Disabled more FF Lockwise prefs
⛔️ Disabled cryptomining, fingerprinting and social TP's ping to Mozilla servers | FF70+
⛔️ Disabled all the TP blocked elements by default
⛔️ Disabled sensors.test.events | FF70+
ℹ️ Removed "Use APP locale over OS locale in regional preferences"
ℹ️ Reordered and renamed many prefs with better criteria
ℹ️ Removed all the http:// links
ℹ️ Removed ESR60.x support
ℹ️ Moved some preferences from FF70+ into deprecated section (keeping them active for ESR68.x)
✅ Sanitized almost all URLs for requests to Mozilla servers from LOCALE
✅ Synced all the buildIDs with Tor's ones
⛔️ Removed all the warnings on quit and from accessing about:config page
⛔️ Disabled more unwanted connections
⛔️ Disabled vendor useragent info leakage to Mozilla
⛔️ Disabled entering in safe mode
⛔️ Disabled completely PingCentre telemetry (used in several System Add-ons)
ℹ️ Moved some preferences from FF69+ into deprecated section (keeping them active for ESR60.x and ESR68.x)
ℹ️ Added new links for better descriptions
✅ Added new folder in Bookmarks Menu (Ctrl+Shift+O) called "ADVANCED" that contains the more used about: pages of FF:
- about:restartrequired | (restart FF)
- about:config
- about:about
- about:policies
- about:networking
- about:profiles
- about:support
✅ Added StartPage as default search engine | Only ESR60.x
⛔️ Removed Amazon.com, eBay as suggested search engine | Only ESR60.x
⛔️ Disabled FF password generator | FF69+
⛔️ Locked social trackingprotection | FF70+
⛔️ Locked more sub-sync prefs | FF69+
⛔️ Locked more sub-webgl prefs | FF69+
⛔️ Locked more sub-gamepad prefs | FF69+
⛔️ Locked one more telemetry pref | FF69+
⛔️ Locked send content blocking log to about:protections | FF69+
⛔️ Locked WebVTT logging and test events | FF69+
⛔️ Locked about:logins (Firefox Lockwise) page
ℹ️ Updated author link, added mirrors
ℹ️ Moved lots of preferences from FF52-FF63 and newest ones from FF69+ into deprecated section (keeping them active for ESR60.x)
ℹ️ Defaulted back theme and density values
ℹ️ Fixed typos
Rewritten the file from scratch.
Synced all the prefs already configured with mozilla.cfg and added new ones (not settable with the .cfg file), such as:
⛔️ Disabled master password creation
⛔️ Disabled set Desktop background
⛔️ Disabled feedback commands
⛔️ Disabled Firefox Studies
⛔️ Disabled profile import
⛔️ Disabled system addon updates
⛔️ Disabled Firefox home (Search, Top Sites, Highlights, Pocket, Snippets)
⛔️ Removed all defaults bookmarks
⛔️ Removed "Bing", "Google", "Twitter" as search engines and set "DuckDuckGo" as deafult (this policy is only available on the ESR.)
