mirror of
https://github.com/arkenfox/user.js.git
synced 2025-04-15 13:12:57 -04:00
v126-1
This commit is contained in:
wraaath
parent
06132d3f54
commit
4c1d4794f2
@ -1,7 +1,7 @@
|
||||
/******
|
||||
* name: arkenfox user.js
|
||||
* date: 20 November 2023
|
||||
* version: 119
|
||||
* date: 7 June 2024
|
||||
* version: 126
|
||||
* urls: https://github.com/arkenfox/user.js [repo]
|
||||
* : https://arkenfox.github.io/gui/ [interactive]
|
||||
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
|
||||
@ -35,7 +35,7 @@
|
||||
- It is recommended to not use the updater, or you will get a later version which may cause issues.
|
||||
So you should manually append your overrides (and keep a copy), and manually update when you
|
||||
change ESR releases (arkenfox is already past that release)
|
||||
- If you decide to keep updating, then the onus is on - also see section 9999
|
||||
- If you decide to keep updating, then the onus is on you - also see section 9999
|
||||
|
||||
* INDEX:
|
||||
|
||||
@ -56,6 +56,7 @@
|
||||
2600: MISCELLANEOUS
|
||||
2700: ETP (ENHANCED TRACKING PROTECTION)
|
||||
2800: SHUTDOWN & SANITIZING
|
||||
4000: FPP (fingerprintingProtection)
|
||||
4500: RFP (resistFingerprinting)
|
||||
5000: OPTIONAL OPSEC
|
||||
5500: OPTIONAL HARDENING
|
||||
@ -94,8 +95,8 @@ user_pref("browser.startup.homepage", "about:home");
|
||||
user_pref("browser.newtabpage.enabled", false);
|
||||
/* 0105: disable sponsored content on Firefox Home (Activity Stream)
|
||||
* [SETTING] Home>Firefox Home Content ***/
|
||||
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+] Pocket > Sponsored Stories
|
||||
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Sponsored shortcuts
|
||||
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+]
|
||||
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Shortcuts>Sponsored shortcuts
|
||||
/* 0106: clear default topsites
|
||||
* [NOTE] This does not block you from adding your own ***/
|
||||
user_pref("browser.newtabpage.activity-stream.default.sites", "");
|
||||
@ -105,7 +106,7 @@ user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely decease
|
||||
/* 0201: use Mozilla geolocation service instead of Google if permission is granted [FF74+]
|
||||
* Optionally enable logging to the console (defaults to false) ***/
|
||||
user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
|
||||
user_pref("geo.provider.network.logging.enabled", true); // [HIDDEN PREF]
|
||||
// user_pref("geo.provider.network.logging.enabled", true); // [HIDDEN PREF]
|
||||
/* 0202: disable using the OS's geolocation service ***/
|
||||
user_pref("geo.provider.ms-windows-location", false); // [WINDOWS]
|
||||
user_pref("geo.provider.use_corelocation", false); // [MAC]
|
||||
@ -157,9 +158,6 @@ user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); // [FF57+]
|
||||
user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
|
||||
user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF]
|
||||
user_pref("toolkit.coverage.endpoint.base", "");
|
||||
/* 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
|
||||
* Defense-in-depth: currently covered by 0331 ***/
|
||||
user_pref("browser.ping-centre.telemetry", false);
|
||||
/* 0335: disable Firefox Home (Activity Stream) telemetry ***/
|
||||
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
||||
user_pref("browser.newtabpage.activity-stream.telemetry", false);
|
||||
@ -288,7 +286,7 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: ""
|
||||
* [2] https://wiki.mozilla.org/Security/DOH-resolver-policy
|
||||
* [3] https://support.mozilla.org/en-US/kb/firefox-dns-over-https
|
||||
* [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
|
||||
user_pref("network.trr.mode", 5);
|
||||
// user_pref("network.trr.mode", 3);
|
||||
/* 0712: set DoH provider
|
||||
* The custom uri is the value shown when you "Choose provider>Custom>"
|
||||
* [NOTE] If you USE custom then "network.trr.uri" should be set the same
|
||||
@ -302,12 +300,14 @@ user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!");
|
||||
* [1] https://bugzilla.mozilla.org/1348275 ***/
|
||||
user_pref("browser.urlbar.speculativeConnect.enabled", false);
|
||||
/* 0802: disable location bar contextual suggestions
|
||||
* [SETTING] Privacy & Security>Address Bar>Suggestions from...
