re-organize order, finish ntp and tp, add 2 prefs

2021-08-27 02:50:07 +02:00 · 2021-08-27 02:50:07 +02:00 · ae8c3a64eb
commit ae8c3a64eb
parent 92f4138c46
2 changed files with 211 additions and 211 deletions
--- a/docs/Changelog.md
+++ b/docs/Changelog.md
@ -1,129 +1,6 @@
 This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
 Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
 ## 1.0
 **target commit**: 2b8dc4ac6d7fb6fdf8f172d04c27912098268257
 **base librewolf version**: 89.x
 This is the initial release from which we start tagging and versioning settings.
 ## 1.1
 **target commit**: cf0a2cc88acdbc51b138228353a0d7c9ea0db7c3
 **base librewolf version**: 89.x
 **References**:
 - issue [#54](https://gitlab.com/librewolf-community/settings/-/issues/54) from settings
 - merge request [#5](https://gitlab.com/librewolf-community/browser/common/-/merge_requests/5) from common
 #### Removed preferences
 ```
 defaultPref("security.OCSP.require", false); // default value
 defaultPref("extensions.update.url", "");
 defaultPref("extensions.update.background.url", "");
 defaultPref("extensions.getAddons.search.browseURL", "");
 ```
 #### Changed preferences
 ```
 defaultPref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
 ```
 #### Added preferences
 ```
 lockPref("privacy.override_rfp_for_color_scheme", false);
 ```
 ## 1.2
 **target commit**: 294724fae38ffa4ebcf6dfb0854787fb7022d1e6
 **base librewolf version**: 89.x
 **References**:
 - issue [#65](https://gitlab.com/librewolf-community/settings/-/issues/65) from settings
 - issue [#22](https://gitlab.com/librewolf-community/browser/common/-/issues/22) from common
 #### Removed preferences
 ```
 defaultPref("dom.webaudio.enabled", false);
 defaultPref("media.navigator.enabled", false);
 ```
 #### Changed preferences
 ```
 defaultPref("app.support.baseURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support#");
 ```
 ## 1.3
 **target commit**: 60e75e30c6018a5c909a2f00f40831ed3f1948a6
 **base librewolf version**: 90.x
 #### Added preferences
 ```
 defaultPref("network.http.windows-sso.enabled", false);
 ```
 #### Removed preferences
 ```
 lockPref("browser.cache.offline.storage.enable", false); // pref does not exist anymore as it became default behavior
 ```
 ## 1.4
 **target commit**: 2e21db4c3018321a077d9af2ec44b29675c57adf
 **base librewolf version**: 90.x
 #### Removed preferences
 ```
 lockPref("security.tls.version.enable-deprecated", false); // default
 ```
 ## 1.5
 **target commit**: 23d1bff4f4ae3456df8e50e67f657ea6288eef29
 **base librewolf version**: 91.x
 **References**:
 - [comment](https://github.com/arkenfox/user.js/commit/3bb9fc713f141d794fc4adfb38d3fcf86c9307ab#commitcomment-53916786) from arkenfox's maintainer regarding tls version pref
 - [mozilla update service](https://support.mozilla.org/en-US/kb/enable-background-updates-firefox-windows)
 - extension firewall has been revisited
 #### Removed preferences
 ```
 lockPref("security.dialog_enable_delay", 700); // default 1000, no need to enforce this
 ```
 #### Added preferences
 ```
 defaultPref("app.update.background.scheduling.enabled", false); // Win specific update service
 defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference
 // defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';");
 ```
 #### Changed preferences
 ```
 // defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';");
 ```
 ## 1.6
 **target commit**:
 **base librewolf version**: 91.x
 **References**:
 - [reasoning on webgl2](https://github.com/arkenfox/user.js/commit/41c3c0ec26ef4392169fa1d04fd5783ac03bfc8e) from arkenfox's maintainer, basically disabling webgl is enough for those who don't need it. users who want it have one less pref to change.
 #### Removed preferences
 ```
 defaultPref("dom.targetBlankNoOpener.enabled", true); // default since v79.0
 defaultPref("webgl.enable-webgl2", false);
 lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // default
 ```
 ## 2.0
 **References**:
@ -139,6 +16,9 @@ lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
 - graphite [is no longer as concerning](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+graphite) and blocking it is likely fingerprintable.
