Git-Mirrors/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-09-30 05:06:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Git-Mirrors:master
Branches Tags
Git-Mirrors:master
Git-Mirrors:Thorin-Oakenpants-patch-1
Git-Mirrors:128.0
Git-Mirrors:126.1
Git-Mirrors:126.0
Git-Mirrors:122.0
Git-Mirrors:119.0
Git-Mirrors:118.0
Git-Mirrors:117.0
Git-Mirrors:115.1
Git-Mirrors:115.0
Git-Mirrors:112.0
Git-Mirrors:111.0
Git-Mirrors:110.0
Git-Mirrors:v110.0
Git-Mirrors:109.0
Git-Mirrors:108.0
Git-Mirrors:107.0
Git-Mirrors:106.0
Git-Mirrors:105.0
Git-Mirrors:104.0
Git-Mirrors:103.0
Git-Mirrors:102.1
Git-Mirrors:102.0
Git-Mirrors:101.0
Git-Mirrors:100.0
Git-Mirrors:99.0
Git-Mirrors:98.0
Git-Mirrors:97.0
Git-Mirrors:96.0
Git-Mirrors:95.0
Git-Mirrors:94.1
Git-Mirrors:94.0
Git-Mirrors:91.1
Git-Mirrors:93.0
Git-Mirrors:92.0
Git-Mirrors:91.0
Git-Mirrors:90.0
Git-Mirrors:89.0
Git-Mirrors:88.0
Git-Mirrors:87.0
Git-Mirrors:86.0
Git-Mirrors:85.0
Git-Mirrors:84.0
Git-Mirrors:83.0
Git-Mirrors:82.0
Git-Mirrors:v82.0-beta
Git-Mirrors:81.0
Git-Mirrors:v81.0-beta
Git-Mirrors:80.0
Git-Mirrors:v80.0-beta
Git-Mirrors:79.0
Git-Mirrors:v79.0-beta
Git-Mirrors:78.0
Git-Mirrors:v78.0-beta
Git-Mirrors:77.0
Git-Mirrors:v77.0-beta
Git-Mirrors:76.0
Git-Mirrors:v76.0-beta
Git-Mirrors:75.0
Git-Mirrors:v75.0-beta
Git-Mirrors:74.0
Git-Mirrors:v74.0-beta
Git-Mirrors:73.0
Git-Mirrors:v73.0-beta
Git-Mirrors:72.0
Git-Mirrors:v72.0-beta
Git-Mirrors:71.0
Git-Mirrors:v71.0-beta
Git-Mirrors:70.0
Git-Mirrors:v70.0-beta
Git-Mirrors:69.0
Git-Mirrors:v69.0-beta
Git-Mirrors:68.0
Git-Mirrors:v68.0-beta
Git-Mirrors:67.0
Git-Mirrors:v67.0-beta
Git-Mirrors:66.0
Git-Mirrors:v66.0-beta
Git-Mirrors:65.0
Git-Mirrors:v65.0-beta
Git-Mirrors:64.0
Git-Mirrors:v64.0-beta
Git-Mirrors:63.0
Git-Mirrors:v63.0-beta
Git-Mirrors:62.0
Git-Mirrors:v62.0-beta
Git-Mirrors:61.0
Git-Mirrors:v61.0-beta
Git-Mirrors:60.0
Git-Mirrors:v60.0-beta
Git-Mirrors:59.0
Git-Mirrors:v59.0-alpha
Git-Mirrors:58.0
Git-Mirrors:v58.0-alpha
Git-Mirrors:57.0
Git-Mirrors:v57.0-alpha
Git-Mirrors:56.0
Git-Mirrors:v56.0-alpha
Git-Mirrors:55.0
Git-Mirrors:v55.0-alpha
Git-Mirrors:54.0
Git-Mirrors:v54.0-alpha-rev1
Git-Mirrors:v54.0-alpha
Git-Mirrors:53.0
Git-Mirrors:v53.0-alpha
Git-Mirrors:52.0
Git-Mirrors:v52.0-alpha
Git-Mirrors:51.0
..
compare: Git-Mirrors:117.0
Branches Tags
Git-Mirrors:Thorin-Oakenpants-patch-1
Git-Mirrors:master
Git-Mirrors:128.0
Git-Mirrors:126.1
Git-Mirrors:126.0
Git-Mirrors:122.0
Git-Mirrors:119.0
Git-Mirrors:118.0
Git-Mirrors:117.0
Git-Mirrors:115.1
Git-Mirrors:115.0
Git-Mirrors:112.0
Git-Mirrors:111.0
Git-Mirrors:110.0
Git-Mirrors:v110.0
Git-Mirrors:109.0
Git-Mirrors:108.0
Git-Mirrors:107.0
Git-Mirrors:106.0
Git-Mirrors:105.0
Git-Mirrors:104.0
Git-Mirrors:103.0
Git-Mirrors:102.1
Git-Mirrors:102.0
Git-Mirrors:101.0
Git-Mirrors:100.0
Git-Mirrors:99.0
Git-Mirrors:98.0
Git-Mirrors:97.0
Git-Mirrors:96.0
Git-Mirrors:95.0
Git-Mirrors:94.1
Git-Mirrors:94.0
Git-Mirrors:91.1
Git-Mirrors:93.0
Git-Mirrors:92.0
Git-Mirrors:91.0
Git-Mirrors:90.0
Git-Mirrors:89.0
Git-Mirrors:88.0
Git-Mirrors:87.0
Git-Mirrors:86.0
Git-Mirrors:85.0
Git-Mirrors:84.0
Git-Mirrors:83.0
Git-Mirrors:82.0
Git-Mirrors:v82.0-beta
Git-Mirrors:81.0
Git-Mirrors:v81.0-beta
Git-Mirrors:80.0
Git-Mirrors:v80.0-beta
Git-Mirrors:79.0
Git-Mirrors:v79.0-beta
Git-Mirrors:78.0
Git-Mirrors:v78.0-beta
Git-Mirrors:77.0
Git-Mirrors:v77.0-beta
Git-Mirrors:76.0
Git-Mirrors:v76.0-beta
Git-Mirrors:75.0
Git-Mirrors:v75.0-beta
Git-Mirrors:74.0
Git-Mirrors:v74.0-beta
Git-Mirrors:73.0
Git-Mirrors:v73.0-beta
Git-Mirrors:72.0
Git-Mirrors:v72.0-beta
Git-Mirrors:71.0
Git-Mirrors:v71.0-beta
Git-Mirrors:70.0
Git-Mirrors:v70.0-beta
Git-Mirrors:69.0
Git-Mirrors:v69.0-beta
Git-Mirrors:68.0
Git-Mirrors:v68.0-beta
Git-Mirrors:67.0
Git-Mirrors:v67.0-beta
Git-Mirrors:66.0
Git-Mirrors:v66.0-beta
Git-Mirrors:65.0
Git-Mirrors:v65.0-beta
Git-Mirrors:64.0
Git-Mirrors:v64.0-beta
Git-Mirrors:63.0
Git-Mirrors:v63.0-beta
Git-Mirrors:62.0
Git-Mirrors:v62.0-beta
Git-Mirrors:61.0
Git-Mirrors:v61.0-beta
Git-Mirrors:60.0
Git-Mirrors:v60.0-beta
Git-Mirrors:59.0
Git-Mirrors:v59.0-alpha
Git-Mirrors:58.0
Git-Mirrors:v58.0-alpha
Git-Mirrors:57.0
Git-Mirrors:v57.0-alpha
Git-Mirrors:56.0
Git-Mirrors:v56.0-alpha
Git-Mirrors:55.0
Git-Mirrors:v55.0-alpha
Git-Mirrors:54.0
Git-Mirrors:v54.0-alpha-rev1
Git-Mirrors:v54.0-alpha
Git-Mirrors:53.0
Git-Mirrors:v53.0-alpha
Git-Mirrors:52.0
Git-Mirrors:v52.0-alpha
Git-Mirrors:51.0

No commits in common. "master" and "117.0" have entirely different histories.
master ... 117.0

8 changed files with 658 additions and 314 deletions
Show Stats Expand all files Collapse all files

25
prefsCleaner.sh
View File

@ -2,12 +2,23 @@
## prefs.js cleaner for Linux/Mac
## author: @claustromaniac
## version: 2.1
## version: 1.9
## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh
## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in update_prefsCleaner() )
# Check if running as root and if any files have the owner/group as root/wheel.
if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
printf "You shouldn't run this with elevated privileges (such as with doas/sudo).\n"
exit 1
elif [ -n "$(find ./ -user 0 -o -group 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0 -o -group 0
exit 1
fi
readonly CURRDIR=$(pwd)
## get the full path of this script (readlink for Linux, greadlink for Mac with coreutils installed)
@ -132,23 +143,13 @@ done
## change directory to the Firefox profile directory
cd "$(dirname "${SCRIPT_FILE}")"
# Check if running as root and if any files have the owner as root/wheel.
if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
fQuit 1 "You shouldn't run this with elevated privileges (such as with doas/sudo)."
elif [ -n "$(find ./ -user 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0
fQuit 1
fi
[ "$AUTOUPDATE" = true ] && update_prefsCleaner "$@"
echo -e "\n\n"
echo " ╔══════════════════════════╗"
echo " ║ prefs.js cleaner ║"
echo " ║ by claustromaniac ║"
echo " ║ v2.1 ║"
echo " ║ v1.9 ║"
echo " ╚══════════════════════════╝"
echo -e "\nThis script should be run from your Firefox profile directory.\n"
echo "It will remove any entries from prefs.js that also exist in user.js."

