Git-Mirrors/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-09-20 16:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Git-Mirrors:115.1
Branches Tags
Git-Mirrors:master
Git-Mirrors:Thorin-Oakenpants-patch-1
Git-Mirrors:128.0
Git-Mirrors:126.1
Git-Mirrors:126.0
Git-Mirrors:122.0
Git-Mirrors:119.0
Git-Mirrors:118.0
Git-Mirrors:117.0
Git-Mirrors:115.1
Git-Mirrors:115.0
Git-Mirrors:112.0
Git-Mirrors:111.0
Git-Mirrors:110.0
Git-Mirrors:v110.0
Git-Mirrors:109.0
Git-Mirrors:108.0
Git-Mirrors:107.0
Git-Mirrors:106.0
Git-Mirrors:105.0
Git-Mirrors:104.0
Git-Mirrors:103.0
Git-Mirrors:102.1
Git-Mirrors:102.0
Git-Mirrors:101.0
Git-Mirrors:100.0
Git-Mirrors:99.0
Git-Mirrors:98.0
Git-Mirrors:97.0
Git-Mirrors:96.0
Git-Mirrors:95.0
Git-Mirrors:94.1
Git-Mirrors:94.0
Git-Mirrors:91.1
Git-Mirrors:93.0
Git-Mirrors:92.0
Git-Mirrors:91.0
Git-Mirrors:90.0
Git-Mirrors:89.0
Git-Mirrors:88.0
Git-Mirrors:87.0
Git-Mirrors:86.0
Git-Mirrors:85.0
Git-Mirrors:84.0
Git-Mirrors:83.0
Git-Mirrors:82.0
Git-Mirrors:v82.0-beta
Git-Mirrors:81.0
Git-Mirrors:v81.0-beta
Git-Mirrors:80.0
Git-Mirrors:v80.0-beta
Git-Mirrors:79.0
Git-Mirrors:v79.0-beta
Git-Mirrors:78.0
Git-Mirrors:v78.0-beta
Git-Mirrors:77.0
Git-Mirrors:v77.0-beta
Git-Mirrors:76.0
Git-Mirrors:v76.0-beta
Git-Mirrors:75.0
Git-Mirrors:v75.0-beta
Git-Mirrors:74.0
Git-Mirrors:v74.0-beta
Git-Mirrors:73.0
Git-Mirrors:v73.0-beta
Git-Mirrors:72.0
Git-Mirrors:v72.0-beta
Git-Mirrors:71.0
Git-Mirrors:v71.0-beta
Git-Mirrors:70.0
Git-Mirrors:v70.0-beta
Git-Mirrors:69.0
Git-Mirrors:v69.0-beta
Git-Mirrors:68.0
Git-Mirrors:v68.0-beta
Git-Mirrors:67.0
Git-Mirrors:v67.0-beta
Git-Mirrors:66.0
Git-Mirrors:v66.0-beta
Git-Mirrors:65.0
Git-Mirrors:v65.0-beta
Git-Mirrors:64.0
Git-Mirrors:v64.0-beta
Git-Mirrors:63.0
Git-Mirrors:v63.0-beta
Git-Mirrors:62.0
Git-Mirrors:v62.0-beta
Git-Mirrors:61.0
Git-Mirrors:v61.0-beta
Git-Mirrors:60.0
Git-Mirrors:v60.0-beta
Git-Mirrors:59.0
Git-Mirrors:v59.0-alpha
Git-Mirrors:58.0
Git-Mirrors:v58.0-alpha
Git-Mirrors:57.0
Git-Mirrors:v57.0-alpha
Git-Mirrors:56.0
Git-Mirrors:v56.0-alpha
Git-Mirrors:55.0
Git-Mirrors:v55.0-alpha
Git-Mirrors:54.0
Git-Mirrors:v54.0-alpha-rev1
Git-Mirrors:v54.0-alpha
Git-Mirrors:53.0
Git-Mirrors:v53.0-alpha
Git-Mirrors:52.0
Git-Mirrors:v52.0-alpha
Git-Mirrors:51.0
..
compare: Git-Mirrors:master
Branches Tags
Git-Mirrors:Thorin-Oakenpants-patch-1
Git-Mirrors:master
Git-Mirrors:128.0
Git-Mirrors:126.1
Git-Mirrors:126.0
Git-Mirrors:122.0
Git-Mirrors:119.0
Git-Mirrors:118.0
Git-Mirrors:117.0
Git-Mirrors:115.1
Git-Mirrors:115.0
Git-Mirrors:112.0
Git-Mirrors:111.0
Git-Mirrors:110.0
Git-Mirrors:v110.0
Git-Mirrors:109.0
Git-Mirrors:108.0
Git-Mirrors:107.0
Git-Mirrors:106.0
Git-Mirrors:105.0
Git-Mirrors:104.0
Git-Mirrors:103.0
Git-Mirrors:102.1
Git-Mirrors:102.0
Git-Mirrors:101.0
Git-Mirrors:100.0
Git-Mirrors:99.0
Git-Mirrors:98.0
Git-Mirrors:97.0
Git-Mirrors:96.0
Git-Mirrors:95.0
Git-Mirrors:94.1
Git-Mirrors:94.0
Git-Mirrors:91.1
Git-Mirrors:93.0
Git-Mirrors:92.0
Git-Mirrors:91.0
Git-Mirrors:90.0
Git-Mirrors:89.0
Git-Mirrors:88.0
Git-Mirrors:87.0
Git-Mirrors:86.0
Git-Mirrors:85.0
Git-Mirrors:84.0
Git-Mirrors:83.0
Git-Mirrors:82.0
Git-Mirrors:v82.0-beta
Git-Mirrors:81.0
Git-Mirrors:v81.0-beta
Git-Mirrors:80.0
Git-Mirrors:v80.0-beta
Git-Mirrors:79.0
Git-Mirrors:v79.0-beta
Git-Mirrors:78.0
Git-Mirrors:v78.0-beta
Git-Mirrors:77.0
Git-Mirrors:v77.0-beta
Git-Mirrors:76.0
Git-Mirrors:v76.0-beta
Git-Mirrors:75.0
Git-Mirrors:v75.0-beta
Git-Mirrors:74.0
Git-Mirrors:v74.0-beta
Git-Mirrors:73.0
Git-Mirrors:v73.0-beta
Git-Mirrors:72.0
Git-Mirrors:v72.0-beta
Git-Mirrors:71.0
Git-Mirrors:v71.0-beta
Git-Mirrors:70.0
Git-Mirrors:v70.0-beta
Git-Mirrors:69.0
Git-Mirrors:v69.0-beta
Git-Mirrors:68.0
Git-Mirrors:v68.0-beta
Git-Mirrors:67.0
Git-Mirrors:v67.0-beta
Git-Mirrors:66.0
Git-Mirrors:v66.0-beta
Git-Mirrors:65.0
Git-Mirrors:v65.0-beta
Git-Mirrors:64.0
Git-Mirrors:v64.0-beta
Git-Mirrors:63.0
Git-Mirrors:v63.0-beta
Git-Mirrors:62.0
Git-Mirrors:v62.0-beta
Git-Mirrors:61.0
Git-Mirrors:v61.0-beta
Git-Mirrors:60.0
Git-Mirrors:v60.0-beta
Git-Mirrors:59.0
Git-Mirrors:v59.0-alpha
Git-Mirrors:58.0
Git-Mirrors:v58.0-alpha
Git-Mirrors:57.0
Git-Mirrors:v57.0-alpha
Git-Mirrors:56.0
Git-Mirrors:v56.0-alpha
Git-Mirrors:55.0
Git-Mirrors:v55.0-alpha
Git-Mirrors:54.0
Git-Mirrors:v54.0-alpha-rev1
Git-Mirrors:v54.0-alpha
Git-Mirrors:53.0
Git-Mirrors:v53.0-alpha
Git-Mirrors:52.0
Git-Mirrors:v52.0-alpha
Git-Mirrors:51.0

31 Commits
115.1 ... master

Author SHA1 Message Date
Thorin-Oakenpants
f906f7f3b4
v128 (#1862) 2024-08-26 08:41:28 +00:00
Thorin-Oakenpants
11582f905a
geo.provider.use_gpsd 
https://bugzilla.mozilla.org/show_bug.cgi?id=1803234 - removed in FF131

and it doesn't work: https://bugzilla.mozilla.org/show_bug.cgi?id=1763347
 2024-08-06 04:37:00 +00:00
Thorin-Oakenpants
ff5c959cb9
geo.provider* 2024-07-09 05:49:23 +00:00
Thorin-Oakenpants
23caf69614
v127 deprecated 2024-06-22 15:44:54 +00:00
Thorin-Oakenpants
6446d73cf5
add deprecated since FF119 2024-06-14 06:14:26 +00:00
Thorin-Oakenpants
47cbf5b974
fixup sysntax, tidy 2024-06-07 21:36:53 +00:00
eleius
9655743d8c
fixup missing semicolon (#1850) 2024-06-07 20:53:34 +00:00
Thorin-Oakenpants
c2f191448c
v126 (#1816) 2024-06-06 20:21:14 +00:00
Thorin-Oakenpants
33a84b608c
v122 (#1764) 2024-02-04 20:09:30 +00:00
earthlng
4a510a4b4c
prefsCleaner.sh v2.1 
- remove group root/wheel check
 2023-11-24 13:38:25 +00:00
earthlng
e4dd5aa428
updater.sh v4.0 
- removed group root/wheel check
 2023-11-24 13:35:14 +00:00
Thorin-Oakenpants
fd72683abe
v119 (#1757) 2023-11-20 02:49:16 +00:00
Thorin-Oakenpants
f95c6829fe
fixup date/reference 2023-11-19 09:56:47 +00:00
Tiagoquix
fc25163763
Correct archived version link in arkenfox-cleanup.js (#1763) 2023-11-10 23:52:23 +00:00
Thorin-Oakenpants
29bb5a35f0
rename/add icons (#1760) 2023-11-02 21:17:15 +00:00
Thorin-Oakenpants
96210522d8
Add favicon for LibreWolf 2023-11-02 20:36:12 +00:00
Tad
d94d68245f
Add favicon for Mull 
Signed-off-by: Tad <tad@spotco.us>
 2023-11-02 16:18:47 -04:00
Thorin-Oakenpants
e2681baec3
javascript.use_us_english_locale 
https://bugzilla.mozilla.org/1846224
 2023-11-01 22:02:55 +00:00
Thorin-Oakenpants
35e8def0b1
network.dns.skipTRR-when-parental-control-enabled 2023-10-18 14:59:33 +00:00
Thorin-Oakenpants
3fdcb28b8f
v118 (#1724) 2023-10-18 14:03:40 +00:00
earthlng
f54d632da5
v2.0 - improve root check 2023-10-07 10:33:49 +00:00
Thorin-Oakenpants
6e79d1bba6
deprecated v118 2023-09-29 10:52:55 +00:00
Thorin-Oakenpants
56f51203bf
point to archived version 2023-09-21 12:36:35 +00:00
Thorin-Oakenpants
bd2e5b8d1d
undo encryption 
they're not default false since 108, that was nightly only
 2023-09-18 11:47:49 +00:00
Thorin-Oakenpants
f0513b7e64
inactive prefs no longer needed 
encryption prefs false since FF109, taskbar since jesus or whatever
 2023-09-18 11:41:47 +00:00
Thorin-Oakenpants
336300a274
v118 removed 
these are all at default now as of at least ESR115
 2023-09-18 08:39:50 +00:00
Thorin-Oakenpants
50af4b9af4
remove old prefs 2023-09-18 08:34:35 +00:00
Thorin-Oakenpants
3f6fcc13f0
permissions.delegation.enabled 2023-09-18 08:31:22 +00:00
Thorin-Oakenpants
1e6e211a06
v117 (#1710) 2023-09-17 07:17:40 +00:00
Thorin-Oakenpants
dfd5589c3d
v117 deprecated 2023-09-16 07:08:33 +00:00
Thorin-Oakenpants
ba173d4920
layout.css.font-visibility.resistFingerprinting 2023-08-28 04:15:07 +00:00
8 changed files with 349 additions and 662 deletions
Show Stats Expand all files Collapse all files

25
prefsCleaner.sh
View File

@ -2,23 +2,12 @@
## prefs.js cleaner for Linux/Mac
## author: @claustromaniac
## version: 1.9
## version: 2.1
## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh
## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in update_prefsCleaner() )