|
||||
* [NOTE] The UI is controlled by the .enabled pref
|
||||
* [SETTING] Search>Address Bar>Suggestions from...
|
||||
* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
|
||||
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
|
||||
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+]
|
||||
user_pref("browser.urlbar.quicksuggest.enabled", false); // [FF92+] [DEFAULT: false]
|
||||
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+] [DEFAULT: false]
|
||||
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+] [DEFAULT: false]
|
||||
/* 0803: disable live search suggestions
|
||||
* [NOTE] Both must be true for the location bar to work
|
||||
* [NOTE] Both must be true for live search to work in the location bar
|
||||
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
|
||||
* [SETTING] Search>Provide search suggestions | Show search suggestions in address bar results ***/
|
||||
user_pref("browser.search.suggest.enabled", false);
|
||||
@ -320,8 +320,9 @@ user_pref("browser.urlbar.addons.featureGate", false); // [FF115+]
|
||||
user_pref("browser.urlbar.mdn.featureGate", false); // [FF117+] [HIDDEN PREF]
|
||||
user_pref("browser.urlbar.pocket.featureGate", false); // [FF116+] [DEFAULT: false]
|
||||
user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: false]
|
||||
user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+] [DEFAULT: false]
|
||||
/* 0807: disable urlbar clipboard suggestions [FF118+] ***/
|
||||
user_pref("browser.urlbar.clipboard.featureGate", false); // [DEFAULT: false]
|
||||
user_pref("browser.urlbar.clipboard.featureGate", false);
|
||||
/* 0810: disable search and form history
|
||||
* [SETUP-WEB] Be aware that autocomplete form data can be read by third parties [1][2]
|
||||
* [NOTE] We also clear formdata on exit (2811)
|
||||
@ -331,7 +332,7 @@ user_pref("browser.urlbar.clipboard.featureGate", false); // [DEFAULT: false]
|
||||
user_pref("browser.formfill.enable", false);
|
||||
/* 0815: disable tab-to-search [FF85+]
|
||||
* Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
|
||||
* [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest>Search engines ***/
|
||||
* [SETTING] Search>Address Bar>When using the address bar, suggest>Search engines ***/
|
||||
user_pref("browser.urlbar.suggest.engines", false);
|
||||
/* 0820: disable coloring of visited links
|
||||
* [SETUP-HARDEN] Bulk rapid history sniffing was mitigated in 2010 [1][2]. Slower and more expensive
|
||||
@ -411,7 +412,7 @@ user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
|
||||
* but the problem is that the browser can't know that. Setting this pref to true is the only way for the
|
||||
* browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server
|
||||
* [SETUP-WEB] SSL_ERROR_UNSAFE_NEGOTIATION: is it worth overriding this for that one site?