435
scratchpad-scripts/arkenfox-cleanup.js
View File

@ -1,12 +1,9 @@
/***
This will reset the preferences that since FF91 have been
This will reset the preferences that have been
- removed from the arkenfox user.js
- deprecated by Mozilla but listed in the arkenfox user.js in the past
There is an archived version at https://github.com/arkenfox/user.js/issues/123
if you want the full list since jesus
Last updated: 6-August-2024
Last updated: 16-September-2023
Instructions:
- [optional] close Firefox and backup your profile
@ -35,20 +32,10 @@
const aPREFS = [
/* DEPRECATED */
/* 116-128 */
'browser.contentanalysis.default_allow', // 127
'browser.messaging-system.whatsNewPanel.enabled', // 126
'browser.ping-centre.telemetry', // 123
/* 116+ */
'dom.webnotifications.serviceworker.enabled', // 117
'javascript.use_us_english_locale', // 119
'layout.css.font-visibility.private', // 118
'layout.css.font-visibility.resistFingerprinting', // 116
'layout.css.font-visibility.standard', // 118
'layout.css.font-visibility.trackingprotection', // 118
'network.dns.skipTRR-when-parental-control-enabled', // 119
'permissions.delegation.enabled', // 118
'security.family_safety.mode', // 117
'widget.non-native-theme.enabled', // 127
/* 103-115 */
'browser.cache.offline.enable', // 115
'extensions.formautofill.heuristics.enabled', // 114
@ -69,20 +56,198 @@
'security.csp.enable', // 99
'security.password_lifetime', // 102
'security.ssl3.rsa_des_ede3_sha', // 93
/* 79-91 */
'browser.cache.offline.storage.enable',
'browser.download.hide_plugins_without_extensions',
'browser.library.activity-stream.enabled',
'browser.search.geoSpecificDefaults',
'browser.search.geoSpecificDefaults.url',
'dom.ipc.plugins.flash.subprocess.crashreporter.enabled',
'dom.ipc.plugins.reportCrashURL',
'dom.w3c_pointer_events.enabled',
'intl.charset.fallback.override',
'network.ftp.enabled',
'plugin.state.flash',
'security.mixed_content.block_object_subrequest',
'security.ssl.errorReporting.automatic',
'security.ssl.errorReporting.enabled',
'security.ssl.errorReporting.url',
/* 69-78 */
'browser.newtabpage.activity-stream.telemetry.ping.endpoint',
'browser.tabs.remote.allowLinkedWebInFileUriProcess',
'browser.urlbar.oneOffSearches',
'devtools.webide.autoinstallADBExtension',
'devtools.webide.enabled',
'dom.indexedDB.enabled',
'extensions.blocklist.url',
'geo.wifi.logging.enabled',
'geo.wifi.uri',
'gfx.downloadable_fonts.woff2.enabled',
'media.autoplay.allow-muted',
'media.autoplay.enabled.user-gestures-needed',
'offline-apps.allow_by_default',
'plugins.click_to_play',
'privacy.userContext.longPressBehavior',
'toolkit.cosmeticAnimations.enabled',
'toolkit.telemetry.hybridContent.enabled',
'webgl.disable-extensions',
/* 61-68 */
'app.update.enabled',
'browser.aboutHomeSnippets.updateUrl',
'browser.chrome.errorReporter.enabled',
'browser.chrome.errorReporter.submitUrl',
'browser.chrome.favicons',
'browser.ctrlTab.previews',
'browser.fixup.hide_user_pass',
'browser.newtabpage.activity-stream.asrouter.userprefs.cfr',
'browser.newtabpage.activity-stream.disableSnippets',
'browser.onboarding.enabled',
'browser.search.countryCode',
'browser.urlbar.autocomplete.enabled',
'devtools.webide.adbAddonURL',
'devtools.webide.autoinstallADBHelper',
'dom.event.highrestimestamp.enabled',
'experiments.activeExperiment',
'experiments.enabled',
'experiments.manifest.uri',
'experiments.supported',
'lightweightThemes.update.enabled',
'media.autoplay.enabled',
'network.allow-experiments',
'network.cookie.lifetime.days',
'network.jar.block-remote-files',
'network.jar.open-unsafe-types',
'plugin.state.java',
'security.csp.enable_violation_events',
'security.csp.experimentalEnabled',
'shield.savant.enabled',
/* 60 or earlier */
'browser.bookmarks.showRecentlyBookmarked',
'browser.casting.enabled',
'browser.crashReports.unsubmittedCheck.autoSubmit',
'browser.formautofill.enabled',
'browser.formfill.saveHttpsForms',
'browser.fullscreen.animate',
'browser.history.allowPopState',
'browser.history.allowPushState',
'browser.history.allowReplaceState',
'browser.newtabpage.activity-stream.enabled',
'browser.newtabpage.directory.ping',
'browser.newtabpage.directory.source',
'browser.newtabpage.enhanced',
'browser.newtabpage.introShown',
'browser.pocket.api',
'browser.pocket.enabled',
'browser.pocket.oAuthConsumerKey',
'browser.pocket.site',
'browser.polaris.enabled',
'browser.safebrowsing.appRepURL',
'browser.safebrowsing.enabled',
'browser.safebrowsing.gethashURL',
'browser.safebrowsing.malware.reportURL',
'browser.safebrowsing.provider.google.appRepURL',
'browser.safebrowsing.reportErrorURL',
'browser.safebrowsing.reportGenericURL',
'browser.safebrowsing.reportMalwareErrorURL',
'browser.safebrowsing.reportMalwareMistakeURL',
'browser.safebrowsing.reportMalwareURL',
'browser.safebrowsing.reportPhishMistakeURL',
'browser.safebrowsing.reportURL',
'browser.safebrowsing.updateURL',
'browser.search.showOneOffButtons',
'browser.selfsupport.enabled',
'browser.selfsupport.url',
'browser.sessionstore.privacy_level_deferred',
'browser.tabs.animate',
'browser.trackingprotection.gethashURL',
'browser.trackingprotection.updateURL',
'browser.urlbar.unifiedcomplete',
'browser.usedOnWindows10.introURL',
'camera.control.autofocus_moving_callback.enabled',
'camera.control.face_detection.enabled',
'datareporting.healthreport.about.reportUrl',
'datareporting.healthreport.about.reportUrlUnified',
'datareporting.healthreport.documentServerURI',
'datareporting.healthreport.service.enabled',
'datareporting.policy.dataSubmissionEnabled.v2',
'devtools.webide.autoinstallFxdtAdapters',
'dom.archivereader.enabled',
'dom.beforeAfterKeyboardEvent.enabled',
'dom.disable_image_src_set',
'dom.disable_window_open_feature.scrollbars',
'dom.disable_window_status_change',
'dom.enable_user_timing',
'dom.flyweb.enabled',
'dom.idle-observers-api.enabled',
'dom.keyboardevent.code.enabled',
'dom.network.enabled',
'dom.push.udp.wakeupEnabled',
'dom.telephony.enabled',
'dom.vr.oculus050.enabled',
'dom.workers.enabled',
'dom.workers.sharedWorkers.enabled',
'extensions.formautofill.experimental',
'extensions.screenshots.system-disabled',
'extensions.shield-recipe-client.api_url',
'extensions.shield-recipe-client.enabled',
'full-screen-api.approval-required',
'general.useragent.locale',
'geo.security.allowinsecure',
'intl.locale.matchOS',
'loop.enabled',
'loop.facebook.appId',
'loop.facebook.enabled',
'loop.facebook.fallbackUrl',
'loop.facebook.shareUrl',
'loop.feedback.formURL',
'loop.feedback.manualFormURL',
'loop.logDomains',
'loop.server',
'media.block-play-until-visible',
'media.eme.apiVisible',
'media.eme.chromium-api.enabled',
'media.getusermedia.screensharing.allow_on_old_platforms',
'media.getusermedia.screensharing.allowed_domains',
'media.gmp-eme-adobe.autoupdate',
'media.gmp-eme-adobe.enabled',
'media.gmp-eme-adobe.visible',
'network.http.referer.userControlPolicy',
'network.http.sendSecureXSiteReferrer',
'network.http.spdy.enabled.http2draft',
'network.http.spdy.enabled.v3-1',
'network.websocket.enabled',
'pageThumbs.enabled',
'pfs.datasource.url',
'plugin.scan.Acrobat',
'plugin.scan.Quicktime',
'plugin.scan.WindowsMediaPlayer',
'plugins.enumerable_names',
'plugins.update.notifyUser',
'plugins.update.url',
'privacy.clearOnShutdown.passwords',
'privacy.donottrackheader.value',
'security.mixed_content.send_hsts_priming',
'security.mixed_content.use_hsts',
'security.ssl3.ecdhe_ecdsa_rc4_128_sha',
'security.ssl3.ecdhe_rsa_rc4_128_sha',
'security.ssl3.rsa_rc4_128_md5',
'security.ssl3.rsa_rc4_128_sha',
'security.tls.insecure_fallback_hosts.use_static_list',
'security.tls.unrestricted_rc4_fallback',
'security.xpconnect.plugin.unrestricted',
'social.directories',
'social.enabled',
'social.remote-install.enabled',
'social.share.activationPanelEnabled',
'social.shareDirectory',
'social.toast-notifications.enabled',
'social.whitelist',
'toolkit.telemetry.unifiedIsOptIn',
/* REMOVED */
/* 116-128 */
'browser.fixup.alternate.enabled',
'browser.taskbar.previews.enable',
'browser.urlbar.dnsResolveSingleWordsAfterSearch',
'geo.provider.network.url',
'geo.provider.network.logging.enabled',
'geo.provider.use_gpsd',
/* 116+ */
'media.gmp-widevinecdm.enabled',
'network.protocol-handler.external.ms-windows-store',
'privacy.partition.always_partition_third_party_non_cookie_storage',
'privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage',
'privacy.partition.serviceWorkers',
/* 103-115 */
'beacon.enabled',
'browser.startup.blankWindow',