# Check if running as root and if any files have the owner/group as root/wheel.
if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
printf "You shouldn't run this with elevated privileges (such as with doas/sudo).\n"
exit 1
elif [ -n "$(find ./ -user 0 -o -group 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0 -o -group 0
exit 1
fi
readonly CURRDIR=$(pwd)
## get the full path of this script (readlink for Linux, greadlink for Mac with coreutils installed)
@ -143,13 +132,23 @@ done
## change directory to the Firefox profile directory
cd "$(dirname "${SCRIPT_FILE}")"
# Check if running as root and if any files have the owner as root/wheel.
if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
fQuit 1 "You shouldn't run this with elevated privileges (such as with doas/sudo)."
elif [ -n "$(find ./ -user 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0
fQuit 1
fi
[ "$AUTOUPDATE" = true ] && update_prefsCleaner "$@"
echo -e "\n\n"
echo " ╔══════════════════════════╗"
echo " ║ prefs.js cleaner ║"
echo " ║ by claustromaniac ║"
echo " ║ v1.9 ║"
echo " ║ v2.1 ║"
echo " ╚══════════════════════════╝"
echo -e "\nThis script should be run from your Firefox profile directory.\n"
echo "It will remove any entries from prefs.js that also exist in user.js."

437
scratchpad-scripts/arkenfox-cleanup.js
View File

@ -1,9 +1,12 @@
/***
This will reset the preferences that have been
This will reset the preferences that since FF91 have been
- removed from the arkenfox user.js
- deprecated by Mozilla but listed in the arkenfox user.js in the past
Last updated: 26-August-2023
There is an archived version at https://github.com/arkenfox/user.js/issues/123
if you want the full list since jesus
Last updated: 6-August-2024
Instructions:
- [optional] close Firefox and backup your profile
@ -32,6 +35,20 @@
const aPREFS = [
/* DEPRECATED */
/* 116-128 */
'browser.contentanalysis.default_allow', // 127
'browser.messaging-system.whatsNewPanel.enabled', // 126
'browser.ping-centre.telemetry', // 123
'dom.webnotifications.serviceworker.enabled', // 117
'javascript.use_us_english_locale', // 119
'layout.css.font-visibility.private', // 118
'layout.css.font-visibility.resistFingerprinting', // 116
'layout.css.font-visibility.standard', // 118
'layout.css.font-visibility.trackingprotection', // 118
'network.dns.skipTRR-when-parental-control-enabled', // 119
'permissions.delegation.enabled', // 118
'security.family_safety.mode', // 117
'widget.non-native-theme.enabled', // 127
/* 103-115 */
'browser.cache.offline.enable', // 115
'extensions.formautofill.heuristics.enabled', // 114
@ -52,198 +69,20 @@
'security.csp.enable', // 99
'security.password_lifetime', // 102
'security.ssl3.rsa_des_ede3_sha', // 93
/* 79-91 */
'browser.cache.offline.storage.enable',
'browser.download.hide_plugins_without_extensions',
'browser.library.activity-stream.enabled',
'browser.search.geoSpecificDefaults',
'browser.search.geoSpecificDefaults.url',
'dom.ipc.plugins.flash.subprocess.crashreporter.enabled',
'dom.ipc.plugins.reportCrashURL',
'dom.w3c_pointer_events.enabled',
'intl.charset.fallback.override',
'network.ftp.enabled',
'plugin.state.flash',
'security.mixed_content.block_object_subrequest',
'security.ssl.errorReporting.automatic',
'security.ssl.errorReporting.enabled',
'security.ssl.errorReporting.url',
/* 69-78 */
'browser.newtabpage.activity-stream.telemetry.ping.endpoint',
'browser.tabs.remote.allowLinkedWebInFileUriProcess',
'browser.urlbar.oneOffSearches',
'devtools.webide.autoinstallADBExtension',
'devtools.webide.enabled',
'dom.indexedDB.enabled',
'extensions.blocklist.url',
'geo.wifi.logging.enabled',
'geo.wifi.uri',
'gfx.downloadable_fonts.woff2.enabled',
'media.autoplay.allow-muted',
'media.autoplay.enabled.user-gestures-needed',
'offline-apps.allow_by_default',
'plugins.click_to_play',
'privacy.userContext.longPressBehavior',
'toolkit.cosmeticAnimations.enabled',
'toolkit.telemetry.hybridContent.enabled',
'webgl.disable-extensions',
/* 61-68 */
'app.update.enabled',
'browser.aboutHomeSnippets.updateUrl',
'browser.chrome.errorReporter.enabled',
'browser.chrome.errorReporter.submitUrl',
'browser.chrome.favicons',
'browser.ctrlTab.previews',
'browser.fixup.hide_user_pass',
'browser.newtabpage.activity-stream.asrouter.userprefs.cfr',
'browser.newtabpage.activity-stream.disableSnippets',
'browser.onboarding.enabled',
'browser.search.countryCode',
'browser.urlbar.autocomplete.enabled',
'devtools.webide.adbAddonURL',
'devtools.webide.autoinstallADBHelper',
'dom.event.highrestimestamp.enabled',
'experiments.activeExperiment',
'experiments.enabled',
'experiments.manifest.uri',
'experiments.supported',
'lightweightThemes.update.enabled',
'media.autoplay.enabled',
'network.allow-experiments',
'network.cookie.lifetime.days',
'network.jar.block-remote-files',
'network.jar.open-unsafe-types',
'plugin.state.java',
'security.csp.enable_violation_events',
'security.csp.experimentalEnabled',
'shield.savant.enabled',
/* 60 or earlier */
'browser.bookmarks.showRecentlyBookmarked',
'browser.casting.enabled',
'browser.crashReports.unsubmittedCheck.autoSubmit',
'browser.formautofill.enabled',
'browser.formfill.saveHttpsForms',
'browser.fullscreen.animate',
'browser.history.allowPopState',
'browser.history.allowPushState',
'browser.history.allowReplaceState',
'browser.newtabpage.activity-stream.enabled',
'browser.newtabpage.directory.ping',
'browser.newtabpage.directory.source',
'browser.newtabpage.enhanced',
'browser.newtabpage.introShown',
'browser.pocket.api',
'browser.pocket.enabled',
'browser.pocket.oAuthConsumerKey',
'browser.pocket.site',
'browser.polaris.enabled',
'browser.safebrowsing.appRepURL',
'browser.safebrowsing.enabled',
'browser.safebrowsing.gethashURL',
'browser.safebrowsing.malware.reportURL',
'browser.safebrowsing.provider.google.appRepURL',
'browser.safebrowsing.reportErrorURL',
'browser.safebrowsing.reportGenericURL',
'browser.safebrowsing.reportMalwareErrorURL',
'browser.safebrowsing.reportMalwareMistakeURL',
'browser.safebrowsing.reportMalwareURL',
'browser.safebrowsing.reportPhishMistakeURL',
'browser.safebrowsing.reportURL',
'browser.safebrowsing.updateURL',
'browser.search.showOneOffButtons',
'browser.selfsupport.enabled',
'browser.selfsupport.url',
'browser.sessionstore.privacy_level_deferred',
'browser.tabs.animate',
'browser.trackingprotection.gethashURL',
'browser.trackingprotection.updateURL',
'browser.urlbar.unifiedcomplete',
'browser.usedOnWindows10.introURL',
'camera.control.autofocus_moving_callback.enabled',
'camera.control.face_detection.enabled',
'datareporting.healthreport.about.reportUrl',
'datareporting.healthreport.about.reportUrlUnified',
'datareporting.healthreport.documentServerURI',
'datareporting.healthreport.service.enabled',
'datareporting.policy.dataSubmissionEnabled.v2',
'devtools.webide.autoinstallFxdtAdapters',
'dom.archivereader.enabled',
'dom.beforeAfterKeyboardEvent.enabled',
'dom.disable_image_src_set',
'dom.disable_window_open_feature.scrollbars',
'dom.disable_window_status_change',
'dom.enable_user_timing',
'dom.flyweb.enabled',
'dom.idle-observers-api.enabled',
'dom.keyboardevent.code.enabled',
'dom.network.enabled',
'dom.push.udp.wakeupEnabled',
'dom.telephony.enabled',
'dom.vr.oculus050.enabled',
'dom.workers.enabled',
'dom.workers.sharedWorkers.enabled',
'extensions.formautofill.experimental',
'extensions.screenshots.system-disabled',
'extensions.shield-recipe-client.api_url',
'extensions.shield-recipe-client.enabled',
'full-screen-api.approval-required',
'general.useragent.locale',
'geo.security.allowinsecure',
'intl.locale.matchOS',
'loop.enabled',
'loop.facebook.appId',
'loop.facebook.enabled',
'loop.facebook.fallbackUrl',
'loop.facebook.shareUrl',
'loop.feedback.formURL',
'loop.feedback.manualFormURL',
'loop.logDomains',
'loop.server',
'media.block-play-until-visible',
'media.eme.apiVisible',
'media.eme.chromium-api.enabled',
'media.getusermedia.screensharing.allow_on_old_platforms',
'media.getusermedia.screensharing.allowed_domains',
'media.gmp-eme-adobe.autoupdate',
'media.gmp-eme-adobe.enabled',
'media.gmp-eme-adobe.visible',
'network.http.referer.userControlPolicy',
'network.http.sendSecureXSiteReferrer',
'network.http.spdy.enabled.http2draft',
'network.http.spdy.enabled.v3-1',
'network.websocket.enabled',
'pageThumbs.enabled',
'pfs.datasource.url',
'plugin.scan.Acrobat',
'plugin.scan.Quicktime',
'plugin.scan.WindowsMediaPlayer',
'plugins.enumerable_names',
'plugins.update.notifyUser',
'plugins.update.url',
'privacy.clearOnShutdown.passwords',
'privacy.donottrackheader.value',
'security.mixed_content.send_hsts_priming',
'security.mixed_content.use_hsts',
'security.ssl3.ecdhe_ecdsa_rc4_128_sha',
'security.ssl3.ecdhe_rsa_rc4_128_sha',
'security.ssl3.rsa_rc4_128_md5',
'security.ssl3.rsa_rc4_128_sha',
'security.tls.insecure_fallback_hosts.use_static_list',
'security.tls.unrestricted_rc4_fallback',
'security.xpconnect.plugin.unrestricted',
'social.directories',
'social.enabled',
'social.remote-install.enabled',
'social.share.activationPanelEnabled',
'social.shareDirectory',
'social.toast-notifications.enabled',