 - the pdf prefs and the bookmark backup are not really relevant to librewolf.
 - as reported [here](https://bugzilla.mozilla.org/show_bug.cgi?id=1606624) the shared memory pref is no longer needed, so we can switch it back to default.
 - new tab page section now includes a new design and no longer an empty page. all the unnecessary preferences have been removed and users can also customize as the most essential ones have been unlocked.
 - UI bug in tracking protection section is fixed.
 - a bunch of dead links are fixed.
 **Notes**
 Recent changes in the category `MISC > set librewolf support and releases urls` require to create a couple header for the landing page page.
@ -177,8 +57,6 @@ lockPref("security.mixed_content.block_active_content", true); // default
 defaultPref("security.insecure_connection_text.pbmode.enabled", true); // redundant
 lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false);
 lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
 lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
 lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false);
 lockPref("gfx.font_rendering.graphite.enabled", false); // consider removing
 defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
 defaultPref("pdfjs.enabledCache.state", false);
@ -208,6 +86,31 @@ lockPref("network.connectivity-service.DNSv6.domain", ""); // redundant
 lockPref("network.connectivity-service.DNSv4.domain", ""); // redundant
 lockPref("browser.crashReports.unsubmittedCheck.enabled", false); // default
 lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // default
 lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false);
 lockPref("browser.newtabpage.activity-stream.feeds.places", false);
 lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false);
 lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false);
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}");
 lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true);
 lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", "");
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);
 lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false);
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
 defaultPref("dom.push.userAgentID", ""); // push notifications are already disabled
 lockPref("services.settings.server", ""); // redundant with patches
 lockPref("webchannel.allowObject.urlWhitelist", ""); // deprecated
 ```
 #### Added preferences
 ```
 defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location
 // defaultPref("security.remote_settings.crlite_filters.enabled", true);
 // defaultPref("security.pki.crlite_mode", 2);
 ```
 #### Commented prefs
@ -254,4 +157,132 @@ defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true);
 defaultPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser");
 defaultPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser");
 defaultPref("network.protocol-handler.external.ms-windows-store", false);
 defaultPref("browser.newtab.preload", false);
 defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
 defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
 defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false);
 ```
 ## 1.6
 **target commit**:
 **base librewolf version**: 91.x
 **References**:
 - [reasoning on webgl2](https://github.com/arkenfox/user.js/commit/41c3c0ec26ef4392169fa1d04fd5783ac03bfc8e) from arkenfox's maintainer, basically disabling webgl is enough for those who don't need it. users who want it have one less pref to change.
 #### Removed preferences
 ```
 defaultPref("dom.targetBlankNoOpener.enabled", true); // default since v79.0
 defaultPref("webgl.enable-webgl2", false);
 lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // default
 ```
 ## 1.5
 **target commit**: 23d1bff4f4ae3456df8e50e67f657ea6288eef29
 **base librewolf version**: 91.x
 **References**:
 - [comment](https://github.com/arkenfox/user.js/commit/3bb9fc713f141d794fc4adfb38d3fcf86c9307ab#commitcomment-53916786) from arkenfox's maintainer regarding tls version pref
 - [mozilla update service](https://support.mozilla.org/en-US/kb/enable-background-updates-firefox-windows)
 - extension firewall has been revisited
 #### Removed preferences
 ```
 lockPref("security.dialog_enable_delay", 700); // default 1000, no need to enforce this
 ```
 #### Added preferences
 ```
 defaultPref("app.update.background.scheduling.enabled", false); // Win specific update service
 defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference
 // defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';");
 ```
 #### Changed preferences
 ```
 // defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';");
 ```
 ## 1.4
 **target commit**: 2e21db4c3018321a077d9af2ec44b29675c57adf
 **base librewolf version**: 90.x
 #### Removed preferences
 ```
 lockPref("security.tls.version.enable-deprecated", false); // default
 ```
 ## 1.3
 **target commit**: 60e75e30c6018a5c909a2f00f40831ed3f1948a6
 **base librewolf version**: 90.x
 #### Added preferences
 ```
 defaultPref("network.http.windows-sso.enabled", false);
 ```
 #### Removed preferences
 ```
 lockPref("browser.cache.offline.storage.enable", false); // pref does not exist anymore as it became default behavior