@ -118,6 +283,224 @@
'privacy.firstparty.isolate.use_site',
'privacy.window.name.update.enabled',
'security.insecure_connection_text.enabled',
/* 79-91 */
'alerts.showFavicons',
'browser.newtabpage.activity-stream.asrouter.providers.snippets',
'browser.send_pings.require_same_host',
'browser.urlbar.usepreloadedtopurls.enabled',
'dom.allow_cut_copy',
'dom.battery.enabled',
'dom.IntersectionObserver.enabled',
'dom.storage.enabled',
'dom.vibrator.enabled',
'extensions.screenshots.upload-disabled',
'general.warnOnAboutConfig',
'gfx.direct2d.disabled',
'layers.acceleration.disabled',
'media.getusermedia.audiocapture.enabled',
'media.getusermedia.browser.enabled',
'media.getusermedia.screensharing.enabled',
'media.gmp-widevinecdm.visible',
'media.media-capabilities.enabled',
'network.http.redirection-limit',
'privacy.partition.network_state',
'security.insecure_connection_icon.enabled',
'security.mixed_content.block_active_content',
'security.ssl.enable_ocsp_stapling',
'security.ssl3.dhe_rsa_aes_128_sha',
'security.ssl3.dhe_rsa_aes_256_sha',
'webgl.min_capability_mode',
/* 69-78 */
'browser.cache.disk_cache_ssl',
'browser.search.geoip.url',
'browser.search.region',
'browser.sessionhistory.max_entries',
'dom.push.connection.enabled',
'dom.push.serverURL',
'extensions.getAddons.discovery.api_url',
'extensions.htmlaboutaddons.discover.enabled',
'extensions.webservice.discoverURL',
'intl.locale.requested',
'intl.regional_prefs.use_os_locales',
'media.block-autoplay-until-in-foreground',
'middlemouse.paste',
'plugin.sessionPermissionNow.intervalInMinutes',
'privacy.usercontext.about_newtab_segregation.enabled',
'security.insecure_connection_icon.pbmode.enabled',
'security.insecure_connection_text.pbmode.enabled',
'webgl.dxgl.enabled',
/* 61-68 */
'app.update.service.enabled',
'app.update.silent',
'app.update.staging.enabled',
'browser.cache.disk.capacity',
'browser.cache.disk.smart_size.enabled',
'browser.cache.disk.smart_size.first_run',
'browser.cache.offline.insecure.enable',
'browser.contentblocking.enabled',
'browser.laterrun.enabled',
'browser.offline-apps.notify',
'browser.rights.3.shown',
'browser.safebrowsing.blockedURIs.enabled',
'browser.safebrowsing.downloads.remote.block_dangerous',
'browser.safebrowsing.downloads.remote.block_dangerous_host',
'browser.safebrowsing.provider.google.gethashURL',
'browser.safebrowsing.provider.google.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google.reportPhishMistakeURL',
'browser.safebrowsing.provider.google.reportURL',
'browser.safebrowsing.provider.google.updateURL',
'browser.safebrowsing.provider.google4.dataSharing.enabled',
'browser.safebrowsing.provider.google4.dataSharingURL',
'browser.safebrowsing.provider.google4.gethashURL',
'browser.safebrowsing.provider.google4.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google4.reportPhishMistakeURL',
'browser.safebrowsing.provider.google4.reportURL',
'browser.safebrowsing.provider.google4.updateURL',
'browser.safebrowsing.provider.mozilla.gethashURL',
'browser.safebrowsing.provider.mozilla.updateURL',
'browser.safebrowsing.reportPhishURL',
'browser.sessionhistory.max_total_viewers',
'browser.sessionstore.max_windows_undo',
'browser.slowStartup.maxSamples',
'browser.slowStartup.notificationDisabled',
'browser.slowStartup.samples',
'browser.storageManager.enabled',
'browser.urlbar.autoFill.typed',
'browser.urlbar.filter.javascript',
'browser.urlbar.maxHistoricalSearchSuggestions',
'browser.urlbar.userMadeSearchSuggestionsChoice',
'canvas.capturestream.enabled',
'dom.allow_scripts_to_close_windows',
'dom.disable_window_flip',
'dom.forms.datetime',
'dom.imagecapture.enabled',
'dom.popup_maximum',
'extensions.webextensions.keepStorageOnUninstall',
'extensions.webextensions.keepUuidOnUninstall',
'font.blacklist.underline_offset',
'font.name.monospace.x-unicode',
'font.name.monospace.x-western',
'font.name.sans-serif.x-unicode',
'font.name.sans-serif.x-western',
'font.name.serif.x-unicode',
'font.name.serif.x-western',
'gfx.offscreencanvas.enabled',
'javascript.options.shared_memory',
'layout.css.font-loading-api.enabled',
'media.gmp-gmpopenh264.autoupdate',
'media.gmp-gmpopenh264.enabled',
'media.gmp-manager.updateEnabled',
'media.gmp-manager.url',
'media.gmp-manager.url.override',
'media.gmp-widevinecdm.autoupdate',
'media.gmp.trial-create.enabled',
'media.navigator.video.enabled',
'media.peerconnection.ice.tcp',
'media.peerconnection.identity.enabled',
'media.peerconnection.identity.timeout',
'media.peerconnection.turn.disable',
'media.peerconnection.use_document_iceservers',
'media.peerconnection.video.enabled',
'network.auth.subresource-img-cross-origin-http-auth-allow',
'network.cookie.leave-secure-alone',
'network.cookie.same-site.enabled',
'network.dnsCacheEntries',
'network.dnsCacheExpiration',
'network.http.fast-fallback-to-IPv4',
'network.proxy.autoconfig_url.include_path',
'offline-apps.quota.warn',
'pdfjs.enableWebGL',
'plugin.default.state',
'plugin.defaultXpi.state',
'plugin.scan.plid.all',
'privacy.trackingprotection.annotate_channels',
'privacy.trackingprotection.lower_network_priority',
'privacy.trackingprotection.pbmode.enabled',
'privacy.trackingprotection.ui.enabled',
'security.data_uri.block_toplevel_data_uri_navigations',
'security.insecure_field_warning.contextual.enabled',
'security.insecure_password.ui.enabled',
'security.tls.version.fallback-limit',
'services.blocklist.addons.collection',
'services.blocklist.gfx.collection',
'services.blocklist.onecrl.collection',
'services.blocklist.plugins.collection',
'services.blocklist.signing.enforced',
'services.blocklist.update_enabled',
'signon.autofillForms.http',
'signon.storeWhenAutocompleteOff',
'toolkit.telemetry.cachedClientID',
'urlclassifier.trackingTable',
'xpinstall.whitelist.required',
/* 60 or lower */
'browser.migrate.automigrate.enabled',
'browser.search.geoip.timeout',
'browser.search.reset.enabled',
'browser.search.reset.whitelist',
'browser.stopReloadAnimation.enabled',
'browser.tabs.insertRelatedAfterCurrent',
'browser.tabs.loadDivertedInBackground',
'browser.tabs.loadInBackground',
'browser.tabs.selectOwnerOnClose',
'browser.urlbar.clickSelectsAll',
'browser.urlbar.doubleClickSelectsAll',
'device.storage.enabled',
'dom.keyboardevent.dispatch_during_composition',
'dom.presentation.controller.enabled',
'dom.presentation.discoverable',
'dom.presentation.discovery.enabled',
'dom.presentation.enabled',
'dom.presentation.receiver.enabled',
'dom.presentation.session_transport.data_channel.enable',
'dom.vr.oculus.enabled',
'dom.vr.openvr.enabled',
'dom.vr.osvr.enabled',
'extensions.pocket.api',
'extensions.pocket.oAuthConsumerKey',
'extensions.pocket.site',
'general.useragent.compatMode.firefox',
'geo.wifi.xhr.timeout',
'gfx.layerscope.enabled',
'media.flac.enabled',
'media.mediasource.enabled',
'media.mediasource.mp4.enabled',
'media.mediasource.webm.audio.enabled',
'media.mediasource.webm.enabled',
'media.mp4.enabled',
'media.ogg.enabled',
'media.ogg.flac.enabled',
'media.opus.enabled',
'media.raw.enabled',
'media.wave.enabled',
'media.webm.enabled',
'media.webspeech.recognition.enable',
'media.wmf.amd.vp9.enabled',
'media.wmf.enabled',
'media.wmf.vp9.enabled',
'network.dns.blockDotOnion',
'network.stricttransportsecurity.preloadlist',
'security.block_script_with_wrong_mime',
'security.fileuri.strict_origin_policy',
'security.sri.enable',
'services.sync.enabled',
'ui.submenuDelay',
'webextensions.storage.sync.enabled',
'webextensions.storage.sync.serverURL',
// excluding these e10 settings
// 'browser.tabs.remote.autostart',
// 'browser.tabs.remote.autostart.2',
// 'browser.tabs.remote.force-enable',
// 'browser.tabs.remote.separateFileUriProcess',
// 'extensions.e10sBlocksEnabling',
// 'extensions.webextensions.remote',
// 'dom.ipc.processCount',
// 'dom.ipc.shims.enabledWarnings',
// 'dom.ipc.processCount.extension',
// 'dom.ipc.processCount.file',
// 'security.sandbox.content.level',
// 'dom.ipc.plugins.sandbox-level.default',
// 'dom.ipc.plugins.sandbox-level.flash',
// 'security.sandbox.logging.enabled',
/* IMPORTANT: last active pref must not have a trailing comma */
/* reset parrot: check your open about:config after running the script */

8
updater.sh
View File

@ -2,7 +2,7 @@
## arkenfox user.js updater for macOS and Linux
## version: 4.0
## version: 3.9
## Author: Pat Johnson (@overdodactyl)
## Additional contributors: @earthlng, @ema-pe, @claustromaniac, @infinitewarp
@ -393,11 +393,11 @@ update_updater "$@"