'social.whitelist',
'toolkit.telemetry.unifiedIsOptIn',
/* REMOVED */
/* 116+ */
/* 116-128 */
'browser.fixup.alternate.enabled',
'browser.taskbar.previews.enable',
'browser.urlbar.dnsResolveSingleWordsAfterSearch',
'geo.provider.network.url',
'geo.provider.network.logging.enabled',
'geo.provider.use_gpsd',
'media.gmp-widevinecdm.enabled',
'network.protocol-handler.external.ms-windows-store',
'privacy.partition.always_partition_third_party_non_cookie_storage',
'privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage',
'privacy.partition.serviceWorkers',
/* 103-115 */
'beacon.enabled',
'browser.startup.blankWindow',
@ -279,224 +118,6 @@
'privacy.firstparty.isolate.use_site',
'privacy.window.name.update.enabled',
'security.insecure_connection_text.enabled',
/* 79-91 */
'alerts.showFavicons',
'browser.newtabpage.activity-stream.asrouter.providers.snippets',
'browser.send_pings.require_same_host',
'browser.urlbar.usepreloadedtopurls.enabled',
'dom.allow_cut_copy',
'dom.battery.enabled',
'dom.IntersectionObserver.enabled',
'dom.storage.enabled',
'dom.vibrator.enabled',
'extensions.screenshots.upload-disabled',
'general.warnOnAboutConfig',
'gfx.direct2d.disabled',
'layers.acceleration.disabled',
'media.getusermedia.audiocapture.enabled',
'media.getusermedia.browser.enabled',
'media.getusermedia.screensharing.enabled',
'media.gmp-widevinecdm.visible',
'media.media-capabilities.enabled',
'network.http.redirection-limit',
'privacy.partition.network_state',
'security.insecure_connection_icon.enabled',
'security.mixed_content.block_active_content',
'security.ssl.enable_ocsp_stapling',
'security.ssl3.dhe_rsa_aes_128_sha',
'security.ssl3.dhe_rsa_aes_256_sha',
'webgl.min_capability_mode',
/* 69-78 */
'browser.cache.disk_cache_ssl',
'browser.search.geoip.url',
'browser.search.region',
'browser.sessionhistory.max_entries',
'dom.push.connection.enabled',
'dom.push.serverURL',
'extensions.getAddons.discovery.api_url',
'extensions.htmlaboutaddons.discover.enabled',
'extensions.webservice.discoverURL',
'intl.locale.requested',
'intl.regional_prefs.use_os_locales',
'media.block-autoplay-until-in-foreground',
'middlemouse.paste',
'plugin.sessionPermissionNow.intervalInMinutes',
'privacy.usercontext.about_newtab_segregation.enabled',
'security.insecure_connection_icon.pbmode.enabled',
'security.insecure_connection_text.pbmode.enabled',
'webgl.dxgl.enabled',
/* 61-68 */
'app.update.service.enabled',
'app.update.silent',
'app.update.staging.enabled',
'browser.cache.disk.capacity',
'browser.cache.disk.smart_size.enabled',
'browser.cache.disk.smart_size.first_run',
'browser.cache.offline.insecure.enable',
'browser.contentblocking.enabled',
'browser.laterrun.enabled',
'browser.offline-apps.notify',
'browser.rights.3.shown',
'browser.safebrowsing.blockedURIs.enabled',
'browser.safebrowsing.downloads.remote.block_dangerous',
'browser.safebrowsing.downloads.remote.block_dangerous_host',
'browser.safebrowsing.provider.google.gethashURL',
'browser.safebrowsing.provider.google.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google.reportPhishMistakeURL',
'browser.safebrowsing.provider.google.reportURL',
'browser.safebrowsing.provider.google.updateURL',
'browser.safebrowsing.provider.google4.dataSharing.enabled',
'browser.safebrowsing.provider.google4.dataSharingURL',
'browser.safebrowsing.provider.google4.gethashURL',
'browser.safebrowsing.provider.google4.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google4.reportPhishMistakeURL',
'browser.safebrowsing.provider.google4.reportURL',
'browser.safebrowsing.provider.google4.updateURL',
'browser.safebrowsing.provider.mozilla.gethashURL',
'browser.safebrowsing.provider.mozilla.updateURL',
'browser.safebrowsing.reportPhishURL',
'browser.sessionhistory.max_total_viewers',
'browser.sessionstore.max_windows_undo',
'browser.slowStartup.maxSamples',
'browser.slowStartup.notificationDisabled',
'browser.slowStartup.samples',
'browser.storageManager.enabled',
'browser.urlbar.autoFill.typed',
'browser.urlbar.filter.javascript',
'browser.urlbar.maxHistoricalSearchSuggestions',
'browser.urlbar.userMadeSearchSuggestionsChoice',
'canvas.capturestream.enabled',
'dom.allow_scripts_to_close_windows',
'dom.disable_window_flip',
'dom.forms.datetime',
'dom.imagecapture.enabled',
'dom.popup_maximum',
'extensions.webextensions.keepStorageOnUninstall',
'extensions.webextensions.keepUuidOnUninstall',
'font.blacklist.underline_offset',
'font.name.monospace.x-unicode',
'font.name.monospace.x-western',
'font.name.sans-serif.x-unicode',
'font.name.sans-serif.x-western',
'font.name.serif.x-unicode',
'font.name.serif.x-western',
'gfx.offscreencanvas.enabled',
'javascript.options.shared_memory',
'layout.css.font-loading-api.enabled',
'media.gmp-gmpopenh264.autoupdate',
'media.gmp-gmpopenh264.enabled',
'media.gmp-manager.updateEnabled',
'media.gmp-manager.url',
'media.gmp-manager.url.override',
'media.gmp-widevinecdm.autoupdate',
'media.gmp.trial-create.enabled',
'media.navigator.video.enabled',
'media.peerconnection.ice.tcp',
'media.peerconnection.identity.enabled',
'media.peerconnection.identity.timeout',
'media.peerconnection.turn.disable',
'media.peerconnection.use_document_iceservers',
'media.peerconnection.video.enabled',
'network.auth.subresource-img-cross-origin-http-auth-allow',
'network.cookie.leave-secure-alone',
'network.cookie.same-site.enabled',
'network.dnsCacheEntries',
'network.dnsCacheExpiration',
'network.http.fast-fallback-to-IPv4',
'network.proxy.autoconfig_url.include_path',
'offline-apps.quota.warn',
'pdfjs.enableWebGL',
'plugin.default.state',
'plugin.defaultXpi.state',
'plugin.scan.plid.all',
'privacy.trackingprotection.annotate_channels',
'privacy.trackingprotection.lower_network_priority',
'privacy.trackingprotection.pbmode.enabled',
'privacy.trackingprotection.ui.enabled',
'security.data_uri.block_toplevel_data_uri_navigations',
'security.insecure_field_warning.contextual.enabled',
'security.insecure_password.ui.enabled',
'security.tls.version.fallback-limit',
'services.blocklist.addons.collection',
'services.blocklist.gfx.collection',
'services.blocklist.onecrl.collection',
'services.blocklist.plugins.collection',
'services.blocklist.signing.enforced',
'services.blocklist.update_enabled',
'signon.autofillForms.http',
'signon.storeWhenAutocompleteOff',
'toolkit.telemetry.cachedClientID',
'urlclassifier.trackingTable',
'xpinstall.whitelist.required',
/* 60 or lower */
'browser.migrate.automigrate.enabled',
'browser.search.geoip.timeout',
'browser.search.reset.enabled',
'browser.search.reset.whitelist',
'browser.stopReloadAnimation.enabled',
'browser.tabs.insertRelatedAfterCurrent',
'browser.tabs.loadDivertedInBackground',
'browser.tabs.loadInBackground',
'browser.tabs.selectOwnerOnClose',
'browser.urlbar.clickSelectsAll',
'browser.urlbar.doubleClickSelectsAll',
'device.storage.enabled',
'dom.keyboardevent.dispatch_during_composition',
'dom.presentation.controller.enabled',
'dom.presentation.discoverable',
'dom.presentation.discovery.enabled',
'dom.presentation.enabled',
'dom.presentation.receiver.enabled',
'dom.presentation.session_transport.data_channel.enable',
'dom.vr.oculus.enabled',
'dom.vr.openvr.enabled',
'dom.vr.osvr.enabled',
'extensions.pocket.api',
'extensions.pocket.oAuthConsumerKey',
'extensions.pocket.site',
'general.useragent.compatMode.firefox',
'geo.wifi.xhr.timeout',
'gfx.layerscope.enabled',
'media.flac.enabled',
'media.mediasource.enabled',
'media.mediasource.mp4.enabled',
'media.mediasource.webm.audio.enabled',
'media.mediasource.webm.enabled',
'media.mp4.enabled',
'media.ogg.enabled',
'media.ogg.flac.enabled',
'media.opus.enabled',
'media.raw.enabled',
'media.wave.enabled',
'media.webm.enabled',
'media.webspeech.recognition.enable',
'media.wmf.amd.vp9.enabled',
'media.wmf.enabled',
'media.wmf.vp9.enabled',
'network.dns.blockDotOnion',
'network.stricttransportsecurity.preloadlist',
'security.block_script_with_wrong_mime',
'security.fileuri.strict_origin_policy',
'security.sri.enable',
'services.sync.enabled',
'ui.submenuDelay',
'webextensions.storage.sync.enabled',
'webextensions.storage.sync.serverURL',
// excluding these e10 settings
// 'browser.tabs.remote.autostart',
// 'browser.tabs.remote.autostart.2',
// 'browser.tabs.remote.force-enable',
// 'browser.tabs.remote.separateFileUriProcess',
// 'extensions.e10sBlocksEnabling',
// 'extensions.webextensions.remote',
// 'dom.ipc.processCount',
// 'dom.ipc.shims.enabledWarnings',
// 'dom.ipc.processCount.extension',
// 'dom.ipc.processCount.file',
// 'security.sandbox.content.level',
// 'dom.ipc.plugins.sandbox-level.default',
// 'dom.ipc.plugins.sandbox-level.flash',
// 'security.sandbox.logging.enabled',
/* IMPORTANT: last active pref must not have a trailing comma */
/* reset parrot: check your open about:config after running the script */

8
updater.sh
View File

@ -2,7 +2,7 @@
## arkenfox user.js updater for macOS and Linux
## version: 3.9
## version: 4.0
## Author: Pat Johnson (@overdodactyl)
## Additional contributors: @earthlng, @ema-pe, @claustromaniac, @infinitewarp
@ -393,11 +393,11 @@ update_updater "$@"
