reviewed and reorganized up to extensions
This commit is contained in:
fxbrit
parent
0ce6204b90
commit
be4116e123
1 changed files with 73 additions and 71 deletions
144
librewolf.cfg
144
librewolf.cfg
|
|
@ -138,8 +138,12 @@ lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
|
|||
=======
|
||||
|
||||
// -----------------------------------
|
||||
<<<<<<< HEAD
|
||||
// TRACKING PROTECTION
|
||||
>>>>>>> a35eb4b (re-organized and reviewed)
|
||||
=======
|
||||
// FILENAME
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
// -----------------------------------
|
||||
|
||||
<<<<<<< HEAD
|
||||
|
|
@ -234,7 +238,7 @@ lockPref("browser.contentblocking.report.vpn.enabled", false);
|
|||
lockPref("default-browser-agent.enabled", false);
|
||||
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
||||
|
||||
// to check, could be deprecated/useless
|
||||
// to check, could be deprecated
|
||||
lockPref("pref.privacy.disable_button.change_blocklist", true);
|
||||
lockPref("pref.privacy.disable_button.tracking_protection_exceptions", true);
|
||||
|
||||
|
|
@ -278,6 +282,9 @@ lockPref("browser.fixup.alternate.enabled", false);
|
|||
lockPref("browser.urlbar.suggest.searches", false);
|
||||
lockPref("browser.search.update", false);
|
||||
|
||||
// to check, probably useless
|
||||
lockPref("signon.storeSignons", false);
|
||||
|
||||
// --------------------------------
|
||||
// # SANITIZING, COOKIES AND HISTORY
|
||||
// --------------------------------
|
||||
|
|
@ -299,6 +306,7 @@ defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid
|
|||
>>>>>>> 653a6ed (knocked out some more prefs)
|
||||
// --------------------------------
|
||||
|
||||
defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
|
||||
lockPref("browser.urlbar.filter.javascript", true);
|
||||
lockPref("browser.urlbar.speculativeConnect.enabled", false);
|
||||
lockPref("browser.urlbar.trimURLs", false);
|
||||
|
|
@ -311,12 +319,12 @@ lockPref("browser.fixup.alternate.enabled", false);
|
|||
// SANITIZING, COOKIES AND HISTORY
|
||||
// --------------------------------
|
||||
|
||||
defaultPref("network.cookie.cookieBehavior", 1); // in the future consider switching to network.cookie.cookieBehavior=5 to enable dFPI
|
||||
defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1
|
||||
defaultPref("network.cookie.lifetimePolicy", 2);
|
||||
defaultPref("network.cookie.thirdparty.sessionOnly", true);
|
||||
lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
|
||||
|
||||
// includes new cookie behavior that works with exceptions
|
||||
// includes new cookie behavior that allows to stay logged with exceptions
|
||||
defaultPref("privacy.clearOnShutdown.siteSettings", false);
|
||||
defaultPref("privacy.clearOnShutdown.cache", true);
|
||||
defaultPref("privacy.clearOnShutdown.cookies", false);
|
||||
|
|
@ -343,6 +351,7 @@ defaultPref("places.history.enabled", false);
|
|||
defaultPref("privacy.history.custom", true);
|
||||
lockPref("browser.sessionhistory.max_entries", 20);
|
||||
|
||||
<<<<<<< HEAD
|
||||
<<<<<<< HEAD
|
||||
<<<<<<< HEAD
|
||||
// --------------------------------------------------------------------
|
||||
|
|
@ -358,6 +367,8 @@ defaultPref("layout.css.notify-of-unvisited", false);
|
|||
// and probably redundant when 3rd party cookies are disabled
|
||||
// lockPref("privacy.storagePrincipal.enabledForTrackers", false);
|
||||
|
||||
=======
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
// --------------------------------------------------------------------
|
||||
// SESSIONS
|
||||
>>>>>>> a35eb4b (re-organized and reviewed)
|
||||
|
|