getProfilePath # updates PROFILE_PATH or exits on error
cd "$PROFILE_PATH" || exit 1
# Check if any files have the owner as root/wheel.
if [ -n "$(find ./ -user 0)" ]; then
# Check if any files have the owner/group as root/wheel.
if [ -n "$(find ./ -user 0 -o -group 0)" ]; then
printf 'It looks like this script was previously run with elevated privileges,
you will need to change ownership of the following files to your user:\n'
find . -user 0
find . -user 0 -o -group 0
cd "$CURRDIR"
exit 1
fi

504
user.js
View File

@ -1,9 +1,8 @@
/******
* name: arkenfox user.js
* date: 26 August 2024
* version: 128
* urls: https://github.com/arkenfox/user.js [repo]
* : https://arkenfox.github.io/gui/ [interactive]
* date: 17 September 2023
* version: 117
* url: https://github.com/arkenfox/user.js
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
* README:
@ -27,20 +26,20 @@
* RELEASES: https://github.com/arkenfox/user.js/releases
* Use the arkenfox release that matches your Firefox version
- DON'T wait for arkenfox to update Firefox, nothing major changes these days
* Each release
- run prefsCleaner to reset prefs made inactive, including deprecated (9999)
* ESR
- It is recommended to not use the updater, or you will get a later version which may cause issues.
So you should manually append your overrides (and keep a copy), and manually update when you
change ESR releases (arkenfox is already past that release)
- If you decide to keep updating, then the onus is on you - also see section 9999
* It is best to use the arkenfox release that is optimized for and matches your Firefox version
* EVERYONE: each release
- run prefsCleaner to reset prefs made inactive, including deprecated (9999s)
ESR102
- If you are not using arkenfox v102-1... (not a definitive list)
- 2815: clearOnShutdown cookies + offlineApps should be false
- 9999: switch the appropriate deprecated section(s) back on
* ESR115
- use https://github.com/arkenfox/user.js/releases/tag/115.1
* INDEX:
0100: STARTUP
0200: GEOLOCATION
0200: GEOLOCATION / LANGUAGE / LOCALE
0300: QUIETER FOX
0400: SAFE BROWSING
0600: BLOCK IMPLICIT OUTBOUND
@ -49,6 +48,7 @@
0900: PASSWORDS
1000: DISK AVOIDANCE
1200: HTTPS (SSL/TLS / OCSP / CERTS / HPKP)
1400: FONTS
1600: REFERERS
1700: CONTAINERS
2000: PLUGINS / MEDIA / WEBRTC
@ -56,15 +56,14 @@
2600: MISCELLANEOUS
2700: ETP (ENHANCED TRACKING PROTECTION)
2800: SHUTDOWN & SANITIZING
4000: FPP (fingerprintingProtection)
4500: OPTIONAL RFP (resistFingerprinting)
4500: RFP (RESIST FINGERPRINTING)
5000: OPTIONAL OPSEC
5500: OPTIONAL HARDENING
6000: DON'T TOUCH
7000: DON'T BOTHER
8000: DON'T BOTHER: FINGERPRINTING
9000: NON-PROJECT RELATED
9999: DEPRECATED / RENAMED
9999: DEPRECATED / REMOVED / LEGACY / RENAMED
******/
@ -95,18 +94,31 @@ user_pref("browser.startup.homepage", "about:blank");
user_pref("browser.newtabpage.enabled", false);
/* 0105: disable sponsored content on Firefox Home (Activity Stream)
* [SETTING] Home>Firefox Home Content ***/
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+]
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Shortcuts>Sponsored shortcuts
user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+] Pocket > Sponsored Stories
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Sponsored shortcuts
/* 0106: clear default topsites
* [NOTE] This does not block you from adding your own ***/
user_pref("browser.newtabpage.activity-stream.default.sites", "");
/*** [SECTION 0200]: GEOLOCATION ***/
/*** [SECTION 0200]: GEOLOCATION / LANGUAGE / LOCALE ***/
user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!");
/* 0201: use Mozilla geolocation service instead of Google if permission is granted [FF74+]
* Optionally enable logging to the console (defaults to false) ***/
user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
// user_pref("geo.provider.network.logging.enabled", true); // [HIDDEN PREF]
/* 0202: disable using the OS's geolocation service ***/
user_pref("geo.provider.ms-windows-location", false); // [WINDOWS]
user_pref("geo.provider.use_corelocation", false); // [MAC]
user_pref("geo.provider.use_gpsd", false); // [LINUX]
user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX]
/* 0210: set preferred language for displaying pages
* [SETTING] General>Language and Appearance>Language>Choose your preferred language...
* [TEST] https://addons.mozilla.org/about ***/
user_pref("intl.accept_languages", "en-US, en");
/* 0211: use en-US locale regardless of the system or region locale
* [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
/*** [SECTION 0300]: QUIETER FOX ***/
user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!");
@ -120,9 +132,6 @@ user_pref("extensions.htmlaboutaddons.recommendations.enabled", false);
* [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to make personalized extension recommendations
* [1] https://support.mozilla.org/kb/personalized-extension-recommendations ***/
user_pref("browser.discovery.enabled", false);
/* 0323: disable shopping experience [FF116+]
* [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0 ***/
user_pref("browser.shopping.experience2023.enabled", false); // [DEFAULT: false]
/** TELEMETRY ***/
/* 0330: disable new data submission [FF41+]
@ -153,6 +162,9 @@ user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); // [FF57+]
user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF]
user_pref("toolkit.coverage.endpoint.base", "");
/* 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
* Defense-in-depth: currently covered by 0331 ***/
user_pref("browser.ping-centre.telemetry", false);
/* 0335: disable Firefox Home (Activity Stream) telemetry ***/
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
user_pref("browser.newtabpage.activity-stream.telemetry", false);
@ -231,7 +243,7 @@ user_pref("network.prefetch-next", false);
/* 0602: disable DNS prefetching
* [1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
user_pref("network.dns.disablePrefetch", true);
user_pref("network.dns.disablePrefetchFromHTTPS", true);
// user_pref("network.dns.disablePrefetchFromHTTPS", true); // [DEFAULT: true]
/* 0603: disable predictor / prefetching ***/
user_pref("network.predictor.enabled", false);
user_pref("network.predictor.enable-prefetch", false); // [FF48+] [DEFAULT: false]
@ -253,15 +265,15 @@ user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost
user_pref("network.proxy.socks_remote_dns", true);
/* 0703: disable using UNC (Uniform Naming Convention) paths [FF61+]
* [SETUP-CHROME] Can break extensions for profiles on network shares
* [1] https://bugzilla.mozilla.org/1413868 ***/
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/
user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
/* 0704: disable GIO as a potential proxy bypass vector
* Gvfs/GIO has a set of supported protocols like obex, network, archive, computer,
* dav, cdda, gphoto2, trash, etc. From FF87-117, by default only sftp was accepted
* dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+)
* [1] https://bugzilla.mozilla.org/1433507
* [2] https://en.wikipedia.org/wiki/GVfs
* [3] https://en.wikipedia.org/wiki/GIO_(software) ***/
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: "" FF118+]
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
/* 0705: disable proxy direct failover for system requests [FF91+]
* [WARNING] Default true is a security feature against malicious extensions [1]
* [SETUP-CHROME] If you use a proxy and you trust your extensions
@ -279,9 +291,11 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: ""
* [SETTING] Privacy & Security>DNS over HTTPS
* [1] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
* [2] https://wiki.mozilla.org/Security/DOH-resolver-policy
* [3] https://support.mozilla.org/kb/firefox-dns-over-https
* [3] https://support.mozilla.org/en-US/kb/firefox-dns-over-https
* [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
// user_pref("network.trr.mode", 3);
/* 0711: disable skipping DoH when parental controls are enabled [FF70+] ***/
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
/* 0712: set DoH provider
* The custom uri is the value shown when you "Choose provider>Custom>"
* [NOTE] If you USE custom then "network.trr.uri" should be set the same
@ -291,48 +305,43 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: ""
/*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/
user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!");
/* 0801: disable location bar making speculative connections [FF56+]
* [1] https://bugzilla.mozilla.org/1348275 ***/
user_pref("browser.urlbar.speculativeConnect.enabled", false);
/* 0802: disable location bar contextual suggestions
* [NOTE] The UI is controlled by the .enabled pref
* [SETTING] Search>Address Bar>Suggestions from...
* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
user_pref("browser.urlbar.quicksuggest.enabled", false); // [FF92+]
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+]
/* 0803: disable live search suggestions
* [NOTE] Both must be true for live search to work in the location bar
/* 0802: disable location bar domain guessing
* domain guessing intercepts DNS "hostname not found errors" and resends a
* request (e.g. by adding www or .com). This is inconsistent use (e.g. FQDNs), does not work
* via Proxy Servers (different error), is a flawed use of DNS (TLDs: why treat .com
* as the 411 for DNS errors?), privacy issues (why connect to sites you didn't
* intend to), can leak sensitive data (e.g. query strings: e.g. Princeton attack),
* and is a security risk (e.g. common typos & malicious sites set up to exploit this) ***/
user_pref("browser.fixup.alternate.enabled", false); // [DEFAULT: false FF104+]
/* 0804: disable live search suggestions
* [NOTE] Both must be true for the location bar to work
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
* [SETTING] Search>Show search suggestions | Show search suggestions in address bar results ***/
* [SETTING] Search>Provide search suggestions | Show search suggestions in address bar results ***/
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.urlbar.suggest.searches", false);
/* 0805: disable urlbar trending search suggestions [FF118+]
* [SETTING] Search>Search Suggestions>Show trending search suggestions (FF119) ***/
user_pref("browser.urlbar.trending.featureGate", false);
/* 0806: disable urlbar suggestions ***/
user_pref("browser.urlbar.addons.featureGate", false); // [FF115+]
user_pref("browser.urlbar.mdn.featureGate", false); // [FF117+] [HIDDEN PREF]
user_pref("browser.urlbar.pocket.featureGate", false); // [FF116+] [DEFAULT: false]
user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: false]
user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+] [DEFAULT: false]
/* 0807: disable urlbar clipboard suggestions [FF118+] ***/
// user_pref("browser.urlbar.clipboard.featureGate", false);
/* 0808: disable recent searches [FF120+]
* [NOTE] Recent searches are cleared with history (2811)
* [1] https://support.mozilla.org/kb/search-suggestions-firefox ***/
// user_pref("browser.urlbar.recentsearches.featureGate", false);
/* 0805: disable location bar making speculative connections [FF56+]
* [1] https://bugzilla.mozilla.org/1348275 ***/
user_pref("browser.urlbar.speculativeConnect.enabled", false);
/* 0806: disable location bar leaking single words to a DNS provider **after searching** [FF78+]
* 0=never resolve, 1=use heuristics, 2=always resolve
* [1] https://bugzilla.mozilla.org/1642623 ***/
user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); // [DEFAULT: 0 FF104+]
/* 0807: disable location bar contextual suggestions [FF92+]
* [SETTING] Privacy & Security>Address Bar>Suggestions from...
* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
/* 0808: disable tab-to-search [FF85+]
* Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
* [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest>Search engines ***/
// user_pref("browser.urlbar.suggest.engines", false);
/* 0810: disable search and form history
* [NOTE] We also clear formdata on exit (2811)
* [SETUP-WEB] Be aware that autocomplete form data can be read by third parties [1][2]
* [NOTE] We also clear formdata on exit (2811)
* [SETTING] Privacy & Security>History>Custom Settings>Remember search and form history
* [1] https://blog.mindedsecurity.com/2011/10/autocompleteagain.html
* [2] https://bugzilla.mozilla.org/381681 ***/
user_pref("browser.formfill.enable", false);
/* 0815: disable tab-to-search [FF85+]
* Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
* [SETTING] Search>Address Bar>When using the address bar, suggest>Search engines ***/
// user_pref("browser.urlbar.suggest.engines", false);
/* 0820: disable coloring of visited links
* [SETUP-HARDEN] Bulk rapid history sniffing was mitigated in 2010 [1][2]. Slower and more expensive
* redraw timing attacks were largely mitigated in FF77+ [3]. Using RFP (4501) further hampers timing
@ -344,10 +353,6 @@ user_pref("browser.formfill.enable", false);
* [4] https://earthlng.github.io/testpages/visited_links.html (see github wiki APPENDIX A on how to use)
* [5] https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html ***/
// user_pref("layout.css.visited_links_enabled", false);
/* 0830: enable separate default search engine in Private Windows and its UI setting
* [SETTING] Search>Default Search Engine>Choose a different default search engine for Private Windows only ***/
user_pref("browser.search.separatePrivateDefault", true); // [FF70+]
user_pref("browser.search.separatePrivateDefault.ui.enabled", true); // [FF71+]
/*** [SECTION 0900]: PASSWORDS
[1] https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas
@ -376,8 +381,8 @@ user_pref("network.auth.subresource-http-auth-allow", 1);
/*** [SECTION 1000]: DISK AVOIDANCE ***/
user_pref("_user.js.parrot", "1000 syntax error: the parrot's gone to meet 'is maker!");
/* 1001: disable disk cache
* [NOTE] We also clear cache on exit (2811)
* [SETUP-CHROME] If you think disk cache helps perf, then feel free to override this ***/
* [SETUP-CHROME] If you think disk cache helps perf, then feel free to override this
* [NOTE] We also clear cache on exit (2811) ***/
user_pref("browser.cache.disk.enable", false);
/* 1002: disable media cache from writing to disk in Private Browsing
* [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB ***/
@ -390,7 +395,7 @@ user_pref("browser.sessionstore.privacy_level", 2);
/* 1005: disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS]
* [1] https://bugzilla.mozilla.org/603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false);
/* 1006: disable favicons in shortcuts [WINDOWS]
/* 1006: disable favicons in shortcuts
* URL shortcuts use a cached randomly named .ico file which is stored in your
* profile/shortcutCache directory. The .ico remains after the shortcut is deleted
* If set to false then the shortcuts use a generic Firefox icon ***/
@ -411,7 +416,7 @@ user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
* but the problem is that the browser can't know that. Setting this pref to true is the only way for the
* browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server
* [SETUP-WEB] SSL_ERROR_UNSAFE_NEGOTIATION: is it worth overriding this for that one site?
* [STATS] SSL Labs (May 2024) reports over 99.7% of top sites have secure renegotiation [4]
* [STATS] SSL Labs (Feb 2023) reports over 99.3% of top sites have secure renegotiation [4]
* [1] https://wiki.mozilla.org/Security:Renegotiation
* [2] https://datatracker.ietf.org/doc/html/rfc5746
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
@ -456,7 +461,7 @@ user_pref("security.cert_pinning.enforcement_level", 2);
* 0 = disabled
* 1 = consult CRLite but only collect telemetry
* 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default)
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (FF99+, default FF100+)
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071
* [2] https://blog.mozilla.org/security/tag/crlite/ ***/
user_pref("security.remote_settings.crlite_filters.enabled", true);
@ -465,7 +470,7 @@ user_pref("security.pki.crlite_mode", 2);
/** MIXED CONTENT ***/
/* 1241: disable insecure passive content (such as images) on https pages ***/
// user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see 1244)
/* 1244: enable HTTPS-Only mode in all windows
/* 1244: enable HTTPS-Only mode in all windows [FF76+]
* When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
* [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site")
* [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
@ -494,6 +499,18 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
* [TEST] https://expired.badssl.com/ ***/
user_pref("browser.xul.error_pages.expert_bad_cert", true);
/*** [SECTION 1400]: FONTS ***/
user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
/* 1402: limit font visibility (Windows, Mac, some Linux) [FF94+]
* Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
* In normal windows: uses the first applicable: RFP over TP over Standard
* In Private Browsing windows: uses the most restrictive between normal and private
* 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
* [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
// user_pref("layout.css.font-visibility.private", 1);
// user_pref("layout.css.font-visibility.standard", 1);
// user_pref("layout.css.font-visibility.trackingprotection", 1);
/*** [SECTION 1600]: REFERERS
full URI: https://example.com:8888/foo/bar.html?id=1234
scheme+host+port+path: https://example.com:8888/foo/bar.html
@ -516,12 +533,6 @@ user_pref("privacy.userContext.ui.enabled", true);
* [NOTE] The menu is always shown on long press and right click
* [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/
// user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true);
/* 1703: set external links to open in site-specific containers [FF123+]
* [SETUP-WEB] Depending on your container extension(s) and their settings
* true=Firefox will not choose a container (so your extension can)
* false=Firefox will choose the container/no-container (default)
* [1] https://bugzilla.mozilla.org/1874599 ***/
// user_pref("browser.link.force_default_user_context_id_for_external_opens", true);
/*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/
user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
@ -529,7 +540,7 @@ user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
/* 2003: force a single network interface for ICE candidates generation [FF42+]
* When using a system-wide proxy, it uses the proxy interface
* [1] https://developer.mozilla.org/docs/Web/API/RTCIceCandidate
* [1] https://developer.mozilla.org/en-US/docs/Web/API/RTCIceCandidate
* [2] https://wiki.mozilla.org/Media/WebRTC/Privacy ***/
user_pref("media.peerconnection.ice.default_address_only", true);
/* 2004: force exclusion of private IPs from ICE candidates [FF51+]
@ -547,9 +558,11 @@ user_pref("dom.disable_window_move_resize", true);
/*** [SECTION 2600]: MISCELLANEOUS ***/
user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!");
/* 2603: remove temp files opened from non-PB windows with an external application
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=302433,1738574 ***/
user_pref("browser.download.start_downloads_in_tmp_dir", true); // [FF102+]
/* 2601: prevent accessibility services from accessing your browser [RESTART]
* [1] https://support.mozilla.org/kb/accessibility-services ***/
user_pref("accessibility.force_disabled", 1);
/* 2603: remove temp files opened with an external application
* [1] https://bugzilla.mozilla.org/302433 ***/
user_pref("browser.helperApps.deleteTempFileOnExit", true);
/* 2606: disable UITour backend so there is no chance that a remote page can use it ***/
user_pref("browser.uitour.enabled", false);
@ -586,15 +599,14 @@ user_pref("network.IDN_show_punycode", true);
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf.js+firefox ***/
user_pref("pdfjs.disabled", false); // [DEFAULT: false]
user_pref("pdfjs.enableScripting", false); // [FF86+]
/* 2623: disable permissions delegation [FF73+]
* Currently applies to cross-origin geolocation, camera, mic and screen-sharing
* permissions, and fullscreen requests. Disabling delegation means any prompts
* for these will show/use their correct 3rd party origin
* [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion ***/
user_pref("permissions.delegation.enabled", false);
/* 2624: disable middle click on new tab button opening URLs or searches using clipboard [FF115+] */
user_pref("browser.tabs.searchclipboardfor.middleclick", false); // [DEFAULT: false NON-LINUX]
/* 2630: disable content analysis by DLP (Data Loss Prevention) agents
* DLP agents are background processes on managed computers that allow enterprises to monitor locally running
* applications for data exfiltration events, which they can allow/block based on customer defined DLP policies.