getProfilePath # updates PROFILE_PATH or exits on error
cd "$PROFILE_PATH" || exit 1
# Check if any files have the owner/group as root/wheel.
if [ -n "$(find ./ -user 0 -o -group 0)" ]; then
# Check if any files have the owner as root/wheel.
if [ -n "$(find ./ -user 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0 -o -group 0
find . -user 0
cd "$CURRDIR"
exit 1
fi

541
user.js
View File

@ -1,8 +1,9 @@
/******
* name: arkenfox user.js
* date: 27 August 2023
* version: 115
* url: https://github.com/arkenfox/user.js
* date: 26 August 2024
* version: 128
* urls: https://github.com/arkenfox/user.js [repo]
* : https://arkenfox.github.io/gui/ [interactive]
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
* README:
@ -26,18 +27,20 @@
* RELEASES: https://github.com/arkenfox/user.js/releases
* It is best to use the arkenfox release that is optimized for and matches your Firefox version
* EVERYONE: each release
- run prefsCleaner to reset prefs made inactive, including deprecated (9999s)
ESR102
- If you are not using arkenfox v102-1... (not a definitive list)
- 2815: clearOnShutdown cookies + offlineApps should be false
- 9999: switch the appropriate deprecated section(s) back on
* Use the arkenfox release that matches your Firefox version
- DON'T wait for arkenfox to update Firefox, nothing major changes these days
* Each release
- run prefsCleaner to reset prefs made inactive, including deprecated (9999)
* ESR
- It is recommended to not use the updater, or you will get a later version which may cause issues.
So you should manually append your overrides (and keep a copy), and manually update when you
change ESR releases (arkenfox is already past that release)
- If you decide to keep updating, then the onus is on you - also see section 9999
* INDEX:
0100: STARTUP
0200: GEOLOCATION / LANGUAGE / LOCALE
0200: GEOLOCATION
0300: QUIETER FOX
0400: SAFE BROWSING
0600: BLOCK IMPLICIT OUTBOUND
@ -46,7 +49,6 @@
0900: PASSWORDS
1000: DISK AVOIDANCE
1200: HTTPS (SSL/TLS / OCSP / CERTS / HPKP)
1400: FONTS
1600: REFERERS
1700: CONTAINERS
2000: PLUGINS / MEDIA / WEBRTC
@ -54,14 +56,15 @@
2600: MISCELLANEOUS
2700: ETP (ENHANCED TRACKING PROTECTION)
2800: SHUTDOWN & SANITIZING
4500: RFP (RESIST FINGERPRINTING)
4000: FPP (fingerprintingProtection)
4500: OPTIONAL RFP (resistFingerprinting)
5000: OPTIONAL OPSEC
5500: OPTIONAL HARDENING
6000: DON'T TOUCH
7000: DON'T BOTHER
8000: DON'T BOTHER: FINGERPRINTING
9000: NON-PROJECT RELATED
9999: DEPRECATED / REMOVED / LEGACY / RENAMED
9999: DEPRECATED / RENAMED
******/
@ -92,31 +95,18 @@ user_pref("browser.startup.homepage", "about:blank");
user_pref("browser.newtabpage.enabled", false);
/* 0105: disable sponsored content on Firefox Home (Activity Stream)
* [SETTING] Home>Firefox Home Content ***/
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+] Pocket > Sponsored Stories
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Sponsored shortcuts
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+]
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Shortcuts>Sponsored shortcuts
/* 0106: clear default topsites
* [NOTE] This does not block you from adding your own ***/
user_pref("browser.newtabpage.activity-stream.default.sites", "");
/*** [SECTION 0200]: GEOLOCATION / LANGUAGE / LOCALE ***/
/*** [SECTION 0200]: GEOLOCATION ***/
user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!");
/* 0201: use Mozilla geolocation service instead of Google if permission is granted [FF74+]
* Optionally enable logging to the console (defaults to false) ***/
user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
// user_pref("geo.provider.network.logging.enabled", true); // [HIDDEN PREF]
/* 0202: disable using the OS's geolocation service ***/
user_pref("geo.provider.ms-windows-location", false); // [WINDOWS]
user_pref("geo.provider.use_corelocation", false); // [MAC]
user_pref("geo.provider.use_gpsd", false); // [LINUX]
user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX]
/* 0210: set preferred language for displaying pages
* [SETTING] General>Language and Appearance>Language>Choose your preferred language...
* [TEST] https://addons.mozilla.org/about ***/
user_pref("intl.accept_languages", "en-US, en");
/* 0211: use en-US locale regardless of the system or region locale
* [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
/*** [SECTION 0300]: QUIETER FOX ***/
user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!");
@ -130,6 +120,9 @@ user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
* [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to make personalized extension recommendations
* [1] https://support.mozilla.org/kb/personalized-extension-recommendations ***/
user_pref("browser.discovery.enabled", false);
/* 0323: disable shopping experience [FF116+]
* [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0 ***/
user_pref("browser.shopping.experience2023.enabled", false); // [DEFAULT: false]
/** TELEMETRY ***/
/* 0330: disable new data submission [FF41+]
@ -160,9 +153,6 @@ user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); // [FF57+]
user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF]
user_pref("toolkit.coverage.endpoint.base", "");
/* 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
* Defense-in-depth: currently covered by 0331 ***/
user_pref("browser.ping-centre.telemetry", false);
/* 0335: disable Firefox Home (Activity Stream) telemetry ***/
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
@ -241,7 +231,7 @@ user_pref("network.prefetch-next", false);
/* 0602: disable DNS prefetching
* [1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
user_pref("network.dns.disablePrefetch", true);
// user_pref("network.dns.disablePrefetchFromHTTPS", true); // [DEFAULT: true]
user_pref("network.dns.disablePrefetchFromHTTPS", true);
/* 0603: disable predictor / prefetching ***/
user_pref("network.predictor.enabled", false);
user_pref("network.predictor.enable-prefetch", false); // [FF48+] [DEFAULT: false]
@ -263,15 +253,15 @@ user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost
user_pref("network.proxy.socks_remote_dns", true);
/* 0703: disable using UNC (Uniform Naming Convention) paths [FF61+]
* [SETUP-CHROME] Can break extensions for profiles on network shares
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/
* [1] https://bugzilla.mozilla.org/1413868 ***/
user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
/* 0704: disable GIO as a potential proxy bypass vector
* Gvfs/GIO has a set of supported protocols like obex, network, archive, computer,
* dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+)
* dav, cdda, gphoto2, trash, etc. From FF87-117, by default only sftp was accepted
* [1] https://bugzilla.mozilla.org/1433507
* [2] https://en.wikipedia.org/wiki/GVfs
* [3] https://en.wikipedia.org/wiki/GIO_(software) ***/
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: "" FF118+]
/* 0705: disable proxy direct failover for system requests [FF91+]
* [WARNING] Default true is a security feature against malicious extensions [1]
* [SETUP-CHROME] If you use a proxy and you trust your extensions
@ -283,55 +273,66 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
* [SETUP-CHROME] If you use a proxy and you understand the security impact
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1732792,1733994,1733481 ***/
// user_pref("network.proxy.allow_bypass", false);
/* 0710: disable DNS-over-HTTPS (DoH) rollout [FF60+]
* 0=default, 2=increased (TRR (Trusted Recursive Resolver) first), 3=max (TRR only), 5=off
/* 0710: enable DNS-over-HTTPS (DoH) [FF60+]
* 0=default, 2=increased (TRR (Trusted Recursive Resolver) first), 3=max (TRR only), 5=off (no rollout)
* see "doh-rollout.home-region": USA 2019, Canada 2021, Russia/Ukraine 2022 [3]
* [SETTING] Privacy & Security>DNS over HTTPS
* [1] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
* [2] https://wiki.mozilla.org/Security/DOH-resolver-policy
* [3] https://support.mozilla.org/en-US/kb/firefox-dns-over-https
* [3] https://support.mozilla.org/kb/firefox-dns-over-https
* [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
// user_pref("network.trr.mode", 5);
// user_pref("network.trr.mode", 3);
/* 0712: set DoH provider
* The custom uri is the value shown when you "Choose provider>Custom>"
* [NOTE] If you USE custom then "network.trr.uri" should be set the same
* [SETTING] Privacy & Security>DNS over HTTPS>Increased/Max>Choose provider ***/
// user_pref("network.trr.uri", "https://example.dns");
// user_pref("network.trr.custom_uri", "https://example.dns");
/*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/
user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!");
/* 0802: disable location bar domain guessing
* domain guessing intercepts DNS "hostname not found errors" and resends a
* request (e.g. by adding www or .com). This is inconsistent use (e.g. FQDNs), does not work
* via Proxy Servers (different error), is a flawed use of DNS (TLDs: why treat .com
* as the 411 for DNS errors?), privacy issues (why connect to sites you didn't
* intend to), can leak sensitive data (e.g. query strings: e.g. Princeton attack),
* and is a security risk (e.g. common typos & malicious sites set up to exploit this) ***/
user_pref("browser.fixup.alternate.enabled", false); // [DEFAULT: false FF104+]
/* 0804: disable live search suggestions
* [NOTE] Both must be true for the location bar to work
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
* [SETTING] Search>Provide search suggestions | Show search suggestions in address bar results ***/
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.urlbar.suggest.searches", false);
/* 0805: disable location bar making speculative connections [FF56+]
/* 0801: disable location bar making speculative connections [FF56+]
* [1] https://bugzilla.mozilla.org/1348275 ***/
user_pref("browser.urlbar.speculativeConnect.enabled", false);
/* 0806: disable location bar leaking single words to a DNS provider **after searching** [FF78+]
* 0=never resolve, 1=use heuristics, 2=always resolve
* [1] https://bugzilla.mozilla.org/1642623 ***/
user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); // [DEFAULT: 0 FF104+]
/* 0807: disable location bar contextual suggestions [FF92+]
* [SETTING] Privacy & Security>Address Bar>Suggestions from...