|
||||
* [STATS] SSL Labs (Nov 2023) reports over 99.5% of top sites have secure renegotiation [4]
|
||||
* [STATS] SSL Labs (May 2024) reports over 99.7% of top sites have secure renegotiation [4]
|
||||
* [1] https://wiki.mozilla.org/Security:Renegotiation
|
||||
* [2] https://datatracker.ietf.org/doc/html/rfc5746
|
||||
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||
@ -510,12 +511,18 @@ user_pref("_user.js.parrot", "1700 syntax error: the parrot's bit the dust!");
|
||||
/* 1701: enable Container Tabs and its UI setting [FF50+]
|
||||
* [SETTING] General>Tabs>Enable Container Tabs
|
||||
* https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers ***/
|
||||
user_pref("privacy.userContext.enabled", false);
|
||||
user_pref("privacy.userContext.ui.enabled", false);
|
||||
user_pref("privacy.userContext.enabled", true);
|
||||
user_pref("privacy.userContext.ui.enabled", true);
|
||||
/* 1702: set behavior on "+ Tab" button to display container menu on left click [FF74+]
|
||||
* [NOTE] The menu is always shown on long press and right click
|
||||
* [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/
|
||||
user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", false);
|
||||
/* 1703: set external links to open in site-specific containers [FF123+]
|
||||
* [SETUP-WEB] Depending on your container extension(s) and their settings
|
||||
* true=Firefox will not choose a container (so your extension can)
|
||||
* false=Firefox will choose the container/no-container (default)
|
||||
* [1] https://bugzilla.mozilla.org/1874599 ***/
|
||||
// user_pref("browser.link.force_default_user_context_id_for_external_opens", true);
|
||||
|
||||
/*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/
|
||||
user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
|
||||
@ -582,6 +589,11 @@ user_pref("pdfjs.disabled", false); // [DEFAULT: false]
|
||||
user_pref("pdfjs.enableScripting", false); // [FF86+]
|
||||
/* 2624: disable middle click on new tab button opening URLs or searches using clipboard [FF115+] */
|
||||
user_pref("browser.tabs.searchclipboardfor.middleclick", false); // [DEFAULT: false NON-LINUX]
|
||||
/* 2630: disable content analysis by DLP (Data Loss Prevention) agents
|
||||
* DLP agents are background processes on managed computers that allow enterprises to monitor locally running
|
||||
* applications for data exfiltration events, which they can allow/block based on customer defined DLP policies.
|
||||
* [1] https://github.com/chromium/content_analysis_sdk */
|
||||
user_pref("browser.contentanalysis.default_allow", false); // [FF124+] [DEFAULT: false]
|
||||
|
||||
/** DOWNLOADS ***/
|
||||
/* 2651: enable user interaction for security by always asking where to download
|
||||
@ -591,7 +603,7 @@ user_pref("browser.download.useDownloadDir", true);
|
||||
/* 2652: disable downloads panel opening on every download [FF96+] ***/
|
||||
user_pref("browser.download.alwaysOpenPanel", false);
|
||||
/* 2653: disable adding downloads to the system's "recent documents" list ***/
|
||||
user_pref("browser.download.manager.addToRecentDocs", true);
|
||||
user_pref("browser.download.manager.addToRecentDocs", false);
|
||||
/* 2654: enable user interaction for security by always asking how to handle new mimetypes [FF101+]
|
||||
* [SETTING] General>Files and Applications>What should Firefox do with other files ***/
|
||||
user_pref("browser.download.always_ask_before_handling_new_types", false);
|
||||
@ -635,59 +647,104 @@ user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!"
|
||||
* [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes | Settings ***/
|
||||
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
|
||||
|
||||
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS ***/
|
||||
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS | v2 migration is FF128+ ***/
|
||||
/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME]
|
||||
* [NOTE] If "history" is true, downloads will also be cleared
|
||||
* [NOTE] "sessions": Active Logins: refers to HTTP Basic Authentication [1], not logins via cookies
|
||||
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
|
||||
* [NOTE] If "history" is true, downloads will also be cleared ***/
|
||||
user_pref("privacy.clearOnShutdown.cache", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown_v2.cache", true); // [FF128+] [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.downloads", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.formdata", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.history", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.sessions", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.siteSettings", false); // [DEFAULT: false]
|
||||
user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", true); // [FF128+] [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown.siteSettings", true); // [DEFAULT: false]
|
||||
user_pref("privacy.clearOnShutdown_v2.siteSettings", true); // [FF128+] [DEFAULT: false]
|
||||
/* 2812: set Session Restore to clear on shutdown (if 2810 is true) [FF34+]
|
||||
* [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811)
|
||||
* [NOTE] If true, this prevents resuming from crashes (also see 5008) ***/
|
||||
user_pref("privacy.clearOnShutdown.openWindows", true);
|
||||
|
||||
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ ***/
|
||||
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ | v2 migration is FF128+ ***/
|
||||
/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME]
|
||||
* [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note below).