* 0=Block all requests, 1=Warn on all requests (which lets the user decide), 2=Allow all requests
* [1] https://github.com/chromium/content_analysis_sdk */
user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT: false]
user_pref("browser.contentanalysis.default_result", 0); // [FF127+] [DEFAULT: 0]
/** DOWNLOADS ***/
/* 2651: enable user interaction for security by always asking where to download
@ -610,13 +622,13 @@ user_pref("browser.download.manager.addToRecentDocs", false);
user_pref("browser.download.always_ask_before_handling_new_types", true);
/** EXTENSIONS ***/
/* 2660: limit allowed extension directories
* 1=profile, 2=user, 4=application, 8=system, 16=temporary, 31=all
* The pref value represents the sum: e.g. 5 would be profile and application directories
* [SETUP-CHROME] Breaks usage of files which are installed outside allowed directories
* [1] https://archive.is/DYjAM ***/
/* 2660: lock down allowed extension directories
* [SETUP-CHROME] This will break extensions, language packs, themes and any other
* XPI files which are installed outside of profile and application directories
* [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
* [1] https://archive.is/DYjAM (archived) ***/
user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF]
// user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
/* 2661: disable bypassing 3rd party extension install prompts [FF82+]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1659530,1681331 ***/
user_pref("extensions.postDownloadThirdPartyPrompt", false);
@ -633,141 +645,92 @@ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin
* [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
* [SETTING] to add site exceptions: Urlbar>ETP Shield
* [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/
user_pref("browser.contentblocking.category", "strict"); // [HIDDEN PREF]
user_pref("browser.contentblocking.category", "strict");
/* 2702: disable ETP web compat features [FF93+]
* [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants
* Opener and redirect heuristics are granted for 30 days, see [3]
* [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/
* [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12
* [3] https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning#storage_access_heuristics ***/
* [3] https://developer.mozilla.org/en-US/docs/Web/Privacy/State_Partitioning#storage_access_heuristics ***/
// user_pref("privacy.antitracking.enableWebcompat", false);
/* 2710: enable state partitioning of service workers [FF96+] ***/
user_pref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+]
/* 2720: enable APS (Always Partitioning Storage) ***/
user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+]
user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+]
/*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/
user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
/* 2810: enable Firefox to clear items on shutdown
* [NOTE] In FF129+ clearing "siteSettings" on shutdown (2811), or manually via site data (2820) and
* via history (2830), will no longer remove sanitize on shutdown "cookie and site data" site exceptions (2815)
* [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes | Settings ***/
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS | v2 migration is FF128+ ***/
/** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME]
* [NOTE] If "history" is true, downloads will also be cleared ***/
* [NOTE] If "history" is true, downloads will also be cleared
* [NOTE] "sessions": Active Logins: refers to HTTP Basic Authentication [1], not logins via cookies
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
user_pref("privacy.clearOnShutdown.cache", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.cache", true); // [FF128+] [DEFAULT: true]
user_pref("privacy.clearOnShutdown.downloads", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown.formdata", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown.history", true); // [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", true); // [FF128+] [DEFAULT: true]
user_pref("privacy.clearOnShutdown.sessions", true); // [DEFAULT: true]
// user_pref("privacy.clearOnShutdown.siteSettings", false); // [DEFAULT: false]
// user_pref("privacy.clearOnShutdown_v2.siteSettings", false); // [FF128+] [DEFAULT: false]
/* 2812: set Session Restore to clear on shutdown (if 2810 is true) [FF34+]
* [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811)
* [NOTE] If true, this prevents resuming from crashes (also see 5008) ***/
// user_pref("privacy.clearOnShutdown.openWindows", true);
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ | v2 migration is FF128+ ***/
/** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ ***/
/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME]
* [NOTE] Exceptions: A "cookie" permission also controls "offlineApps" (see note below). For cross-domain logins,
* add exceptions for both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
* [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note below).
* serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for
* both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
* [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache)
* [NOTE] "sessions": Active Logins (has no site exceptions): refers to HTTP Basic Authentication [1], not logins via cookies
* [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271)
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question)
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings
* [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
user_pref("privacy.clearOnShutdown.cookies", true); // Cookies
user_pref("privacy.clearOnShutdown.offlineApps", true); // Site Data
user_pref("privacy.clearOnShutdown.sessions", true); // Active Logins [DEFAULT: true]
user_pref("privacy.clearOnShutdown_v2.cookiesAndStorage", true); // Cookies, Site Data, Active Logins [FF128+]
/** SANITIZE SITE DATA: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/* 2820: set manual "Clear Data" items [SETUP-CHROME] [FF128+]
* Firefox remembers your last choices. This will reset them when you start Firefox
* [SETTING] Privacy & Security>Browser Privacy>Cookies and Site Data>Clear Data ***/
user_pref("privacy.clearSiteData.cache", true);
user_pref("privacy.clearSiteData.cookiesAndStorage", false); // keep false until it respects "allow" site exceptions
user_pref("privacy.clearSiteData.historyFormDataAndDownloads", true);
// user_pref("privacy.clearSiteData.siteSettings", false);
/** SANITIZE HISTORY: IGNORES "ALLOW" SITE EXCEPTIONS | clearHistory migration is FF128+ ***/
/* 2830: set manual "Clear History" items, also via Ctrl-Shift-Del [SETUP-CHROME]
/** SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS ***/
/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME]
* This dialog can also be accessed from the menu History>Clear Recent History
* Firefox remembers your last choices. This will reset them when you start Firefox
* [NOTE] Regardless of what you set "downloads" to, as soon as the dialog
* for "Clear Recent History" is opened, it is synced to the same as "history"
* [SETTING] Privacy & Security>History>Custom Settings>Clear History ***/
* for "Clear Recent History" is opened, it is synced to the same as "history" ***/
user_pref("privacy.cpd.cache", true); // [DEFAULT: true]
user_pref("privacy.clearHistory.cache", true);
user_pref("privacy.cpd.formdata", true); // [DEFAULT: true]
user_pref("privacy.cpd.history", true); // [DEFAULT: true]
// user_pref("privacy.cpd.downloads", true); // not used, see note above
user_pref("privacy.clearHistory.historyFormDataAndDownloads", true);
user_pref("privacy.cpd.cookies", false);
user_pref("privacy.cpd.sessions", true); // [DEFAULT: true]
user_pref("privacy.cpd.offlineApps", false); // [DEFAULT: false]
user_pref("privacy.clearHistory.cookiesAndStorage", false);
user_pref("privacy.cpd.cookies", false);
// user_pref("privacy.cpd.downloads", true); // not used, see note above
// user_pref("privacy.cpd.openWindows", false); // Session Restore
// user_pref("privacy.cpd.passwords", false);
// user_pref("privacy.cpd.siteSettings", false);
// user_pref("privacy.clearHistory.siteSettings", false);
/** SANITIZE MANUAL: TIMERANGE ***/
/* 2840: set "Time range to clear" for "Clear Data" (2820) and "Clear History" (2830)
/* 2822: reset default "Time range to clear" for "Clear Recent History" (2820)
* Firefox remembers your last choice. This will reset the value when you start Firefox
* 0=everything, 1=last hour, 2=last two hours, 3=last four hours, 4=today
* [NOTE] Values 5 (last 5 minutes) and 6 (last 24 hours) are not listed in the dropdown,
* which will display a blank value, and are not guaranteed to work ***/
user_pref("privacy.sanitize.timeSpan", 0);
/*** [SECTION 4000]: FPP (fingerprintingProtection)
RFP (4501) overrides FPP
In FF118+ FPP is on by default in private windows (4001) and in FF119+ is controlled
by ETP (2701). FPP will also use Remote Services in future to relax FPP protections
on a per site basis for compatibility (4004).
https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargetsDefault.inc
1826408 - restrict fonts to system (kBaseFonts + kLangPackFonts) (Windows, Mac, some Linux)
https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
1858181 - subtly randomize canvas per eTLD+1, per session and per window-mode (FF120+)
***/
user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!");
/* 4001: enable FPP in PB mode [FF114+]
* [NOTE] In FF119+, FPP for all modes (7016) is enabled with ETP Strict (2701) ***/
// user_pref("privacy.fingerprintingProtection.pbmode", true); // [DEFAULT: true FF118+]
/* 4002: set global FPP overrides [FF114+]
* uses "RFPTargets" [1] which despite the name these are not used by RFP
* e.g. "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC" = all targets but allow prefers-color-scheme and do not change timezone
* e.g. "-AllTargets,+CanvasRandomization,+JSDateTimeUTC" = no targets but do use FPP canvas and change timezone
* [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults
* [1] https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc ***/
// user_pref("privacy.fingerprintingProtection.overrides", "");
/* 4003: set granular FPP overrides
* JSON format: e.g."[{\"firstPartyDomain\": \"netflix.com\", \"overrides\": \"-CanvasRandomization,-FrameRate,\"}]"
* [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults ***/
// user_pref("privacy.fingerprintingProtection.granularOverrides", "");
/* 4004: disable remote FPP overrides [FF127+] ***/
// user_pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false);
/*** [SECTION 4500]: OPTIONAL RFP (resistFingerprinting)
RFP overrides FPP (4000)
FF128+ Arkenfox by default uses FPP (automatically enabled with ETP Strict). For most people
this is all you need. To use RFP instead, add RFP (4501) to your overrides, and optionally
add letterboxing (4504), spoof_english (4506), and webgl (4520).