/* 0802: disable location bar contextual suggestions
* [NOTE] The UI is controlled by the .enabled pref
* [SETTING] Search>Address Bar>Suggestions from...
* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
user_pref("browser.urlbar.quicksuggest.enabled", false); // [FF92+]
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
/* 0808: disable tab-to-search [FF85+]
* Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
* [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest>Search engines ***/
// user_pref("browser.urlbar.suggest.engines", false);
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+]
/* 0803: disable live search suggestions
* [NOTE] Both must be true for live search to work in the location bar
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
* [SETTING] Search>Show search suggestions | Show search suggestions in address bar results ***/
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.urlbar.suggest.searches", false);
/* 0805: disable urlbar trending search suggestions [FF118+]
* [SETTING] Search>Search Suggestions>Show trending search suggestions (FF119) ***/
user_pref("browser.urlbar.trending.featureGate", false);
/* 0806: disable urlbar suggestions ***/
user_pref("browser.urlbar.addons.featureGate", false); // [FF115+]
user_pref("browser.urlbar.mdn.featureGate", false); // [FF117+] [HIDDEN PREF]
user_pref("browser.urlbar.pocket.featureGate", false); // [FF116+] [DEFAULT: false]
user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: false]
user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+] [DEFAULT: false]
/* 0807: disable urlbar clipboard suggestions [FF118+] ***/
// user_pref("browser.urlbar.clipboard.featureGate", false);
/* 0808: disable recent searches [FF120+]
* [NOTE] Recent searches are cleared with history (2811)
* [1] https://support.mozilla.org/kb/search-suggestions-firefox ***/
// user_pref("browser.urlbar.recentsearches.featureGate", false);
/* 0810: disable search and form history
* [SETUP-WEB] Be aware that autocomplete form data can be read by third parties [1][2]
* [NOTE] We also clear formdata on exit (2811)
* [SETUP-WEB] Be aware that autocomplete form data can be read by third parties [1][2]
* [SETTING] Privacy & Security>History>Custom Settings>Remember search and form history
* [1] https://blog.mindedsecurity.com/2011/10/autocompleteagain.html
* [2] https://bugzilla.mozilla.org/381681 ***/
user_pref("browser.formfill.enable", false);
/* 0815: disable tab-to-search [FF85+]
* Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
* [SETTING] Search>Address Bar>When using the address bar, suggest>Search engines ***/
// user_pref("browser.urlbar.suggest.engines", false);
/* 0820: disable coloring of visited links
* [SETUP-HARDEN] Bulk rapid history sniffing was mitigated in 2010 [1][2]. Slower and more expensive
* redraw timing attacks were largely mitigated in FF77+ [3]. Using RFP (4501) further hampers timing
@ -343,6 +344,10 @@ user_pref("browser.formfill.enable", false);
* [4] https://earthlng.github.io/testpages/visited_links.html (see github wiki APPENDIX A on how to use)
* [5] https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html ***/
// user_pref("layout.css.visited_links_enabled", false);
/* 0830: enable separate default search engine in Private Windows and its UI setting
* [SETTING] Search>Default Search Engine>Choose a different default search engine for Private Windows only ***/
user_pref("browser.search.separatePrivateDefault", true); // [FF70+]
user_pref("browser.search.separatePrivateDefault.ui.enabled", true); // [FF71+]
/*** [SECTION 0900]: PASSWORDS
[1] https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas
@ -371,8 +376,8 @@ user_pref("network.auth.subresource-http-auth-allow", 1);
/*** [SECTION 1000]: DISK AVOIDANCE ***/
user_pref("_user.js.parrot", "1000 syntax error: the parrot's gone to meet 'is maker!");
/* 1001: disable disk cache
* [SETUP-CHROME] If you think disk cache helps perf, then feel free to override this
* [NOTE] We also clear cache on exit (2811) ***/
* [NOTE] We also clear cache on exit (2811)
* [SETUP-CHROME] If you think disk cache helps perf, then feel free to override this ***/
user_pref("browser.cache.disk.enable", false);
/* 1002: disable media cache from writing to disk in Private Browsing
* [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB ***/
@ -385,7 +390,7 @@ user_pref("browser.sessionstore.privacy_level", 2);
/* 1005: disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS]
* [1] https://bugzilla.mozilla.org/603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false);
/* 1006: disable favicons in shortcuts
/* 1006: disable favicons in shortcuts [WINDOWS]
* URL shortcuts use a cached randomly named .ico file which is stored in your
* profile/shortcutCache directory. The .ico remains after the shortcut is deleted
* If set to false then the shortcuts use a generic Firefox icon ***/
@ -406,7 +411,7 @@ user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
* but the problem is that the browser can't know that. Setting this pref to true is the only way for the
* browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server
* [SETUP-WEB] SSL_ERROR_UNSAFE_NEGOTIATION: is it worth overriding this for that one site?
* [STATS] SSL Labs (Feb 2023) reports over 99.3% of top sites have secure renegotiation [4]
* [STATS] SSL Labs (May 2024) reports over 99.7% of top sites have secure renegotiation [4]
* [1] https://wiki.mozilla.org/Security:Renegotiation
* [2] https://datatracker.ietf.org/doc/html/rfc5746
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
@ -443,12 +448,6 @@ user_pref("security.OCSP.enabled", 1); // [DEFAULT: 1]
user_pref("security.OCSP.require", true);
/** CERTS / HPKP (HTTP Public Key Pinning) ***/
/* 1221: disable Windows 8.1's Microsoft Family Safety cert [FF50+] [WINDOWS]
* 0=disable detecting Family Safety mode and importing the root
* 1=only attempt to detect Family Safety mode (don't import the root)
* 2=detect Family Safety mode and import the root
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21686 ***/
user_pref("security.family_safety.mode", 0);
/* 1223: enable strict PKP (Public Key Pinning)
* 0=disabled, 1=allow user MiTM (default; such as your antivirus), 2=strict
* [SETUP-WEB] MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE ***/
@ -457,7 +456,7 @@ user_pref("security.cert_pinning.enforcement_level", 2);
* 0 = disabled
* 1 = consult CRLite but only collect telemetry
* 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (FF99+, default FF100+)
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default)
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071
* [2] https://blog.mozilla.org/security/tag/crlite/ ***/
user_pref("security.remote_settings.crlite_filters.enabled", true);
@ -466,7 +465,7 @@ user_pref("security.pki.crlite_mode", 2);
/** MIXED CONTENT ***/
/* 1241: disable insecure passive content (such as images) on https pages ***/
// user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see 1244)
/* 1244: enable HTTPS-Only mode in all windows [FF76+]
/* 1244: enable HTTPS-Only mode in all windows
* When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
* [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site")
* [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
@ -495,18 +494,6 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
* [TEST] https://expired.badssl.com/ ***/
user_pref("browser.xul.error_pages.expert_bad_cert", true);
/*** [SECTION 1400]: FONTS ***/
user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
/* 1402: limit font visibility (Windows, Mac, some Linux) [FF94+]
* Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
* In normal windows: uses the first applicable: RFP (4506) over TP over Standard
* In Private Browsing windows: uses the most restrictive between normal and private
* 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
* [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
// user_pref("layout.css.font-visibility.private", 1);
// user_pref("layout.css.font-visibility.standard", 1);
// user_pref("layout.css.font-visibility.trackingprotection", 1);
/*** [SECTION 1600]: REFERERS
full URI: https://example.com:8888/foo/bar.html?id=1234
scheme+host+port+path: https://example.com:8888/foo/bar.html
@ -529,6 +516,12 @@ user_pref("privacy.userContext.ui.enabled", true);
* [NOTE] The menu is always shown on long press and right click
* [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/
// user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true);
/* 1703: set external links to open in site-specific containers [FF123+]
* [SETUP-WEB] Depending on your container extension(s) and their settings
* true=Firefox will not choose a container (so your extension can)
* false=Firefox will choose the container/no-container (default)
* [1] https://bugzilla.mozilla.org/1874599 ***/
// user_pref("browser.link.force_default_user_context_id_for_external_opens", true);
/*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/
user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
@ -536,7 +529,7 @@ user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
/* 2003: force a single network interface for ICE candidates generation [FF42+]
* When using a system-wide proxy, it uses the proxy interface
* [1] https://developer.mozilla.org/en-US/docs/Web/API/RTCIceCandidate
* [1] https://developer.mozilla.org/docs/Web/API/RTCIceCandidate
* [2] https://wiki.mozilla.org/Media/WebRTC/Privacy ***/
user_pref("media.peerconnection.ice.default_address_only", true);
/* 2004: force exclusion of private IPs from ICE candidates [FF51+]
@ -554,11 +547,9 @@ user_pref("dom.disable_window_move_resize", true);
/*** [SECTION 2600]: MISCELLANEOUS ***/
user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!");
/* 2601: prevent accessibility services from accessing your browser [RESTART]
* [1] https://support.mozilla.org/kb/accessibility-services ***/
user_pref("accessibility.force_disabled", 1);
/* 2603: remove temp files opened with an external application
* [1] https://bugzilla.mozilla.org/302433 ***/
/* 2603: remove temp files opened from non-PB windows with an external application
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=302433,1738574 ***/
user_pref("browser.download.start_downloads_in_tmp_dir", true); // [FF102+]
user_pref("browser.helperApps.deleteTempFileOnExit", true);
/* 2606: disable UITour backend so there is no chance that a remote page can use it ***/
user_pref("browser.uitour.enabled", false);
@ -595,14 +586,15 @@ user_pref("network.IDN_show_punycode", true);
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf.js+firefox ***/
user_pref("pdfjs.disabled", false); // [DEFAULT: false]
user_pref("pdfjs.enableScripting", false); // [FF86+]
/* 2623: disable permissions delegation [FF73+]
* Currently applies to cross-origin geolocation, camera, mic and screen-sharing
* permissions, and fullscreen requests. Disabling delegation means any prompts
* for these will show/use their correct 3rd party origin
* [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion ***/
user_pref("permissions.delegation.enabled", false);
/* 2624: disable middle click on new tab button opening URLs or searches using clipboard [FF115+] */
user_pref("browser.tabs.searchclipboardfor.middleclick", false); // [DEFAULT: false NON-LINUX]
/* 2630: disable content analysis by DLP (Data Loss Prevention) agents
* DLP agents are background processes on managed computers that allow enterprises to monitor locally running
* applications for data exfiltration events, which they can allow/block based on customer defined DLP policies.