 ```
 ## 1.2
 **target commit**: 294724fae38ffa4ebcf6dfb0854787fb7022d1e6
 **base librewolf version**: 89.x
 **References**:
 - issue [#65](https://gitlab.com/librewolf-community/settings/-/issues/65) from settings
 - issue [#22](https://gitlab.com/librewolf-community/browser/common/-/issues/22) from common
 #### Removed preferences
 ```
 defaultPref("dom.webaudio.enabled", false);
 defaultPref("media.navigator.enabled", false);
 ```
 #### Changed preferences
 ```
 defaultPref("app.support.baseURL", "https://gitlab.com/librewolf-community/settings/-/wikis/support#");
 ```
 ## 1.1
 **target commit**: cf0a2cc88acdbc51b138228353a0d7c9ea0db7c3
 **base librewolf version**: 89.x
 **References**:
 - issue [#54](https://gitlab.com/librewolf-community/settings/-/issues/54) from settings
 - merge request [#5](https://gitlab.com/librewolf-community/browser/common/-/merge_requests/5) from common
 #### Removed preferences
 ```
 defaultPref("security.OCSP.require", false); // default value
 defaultPref("extensions.update.url", "");
 defaultPref("extensions.update.background.url", "");
 defaultPref("extensions.getAddons.search.browseURL", "");
 ```
 #### Changed preferences
 ```
 defaultPref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
 ```
 #### Added preferences
 ```
 lockPref("privacy.override_rfp_for_color_scheme", false);
 ```
 ## 1.0
 **target commit**: 2b8dc4ac6d7fb6fdf8f172d04c27912098268257
 **base librewolf version**: 89.x
 This is the initial release from which we start tagging and versioning settings.
--- a/librewolf.cfg
+++ b/librewolf.cfg
@ -1,27 +1,13 @@
-//---------------|
+//----------------------|
-//   LibreWolf   |
+//  LibreWolf settings  |
-//---------------|
+//----------------------|
-//   Glossary:   |
+
-// ================================================================================================================================|
+/**
-//                                                                                                                                 |
+ 
-// "Section"        : Description of the settings section separated by "----"                                                      |
+ NOTE: please take the time to read and understand, but also to customize the settings to find your own setup.
-// "Pref"           : Preference/Settings name and or description followed by links or documentations                              |
+ the answers to the most common questions are at this link https://gitlab.com/librewolf-community/settings/-/wikis/FAQ
-//                    and some time explanation why the setting is commented and ignored.                                          |
+ 
-// "lockPref"       : Locked preference can not be changed on firefox, nor by extensions, can only be changed here                 |
+ */
 //                    lockPref is used to lock preferences so they cannot be changed through the GUI or about:config.              |
 //                    In many cases the GUI will change to reflect this, graying out or removing options. Appears                  |
 //                    in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled.       |
 //                    It will not work if it set with just pref.                                                                   |
 // "pref"           : Sets the preference as if a user had set it, every time you start the browser. So users can make changes,    |
 //                    but they will be erased on restart. If you set a particular preference this way,                             |
 //                    it shows up in about:config as "user set".                                                                   |
 // "defaultPref"    : Defaulting : Is used to alter the default value, though users can set it normally and their changes will     |
 //                    be saved between sessions. If preferences are reset to default through the GUI or some other method,         |
 //                    this is what they will go back to. Appears in about:config as "default".                                     |
 // "clearPref"      : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions                     |
 //                    that rely on comparing version numbers.                                                                      |
 //                                                                                                                                 |
 // ================================================================================================================================|
 defaultPref("librewolf.cfg.version", "2.0");
@ -30,7 +16,7 @@ defaultPref("librewolf.cfg.version", "2.0");
 // -------------------------------------------
 defaultPref("network.cookie.cookieBehavior", 5); // dFPI, same as strict mode
-defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until the browser is closed then delete everything not in exceptions
+defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until the browser is closed then delete everything minus exceptions
 // make third party and http cookies session-only
