diff --git a/Changelog.md b/Changelog.md index 5f71fcf..c85d306 100755 --- a/Changelog.md +++ b/Changelog.md @@ -77,13 +77,22 @@ lockPref("services.sync.prefs.sync.privacy.userContext.newTabContainerOnLeftClic >>>>>>> 55c94dc (reorganized, revisited) ======= lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); +<<<<<<< HEAD >>>>>>> 653a6ed (knocked out some more prefs) +======= +defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); +defaultPref("dom.security.https_only_mode_pbm", true); +>>>>>>> c16522a (added re-enabling guides) ``` #### Modified Updated some present prefs to better one ``` defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1 +<<<<<<< HEAD +======= +defaultPref("network.http.referer.defaultPolicy", 2); // Previously set to 3 +>>>>>>> c16522a (added re-enabling guides) lockPref("browser.cache.offline.storage.enable", false); // Previously browser.cache.offline.insecure.enable lockPref("network.http.referer.XOriginTrimmingPolicy", 2); // Previously set to 0 lockPref("network.http.referer.XOriginPolicy", 0); // Previously set to 1 @@ -108,7 +117,6 @@ defaultPref("media.autoplay.blocking_policy", 2); // Previously media.autoplay.e #### Removed ======= lockPref("services.sync.prefs.sync.browser.contentblocking.category", false); // services.sync.prefs.sync.browser.contentblocking.enabled -defaultPref("layout.css.notify-of-unvisited", false); // layout.css.layout.css.notify-of-unvisited ``` #### Removed @@ -385,6 +393,9 @@ lockPref("browser.search.geoSpecificDefaults.url", ""); // Deprecated lockPref("browser.search.geoSpecificDefaults", false); // Deprecated lockPref("browser.fixup.hide_user_pass", true); // Deprecated <<<<<<< HEAD +<<<<<<< HEAD +======= +>>>>>>> c16522a (added re-enabling guides) lockPref("privacy.storagePrincipal.enabledForTrackers", false); // redundant with dFPI defaultPref("layout.css.visited_links_enabled", false); // https://bugzilla.mozilla.org/show_bug.cgi?id=1632765 defaultPref("layout.css.always-repaint-on-unvisited", false); // no benefit with RFP enabled -> https://github.com/arkenfox/user.js/issues/933 @@ -404,6 +415,7 @@ defaultPref("extensions.ui.experiment.hidden", false); // Deprecated defaultPref("extensions.webextensions.tabhide.enabled", false); // Deprecated lockPref("dom.enable_performance", false); // conflicting with RFP lockPref("dom.enable_performance_navigation_timing", false); // conflicting with RFP +<<<<<<< HEAD lockPref("security.mixed_content.upgrade_display_content", true); // not worth having https://github.com/arkenfox/user.js/issues/754 lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); // Deprecated lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); // Deprecated @@ -842,6 +854,8 @@ lockPref("geo.provider-country.network.scan", false); // Deprecated lockPref("geo.provider-country.network.url", ""); // Deprecated lockPref("identity.fxaccounts.service.sendLoginUrl", ""); // Deprecated >>>>>>> 55c94dc (reorganized, revisited) +======= +>>>>>>> c16522a (added re-enabling guides) ``` #### Unlocked @@ -909,7 +923,17 @@ defaultPref("browser.tabs.closeTabByDblclick", true); // Unlocked as known to cause breakage defaultPref("dom.event.clipboardevents.enabled", false); +<<<<<<< HEAD >>>>>>> 653a6ed (knocked out some more prefs) +======= + +// already default and no reason to lock it +lockPref("network.http.referer.trimmingPolicy", 0); + +defaultPref("extensions.blocklist.enabled", false); +defaultPref("extensions.blocklist.detailsURL", ""); +defaultPref("extensions.blocklist.itemURL", ""); +>>>>>>> c16522a (added re-enabling guides) ``` ## How to... @@ -968,6 +992,7 @@ lockPref("general.buildID.override", "20100101"); lockPref("browser.startup.homepage_override.buildID", "20100101"); >>>>>>> 653a6ed (knocked out some more prefs) +<<<<<<< HEAD <<<<<<< HEAD #### Hardened setup ``` @@ -980,6 +1005,8 @@ defaultPref("dom.event.clipboardevents.enabled", false); // disable user trigger // In the future consider switching to network.cookie.cookieBehavior=5 to enable dFPI defaultPref("network.cookie.cookieBehavior", 1); +======= +>>>>>>> c16522a (added re-enabling guides) // What should we do with this pref //defaultPref("network.http.sendRefererHeader", 1); <<<<<<< HEAD @@ -993,6 +1020,11 @@ lockPref("services.blocklist.onecrl.collection", ""); //lockPref("javascript.options.wasm", false); // How much should we lock? +// How much should we care bout URLs? + +Other points: +// DRM - should we make it even easier? +// COOKIES - now using dFPI // MISC - check if everything should stay, re-organize // TESTING - untouched, except two entries already addressed // WINDOWS - untouched @@ -1002,35 +1034,68 @@ lockPref("services.blocklist.onecrl.collection", ""); #### Commented Prefs that need to be addressed and that were disabled for now ``` -// this sets a cookie jar for 3rd party origin which is the same as dFPI and redundant -// when 3rd party cookies are disabled -// lockPref("privacy.storagePrincipal.enabledForTrackers", false); - // redudant with RFP and javascript.use_us_english_locale // defaultPref("privacy.spoof_english", 2); -// Likely deprecated -// lockPref("dom.indexedDB.enabled", true); - -// Likely deprecated https://phabricator.services.mozilla.com/D97092 or https://blog.mozilla.org/addons/2021/02/09/extensions-in-firefox-86/ -// defaultPref("extensions.webextensions.tabhide.enabled", false); //Default true - // conflicting with previous prefs? // defaultPref("gfx.direct2d.disabled", false); // [WINDOWS] // defaultPref("layers.acceleration.disabled", false); +<<<<<<< HEAD // seems to be deprecated // lockPref("dom.registerProtocolHandler.insecure.enabled", true); <<<<<<< HEAD >>>>>>> 55c94dc (reorganized, revisited) ======= +======= +>>>>>>> c16522a (added re-enabling guides) // apparently increases fingerprinting and redundant with browser.cache.offline.storage.enable // should be checked // lockPref("browser.cache.offline.enable", false); +<<<<<<< HEAD // redundant with RFP // lockPref("dom.enable_performance", false); //Deprecated Active // lockPref("dom.enable_performance_navigation_timing", false); >>>>>>> 653a6ed (knocked out some more prefs) +======= +// all covered by previous prefs +// defaultPref("media.navigator.video.enabled", false); +// defaultPref("media.peerconnection.use_document_iceservers", false); +// defaultPref("media.peerconnection.identity.enabled", false); +// defaultPref("media.peerconnection.identity.timeout", 1); +// defaultPref("media.peerconnection.turn.disable", true); +// defaultPref("media.peerconnection.ice.tcp", false); +``` + +## How to... +#### Stay logged +Add website to exceptions before login, both http and https link +#### Enable DRM content +``` +media.eme.enabled = true +media.gmp-widevinecdm.visible = true +media.gmp-widevinecdm.enabled = true +media.gmp-provider.enabled = true +``` +#### Use video conferencing +``` +media.peerconnection.enabled = true +media.peerconnection.ice.no_host = true +dom.webaudio.enabled = true +``` +screensharing `media.getusermedia.screensharing.enabled = true` +#### Enable addons search +``` +extensions.getAddons.search.browseURL = "https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%" +``` +#### Enable addons manual updates +``` +extensions.update.url = "https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion= +%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion= +%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS= +%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion= +%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%" +>>>>>>> c16522a (added re-enabling guides) ``` \ No newline at end of file