|
||||
* serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for
|
||||
* both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
|
||||
* [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache)
|
||||
* [NOTE] "sessions": Active Logins (has no site exceptions): refers to HTTP Basic Authentication [1], not logins via cookies
|
||||
* [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271)
|
||||
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question)
|
||||
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
|
||||
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings
|
||||
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
|
||||
user_pref("privacy.clearOnShutdown.cookies", true); // Cookies
|
||||
user_pref("privacy.clearOnShutdown.offlineApps", true); // Site Data
|
||||
user_pref("privacy.clearOnShutdown.sessions", true); // Active Logins [DEFAULT: true]
|
||||
user_pref("privacy.clearOnShutdown_v2.cookiesAndStorage", true); // Cookies, Site Data, Active Logins [FF128+]
|
||||
|
||||
/** SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS ***/
|
||||
/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME]
|
||||
* This dialog can also be accessed from the menu History>Clear Recent History
|
||||
/** SANITIZE SITE DATA: IGNORES "ALLOW" SITE EXCEPTIONS ***/
|
||||
/* 2820: set manual "Clear Data" items [SETUP-CHROME] [FF128+]
|
||||
* Firefox remembers your last choices. This will reset them when you start Firefox
|
||||
* [SETTING] Privacy & Security>Browser Privacy>Cookies and Site Data>Clear Data ***/
|
||||
user_pref("privacy.clearSiteData.cache", true);
|
||||
user_pref("privacy.clearSiteData.cookiesAndStorage", false); // keep false until it respects "allow" site exceptions
|
||||
user_pref("privacy.clearSiteData.historyFormDataAndDownloads", true);
|
||||
// user_pref("privacy.clearSiteData.siteSettings", false);
|
||||
|
||||
/** SANITIZE HISTORY: IGNORES "ALLOW" SITE EXCEPTIONS | clearHistory migration is FF128+ ***/
|
||||
/* 2830: set manual "Clear History" items, also via Ctrl-Shift-Del [SETUP-CHROME]
|
||||
* Firefox remembers your last choices. This will reset them when you start Firefox
|
||||
* [NOTE] Regardless of what you set "downloads" to, as soon as the dialog
|
||||
* for "Clear Recent History" is opened, it is synced to the same as "history" ***/
|
||||
* for "Clear Recent History" is opened, it is synced to the same as "history"
|
||||
* [SETTING] Privacy & Security>History>Custom Settings>Clear History ***/
|
||||
user_pref("privacy.cpd.cache", true); // [DEFAULT: true]
|
||||
user_pref("privacy.clearHistory.cache", true);
|
||||
user_pref("privacy.cpd.formdata", true); // [DEFAULT: true]
|
||||
user_pref("privacy.cpd.history", true); // [DEFAULT: true]
|
||||
// user_pref("privacy.cpd.downloads", true); // not used, see note above
|
||||
user_pref("privacy.clearHistory.historyFormDataAndDownloads", true);
|
||||
user_pref("privacy.cpd.cookies", false);
|
||||
user_pref("privacy.cpd.sessions", true); // [DEFAULT: true]
|
||||
user_pref("privacy.cpd.offlineApps", false); // [DEFAULT: false]
|
||||
user_pref("privacy.cpd.cookies", false);
|
||||
// user_pref("privacy.cpd.downloads", true); // not used, see note above
|
||||
user_pref("privacy.clearHistory.cookiesAndStorage", false);
|
||||
user_pref("privacy.cpd.openWindows", false); // Session Restore
|
||||
user_pref("privacy.cpd.passwords", false);
|
||||
user_pref("privacy.cpd.siteSettings", false);
|
||||
/* 2822: reset default "Time range to clear" for "Clear Recent History" (2820)
|
||||
// user_pref("privacy.cpd.siteSettings", false);
|
||||
// user_pref("privacy.clearHistory.siteSettings", false);
|
||||
|
||||
/** SANITIZE MANUAL: TIMERANGE ***/
|
||||
/* 2840: set "Time range to clear" for "Clear Data" (2820) and "Clear History" (2830)
|
||||
* Firefox remembers your last choice. This will reset the value when you start Firefox
|
||||
* 0=everything, 1=last hour, 2=last two hours, 3=last four hours, 4=today
|
||||
* [NOTE] Values 5 (last 5 minutes) and 6 (last 24 hours) are not listed in the dropdown,
|
||||
* which will display a blank value, and are not guaranteed to work ***/
|
||||
user_pref("privacy.sanitize.timeSpan", 0);
|
||||
|
||||
/*** [SECTION 4000]: FPP (fingerprintingProtection)
|
||||
RFP (4501) overrides FPP
|
||||
|
||||
In FF118+ FPP is on by default in private windows (4001) and in FF119+ is controlled
|
||||
by ETP (2701). FPP will also use Remote Services in future to relax FPP protections
|
||||
on a per site basis for compatibility (4003).
