From 51c1ecb08caaf561a7c8e33bb6bdae9446cc10cf Mon Sep 17 00:00:00 2001 From: fxbrit Date: Mon, 3 May 2021 00:51:30 +0200 Subject: [PATCH] added some new prefs from arkenfox --- Changelog.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++-- librewolf.cfg | 12 +++++++++++- 2 files changed, 60 insertions(+), 3 deletions(-) diff --git a/Changelog.md b/Changelog.md index ea88e4a..e48c8c9 100755 --- a/Changelog.md +++ b/Changelog.md @@ -82,7 +82,17 @@ lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); ======= defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); defaultPref("dom.security.https_only_mode_pbm", true); +<<<<<<< HEAD >>>>>>> c16522a (added re-enabling guides) +======= +lockPref("browser.ping-centre.telemetry", false); +lockPref("browser.region.network.url", ""); +lockPref("browser.region.update.enabled", false); +defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); +defaultPref("extensions.postDownloadThirdPartyPrompt", false); +defaultPref("general.warnOnAboutConfig", false); +defaultPref("network.auth.subresource-http-auth-allow", 1); +>>>>>>> 0267245 (added some new prefs from arkenfox) ``` #### Modified @@ -1155,11 +1165,16 @@ Other points: // DRM - should we make it even easier? check update connections // COOKIES - now using dFPI // TESTING - untouched, except two entries already addressed -// WINDOWS - untouched -// ESR - untouched // MISC - check if fxaccounts need their pref // SYNC - does it need to exist given that fxaccounts are off? // SB - make re-enabling easier, test connections + +for arkenfox: +dom.security.https_only_mode_send_http_background_request -> DISCUSS +dom.storage.next_gen -> DISCUSS +javascript.options.wasm -> DISCUSS +security.pki.crlite_mode -> DISCUSS +security.remote_settings.crlite_filters.enabled -> DISCUSS ``` #### Commented @@ -1241,4 +1256,36 @@ extensions.update.url = "https://versioncheck.addons.mozilla.org/update/VersionC security.OCSP.enabled = 1 ``` you probably also want `security.OCSP.require = true` +<<<<<<< HEAD >>>>>>> 4041ab1 (reorganized and improved some entries) +======= + +## Missing compared to arkenfox +List of prefs missing in .cfg with reason why we do not have them +``` +browser.cache.disk.enable -> performance hit +browser.display.use_system_colors -> default +browser.download.useDownloadDir -> do we want to ask for download location each time? +browser.newtabpage.enabled -> we do not default to blank page +browser.startup.homepage -> we do not default to blank page +browser.startup.page -> we do not default to blank page +dom.allow_cut_copy -> we leave this on for usability +javascript.options.asmjs -> performance hit +keyword.enabled -> no privacy implication if trusty search engine +privacy.firstparty.isolate -> we have dFPI +privacy.resistFingerprinting.letterboxing -> usability hit +privacy.window.name.update.enabled -> default +security.ask_for_password -> disabled in librewolf +security.password_lifetime -> disabled in librewolf +ui.prefersReducedMotion -> usability hit +webgl.disabled -> usability hit +``` +ones worth discussing +``` +dom.security.https_only_mode_send_http_background_request -> DISCUSS +dom.storage.next_gen -> DISCUSS +javascript.options.wasm -> DISCUSS +security.pki.crlite_mode -> DISCUSS +security.remote_settings.crlite_filters.enabled -> DISCUSS +``` +>>>>>>> 0267245 (added some new prefs from arkenfox) diff --git a/librewolf.cfg b/librewolf.cfg index 4c0c0ca..cce7cfb 100755 --- a/librewolf.cfg +++ b/librewolf.cfg @@ -616,6 +616,7 @@ lockPref("dom.disable_window_move_resize", true); defaultPref("dom.serviceWorkers.enabled", false); defaultPref("dom.battery.enabled", false); lockPref("dom.popup_maximum", 4); +defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); defaultPref("dom.event.clipboardevents.enabled", false); defaultPref("dom.webaudio.enabled", false); lockPref("dom.vr.enabled", false); @@ -665,6 +666,7 @@ lockPref("network.http.altsvc.oe", false); defaultPref("dom.security.https_only_mode", true); defaultPref("dom.security.https_only_mode_pbm", true); lockPref("network.http.redirection-limit", 10); +defaultPref("network.auth.subresource-http-auth-allow", 1); // -------------------------------------- // TLS @@ -836,7 +838,7 @@ lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect ba // EXTENSIONS - check readme section "Extensions Firewall" // ------------------------------------------------------- -// handle default restriced domains +// handle default restricted domains defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log" lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org" @@ -894,6 +896,12 @@ lockPref("webextensions.storage.sync.serverURL", ""); lockPref("extensions.screenshots.upload-disabled", true); lockPref("lightweightThemes.getMoreURL", ""); defaultPref("extensions.postDownloadThirdPartyPrompt", false); +<<<<<<< HEAD +======= + +// to check +defaultPref("xpinstall.signatures.required", true); +>>>>>>> 0267245 (added some new prefs from arkenfox) // ------------------------------------------------------- // # NORMANDY @@ -1397,6 +1405,7 @@ defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-co // ui defaultPref("browser.tabs.drawInTitlebar", true); defaultPref("browser.aboutConfig.showWarning", false); +defaultPref("general.warnOnAboutConfig", false); defaultPref("browser.download.autohideButton", false); defaultPref("privacy.userContext.ui.enabled", true); lockPref("browser.messaging-system.whatsNewPanel.enabled", false); @@ -1766,6 +1775,7 @@ lockPref("extensions.pocket.api", ""); ======= lockPref("app.shield.optoutstudies.enabled", false); lockPref("beacon.enabled", false); +lockPref("browser.ping-centre.telemetry", false); // ping lockPref("browser.send_pings", false);