diff --git a/user.js b/user.js index c89eaf9..4421574 100644 --- a/user.js +++ b/user.js @@ -139,7 +139,7 @@ user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely decease // user_pref("geo.enabled", false); /* 0201b: set a default permission for Location [FF58+] * 0=always ask (default), 1=allow, 2=block - * [NOTE] best left at default "always ask", fingerprintable via Permissions API + * [NOTE] Best left at default "always ask", fingerprintable via Permissions API * [SETTING] to add site exceptions: Page Info>Permissions>Access Your Location * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Location>Settings ***/ // user_pref("permissions.default.geo", 2); @@ -1154,7 +1154,7 @@ user_pref("dom.webnotifications.enabled", false); // [FF22+] user_pref("dom.webnotifications.serviceworker.enabled", false); // [FF44+] /* 2305: set a default permission for Notifications (see 2304) [FF58+] * 0=always ask (default), 1=allow, 2=block - * [NOTE] best left at default "always ask", fingerprintable via Permissions API + * [NOTE] Best left at default "always ask", fingerprintable via Permissions API * [SETTING] to add site exceptions: Page Info>Permissions>Receive Notifications * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Notifications>Settings ***/ // user_pref("permissions.default.desktop-notification", 2); @@ -1313,7 +1313,7 @@ user_pref("permissions.manager.defaultsUrl", ""); /* 2617: remove webchannel whitelist ***/ user_pref("webchannel.allowObject.urlWhitelist", ""); /* 2618: disable exposure of system colors to CSS or canvas [FF44+] - * [NOTE] see second listed bug: may cause black on black for elements with undefined colors + * [NOTE] See second listed bug: may cause black on black for elements with undefined colors * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 ***/ user_pref("ui.use_standins_for_native_colors", true); // [HIDDEN PREF] /* 2619: enforce Punycode for Internationalized Domain Names to eliminate possible spoofing @@ -1401,13 +1401,11 @@ user_pref("security.dialog_enable_delay", 700); accessible to websites except shared/service workers where the cookie setting *must* be "Allow" ***/ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!"); -/* 2701: disable 3rd-party cookies and site-data - * You can set exceptions under site permissions or use an extension - * 0=Accept cookies and site data, 1=Block third-party cookies, 2=Block all cookies, - * 3=Block cookies from unvisited sites, 4=Block third-party trackers (FF63+) - * [NOTE] value 4 is tied to the Tracking Protection lists so make sure you have 0424 + 0425 on default values! - * [SETTING] Privacy & Security>Content Blocking>Custom>Cookies - * [1] https://www.fxsitecompat.com/en-CA/docs/2015/web-storage-indexeddb-cache-api-now-obey-third-party-cookies-preference/ ***/ +/* 2701: disable 3rd-party cookies + * 0=default (Standard Content Blocking / Custom Content Blocking with "Cookies" unchecked) + * 1=All third-party cookies, 2=All cookies 3=Cookies from unvisited websites, 4=Third-party trackers (FF63+) + * [NOTE] You can set exceptions under site permissions or use an extension + * [SETTING] Privacy & Security>Content Blocking>Custom>Choose what to block>Cookies ***/ user_pref("network.cookie.cookieBehavior", 1); /* 2702: set third-party cookies (i.e ALL) (if enabled, see 2701) to session-only and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only @@ -1417,10 +1415,11 @@ user_pref("network.cookie.cookieBehavior", 1); * [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly ***/ user_pref("network.cookie.thirdparty.sessionOnly", true); user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // [FF58+] -/* 2703: set cookie lifetime policy - * 0=until they expire (default), 2=until you close Firefox - * [NOTE] 3=for n days : no longer supported in FF63+ (see 2704-deprecated) ***/ - // user_pref("network.cookie.lifetimePolicy", 0); +/* 2703: delete cookies and site data on close + * [NOTE] This is *NOT* the same as 2802 + 2803 (clearing data on shutdown) + * [NOTE] The setting below is disabled (but not changed) if you block all cookies (2701 = 2) + * [SETTING] Privacy>Cookies and Site Data>Delete cookies and site data when Firefox is closed ***/ + // user_pref("network.cookie.lifetimePolicy", 0); // 0=delete, 2=do nothing /* 2705: disable HTTP sites setting cookies with the "secure" directive [FF52+] * [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/ user_pref("network.cookie.leave-secure-alone", true); // [DEFAULT: true]