✅ Created new section "Deprecated": moved inside it the already existing prefs and added some missing ones that have been removed, renamed or changed over time (these prefs remain active for ESR60.x versions)
ℹ️ Fixed some descriptions for a better explanation
✅ Defaulted to an empty value about DoH resolvers instead Cloudflare and co. (FF68)
⛔️ Locked entirely add-on and certificate blocklists (OneCRL) from Mozilla
⛔️ Locked more sync (FF68)
⛔️ Locked more telemetry (FF68)
⛔️ Locked recommendations in about:addons Extensions and Themes panes (FF68)
⛔️ Locked report extension option in about:addons (FF68)
⛔️ Decreased more system information leakage to Mozilla addons update servers
⛔️ Locked the Enterprise Roots preference (FF68)
⛔️ Locked access to navigator.mediaDevices features on HTTP web pages (FF68)
⛔️ Locked FF Remote Agent (FF68)
⛔️ Locked more VR features (FF68)
ℹ️ Fixed some typo
ℹ️ Fixed FF doesen't save theme selected by user
ℹ️ Removed "Defaulting Proxy settings" because the two values I entered are the same of default now
✅ Enabled Ion and baseline JIT javascript (due addons and navigation issues)
✅ Enabled double click selects a string segment in URL bar
✅ Enabled one-click select all URL bar
⛔️ Locked recent Highlights in the Library
⛔️ Locked warnings about close/open multiple tabs
⛔️ Locked warnings by entering full screen mode
⛔️ Locked more unwanted connections
⛔️ Locked missing prefs in already disabled pref
⛔️ Disabled by default urlbar suggest history, bookmarks and open tabs
⛔️ Locked new requests asking to access your hardware components (geo, camera, mic, notifications)
⛔️ Locked completly password manager
⛔️ Locked completly Virtual Reality feauture
ℹ️ Sorted some prefs
ℹ️ Defaulted instead locked some prefs
- close tabs with db-click action
- URL bar autocomplete and history/bookmarks suggestions dropdown
✅ Enabled FF Process Priority Manager (FF69+) [TEST for WINDOWS]
✅ Locked missing prefs in already existing prefs
⛔️ Locked more telemetry
⛔️ Locked FF Recommended Extensions suggestions (FF68+)
⛔️ Locked Ion, baseline JIT and RegExp to help harden JS against exploits
⛔️ Locked more webGL (FF68+)
ℹ️ Set more legible default fonts
✅ Masked more builID in according to TBB
✅ reEnabled reader mode
⛔️ Locked documents loading fonts (this drastically limits/reduces font enumeration)
⛔️ Locked first run page (no more firefox welcome)
⛔️ Locked javascript Ion, baseline JIT and RegExp to help harden JS against exploits (disabled in TBB, performance loss??) [need test]
⛔️ Locked new cryptomining and fingerprinting trackingprotection
ℹ️ Added some descriptions
✅ Added missing prefs (for prevention) in already disabled prefs
✅ Locked FF to display long lines in view-source page
⛔️ Locked FF warnings (about:config/networking)
⛔️ Locked pinned sites from searchbar
⛔️ Locked all sensors
⛔️ Disabled dark theme on forms (usefull with system dark theme e.g. Linux)
⛔️ Locked ctrl+tab back to the old one
ℹ️ Set FF to “don’t read add-ons from the user’s directory or the system.” (usefull for portable versions)
ℹ️ Disabled RFP-letterboxing (for now, let's see if FF will implement this pref in resistFingerprinting)
✅ Added missing prefs (for prevention) in already disabled prefs
✅ Added some deprecated prefs (for prevention)
✅ Added some descriptions
⛔️ Locked more sync prefs (for prevention)
⛔️ Locked more telemetry/coverage/healthreport/onboarding prefs (for prevention)
⛔️ Locked GCLI (Graphical Command Line Interface)
⛔️ Locked Firefox screenshot extension
⛔️ Defaulted spellchecker functionality
⛔️ Locked "Savant" Shield study (for prevention)
⛔️ Locked social integration with FF (for prevention)
⛔️ Locked useragent updates and site specific overrides
⛔️ Locked mailnews
⛔️ Locked website protocol handlers (irc,mailto,webcal)
⛔️ Locked more unwanted connections
⛔️ Locked more URL protocol handlers
⛔️ Locked remote JAR files being opened
⛔️ Removed special permissions for certain mozilla domains
⛔️ Locked Firefox Tips / Search suggestions
⛔️ Locked OCSP (again..)
⛔️ Locked Adbobe Primetime
⛔️ Defaulted Reader mode (less RAM consumption..just a bit) [useless?]
ℹ️ Set SSL version min 1.2
ℹ️ Cleanup devtools
ℹ️ Now Display "insecure" icon and "Not Secure" text on HTTP sites also in private browsing mode
ℹ️ Now clear on shutdown also history and downloads
✅ Enabled app from auto-update
⛔️ Disabled check default browser
⛔️ Disabled and locked camera requests
⛔️ Disabled and locked camera requests
⛔️ Disabled and locked microphone requests
⛔️ Disabled and locked location requests
⛔️ Disabled and locked notifications requests
⛔️ Disabled and locked trackingprotection
⛔️ Disabled accept third-party cookies
⛔️ Disabled offer to save logins
ℹ️ Set SSL version min `1.2`