@ -406,6 +417,7 @@ defaultPref("media.gmp-widevinecdm.enabled", false);
|
|||
defaultPref("media.gmp-provider.enabled", false);
|
||||
defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections
|
||||
|
||||
<<<<<<< HEAD
|
||||
<<<<<<< HEAD
|
||||
defaultPref("media.gmp-gmpopenh264.enabled", false);
|
||||
|
||||
|
|
@ -413,6 +425,8 @@ defaultPref("media.gmp-gmpopenh264.enabled", false);
|
|||
// # WEBRTC
|
||||
=======
|
||||
defaultPref("media.gmp.trial-create.enabled", false);
|
||||
=======
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
defaultPref("media.gmp-gmpopenh264.enabled", false);
|
||||
|
||||
// ----------------------
|
||||
|
|
@ -427,6 +441,7 @@ defaultPref("media.gmp-gmpopenh264.enabled", false);
|
|||
defaultPref("media.navigator.enabled", false);
|
||||
defaultPref("media.peerconnection.enabled", false);
|
||||
<<<<<<< HEAD
|
||||
<<<<<<< HEAD
|
||||
=======
|
||||
defaultPref("media.navigator.video.enabled", false);
|
||||
defaultPref("media.getusermedia.browser.enabled", false);
|
||||
|
|
@ -438,6 +453,8 @@ defaultPref("media.peerconnection.identity.timeout", 1); // 10000 per default
|
|||
defaultPref("media.peerconnection.turn.disable", true);
|
||||
defaultPref("media.peerconnection.ice.tcp", false);
|
||||
>>>>>>> a35eb4b (re-organized and reviewed)
|
||||
=======
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
defaultPref("media.peerconnection.ice.default_address_only", true);
|
||||
defaultPref("media.peerconnection.ice.no_host", true);
|
||||
defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
|
||||
|
|
@ -451,7 +468,11 @@ defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
|
|||
// defaultPref("media.peerconnection.ice.tcp", false);
|
||||
|
||||
// ----------------------
|
||||
<<<<<<< HEAD
|
||||
// # SHARING
|
||||
=======
|
||||
// SHARING
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
// ----------------------
|
||||
|
||||
defaultPref("media.getusermedia.browser.enabled", false);
|
||||
|
|
@ -591,33 +612,36 @@ lockPref("dom.disable_window_move_resize", true);
|
|||
defaultPref("dom.serviceWorkers.enabled", false);
|
||||
defaultPref("dom.battery.enabled", false);
|
||||
lockPref("dom.popup_maximum", 4);
|
||||
defaultPref("dom.event.contextmenu.enabled", false);
|
||||
defaultPref("dom.event.clipboardevents.enabled", false);
|
||||
defaultPref("dom.webaudio.enabled", false);
|
||||
lockPref("dom.vr.enabled", false);
|
||||
lockPref("dom.vibrator.enabled", false);
|
||||
|
||||
<<<<<<< HEAD
|
||||
// lockPref("dom.registerProtocolHandler.insecure.enabled", true); // seems to be deprecated
|
||||
>>>>>>> 55c94dc (reorganized, revisited)
|
||||
|
||||
=======
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
// --------------------------------
|
||||
// PERMISSIONS
|
||||
// --------------------------------
|
||||
|
||||
lockPref("permissions.delegation.enabled", false);
|
||||
defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it
|
||||
lockPref("permissions.manager.defaultsUrl", "");
|
||||
|
||||
// --------------------------------
|
||||
// REFERERS
|
||||
// --------------------------------
|
||||
|
||||
defaultPref("network.http.referer.defaultPolicy", 2);
|
||||
defaultPref("network.http.referer.defaultPolicy.pbmode", 2); // (FF59+) default: 2
|
||||
defaultPref("network.http.referer.defaultPolicy.pbmode", 2);
|
||||
lockPref("network.http.referer.XOriginTrimmingPolicy", 2);
|
||||
lockPref("network.http.referer.XOriginPolicy", 2);
|
||||
lockPref("network.http.referer.spoofSource", false);
|
||||
lockPref("network.http.referer.trimmingPolicy", 0);
|
||||