|
||||
|
||||
1826408 - restrict fonts to system (kBaseFonts + kLangPackFonts) (Windows, Mac, some Linux)
|
||||
https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
|
||||
1858181 - subtly randomize canvas per eTLD+1, per session and per window-mode (FF120+)
|
||||
***/
|
||||
user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!");
|
||||
/* 4001: enable FPP in PB mode [FF114+]
|
||||
* [NOTE] In FF119+, FPP for all modes (7016) is enabled with ETP Strict (2701) ***/
|
||||
// user_pref("privacy.fingerprintingProtection.pbmode", true); // [DEFAULT: true FF118+]
|
||||
/* 4002: set global FPP overrides [FF114+]
|
||||
* Controls what protections FPP uses globally, including "RFPTargets" (despite the name these are
|
||||
* not used by RFP) e.g. "+AllTargets,-CSSPrefersColorScheme" or "-AllTargets,+CanvasRandomization"
|
||||
* [NOTE] Be aware that not all RFP protections are necessarily in RFPTargets
|
||||
* [WARNING] Not recommended. Either use RFP or FPP at defaults
|
||||
* [1] https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc ***/
|
||||
// user_pref("privacy.fingerprintingProtection.overrides", "");
|
||||
/* 4003: disable remote FPP overrides [FF127+] ***/
|
||||
// user_pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false);
|
||||
|
||||
/*** [SECTION 4500]: RFP (resistFingerprinting)
|
||||
RFP covers a wide range of ongoing fingerprinting solutions.
|
||||
RFP overrides FPP (4000)
|
||||
|
||||
It is an all-or-nothing buy in: you cannot pick and choose what parts you want
|
||||
[TEST] https://arkenfox.github.io/TZP/tzp.html
|
||||
|
||||
@ -695,7 +752,6 @@ user_pref("privacy.sanitize.timeSpan", 0);
|
||||
|
||||
418986 - limit window.screen & CSS media queries (FF41)
|
||||
1281949 - spoof screen orientation (FF50)
|
||||
1330890 - spoof timezone as UTC0 (FF55)
|
||||
1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
|
||||
FF56
|
||||
1333651 - spoof User Agent & Navigator API
|
||||
@ -715,7 +771,7 @@ user_pref("privacy.sanitize.timeSpan", 0);
|
||||
1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
|
||||
Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone"
|
||||
Block: suppresses the ondevicechange event
|
||||
1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59)
|
||||
1039069 - warn when language prefs are not set to "en*" (FF59)
|
||||
1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59)
|
||||
Spoofing mimics the content language of the document. Currently it only supports en-US.
|
||||
Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
|
||||
@ -738,11 +794,14 @@ user_pref("privacy.sanitize.timeSpan", 0);
|
||||
1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102)
|
||||
1422237 - return "srgb" with color-gamut (FF110)
|
||||
1794628 - return "none" with inverted-colors (FF114)
|
||||
1554751 - return devicePixelRatio as 2 (previously FF41+ was 1) (FF127)
|
||||
1787790 - normalize system fonts (FF128)
|
||||
1835987 - spoof timezone as Atlantic/Reykjavik (previously FF55+ was UTC) (FF128)
|
||||
***/
|
||||
user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
|
||||
/* 4501: enable RFP
|
||||
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar
|
||||
* RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
|
||||
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar.
|
||||
* RFP also has a few side effects: mainly timezone is UTC, and websites will prefer light theme
|
||||
* [NOTE] pbmode applies if true and the original pref is false
|
||||
* [1] https://bugzilla.mozilla.org/418986 ***/
|
||||
user_pref("privacy.resistFingerprinting", true); // [FF41+]
|
||||
@ -771,6 +830,12 @@ user_pref("privacy.resistFingerprinting.letterboxing", false); // [HIDDEN PREF]
|
||||
* [WARNING] DO NOT USE unless testing, see [1] comment 12
|
||||
* [1] https://bugzilla.mozilla.org/1635603 ***/
|
||||
// user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
|
||||
/* 4506: disable RFP spoof english prompt [FF59+]
|
||||
* 0=prompt, 1=disabled, 2=enabled (requires RFP)
|
||||
* [NOTE] When changing from value 2, preferred languages ('intl.accept_languages') is not reset.