* 0=Block all requests, 1=Warn on all requests (which lets the user decide), 2=Allow all requests
* [1] https://github.com/chromium/content_analysis_sdk */
user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT: false]
user_pref("browser.contentanalysis.default_result", 0); // [FF127+] [DEFAULT: 0]
/** DOWNLOADS ***/
/* 2651: enable user interaction for security by always asking where to download
@ -618,13 +610,13 @@ user_pref("browser.download.manager.addToRecentDocs", false);
user_pref("browser.download.always_ask_before_handling_new_types", true);
/** EXTENSIONS ***/
/* 2660: lock down allowed extension directories
* [SETUP-CHROME] This will break extensions, language packs, themes and any other
* XPI files which are installed outside of profile and application directories
* [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
* [1] https://archive.is/DYjAM (archived) ***/
/* 2660: limit allowed extension directories
* 1=profile, 2=user, 4=application, 8=system, 16=temporary, 31=all
* The pref value represents the sum: e.g. 5 would be profile and application directories
* [SETUP-CHROME] Breaks usage of files which are installed outside allowed directories
* [1] https://archive.is/DYjAM ***/
user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF]
user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
// user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
/* 2661: disable bypassing 3rd party extension install prompts [FF82+]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1659530,1681331 ***/
user_pref("extensions.postDownloadThirdPartyPrompt", false);
@ -641,92 +633,141 @@ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin
* [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
* [SETTING] to add site exceptions: Urlbar>ETP Shield
* [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/
user_pref("browser.contentblocking.category", "strict");
user_pref("browser.contentblocking.category", "strict"); // [HIDDEN PREF]
/* 2702: disable ETP web compat features [FF93+]
* [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants
* Opener and redirect heuristics are granted for 30 days, see [3]
* [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/
* [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12
* [3] https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning#storage_access_heuristics ***/
* [3] https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning#storage_access_heuristics ***/
// user_pref("privacy.antitracking.enableWebcompat", false);
/* 2710: enable state partitioning of service workers [FF96+] ***/
user_pref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+]
/* 2720: enable APS (Always Partitioning Storage) ***/
user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+]
user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+]
/*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/
user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
/* 2810: enable Firefox to clear items on shutdown
* [NOTE] In FF129+ clearing "siteSettings" on shutdown (2811), or manually via site data (2820) and
* via history (2830), will no longer remove sanitize on shutdown "cookie and site data" site exceptions (2815)
* [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes | Settings ***/
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS | v2 migration is FF128+ ***/
/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME]
* [NOTE] If "history" is true, downloads will also be cleared
* [NOTE] "sessions": Active Logins: refers to HTTP Basic Authentication [1], not logins via cookies
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
* [NOTE] If "history" is true, downloads will also be cleared ***/
user_pref("privacy.clearOnShutdown.cache", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.cache", true); // [FF128+] [DEFAULT: true]
user_pref("privacy.clearOnShutdown.downloads", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown.formdata", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown.history", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown.sessions", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", true); // [FF128+] [DEFAULT: true]
// user_pref("privacy.clearOnShutdown.siteSettings", false); // [DEFAULT: false]
// user_pref("privacy.clearOnShutdown_v2.siteSettings", false); // [FF128+] [DEFAULT: false]
/* 2812: set Session Restore to clear on shutdown (if 2810 is true) [FF34+]
* [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811)
* [NOTE] If true, this prevents resuming from crashes (also see 5008) ***/
// user_pref("privacy.clearOnShutdown.openWindows", true);
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ ***/
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ | v2 migration is FF128+ ***/
/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME]
* [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note below).
* serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for
* both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
* [NOTE] Exceptions: A "cookie" permission also controls "offlineApps" (see note below). For cross-domain logins,
* add exceptions for both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
* [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache)
* [NOTE] "sessions": Active Logins (has no site exceptions): refers to HTTP Basic Authentication [1], not logins via cookies
* [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271)
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question)
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
user_pref("privacy.clearOnShutdown.cookies", true); // Cookies
user_pref("privacy.clearOnShutdown.offlineApps", true); // Site Data
user_pref("privacy.clearOnShutdown.sessions", true); // Active Logins [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.cookiesAndStorage", true); // Cookies, Site Data, Active Logins [FF128+]
/** SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME]
* This dialog can also be accessed from the menu History>Clear Recent History
/** SANITIZE SITE DATA: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/* 2820: set manual "Clear Data" items [SETUP-CHROME] [FF128+]
* Firefox remembers your last choices. This will reset them when you start Firefox
* [SETTING] Privacy & Security>Browser Privacy>Cookies and Site Data>Clear Data ***/
user_pref("privacy.clearSiteData.cache", true);
user_pref("privacy.clearSiteData.cookiesAndStorage", false); // keep false until it respects "allow" site exceptions
user_pref("privacy.clearSiteData.historyFormDataAndDownloads", true);
// user_pref("privacy.clearSiteData.siteSettings", false);
/** SANITIZE HISTORY: IGNORES "ALLOW" SITE EXCEPTIONS | clearHistory migration is FF128+ ***/
/* 2830: set manual "Clear History" items, also via Ctrl-Shift-Del [SETUP-CHROME]
* Firefox remembers your last choices. This will reset them when you start Firefox
* [NOTE] Regardless of what you set "downloads" to, as soon as the dialog
* for "Clear Recent History" is opened, it is synced to the same as "history" ***/
* for "Clear Recent History" is opened, it is synced to the same as "history"
* [SETTING] Privacy & Security>History>Custom Settings>Clear History ***/
user_pref("privacy.cpd.cache", true); // [DEFAULT: true]
user_pref("privacy.clearHistory.cache", true);
user_pref("privacy.cpd.formdata", true); // [DEFAULT: true]
user_pref("privacy.cpd.history", true); // [DEFAULT: true]
// user_pref("privacy.cpd.downloads", true); // not used, see note above
user_pref("privacy.clearHistory.historyFormDataAndDownloads", true);
user_pref("privacy.cpd.cookies", false);
user_pref("privacy.cpd.sessions", true); // [DEFAULT: true]
user_pref("privacy.cpd.offlineApps", false); // [DEFAULT: false]
user_pref("privacy.cpd.cookies", false);
// user_pref("privacy.cpd.downloads", true); // not used, see note above
user_pref("privacy.clearHistory.cookiesAndStorage", false);
// user_pref("privacy.cpd.openWindows", false); // Session Restore
// user_pref("privacy.cpd.passwords", false);
// user_pref("privacy.cpd.siteSettings", false);
/* 2822: reset default "Time range to clear" for "Clear Recent History" (2820)
// user_pref("privacy.clearHistory.siteSettings", false);
/** SANITIZE MANUAL: TIMERANGE ***/
/* 2840: set "Time range to clear" for "Clear Data" (2820) and "Clear History" (2830)
* Firefox remembers your last choice. This will reset the value when you start Firefox
* 0=everything, 1=last hour, 2=last two hours, 3=last four hours, 4=today
* [NOTE] Values 5 (last 5 minutes) and 6 (last 24 hours) are not listed in the dropdown,
* which will display a blank value, and are not guaranteed to work ***/
user_pref("privacy.sanitize.timeSpan", 0);
/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING)
RFP covers a wide range of ongoing fingerprinting solutions.
It is an all-or-nothing buy in: you cannot pick and choose what parts you want
/*** [SECTION 4000]: FPP (fingerprintingProtection)
RFP (4501) overrides FPP
In FF118+ FPP is on by default in private windows (4001) and in FF119+ is controlled
by ETP (2701). FPP will also use Remote Services in future to relax FPP protections
on a per site basis for compatibility (4004).
https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargetsDefault.inc
1826408 - restrict fonts to system (kBaseFonts + kLangPackFonts) (Windows, Mac, some Linux)
https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
1858181 - subtly randomize canvas per eTLD+1, per session and per window-mode (FF120+)
***/
user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!");
/* 4001: enable FPP in PB mode [FF114+]
* [NOTE] In FF119+, FPP for all modes (7016) is enabled with ETP Strict (2701) ***/
// user_pref("privacy.fingerprintingProtection.pbmode", true); // [DEFAULT: true FF118+]
/* 4002: set global FPP overrides [FF114+]
* uses "RFPTargets" [1] which despite the name these are not used by RFP
* e.g. "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC" = all targets but allow prefers-color-scheme and do not change timezone
* e.g. "-AllTargets,+CanvasRandomization,+JSDateTimeUTC" = no targets but do use FPP canvas and change timezone
* [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults
* [1] https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc ***/
// user_pref("privacy.fingerprintingProtection.overrides", "");
/* 4003: set granular FPP overrides
* JSON format: e.g."[{\"firstPartyDomain\": \"netflix.com\", \"overrides\": \"-CanvasRandomization,-FrameRate,\"}]"
* [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults ***/
// user_pref("privacy.fingerprintingProtection.granularOverrides", "");
/* 4004: disable remote FPP overrides [FF127+] ***/
// user_pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false);
/*** [SECTION 4500]: OPTIONAL RFP (resistFingerprinting)
RFP overrides FPP (4000)
FF128+ Arkenfox by default uses FPP (automatically enabled with ETP Strict). For most people
this is all you need. To use RFP instead, add RFP (4501) to your overrides, and optionally
add letterboxing (4504), spoof_english (4506), and webgl (4520).