 defaultPref("network.cookie.thirdparty.sessionOnly", true);
@ -53,12 +39,12 @@ defaultPref("browser.formfill.enable", false);
 defaultPref("browser.sessionstore.privacy_level", 2);
 defaultPref("browser.sessionstore.interval", 60000);
-// -------------
+// ----------------------
 // # NETWORKING
-// -------------
+// ----------------------
 // https and mixed content
-defaultPref("dom.security.https_only_mode", true); // enforce https in all windows, including private browsing
+defaultPref("dom.security.https_only_mode", true); // only allow https in all windows, including private browsing
 defaultPref("network.auth.subresource-http-auth-allow", 1); // stop cross-origin resources from using HTTP authentication
 defaultPref("security.insecure_connection_text.enabled", true); // display http websites as insecure in the ui
 defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content
@ -98,9 +84,9 @@ lockPref("network.http.speculative-parallel-limit", 0); // disable prefetching o
 defaultPref("network.manage-offline-status", false); // let user control the offline behavior
-// ------
+// ------------
 // # DOM
-// ------
+// ------------
 // pop-ups and window related preferences
 defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups on close
@ -114,7 +100,6 @@ defaultPref("browser.link.open_newwindow.restriction", 0); // ignore the size wh
 // push notifications and service workeers
 defaultPref("dom.push.enabled", false); // disable push notifications
 defaultPref("dom.push.serverURL", ""); // default "wss://push.services.mozilla.com/"
 defaultPref("dom.push.userAgentID", "");
 defaultPref("dom.serviceWorkers.enabled", false); // disable service workers, must enable for push notifications
 defaultPref("dom.storage.next_gen", true); // will be default from v92.0, keep and eye on
@ -177,6 +162,10 @@ defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict publ
 defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates
 defaultPref("security.OCSP.enabled", 0); // disable OCSP fetching
 // crl with no OCSP fallback. commented for now but review
 // defaultPref("security.remote_settings.crlite_filters.enabled", true);
 // defaultPref("security.pki.crlite_mode", 2);
 // safe negotiation
 defaultPref("security.ssl.require_safe_negotiation", true); // block websites that do not support safe negotiation, occasional breakage
 defaultPref("security.ssl.treat_unsafe_negotiation_as_broken",	true); // show warning when safe negotiation is not enable and website is accessed
@ -193,11 +182,13 @@ lockPref("permissions.manager.defaultsUrl", ""); // revoke special permissions f
 defaultPref("gfx.font_rendering.opentype_svg.enabled", false); // disale svg opentype fonts
 defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location
 lockPref("security.csp.enable", true); // default
-// -------------------------------------------------------
+// ---------------------------------
 // # SAFE BROWSING
-// -------------------------------------------------------
+// ---------------------------------
 // disable safe browsing, including the fetch of updates and all outgoing connections 
 defaultPref("browser.safebrowsing.malware.enabled", false);
@ -209,11 +200,13 @@ defaultPref("browser.safebrowsing.provider.google.gethashURL", "");
 defaultPref("browser.safebrowsing.provider.google.updateURL", "");
 // disable safe browsing checks on downloads, both local and remote
-defaultPref("browser.safebrowsing.downloads.enabled", false);
+lockPref("browser.safebrowsing.downloads.enabled", false);
-defaultPref("browser.safebrowsing.downloads.remote.enabled", false);
+lockPref("browser.safebrowsing.downloads.remote.enabled", false);
-defaultPref("browser.safebrowsing.downloads.remote.url", "");
+lockPref("browser.safebrowsing.downloads.remote.url", "");
 lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
 lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false);
-// other safe browsing options, all default but security in depth
+// other safe browsing options, all default but enforce
 lockPref("browser.safebrowsing.passwords.enabled", false);
 lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
 lockPref("browser.safebrowsing.provider.google4.dataSharingURL", "");
@ -319,30 +312,31 @@ defaultPref("browser.tabs.loadBookmarksInTabs", true); // always open bookmarks
 // # TRACKING PROTECTION
 // -----------------------------------
-// review entire section
+pref("browser.contentblocking.category", "custom"); // set tracking protection category, using pref solves the UI bug
-pref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI even more, using pref solves the UI bug
+// enable / disable TP in normal and private browsing
 lockPref("privacy.trackingprotection.enabled", false);
 lockPref("privacy.trackingprotection.pbmode.enabled", false);
-defaultPref("privacy.trackingprotection.cryptomining.enabled", false);
+
-defaultPref("privacy.trackingprotection.fingerprinting.enabled", false);
+lockPref("privacy.trackingprotection.annotate_channels", false); // reduce priority of trackers, remove if TP is on
 lockPref("privacy.trackingprotection.annotate_channels", false);
 // remove urls to fetch contentblocking lists.