RFP is an all-or-nothing buy in: you cannot pick and choose what parts you want
/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING)
RFP covers a wide range of ongoing fingerprinting solutions.
It is an all-or-nothing buy in: you cannot pick and choose what parts you want
[TEST] https://arkenfox.github.io/TZP/tzp.html
[WARNING] DO NOT USE extensions to alter RFP protected metrics
418986 - limit window.screen & CSS media queries (FF41)
1281949 - spoof screen orientation (FF50)
1330890 - spoof timezone as UTC0 (FF55)
1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
FF56
1369303 - spoof/disable performance API
1333651 - spoof User Agent & Navigator API
version: android version spoofed as ESR (FF119 or lower)
version: android version spoofed as ESR
OS: JS spoofed as Windows 10, OS 10.15, Android 10, or Linux | HTTP Headers spoofed as Windows or Android
1369319 - disable device sensor API
1369357 - disable site specific zoom
@ -778,12 +741,13 @@ user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!");
1369309 - spoof media statistics
1382499 - reduce screen co-ordinate fingerprinting in Touch API
1217290 & 1409677 - enable some fingerprinting resistance for WebGL
1382545 - reduce fingerprinting in Animation API
1354633 - limit MediaError.message to a whitelist
FF58+
1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone"
Block: suppresses the ondevicechange event
1039069 - warn when language prefs are not set to "en*" (FF59)
1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59)
1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59)
Spoofing mimics the content language of the document. Currently it only supports en-US.
Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
@ -802,22 +766,20 @@ user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!");
1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80)
1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82)
531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100-115)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100)
1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102)
1422237 - return "srgb" with color-gamut (FF110)
1794628 - return "none" with inverted-colors (FF114)
1554751 - return devicePixelRatio as 2 (previously FF41+ was 1) (FF127)
1787790 - normalize system fonts (FF128)
1835987 - spoof timezone as Atlantic/Reykjavik (previously FF55+ was UTC) (FF128)
***/
user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
/* 4501: enable RFP
/* 4501: enable privacy.resistFingerprinting
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar
* RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
* [NOTE] pbmode applies if true and the original pref is false
* [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar.
* RFP also has a few side effects: mainly that timezone is GMT, and websites will prefer light theme ***/
// user_pref("privacy.resistFingerprinting", true); // [FF41+]
* [1] https://bugzilla.mozilla.org/418986 ***/
user_pref("privacy.resistFingerprinting", true); // [FF41+]
// user_pref("privacy.resistFingerprinting.pbmode", true); // [FF114+]
/* 4502: set RFP new window size max rounded values [FF55+]
/* 4502: set new window size rounding max values [FF55+]
* [SETUP-CHROME] sizes round down in hundreds: width to 200s and height to 100s, to fit your screen
* [1] https://bugzilla.mozilla.org/1330882 ***/
user_pref("privacy.window.maxInnerWidth", 1600);
@ -825,8 +787,8 @@ user_pref("privacy.window.maxInnerHeight", 900);
/* 4503: disable mozAddonManager Web API [FF57+]
* [NOTE] To allow extensions to work on AMO, you also need 2662
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
/* 4504: enable letterboxing [FF67+]
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF FF57-108]
/* 4504: enable RFP letterboxing [FF67+]
* Dynamically resizes the inner window by applying margins in stepped ranges [2]
* If you use the dimension pref, then it will only apply those resolutions.
* The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000")
@ -835,19 +797,21 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
* [WARNING] DO NOT USE: the dimension pref is only meant for testing
* [1] https://bugzilla.mozilla.org/1407366
* [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/
// user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
// user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
/* 4505: disable RFP by domain [FF91+] ***/
/* 4505: experimental RFP [FF91+]
* [WARNING] DO NOT USE unless testing, see [1] comment 12
* [1] https://bugzilla.mozilla.org/1635603 ***/
// user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid");
/* 4506: disable RFP spoof english prompt [FF59+]
* 0=prompt, 1=disabled, 2=enabled
* [NOTE] When changing from value 2, preferred languages ('intl.accept_languages') is not reset.
* [SETUP-WEB] when enabled, sets 'en-US, en' for displaying pages and 'en-US' as locale.
* [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English... ***/
user_pref("privacy.spoof_english", 1);
/* 4510: disable using system colors
* [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/
user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS]
/* 4511: enforce non-native widget theme
* Security: removes/reduces system API calls, e.g. win32k API [1]
* Fingerprinting: provides a uniform look and feel across platforms [2]
* [1] https://bugzilla.mozilla.org/1381938
* [2] https://bugzilla.mozilla.org/1411425 ***/
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
/* 4512: enforce links targeting new windows to open in a new tab instead
* 1=most recent window or tab, 2=new window, 3=new tab
* Stops malicious window sizes and some screen resolution leaks.
@ -859,8 +823,9 @@ user_pref("browser.link.open_newwindow", 3); // [DEFAULT: 3]
/* 4513: set all open window methods to abide by "browser.link.open_newwindow" (4512)
* [1] https://searchfox.org/mozilla-central/source/dom/tests/browser/browser_test_new_window_from_content.js ***/
user_pref("browser.link.open_newwindow.restriction", 0);
/* 4520: disable WebGL (Web Graphics Library) ***/
// user_pref("webgl.disabled", true);
/* 4520: disable WebGL (Web Graphics Library)
* [SETUP-WEB] If you need it then override it. RFP still randomizes canvas for naive scripts ***/
user_pref("webgl.disabled", true);
/*** [SECTION 5000]: OPTIONAL OPSEC
Disk avoidance, application data isolation, eyeballs...
@ -909,7 +874,7 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow
* [1] https://bugzilla.mozilla.org/1281959 ***/
// user_pref("browser.download.forbid_open_with", true);
/* 5010: disable location bar suggestion types
* [SETTING] Search>Address Bar>When using the address bar, suggest ***/
* [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest ***/
// user_pref("browser.urlbar.suggest.history", false);
// user_pref("browser.urlbar.suggest.bookmark", false);
// user_pref("browser.urlbar.suggest.openpage", false);
@ -929,6 +894,8 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow
// user_pref("browser.taskbar.lists.frequent.enabled", false);
// user_pref("browser.taskbar.lists.recent.enabled", false);
// user_pref("browser.taskbar.lists.tasks.enabled", false);
/* 5015: disable Windows taskbar preview [WINDOWS] ***/
// user_pref("browser.taskbar.previews.enable", false); // [DEFAULT: false]
/* 5016: discourage downloading to desktop
* 0=desktop, 1=downloads (default), 2=custom
* [SETTING] To set your custom default "downloads": General>Downloads>Save files to ***/
@ -973,7 +940,7 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
* [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ ***/
// user_pref("javascript.options.asmjs", false);
/* 5505: disable Ion and baseline JIT to harden against JS exploits [RESTART]
/* 5505: disable Ion and baseline JIT to harden against JS exploits
* [NOTE] When both Ion and JIT are disabled, and trustedprincipals
* is enabled, then Ion can still be used by extensions (1599226)
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
@ -985,7 +952,7 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* Vulnerabilities [1] have increasingly been found, including those known and fixed
* in native programs years ago [2]. WASM has powerful low-level access, making
* certain attacks (brute-force) and vulnerabilities more possible
* [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
* [STATS] ~0.2% of websites, about half of which are for crytopmining / malvertising [2][3]
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
* [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
* [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/
@ -1002,8 +969,8 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
/* 5509: disable IPv6 if using a VPN
* This is an application level fallback. Disabling IPv6 is best done at an OS/network
* level, and/or configured properly in system wide VPN setups.
* [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
* [SETUP-WEB] PR_CONNECT_RESET_ERROR
* [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
* [TEST] https://ipleak.org/
* [1] https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6) ***/
// user_pref("network.dns.disableIPv6", true);
@ -1015,7 +982,7 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
* Firefox uses the system DNS to initially resolve the IP address of your DoH server.
