diff --git a/Changelog.md b/Changelog.md index 4292d04..ea88e4a 100755 --- a/Changelog.md +++ b/Changelog.md @@ -99,11 +99,15 @@ lockPref("network.http.referer.XOriginPolicy", 0); // Previously set to 1 defaultPref("privacy.clearOnShutdown.offlineApps", false); // For consistency with new cookie behavior defaultPref("privacy.cpd.offlineApps", false); // For consistency with new cookie behavior <<<<<<< HEAD +<<<<<<< HEAD lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Previously redirected to localhost:4242 defaultPref("media.autoplay.blocking_policy", 2); // Previously media.autoplay.enabled.user-gestures-needed defaultPref("media.memory_cache_max_size", 65536); // previously lockPref("media.memory_cache_max_size", 16384); ======= lockPref("devtools.performance.recording.ui-base-url", ""); // Previously redirected to localhost +======= +lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Previously redirected to localhost:4242 +>>>>>>> 45bf63e (processed everything up to EOF) lockPref("services.settings.security.onecrl.signer", ""); // Previously services.blocklist.onecrl.signer lockPref("browser.contentblocking.report.lockwise.howitworks.url", ""); <<<<<<< HEAD @@ -238,6 +242,14 @@ Lines that were commented and are now removed // https://github.com/pyllyukko/user.js/issues/120 // Solved by extension disabled here for performance //lockPref("browser.display.use_document_fonts", 0); + + +// Fix ESR Devtools +//lockPref("devtools.telemetry.tools.opened.version", ""); +// Default {"DEVTOOLS_SCREEN_RESOLUTION_ENUMERATED_PER_USER":"60.4.0"} + +ALL OF Disabled - Deprecated Inactive +ALL OF Disabled - Section OFF ``` >>>>>>> 55c94dc (reorganized, revisited) Active prefs that were removed @@ -873,9 +885,96 @@ lockPref("font.blacklist.underline_offset", ""); // knwown to increase fingerpri lockPref("plugin.defaultXpi.state", 1); // Deprecated lockPref("remote.log.level", "Info"); // already default and not important in any way lockPref("webgl.min_capability_mode", true); // small to no gain according to arkenfox and TOR, breaks websites on the other side +<<<<<<< HEAD lockPref("network.protocol-handler.external.http",false); // Deprecated or not existent lockPref("network.protocol-handler.external.https",false); // Deprecated or not existent >>>>>>> 8b7a898 (updated and started editing external protocols) +======= +lockPref("lightweightThemes.update.enabled", false); // Deprecated +lockPref("lightweightThemes.persisted.headerURL", false); // Deprecated +lockPref("lightweightThemes.persisted.footerURL", false); // Deprecated +lockPref("network.protocol-handler.warn-external-default",true); // any real benefit? +lockPref("network.protocol-handler.external.javascript",false); // any real benefit? +lockPref("network.protocol-handler.external.moz-extension",false); // any real benefit? +lockPref("network.protocol-handler.external.ftp",false);// any real benefit? +lockPref("network.protocol-handler.external.file",false);// any real benefit? +lockPref("network.protocol-handler.external.about",false);// any real benefit? +lockPref("network.protocol-handler.external.chrome",false);// any real benefit? +lockPref("network.protocol-handler.external.blob",false);// any real benefit? +lockPref("network.protocol-handler.external.data",false);// any real benefit? +lockPref("network.protocol-handler.expose-all",false);// any real benefit? +lockPref("network.protocol-handler.expose.http",true);// any real benefit? +lockPref("network.protocol-handler.expose.https",true);// any real benefit? +lockPref("network.protocol-handler.expose.javascript",true);// any real benefit? +lockPref("network.protocol-handler.expose.moz-extension",true);// any real benefit? +lockPref("network.protocol-handler.expose.ftp",true);// any real benefit? +lockPref("network.protocol-handler.expose.file",true);// any real benefit? +lockPref("network.protocol-handler.expose.about",true);// any real benefit? +lockPref("network.protocol-handler.expose.chrome",true);// any real benefit? +lockPref("network.protocol-handler.expose.blob",true);// any real benefit? +lockPref("network.protocol-handler.expose.data",true);// any real benefit? +lockPref("network.protocol-handler.external.http",false);// any real benefit? +lockPref("network.protocol-handler.external.https",false);// any real benefit? +lockPref("shumway.disabled", true); // Deprecated +lockPref("plugin.state.libgnome-shell-browser-plugin", 0); // Deprecated +lockPref("plugins.click_to_play", true); // Deprecated +lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0); // Deprecated +lockPref("devtools.webide.enabled", false); // Deprecated +lockPref("devtools.webide.autoinstallADBExtension", false); // Deprecated +lockPref("network.allow-experiments", false); // Deprecated +lockPref("browser.urlbar.userMadeSearchSuggestionsChoice", true); // Deprecated +lockPref("network.netlink.route.check.IPv4", "127.0.0.1"); // Deprecated +lockPref("network.netlink.route.check.IPv6", "::1"); // Deprecated +lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // Deprecated +lockPref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false); // Deprecated +lockPref("security.tls.version.max", 4); // increases fingerprint +defaultPref("network.dns.blockDotOnion", true); // TOR is out of scope +lockPref("network.http.referer.hideOnionSource", true); // TOR is out of scope +lockPref("browser.onboarding.enabled", false); // Deprecated +lockPref("dom.mozTCPSocket.enabled", false); // Useless according to https://gitlab.torproject.org/legacy/trac/-/issues/27268#comment:2 +lockPref("devtools.webide.autoinstallADBHelper", false); // Deprecated +lockPref("app.update.enabled", false); // Deprecated +lockPref("browser.casting.enabled", false); // Deprecated, probably Android only +lockPref("browser.newtabpage.activity-stream.enabled", false); // Deprecated +lockPref("browser.newtabpage.directory.ping", "data:text/plain,"); // Deprecated +lockPref("browser.newtabpage.directory.source", "data:text/plain,"); // Deprecated +lockPref("browser.newtabpage.enhanced", false); // Deprecated +lockPref("browser.selfsupport.url", ""); // Deprecated +lockPref("camera.control.face_detection.enabled", false); // Deprecated +lockPref("datareporting.healthreport.about.reportUrl", "data:,"); // Deprecated +lockPref("datareporting.healthreport.service.enabled", false); // Deprecated +lockPref("devtools.webide.autoinstallFxdtAdapters", false); // Deprecated +lockPref("devtools.webide.adaptersAddonURL", ""); // Deprecated +lockPref("dom.flyweb.enabled", false); // Deprecated +lockPref("dom.push.udp.wakeupEnabled", false); // Deprecated +lockPref("dom.telephony.enabled", false); // Deprecated +lockPref("extensions.shield-recipe-client.enabled", false); // Deprecated +lockPref("loop.logDomains", false); // Deprecated +lockPref("network.websocket.enabled", false); // Deprecated +lockPref("security.xpconnect.plugin.unrestricted", false); // Deprecated +lockPref("social.directories", ""); // Deprecated +lockPref("social.remote-install.enabled", false); // Deprecated +lockPref("social.whitelist", ""); // Deprecated +lockPref("pref.privacy.disable_button.change_blocklist", true); // seems to have no effect and probably deprecated +lockPref("pref.privacy.disable_button.tracking_protection_exceptions", true); // seems to have no effect and probably deprecated +lockPref("browser.pocket.enabled", false); // Deprecated +defaultPref("toolkit.legacyUserProfileCustomizations.stylesheets", false); // already default value and not that important, can still be flipped easily +lockPref("plugin.scan.plid.all", false); // Win-only, plugins are disabled so it's redundant +lockPref("webgl.dxgl.enabled", false); // Win-only, marked as useless https://github.com/arkenfox/user.js/issues/714 +lockPref("browser.search.countryCode", "US"); // Deprecated +lockPref("experiments.activeExperiment", false); // Deprecated +lockPref("experiments.enabled", false); // Deprecated +lockPref("experiments.manifest.uri", ""); // Deprecated +lockPref("experiments.supported", false); // Deprecated +lockPref("network.jar.block-remote-files", true); // Deprecated +lockPref("network.jar.open-unsafe-types", false); // Deprecated +lockPref("plugin.state.java", 0); // Deprecated +lockPref("trailhead.firstrun.branches", "join-privacy"); // Deprecated +lockPref("services.blocklist.update_enabled", false); // Deprecated +lockPref("shield.savant.enabled", false); // Deprecated +defaultPref("gfx.direct2d.disabled", false); // Win-only, default and probably out of scope +defaultPref("layers.acceleration.disabled", false); // default and probably out of scope +>>>>>>> 45bf63e (processed everything up to EOF) ``` #### Unlocked @@ -1046,11 +1145,14 @@ lockPref("services.blocklist.onecrl.collection", ""); // should we consider disabling WebAssembly ? //lockPref("javascript.options.wasm", false); +// to check +defaultPref("xpinstall.signatures.required", true); + // How much should we lock? // How much should we care bout URLs? Other points: -// DRM - should we make it even easier? +// DRM - should we make it even easier? check update connections // COOKIES - now using dFPI // TESTING - untouched, except two entries already addressed // WINDOWS - untouched diff --git a/librewolf.cfg b/librewolf.cfg index 770c928..4c0c0ca 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -10,11 +10,14 @@ // | // "Section" : Description of the settings section separated by "----" | <<<<<<< HEAD +<<<<<<< HEAD ======= // "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance | // +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss | // Performance can be tested here : https://chromium.github.io/octane/ | >>>>>>> 55c94dc (reorganized, revisited) +======= +>>>>>>> 45bf63e (processed everything up to EOF) // "Pref" : Preference/Settings name and or description followed by links or documentations | // and some time explanation why the setting is commented and ignored. | // "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here | @@ -238,10 +241,6 @@ lockPref("browser.contentblocking.report.vpn.enabled", false); lockPref("default-browser-agent.enabled", false); >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) -// to check, could be deprecated -lockPref("pref.privacy.disable_button.change_blocklist", true); -lockPref("pref.privacy.disable_button.tracking_protection_exceptions", true); - // ---------------------------------- <<<<<<< HEAD // # AUTOPLAY @@ -266,6 +265,7 @@ lockPref("signon.storeWhenAutocompleteOff", false); defaultPref("signon.management.page.breach-alerts.enabled", false); defaultPref("signon.management.page.breachAlertUrl", ""); lockPref("signon.formlessCapture.enabled", false); +<<<<<<< HEAD // -------------------------------- <<<<<<< HEAD @@ -281,6 +281,8 @@ lockPref("browser.search.region", "US"); lockPref("browser.fixup.alternate.enabled", false); lockPref("browser.urlbar.suggest.searches", false); lockPref("browser.search.update", false); +======= +>>>>>>> 45bf63e (processed everything up to EOF) // to check, probably useless lockPref("signon.storeSignons", false); @@ -314,6 +316,8 @@ lockPref("browser.search.suggest.enabled", false); lockPref("browser.search.region", "US"); lockPref("browser.search.geoip.url", ""); lockPref("browser.fixup.alternate.enabled", false); +lockPref("browser.urlbar.suggest.searches", false); +lockPref("browser.search.update", false); // -------------------------------- // SANITIZING, COOKIES AND HISTORY @@ -841,6 +845,7 @@ lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect ba // Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>> defaultPref("extensions.webextensions.base-content-security-policy", "script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' https://* moz-extension: blob: filesystem:;"); +<<<<<<< HEAD <<<<<<< HEAD // set extensions scopes lockPref("extensions.enabledScopes", 5); @@ -965,6 +970,8 @@ lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); // enable Content Security Policy (CSP) lockPref("security.csp.enable", true); +======= +>>>>>>> 45bf63e (processed everything up to EOF) // set extensions scopes lockPref("extensions.enabledScopes", 5); lockPref("extensions.autoDisableScopes", 11); @@ -972,10 +979,10 @@ lockPref("extensions.autoDisableScopes", 11); // Relevant for addons and lang packs search defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION% +defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% // other urls defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE% -defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/ defaultPref("extensions.update.url", ""); // Default Value @@ -996,6 +1003,7 @@ lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value defaultPref("extensions.update.enabled", false); defaultPref("extensions.update.autoUpdateDefault", false); defaultPref("extensions.update.background.url", ""); +defaultPref("extensions.getAddons.cache.enabled", false); // blocklist defaultPref("extensions.blocklist.enabled", false); @@ -1015,6 +1023,9 @@ lockPref("webextensions.storage.sync.serverURL", ""); lockPref("extensions.screenshots.upload-disabled", true); lockPref("lightweightThemes.getMoreURL", ""); +// to check +defaultPref("xpinstall.signatures.required", true); + // ------------------------------------------------------- // NORMANDY // ------------------------------------------------------- @@ -1071,6 +1082,9 @@ lockPref("security.insecure_connection_icon.pbmode.enabled", true); lockPref("security.insecure_connection_text.enabled", true); lockPref("security.insecure_connection_text.pbmode.enabled", true); +lockPref("security.dialog_enable_delay", 700); +lockPref("security.csp.enable", true); + // ------------------------------------------------------- // SAFE BROWSING // ------------------------------------------------------- @@ -1312,12 +1326,14 @@ lockPref("network.file.disable_unc_paths", true); // (hidden pref) lockPref("network.gio.supported-protocols", ""); // (hidden pref) lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false); lockPref("plugin.default.state", 1); +lockPref("plugin.state.flash", 0); lockPref("gfx.offscreencanvas.enabled", false); // default: false lockPref("canvas.capturestream.enabled", false); lockPref("network.IDN_show_punycode", true); lockPref("security.fileuri.strict_origin_policy", true); // fxaccount, to