 // without these urls TP cannot work. the lists are not shipped with the browser but download on first launch.
 defaultPref("browser.safebrowsing.provider.mozilla.updateURL", "");
 defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
-// hide ui elements for blocking lists in custom mode UI
+// disable blocking lists and hide ui elements in custom mode UI, if TP is enabled revert to true
 defaultPref("privacy.trackingprotection.cryptomining.enabled", false);
 defaultPref("privacy.trackingprotection.fingerprinting.enabled", false);
 defaultPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
 defaultPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
-// hide ui elements from about:protections
+// hide annoying ui elements from about:protections
 lockPref("browser.contentblocking.report.hide_vpn_banner", true);
 lockPref("browser.contentblocking.report.show_mobile_app", false);
 defaultPref("browser.contentblocking.report.lockwise.enabled", false);
 defaultPref("browser.contentblocking.report.monitor.enabled", false);
 lockPref("browser.contentblocking.report.hide_vpn_banner", true);
 lockPref("browser.contentblocking.report.vpn.enabled", false);
 lockPref("browser.contentblocking.report.show_mobile_app", false);
 // --------------------------------------
 // # EXTENSIONS
@ -426,45 +420,27 @@ lockPref("browser.uitour.url", "");
 // # NEW TAB PAGE
 // ------------------------------------
-// review full section
+defaultPref("browser.newtab.preload", false);
-lockPref("browser.newtab.preload", false);
+defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
-lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
+defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
-lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false);
+defaultPref("browser.newtabpage.activity-stream.feeds.topsites",	false);
-lockPref("browser.newtabpage.activity-stream.feeds.places", false);
+
-lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false);
+// hide pocket and sponsored content, from new tab page and search bar
 lockPref("browser.newtabpage.activity-stream.feeds.section.topstories",	false);
 lockPref("browser.newtabpage.activity-stream.feeds.topsites",	false);
 lockPref("browser.newtabpage.activity-stream.feeds.system.topsites",	false);
 lockPref("browser.newtabpage.activity-stream.feeds.system.topstories",	false);
 lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
-lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // default
+lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "{\"hidden\":true}"); // hide buggy pocket section from about:preferences#home
 lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "");
 lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
 lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
 lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
 lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
 lockPref("browser.newtabpage.activity-stream.showSponsored", false);
 lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
 lockPref("browser.newtabpage.activity-stream.telemetry", false);
 lockPref("browser.newtabpage.activity-stream.default.sites", "");
 lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
 lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
 lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // default
 // disable recommend as you browse
 lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
 lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "");
 lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}");
 lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true);
 lockPref("browser.newtabpage.activity-stream.telemetry", false);
 lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", "");
 lockPref("browser.newtabpage.activity-stream.default.sites", "");
 lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
 lockPref("browser.newtabpage.activity-stream.discoverystream.config", "{\"collapsible\":true,\"enabled\":false,\"personalized\":false,\"layout_endpoint\":\"\"}");
 lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", "");
 lockPref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false); // default
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);
 lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false);
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
 lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
 lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
 // --------------------------------
 // # TELEMETRY
@ -535,13 +511,6 @@ lockPref("default-browser-agent.enabled", false); // disable windows specific te
 defaultPref("network.http.windows-sso.enabled", false); // disable MS auto authentication via sso
 // -----------------
 // # REVIEW
 // -----------------
 lockPref("services.settings.server", "");
 lockPref("webchannel.allowObject.urlWhitelist", "");
 // -----------------------------------
 // # OVERRIDES
 // -----------------------------------