* When set to a valid, working value that matches your "network.trr.uri" (0712) Firefox
* won't use the system DNS. If the IP doesn't match then DoH won't work ***/
// user_pref("network.trr.bootstrapAddr", "10.0.0.1"); // [HIDDEN PREF]
// user_pref("network.trr.bootstrapAddr", "10.0.0.1") // [HIDDEN PREF]
/*** [SECTION 6000]: DON'T TOUCH ***/
user_pref("_user.js.parrot", "6000 syntax error: the parrot's 'istory!");
@ -1033,9 +1000,10 @@ user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000]
* [WARNING] Replaced with network partitioning (FF85+) and TCP (2701), and enabling FPI
* disables those. FPI is no longer maintained except at Tor Project for Tor Browser's config ***/
user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false]
/* 6009: enforce SmartBlock shims (about:compat) [FF81+]
/* 6009: enforce SmartBlock shims [FF81+]
* In FF96+ these are listed in about:compat
* [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/
user_pref("extensions.webcompat.enable_shims", true); // [HIDDEN PREF] [DEFAULT: true]
user_pref("extensions.webcompat.enable_shims", true); // [DEFAULT: true]
/* 6010: enforce no TLS 1.0/1.1 downgrades
* [TEST] https://tls-v1-1.badssl.com:1010/ ***/
user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false]
@ -1046,16 +1014,25 @@ user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false]
/* 6012: enforce Quarantined Domains [FF115+]
* [WHY] https://support.mozilla.org/kb/quarantined-domains */
user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]
/* 6050: prefsCleaner: previously active items removed from arkenfox 115-127 ***/
// user_pref("accessibility.force_disabled", "");
// user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", "");
// user_pref("geo.provider.network.url", "");
// user_pref("geo.provider.network.logging.enabled", "");
// user_pref("geo.provider.use_gpsd", "");
/* 6050: prefsCleaner: reset previously active items removed from arkenfox FF102+ ***/
// user_pref("beacon.enabled", "");
// user_pref("browser.startup.blankWindow", "");
// user_pref("browser.newtab.preload", "");
// user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", "");
// user_pref("browser.newtabpage.activity-stream.feeds.snippets", "");
// user_pref("browser.region.network.url", "");
// user_pref("browser.region.update.enabled", "");
// user_pref("browser.ssl_override_behavior", "");
// user_pref("devtools.chrome.enabled", "");
// user_pref("dom.disable_beforeunload", "");
// user_pref("dom.disable_open_during_load", "");
// user_pref("extensions.formautofill.available", "");
// user_pref("extensions.formautofill.addresses.supported", "");
// user_pref("extensions.formautofill.creditCards.available", "");
// user_pref("extensions.formautofill.creditCards.supported", "");
// user_pref("middlemouse.contentLoadURL", "");
/* 6051: prefsCleaner: reset previously active items removed from arkenfox FF115+ ***/
// user_pref("network.protocol-handler.external.ms-windows-store", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", "");
// user_pref("privacy.partition.serviceWorkers", "");
/*** [SECTION 7000]: DON'T BOTHER ***/
user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!");
@ -1080,8 +1057,8 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
/* 7003: disable non-modern cipher suites [1]
* [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks
* [1] https://browserleaks.com/ssl ***/
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // [DEFAULT: false FF109+]
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: false FF109+]
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
@ -1133,14 +1110,12 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
* [WHY] DNT is enforced with Tracking Protection which is used in ETP Strict (2701) ***/
// user_pref("privacy.donottrackheader.enabled", true);
/* 7016: customize ETP settings
* [NOTE] FPP (fingerprintingProtection) is ignored when RFP (4501) is enabled
* [WHY] Arkenfox only supports strict (2701) which sets these at runtime ***/
// user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5]
// user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+]
// user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5 FF103+]
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
// user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true FF123+]
// user_pref("privacy.query_stripping.enabled", true); // [FF101+]
// user_pref("privacy.partition.network_state.ocsp_cache", true);
// user_pref("privacy.query_stripping.enabled", true); // [FF101+] [ETP FF102+]
// user_pref("privacy.trackingprotection.enabled", true);
// user_pref("privacy.trackingprotection.socialtracking.enabled", true);
// user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true]
@ -1153,7 +1128,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
* [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/ ***/
// user_pref("dom.webnotifications.enabled", false);
/* 7019: disable Push Notifications [FF44+]
* [WHY] Website "push" requires subscription, and the API is required for CRLite (1224)
* [WHY] Push requires subscription
* [NOTE] To remove all subscriptions, reset "dom.push.userAgentID"
* [1] https://support.mozilla.org/kb/push-notifications-firefox ***/
// user_pref("dom.push.enabled", false);
@ -1164,10 +1139,6 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
* [1] https://groups.google.com/g/discuss-webrtc/c/6stQXi72BEU/m/2FwZd24UAQAJ
* [2] https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates#section-3.1.1 ***/
// user_pref("media.peerconnection.enabled", false);
/* 7021: enable GPC (Global Privacy Control) in non-PB windows
* [WHY] Passive and active fingerprinting. Mostly redundant with Tracking Protection
* in ETP Strict (2701) and sanitizing on close (2800s) ***/
// user_pref("privacy.globalprivacycontrol.enabled", true);
/*** [SECTION 8000]: DON'T BOTHER: FINGERPRINTING
[WHY] They are insufficient to help anti-fingerprinting and do more harm than good
@ -1201,16 +1172,52 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan
/*** [SECTION 9000]: NON-PROJECT RELATED ***/
user_pref("_user.js.parrot", "9000 syntax error: the parrot's cashed in 'is chips!");
/* 9001: disable welcome notices ***/
user_pref("browser.startup.homepage_override.mstone", "ignore"); // [HIDDEN PREF]
user_pref("browser.startup.homepage_override.mstone", "ignore");
/* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
/* 9003: disable What's New toolbar icon [FF69+] ***/
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
/* 9004: disable search terms [FF110+]
* [SETTING] Search>Search Bar>Use the address bar for search and navigation>Show search terms instead of URL... ***/
user_pref("browser.urlbar.showSearchTerms.enabled", false);
/*** [SECTION 9999]: DEPRECATED / RENAMED ***/
/*** [SECTION 9999]: DEPRECATED / REMOVED / LEGACY / RENAMED
Documentation denoted as [-]. Items deprecated prior to FF91 have been archived at [1]
[1] https://github.com/arkenfox/user.js/issues/123
***/
user_pref("_user.js.parrot", "9999 syntax error: the parrot's shuffled off 'is mortal coil!");
/* ESR102.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable active ones
// FF103
// 2801: delete cookies and site data on exit - replaced by sanitizeOnShutdown* (2810)
// 0=keep until they expire (default), 2=keep until you close Firefox
// [SETTING] Privacy & Security>Cookies and Site Data>Delete cookies and site data when Firefox is closed
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1681493,1681495,1681498,1759665,1764761
user_pref("network.cookie.lifetimePolicy", 2);
// 6012: disable SHA-1 certificates
// [-] https://bugzilla.mozilla.org/1766687
// user_pref("security.pki.sha1_enforcement_level", 1); // [DEFAULT: 1]
// FF114
// 2816: set cache to clear on exit [FF96+]
// [NOTE] We already disable disk cache (1001) and clear on exit (2811) which is more robust
// [1] https://bugzilla.mozilla.org/1671182
// [-] https://bugzilla.mozilla.org/1821651
// user_pref("privacy.clearsitedata.cache.enabled", true);
// 4505: experimental RFP [FF91+]
// [-] https://bugzilla.mozilla.org/1824235
// user_pref("privacy.resistFingerprinting.testGranularityMask", 0);
// 5017: disable Form Autofill heuristics
// Heuristics controls Form Autofill on forms without @autocomplete attributes
// [-] https://bugzilla.mozilla.org/1829670
// user_pref("extensions.formautofill.heuristics.enabled", false); // [FF55+]
// FF115
// 7001: disable offline cache (appCache)
// [NOTE] appCache storage capability was removed in FF90
// [-] https://bugzilla.mozilla.org/1677718
// user_pref("browser.cache.offline.enable", false);
// ***/
/* ESR115.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable active ones
// FF116
@ -1230,53 +1237,6 @@ user_pref("security.family_safety.mode", 0);
// [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/
// [-] https://bugzilla.mozilla.org/1842457
// user_pref("dom.webnotifications.serviceworker.enabled", false);
// FF118
// 1402: limit font visibility (Windows, Mac, some Linux) [FF94+]
// Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed
// In normal windows: uses the first applicable: RFP over TP over Standard
// In Private Browsing windows: uses the most restrictive between normal and private
// 1=only base system fonts, 2=also fonts from optional language packs, 3=also user-installed fonts
// [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc
// [-] https://bugzilla.mozilla.org/1847599
// user_pref("layout.css.font-visibility.private", 1);
// user_pref("layout.css.font-visibility.standard", 1);
// user_pref("layout.css.font-visibility.trackingprotection", 1);
// 2623: disable permissions delegation [FF73+]
// Currently applies to cross-origin geolocation, camera, mic and screen-sharing
// permissions, and fullscreen requests. Disabling delegation means any prompts
// for these will show/use their correct 3rd party origin
// [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
// [-] https://bugzilla.mozilla.org/1697151
// user_pref("permissions.delegation.enabled", false);
// FF119
// 0211: use en-US locale regardless of the system or region locale
// [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630
// [-] https://bugzilla.mozilla.org/1846224
// user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// 0711: disable skipping DoH when parental controls are enabled [FF70+]
// [-] https://bugzilla.mozilla.org/1586941
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
// FF123
// 0334: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
// Defense-in-depth: currently covered by 0331
// [-] https://bugzilla.mozilla.org/1868988
user_pref("browser.ping-centre.telemetry", false);
// FF126
// 9003: disable What's New toolbar icon [FF69+]
// [-] https://bugzilla.mozilla.org/1724300
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
// FF127
// 2630: disable content analysis by DLP (Data Loss Prevention) agents - replaced by default_result
// [-] https://bugzilla.mozilla.org/1880314
user_pref("browser.contentanalysis.default_allow", false);
// 4511: enforce non-native widget theme
// Security: removes/reduces system API calls, e.g. win32k API [1]
// Fingerprinting: provides a uniform look and feel across platforms [2]
// [1] https://bugzilla.mozilla.org/1381938
// [2] https://bugzilla.mozilla.org/1411425
// [-] https://bugzilla.mozilla.org/1848899
user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
// ***/
/* END: internal custom pref to test for syntax errors ***/

BIN
wikipiki/icon-librewolf.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.2 KiB

BIN
wikipiki/icon-mull.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.5 KiB

BIN
wikipiki/icon-mullvadbrowser.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.2 KiB

BIN
wikipiki/icon-torbrowser.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.0 KiB