|
||||
* [SETUP-WEB] when enabled, sets 'en-US, en' for displaying pages and 'en-US' as locale.
|
||||
* [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English... ***/
|
||||
user_pref("privacy.spoof_english", 1);
|
||||
/* 4510: disable using system colors
|
||||
* [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/
|
||||
user_pref("browser.display.use_system_colors", true); // [DEFAULT: false NON-WINDOWS]
|
||||
@ -1069,7 +1134,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
|
||||
// user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+]
|
||||
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
|
||||
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
|
||||
// user_pref("privacy.partition.network_state.ocsp_cache", true);
|
||||
// user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true FF123+]
|
||||
// user_pref("privacy.query_stripping.enabled", true); // [FF101+]
|
||||
// user_pref("privacy.trackingprotection.enabled", true);
|
||||
// user_pref("privacy.trackingprotection.socialtracking.enabled", true);
|
||||
@ -1083,7 +1148,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
|
||||
* [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/ ***/
|
||||
// user_pref("dom.webnotifications.enabled", false);
|
||||
/* 7019: disable Push Notifications [FF44+]
|
||||
* [WHY] Push requires subscription
|
||||
* [WHY] Website "push" requires subscription, and the API is required for CRLite (1224)
|
||||
* [NOTE] To remove all subscriptions, reset "dom.push.userAgentID"
|
||||
* [1] https://support.mozilla.org/kb/push-notifications-firefox ***/
|
||||
// user_pref("dom.push.enabled", false);
|
||||
@ -1094,6 +1159,10 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
|
||||
* [1] https://groups.google.com/g/discuss-webrtc/c/6stQXi72BEU/m/2FwZd24UAQAJ
|
||||
* [2] https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates#section-3.1.1 ***/
|
||||
// user_pref("media.peerconnection.enabled", false);
|
||||
/* 7021: enable GPC (Global Privacy Control) in non-PB windows
|
||||
* [WHY] Passive and active fingerprinting. Mostly redundant with Tracking Protection
|
||||
* in ETP Strict (2701) and sanitizing on close (2800s) ***/
|
||||
// user_pref("privacy.globalprivacycontrol.enabled", true);
|
||||
|
||||
/*** [SECTION 8000]: DON'T BOTHER: FINGERPRINTING
|
||||
[WHY] They are insufficient to help anti-fingerprinting and do more harm than good
|
||||
@ -1131,8 +1200,6 @@ user_pref("browser.startup.homepage_override.mstone", "ignore"); // [HIDDEN PREF
|
||||
/* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/
|
||||
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
|
||||
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
|
||||
/* 9003: disable What's New toolbar icon [FF69+] ***/
|
||||
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
|
||||
/* 9004: disable search terms [FF110+]
|
||||
* [SETTING] Search>Search Bar>Use the address bar for search and navigation>Show search terms instead of URL... ***/
|
||||
user_pref("browser.urlbar.showSearchTerms.enabled", false);
|
||||
@ -1185,6 +1252,15 @@ user_pref("security.family_safety.mode", 0);
|
||||
// 0711: disable skipping DoH when parental controls are enabled [FF70+]
|
||||
// [-] https://bugzilla.mozilla.org/1586941
|
||||
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
|
||||
// FF123
|
||||
// 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
|
||||
// Defense-in-depth: currently covered by 0331
|
||||
// [-] https://bugzilla.mozilla.org/1868988
|
||||
user_pref("browser.ping-centre.telemetry", false);
|
||||
// FF126
|
||||
// 9003: disable What's New toolbar icon [FF69+]
|
||||
// [-] https://bugzilla.mozilla.org/1724300
|
||||
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
|
||||
// ***/
|
||||
|
||||
/* END: internal custom pref to test for syntax errors ***/
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user