check +lockPref("identity.fxaccounts.enabled", false); lockPref("identity.fxaccounts.remote.root", ""); lockPref("identity.fxaccounts.auth.uri", ""); lockPref("identity.fxaccounts.commands.enabled", false); @@ -1348,6 +1364,7 @@ lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); defaultPref("startup.homepage_override_url", "about:blank"); defaultPref("startup.homepage_welcome_url", "about:blank"); defaultPref("startup.homepage_welcome_url.additional", ""); +lockPref("browser.startup.homepage_override.mstone", "ignore"); defaultPref("privacy.userContext.enabled", true); defaultPref("layout.spellcheckDefault", 2); defaultPref("general.autoScroll", false); @@ -1362,12 +1379,20 @@ lockPref("browser.bookmarks.restore_default_bookmarks", false); defaultPref("browser.tabs.closeTabByDblclick", true); lockPref("media.webspeech.recognition.enable", false); lockPref("network.manage-offline-status", false); +lockPref("browser.helperApps.deleteTempFileOnExit", true); +lockPref("browser.pagethumbnails.capturing_disabled", true); +lockPref("browser.bookmarks.max_backups", 2); +lockPref("reader.parse-on-load.enabled", false); // devtools defaultPref("devtools.debugger.remote-enabled", false); defaultPref("devtools.chrome.enabled", false); lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com lockPref("devtools.devices.url", ""); +lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+] +lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] +lockPref("devtools.debugger.force-local", true); +defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 // ui defaultPref("browser.tabs.drawInTitlebar", true); @@ -1558,8 +1583,6 @@ defaultPref("webgl.force-enabled", true); defaultPref("layers.acceleration.force-enabled", true); lockPref("webgl.enable-webgl2", false); lockPref("webgl.disable-fail-if-major-performance-caveat", true); -defaultPref("gfx.direct2d.disabled", false); // [WINDOWS] -defaultPref("layers.acceleration.disabled", false); // -------------------------------- // JS @@ -1826,16 +1849,22 @@ lockPref("breakpad.reportURL", ""); lockPref("browser.tabs.crashReporting.sendReport", false); lockPref("browser.crashReports.unsubmittedCheck.enabled", false); lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); +<<<<<<< HEAD >>>>>>> 8b7a898 (updated and started editing external protocols) +======= +lockPref("dom.ipc.plugins.reportCrashURL", false); +lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); +>>>>>>> 45bf63e (processed everything up to EOF) // captive portal lockPref("network.captive-portal-service.enabled", false); lockPref("captivedetect.canonicalURL", ""); // -------------------------------- -// EXTERNAL PROTOCOLS +// WINDOWS // -------------------------------- +<<<<<<< HEAD lockPref("network.protocol-handler.warn-external-default",true); lockPref("network.protocol-handler.external.javascript",false); lockPref("network.protocol-handler.external.moz-extension",false); @@ -2106,14 +2135,31 @@ defaultPref("toolkit.legacyUserProfileCustomizations.stylesheets", false); // to be set for the console to work, see https://gitlab.com/librewolf-community/browser/linux/-/issues/80: defaultPref("devtools.selfxss.count", 0); +======= +// disable Windows jumplist [WINDOWS] +lockPref("browser.taskbar.lists.enabled", false); +lockPref("browser.taskbar.lists.frequent.enabled", false); +lockPref("browser.taskbar.lists.recent.enabled", false); +lockPref("browser.taskbar.lists.tasks.enabled", false); +>>>>>>> 45bf63e (processed everything up to EOF) +// disable Windows taskbar preview [WINDOWS] +lockPref("browser.taskbar.previews.enable", false); +// disable links launching Windows Store [WINDOWS] +lockPref("network.protocol-handler.external.ms-windows-store", false); +// disable background update service [WINDOWS] +lockPref("app.update.service.enabled", false); +// disable automatic Firefox start and session restore after reboot [WINDOWS] +lockPref("toolkit.winRegisterApplicationRestart", false); +// disable Windows 8.1 Family Safety cert [WINDOWS] +lockPref("security.family_safety.mode", 0); // -------------------------------- -// TESTING +// TESTING - unchanged // -------------------------------- // Pref : @@ -2139,6 +2185,7 @@ defaultPref("devtools.selfxss.count", 0); // Pref : Test To Make FFox Silent //lockPref("security.content.signature.root_hash", ""); // Default Value +<<<<<<< HEAD // 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E // -------------------------------- @@ -2263,3 +2310,6 @@ let profile_directory; if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) { pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); } +======= +// 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E +>>>>>>> 45bf63e (processed everything up to EOF)