RFP is an all-or-nothing buy in: you cannot pick and choose what parts you want
[TEST] https://arkenfox.github.io/TZP/tzp.html
[WARNING] DO NOT USE extensions to alter RFP protected metrics
418986 - limit window.screen & CSS media queries (FF41)
1281949 - spoof screen orientation (FF50)
1330890 - spoof timezone as UTC0 (FF55)
1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
FF56
1369303 - spoof/disable performance API
1333651 - spoof User Agent & Navigator API
version: android version spoofed as ESR
version: android version spoofed as ESR (FF119 or lower)
OS: JS spoofed as Windows 10, OS 10.15, Android 10, or Linux | HTTP Headers spoofed as Windows or Android
1369319 - disable device sensor API
1369357 - disable site specific zoom
@ -737,13 +778,12 @@ user_pref("privacy.sanitize.timeSpan", 0);
1369309 - spoof media statistics
1382499 - reduce screen co-ordinate fingerprinting in Touch API
1217290 & 1409677 - enable some fingerprinting resistance for WebGL
1382545 - reduce fingerprinting in Animation API
1354633 - limit MediaError.message to a whitelist
FF58+
1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone"
Block: suppresses the ondevicechange event
1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59)
1039069 - warn when language prefs are not set to "en*" (FF59)
1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59)
Spoofing mimics the content language of the document. Currently it only supports en-US.
Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
@ -762,20 +802,22 @@ user_pref("privacy.sanitize.timeSpan", 0);
1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80)
1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82)
531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100-115)
1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102)
1422237 - return "srgb" with color-gamut (FF110)
1794628 - return "none" with inverted-colors (FF114)
1554751 - return devicePixelRatio as 2 (previously FF41+ was 1) (FF127)
1787790 - normalize system fonts (FF128)
1835987 - spoof timezone as Atlantic/Reykjavik (previously FF55+ was UTC) (FF128)
***/
user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
/* 4501: enable privacy.resistFingerprinting
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a site exception via the urlbar
* RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
/* 4501: enable RFP
* [NOTE] pbmode applies if true and the original pref is false
* [1] https://bugzilla.mozilla.org/418986 ***/
user_pref("privacy.resistFingerprinting", true); // [FF41+]
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar.
* RFP also has a few side effects: mainly that timezone is GMT, and websites will prefer light theme ***/
// user_pref("privacy.resistFingerprinting", true); // [FF41+]
// user_pref("privacy.resistFingerprinting.pbmode", true); // [FF114+]
/* 4502: set new window size rounding max values [FF55+]
/* 4502: set RFP new window size max rounded values [FF55+]
* [SETUP-CHROME] sizes round down in hundreds: width to 200s and height to 100s, to fit your screen
* [1] https://bugzilla.mozilla.org/1330882 ***/
user_pref("privacy.window.maxInnerWidth", 1600);
@ -783,8 +825,8 @@ user_pref("privacy.window.maxInnerHeight", 900);
/* 4503: disable mozAddonManager Web API [FF57+]
* [NOTE] To allow extensions to work on AMO, you also need 2662
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF FF57-108]
/* 4504: enable RFP letterboxing [FF67+]
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
/* 4504: enable letterboxing [FF67+]
* Dynamically resizes the inner window by applying margins in stepped ranges [2]
* If you use the dimension pref, then it will only apply those resolutions.
* The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000")
@ -793,23 +835,19 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDE
* [WARNING] DO NOT USE: the dimension pref is only meant for testing
* [1] https://bugzilla.mozilla.org/1407366
* [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/
user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
// user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
// user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
/* 4505: experimental RFP [FF91+]
* [WARNING] DO NOT USE unless testing, see [1] comment 12
* [1] https://bugzilla.mozilla.org/1635603 ***/
/* 4505: disable RFP by domain [FF91+] ***/
// user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
/* 4506: set RFP's font visibility level (1402) [FF94+] ***/
// user_pref("layout.css.font-visibility.resistFingerprinting", 1); // [DEFAULT: 1]
/* 4506: disable RFP spoof english prompt [FF59+]
* 0=prompt, 1=disabled, 2=enabled
* [NOTE] When changing from value 2, preferred languages ('intl.accept_languages') is not reset.
* [SETUP-WEB] when enabled, sets 'en-US, en' for displaying pages and 'en-US' as locale.
* [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English... ***/
user_pref("privacy.spoof_english", 1);
/* 4510: disable using system colors
* [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS]
/* 4511: enforce non-native widget theme
* Security: removes/reduces system API calls, e.g. win32k API [1]
* Fingerprinting: provides a uniform look and feel across platforms [2]
* [1] https://bugzilla.mozilla.org/1381938
* [2] https://bugzilla.mozilla.org/1411425 ***/
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
/* 4512: enforce links targeting new windows to open in a new tab instead
* 1=most recent window or tab, 2=new window, 3=new tab
* Stops malicious window sizes and some screen resolution leaks.
@ -821,9 +859,8 @@ user_pref("browser.link.open_newwindow", 3); // [DEFAULT: 3]
/* 4513: set all open window methods to abide by "browser.link.open_newwindow" (4512)
* [1] https://searchfox.org/mozilla-central/source/dom/tests/browser/browser_test_new_window_from_content.js ***/
user_pref("browser.link.open_newwindow.restriction", 0);
/* 4520: disable WebGL (Web Graphics Library)
* [SETUP-WEB] If you need it then override it. RFP still randomizes canvas for naive scripts ***/
user_pref("webgl.disabled", true);
/* 4520: disable WebGL (Web Graphics Library) ***/
// user_pref("webgl.disabled", true);
/*** [SECTION 5000]: OPTIONAL OPSEC
Disk avoidance, application data isolation, eyeballs...
@ -872,7 +909,7 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow
* [1] https://bugzilla.mozilla.org/1281959 ***/
// user_pref("browser.download.forbid_open_with", true);
/* 5010: disable location bar suggestion types
* [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest ***/
* [SETTING] Search>Address Bar>When using the address bar, suggest ***/
// user_pref("browser.urlbar.suggest.history", false);
// user_pref("browser.urlbar.suggest.bookmark", false);
// user_pref("browser.urlbar.suggest.openpage", false);
@ -892,8 +929,6 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow
// user_pref("browser.taskbar.lists.frequent.enabled", false);
// user_pref("browser.taskbar.lists.recent.enabled", false);
// user_pref("browser.taskbar.lists.tasks.enabled", false);
/* 5015: disable Windows taskbar preview [WINDOWS] ***/
// user_pref("browser.taskbar.previews.enable", false); // [DEFAULT: false]
/* 5016: discourage downloading to desktop
* 0=desktop, 1=downloads (default), 2=custom
* [SETTING] To set your custom default "downloads": General>Downloads>Save files to ***/
@ -938,7 +973,7 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
* [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ ***/
// user_pref("javascript.options.asmjs", false);
/* 5505: disable Ion and baseline JIT to harden against JS exploits
/* 5505: disable Ion and baseline JIT to harden against JS exploits [RESTART]
* [NOTE] When both Ion and JIT are disabled, and trustedprincipals
* is enabled, then Ion can still be used by extensions (1599226)
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
@ -950,7 +985,7 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* Vulnerabilities [1] have increasingly been found, including those known and fixed
* in native programs years ago [2]. WASM has powerful low-level access, making
* certain attacks (brute-force) and vulnerabilities more possible
* [STATS] ~0.2% of websites, about half of which are for crytopmining / malvertising [2][3]
* [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
* [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
* [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/
@ -967,8 +1002,8 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
/* 5509: disable IPv6 if using a VPN
* This is an application level fallback. Disabling IPv6 is best done at an OS/network
* level, and/or configured properly in system wide VPN setups.
* If you see PR_CONNECT_RESET_ERROR, this pref *might* be the cause
* [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
* [SETUP-WEB] PR_CONNECT_RESET_ERROR
* [TEST] https://ipleak.org/
* [1] https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6) ***/
// user_pref("network.dns.disableIPv6", true);
@ -976,6 +1011,11 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* 0=always (default), 1=only if base domains match, 2=only if hosts match
* [NOTE] Will cause breakage: older modems/routers and some sites e.g banks, vimeo, icloud, instagram ***/
// user_pref("network.http.referer.XOriginPolicy", 2);
/* 5511: set DoH bootstrap address [FF89+]
* Firefox uses the system DNS to initially resolve the IP address of your DoH server.
* When set to a valid, working value that matches your "network.trr.uri" (0712) Firefox
* won't use the system DNS. If the IP doesn't match then DoH won't work ***/
// user_pref("network.trr.bootstrapAddr", "10.0.0.1"); // [HIDDEN PREF]
/*** [SECTION 6000]: DON'T TOUCH ***/
user_pref("_user.js.parrot", "6000 syntax error: the parrot's 'istory!");
@ -993,10 +1033,9 @@ user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000]
* [WARNING] Replaced with network partitioning (FF85+) and TCP (2701), and enabling FPI
* disables those. FPI is no longer maintained except at Tor Project for Tor Browser's config ***/
user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false]
/* 6009: enforce SmartBlock shims [FF81+]
* In FF96+ these are listed in about:compat
/* 6009: enforce SmartBlock shims (about:compat) [FF81+]
* [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/
user_pref("extensions.webcompat.enable_shims", true); // [DEFAULT: true]
user_pref("extensions.webcompat.enable_shims", true); // [HIDDEN PREF] [DEFAULT: true]
/* 6010: enforce no TLS 1.0/1.1 downgrades
* [TEST] https://tls-v1-1.badssl.com:1010/ ***/
user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false]
@ -1007,25 +1046,16 @@ user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false]
/* 6012: enforce Quarantined Domains [FF115+]
* [WHY] https://support.mozilla.org/kb/quarantined-domains */
user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]
/* 6050: prefsCleaner: reset previously active items removed from arkenfox FF102+ ***/
// user_pref("beacon.enabled", "");
// user_pref("browser.startup.blankWindow", "");
// user_pref("browser.newtab.preload", "");
// user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", "");
// user_pref("browser.newtabpage.activity-stream.feeds.snippets", "");
// user_pref("browser.region.network.url", "");
// user_pref("browser.region.update.enabled", "");
// user_pref("browser.ssl_override_behavior", "");
// user_pref("devtools.chrome.enabled", "");
// user_pref("dom.disable_beforeunload", "");
// user_pref("dom.disable_open_during_load", "");
// user_pref("extensions.formautofill.available", "");
// user_pref("extensions.formautofill.addresses.supported", "");
// user_pref("extensions.formautofill.creditCards.available", "");
// user_pref("extensions.formautofill.creditCards.supported", "");
// user_pref("middlemouse.contentLoadURL", "");
/* 6051: prefsCleaner: reset previously active items removed from arkenfox FF115+ ***/
/* 6050: prefsCleaner: previously active items removed from arkenfox 115-127 ***/
// user_pref("accessibility.force_disabled", "");
// user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", "");
// user_pref("geo.provider.network.url", "");
// user_pref("geo.provider.network.logging.enabled", "");
// user_pref("geo.provider.use_gpsd", "");
// user_pref("network.protocol-handler.external.ms-windows-store", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", "");
// user_pref("privacy.partition.serviceWorkers", "");
/*** [SECTION 7000]: DON'T BOTHER ***/
user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!");
@ -1050,8 +1080,8 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
/* 7003: disable non-modern cipher suites [1]
* [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks
* [1] https://browserleaks.com/ssl ***/
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // [DEFAULT: false FF109+]
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: false FF109+]
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
@ -1103,12 +1133,14 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
* [WHY] DNT is enforced with Tracking Protection which is used in ETP Strict (2701) ***/
// user_pref("privacy.donottrackheader.enabled", true);
/* 7016: customize ETP settings
* [NOTE] FPP (fingerprintingProtection) is ignored when RFP (4501) is enabled
* [WHY] Arkenfox only supports strict (2701) which sets these at runtime ***/
// user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5 FF103+]
// user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5]
// user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+]
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
// user_pref("privacy.partition.network_state.ocsp_cache", true);
// user_pref("privacy.query_stripping.enabled", true); // [FF101+] [ETP FF102+]
// user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true FF123+]
// user_pref("privacy.query_stripping.enabled", true); // [FF101+]
// user_pref("privacy.trackingprotection.enabled", true);
// user_pref("privacy.trackingprotection.socialtracking.enabled", true);
// user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true]
@ -1116,13 +1148,12 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
/* 7017: disable service workers
* [WHY] Already isolated with TCP (2701) behind a pref (2710) ***/
// user_pref("dom.serviceWorkers.enabled", false);
/* 7018: disable Web Notifications
/* 7018: disable Web Notifications [FF22+]
* [WHY] Web Notifications are behind a prompt (7002)
* [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/ ***/
// user_pref("dom.webnotifications.enabled", false); // [FF22+]
// user_pref("dom.webnotifications.serviceworker.enabled", false); // [FF44+]
// user_pref("dom.webnotifications.enabled", false);
/* 7019: disable Push Notifications [FF44+]
* [WHY] Push requires subscription
* [WHY] Website "push" requires subscription, and the API is required for CRLite (1224)
* [NOTE] To remove all subscriptions, reset "dom.push.userAgentID"
* [1] https://support.mozilla.org/kb/push-notifications-firefox ***/
// user_pref("dom.push.enabled", false);
@ -1133,6 +1164,10 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
* [1] https://groups.google.com/g/discuss-webrtc/c/6stQXi72BEU/m/2FwZd24UAQAJ
* [2] https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates#section-3.1.1 ***/
// user_pref("media.peerconnection.enabled", false);
/* 7021: enable GPC (Global Privacy Control) in non-PB windows
* [WHY] Passive and active fingerprinting. Mostly redundant with Tracking Protection
* in ETP Strict (2701) and sanitizing on close (2800s) ***/
// user_pref("privacy.globalprivacycontrol.enabled", true);
/*** [SECTION 8000]: DON'T BOTHER: FINGERPRINTING
[WHY] They are insufficient to help anti-fingerprinting and do more harm than good
@ -1166,50 +1201,82 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan
/*** [SECTION 9000]: NON-PROJECT RELATED ***/
user_pref("_user.js.parrot", "9000 syntax error: the parrot's cashed in 'is chips!");
/* 9001: disable welcome notices ***/
user_pref("browser.startup.homepage_override.mstone", "ignore");
user_pref("browser.startup.homepage_override.mstone", "ignore"); // [HIDDEN PREF]
/* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
/* 9003: disable What's New toolbar icon [FF69+] ***/
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
/* 9004: disable search terms [FF110+]
* [SETTING] Search>Search Bar>Use the address bar for search and navigation>Show search terms instead of URL... ***/
user_pref("browser.urlbar.showSearchTerms.enabled", false);
/*** [SECTION 9999]: DEPRECATED / REMOVED / LEGACY / RENAMED
Documentation denoted as [-]. Items deprecated prior to FF91 have been archived at [1]
[1] https://github.com/arkenfox/user.js/issues/123
***/
/*** [SECTION 9999]: DEPRECATED / RENAMED ***/
user_pref("_user.js.parrot", "9999 syntax error: the parrot's shuffled off 'is mortal coil!");
/* ESR102.x still uses all the following prefs
/* ESR115.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable active ones
// FF103
// 2801: delete cookies and site data on exit - replaced by sanitizeOnShutdown* (2810)
// 0=keep until they expire (default), 2=keep until you close Firefox
// [SETTING] Privacy & Security>Cookies and Site Data>Delete cookies and site data when Firefox is closed
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1681493,1681495,1681498,1759665,1764761
user_pref("network.cookie.lifetimePolicy", 2);
// 6012: disable SHA-1 certificates
// [-] https://bugzilla.mozilla.org/1766687
// user_pref("security.pki.sha1_enforcement_level", 1); // [DEFAULT: 1]
// FF114
// 2816: set cache to clear on exit [FF96+]
// [NOTE] We already disable disk cache (1001) and clear on exit (2811) which is more robust
// [1] https://bugzilla.mozilla.org/1671182
// [-] https://bugzilla.mozilla.org/1821651
// user_pref("privacy.clearsitedata.cache.enabled", true);
// 4505: experimental RFP [FF91+]
// [-] https://bugzilla.mozilla.org/1824235
// user_pref("privacy.resistFingerprinting.testGranularityMask", 0);
// 5017: disable Form Autofill heuristics
// Heuristics controls Form Autofill on forms without @autocomplete attributes
// [-] https://bugzilla.mozilla.org/1829670
// user_pref("extensions.formautofill.heuristics.enabled", false); // [FF55+]
// FF115
// 7001: disable offline cache (appCache)
// [NOTE] appCache storage capability was removed in FF90
// [-] https://bugzilla.mozilla.org/1677718
// user_pref("browser.cache.offline.enable", false);
// FF116
// 4506: set RFP's font visibility level (1402) [FF94+]
// [-] https://bugzilla.mozilla.org/1838415
// user_pref("layout.css.font-visibility.resistFingerprinting", 1); // [DEFAULT: 1]
// FF117
// 1221: disable Windows Microsoft Family Safety cert [FF50+] [WINDOWS]
// 0=disable detecting Family Safety mode and importing the root
// 1=only attempt to detect Family Safety mode (don't import the root)
// 2=detect Family Safety mode and import the root
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21686
// [-] https://bugzilla.mozilla.org/1844908
user_pref("security.family_safety.mode", 0);
// 7018: disable service worker Web Notifications [FF44+]
// [WHY] Web Notifications are behind a prompt (7002)
// [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/
// [-] https://bugzilla.mozilla.org/1842457
// user_pref("dom.webnotifications.serviceworker.enabled", false);
// FF118
// 1402: limit font visibility (Windows, Mac, some Linux) [FF94+]
// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
// In normal windows: uses the first applicable: RFP over TP over Standard
// In Private Browsing windows: uses the most restrictive between normal and private
// 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
// [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
// [-] https://bugzilla.mozilla.org/1847599
// user_pref("layout.css.font-visibility.private", 1);
// user_pref("layout.css.font-visibility.standard", 1);
// user_pref("layout.css.font-visibility.trackingprotection", 1);
// 2623: disable permissions delegation [FF73+]
// Currently applies to cross-origin geolocation, camera, mic and screen-sharing
// permissions, and fullscreen requests. Disabling delegation means any prompts
// for these will show/use their correct 3rd party origin
// [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
// [-] https://bugzilla.mozilla.org/1697151
// user_pref("permissions.delegation.enabled", false);
// FF119
// 0211: use en-US locale regardless of the system or region locale
// [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630
// [-] https://bugzilla.mozilla.org/1846224
// user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// 0711: disable skipping DoH when parental controls are enabled [FF70+]
// [-] https://bugzilla.mozilla.org/1586941
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
// FF123
// 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
// Defense-in-depth: currently covered by 0331
// [-] https://bugzilla.mozilla.org/1868988
user_pref("browser.ping-centre.telemetry", false);
// FF126
// 9003: disable What's New toolbar icon [FF69+]
// [-] https://bugzilla.mozilla.org/1724300
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
// FF127
// 2630: disable content analysis by DLP (Data Loss Prevention) agents - replaced by default_result
// [-] https://bugzilla.mozilla.org/1880314
user_pref("browser.contentanalysis.default_allow", false);
// 4511: enforce non-native widget theme
// Security: removes/reduces system API calls, e.g. win32k API [1]
// Fingerprinting: provides a uniform look and feel across platforms [2]
// [1] https://bugzilla.mozilla.org/1381938
// [2] https://bugzilla.mozilla.org/1411425
// [-] https://bugzilla.mozilla.org/1848899
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
// ***/
/* END: internal custom pref to test for syntax errors ***/

BIN
wikipiki/icon-librewolf.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
wikipiki/icon-mull.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

BIN
wikipiki/icon-mullvadbrowser.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
wikipiki/icon-torbrowser.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.0 KiB