//defaultPref("network.http.sendRefererHeader", 1);
|
||||
lockPref("network.http.referer.trimmingPolicy", 0);
|
||||
// defaultPref("network.http.sendRefererHeader", 1);
|
||||
|
||||
// --------------------------------
|
||||
// PROXY
|
||||
|
|
@ -635,23 +659,25 @@ defaultPref("network.proxy.socks_version", 5);
|
|||
lockPref("network.http.altsvc.enabled", false);
|
||||
lockPref("network.http.altsvc.oe", false);
|
||||
defaultPref("dom.security.https_only_mode", true);
|
||||
defaultPref("dom.security.https_only_mode_ever_enabled", true);
|
||||
defaultPref("dom.security.https_only_mode_pbm", true);
|
||||
|
||||
// --------------------------------------
|
||||
// TLS
|
||||
// --------------------------------------
|
||||
|
||||
defaultPref("security.ssl.require_safe_negotiation", true);
|
||||
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
lockPref("security.ssl.disable_session_identifiers", true);
|
||||
lockPref("browser.ssl_override_behavior", 1);
|
||||
lockPref("security.tls.enable_0rtt_data", false);
|
||||
lockPref("security.tls.version.enable-deprecated", false);
|
||||
lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos
|
||||
lockPref("browser.ssl_override_behavior", 1);
|
||||
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
lockPref("security.insecure_field_warning.contextual.enabled", true);
|
||||
lockPref("network.stricttransportsecurity.preloadlist", false);
|
||||
lockPref("security.ssl.disable_session_identifiers", true);
|
||||
lockPref("security.tls.version.fallback-limit", 3);
|
||||
lockPref("security.tls.version.min", 3);
|
||||
lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos
|
||||
lockPref("security.insecure_field_warning.contextual.enabled", true);
|
||||
|
||||
// to check
|
||||
lockPref("network.stricttransportsecurity.preloadlist", false);
|
||||
|
||||
// --------------------------------------
|
||||
// RFP
|
||||
|
|
@ -664,7 +690,7 @@ defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true);
|
|||
// LANGUAGE AND REGION
|
||||
// --------------------------------------
|
||||
|
||||
//defaultPref("privacy.spoof_english", 2); // redudant with RFP and javascript.use_us_english_locale
|
||||
// defaultPref("privacy.spoof_english", 2); // redudant with RFP and javascript.use_us_english_locale
|
||||
lockPref("javascript.use_us_english_locale", true);
|
||||
lockPref("intl.regional_prefs.use_os_locales", false);
|
||||
defaultPref("intl.locale.requested", "en-US");
|
||||
|
|
@ -674,6 +700,7 @@ defaultPref("intl.accept_languages", "en-US, en");
|
|||
// USER AGENT AND IDENTITY
|
||||
// --------------------------------------
|
||||
|
||||
// worth discussing
|
||||
defaultPref("general.useragent.override", "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0");
|
||||
defaultPref("general.appname.override", "Netscape");
|
||||
defaultPref("general.appversion.override", "5.0 (Windows)");
|
||||
|
|
@ -942,11 +969,12 @@ lockPref("extensions.autoDisableScopes", 11);
|
|||
>>>>>>> 55c94dc (reorganized, revisited)
|
||||
|
||||
// Relevant for addons and lang packs search
|
||||
defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
|
||||
|
||||
// other urls
|
||||
defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE%
|
||||
defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
|
||||
defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/
|
||||
defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
|
||||
defaultPref("extensions.getAddons.themes.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox
|
||||
defaultPref("extensions.update.url", "");
|
||||
// Default Value
|
||||
// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
|
||||
|
|
@ -955,28 +983,34 @@ defaultPref("extensions.update.url", "");
|
|||
// %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=
|
||||
// %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%
|
||||
|
||||
defaultPref("extensions.update.autoUpdateDefault", false);
|
||||
lockPref("xpinstall.whitelist.required", true); // default: true
|
||||
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new
|
||||
lockPref("extensions.webcompat-reporter.enabled", false);
|
||||
defaultPref("extensions.webextensions.background-delayed-startup", true); //default true
|
||||
lockPref("xpinstall.signatures.devInfoURL", "");
|
||||
lockPref("extensions.getAddons.compatOverides.url", "");
|
||||
lockPref("extensions.webapi.testing", false); // hidden prefs // default false
|
||||
// ui
|
||||
defaultPref("extensions.getAddons.showPane", false);
|
||||
lockPref("extensions.getAddons.discovery.api_url", "");
|
||||
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
||||
lockPref("extensions.systemAddon.update.url", "");
|
||||
lockPref("extensions.blocklist.detailsURL", "");
|
||||
lockPref("extensions.blocklist.itemURL", "");
|
||||
lockPref("extensions.webcompat-reporter.enabled", false);
|
||||
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new
|
||||
|
||||
// background checking and updating
|
||||
defaultPref("extensions.update.enabled", false);
|
||||
defaultPref("extensions.update.autoUpdateDefault", false);
|
||||
defaultPref("extensions.update.background.url", "");
|
||||
defaultPref("extensions.getAddons.showPane", false);
|
||||
|
||||
// blocklist
|
||||
defaultPref("extensions.blocklist.enabled", false);
|
||||
defaultPref("extensions.blocklist.detailsURL", "");
|
||||
defaultPref("extensions.blocklist.itemURL", "");
|
||||
|
||||
// system addons
|
||||
lockPref("extensions.systemAddon.update.url", "");
|
||||
lockPref("extensions.systemAddon.update.enabled", false);
|
||||
|
||||
lockPref("xpinstall.whitelist.required", true); // default: true
|
||||
lockPref("xpinstall.signatures.devInfoURL", "");
|
||||
defaultPref("extensions.webextensions.background-delayed-startup", true); //default true
|
||||
lockPref("extensions.webapi.testing", false); // hidden prefs // default false
|
||||
lockPref("extensions.webservice.discoverURL", "");
|
||||
lockPref("webextensions.storage.sync.serverURL", "");
|
||||
lockPref("extensions.screenshots.upload-disabled", true);
|
||||
defaultPref("extensions.ui.experiment.hidden", false);
|
||||
|
||||
// Likely deprecated https://phabricator.services.mozilla.com/D97092 or https://blog.mozilla.org/addons/2021/02/09/extensions-in-firefox-86/
|
||||
// defaultPref("extensions.webextensions.tabhide.enabled", false); //Default true
|
||||
|
||||
// -------------------------------------------------------
|
||||
// NORMANDY
|
||||
|
|
@ -1307,7 +1341,6 @@ lockPref("accessibility.force_disabled", 1);
|
|||
lockPref("browser.uitour.enabled", false);
|
||||
lockPref("browser.uitour.url", "");
|
||||
lockPref("middlemouse.contentLoadURL", false);
|
||||
lockPref("permissions.manager.defaultsUrl", "");
|
||||
lockPref("lightweightThemes.getMoreURL", "");
|
||||
lockPref("media.decoder-doctor.new-issue-endpoint", "");
|
||||
lockPref("identity.sync.tokenserver.uri", "");
|
||||
|
|
@ -1504,7 +1537,6 @@ defaultPref("layers.acceleration.force-enabled", true);
|
|||
lockPref("webgl.enable-webgl2", false);
|
||||
lockPref("webgl.min_capability_mode", true);
|
||||
lockPref("webgl.disable-fail-if-major-performance-caveat", true);
|
||||
lockPref("webgl.enable-debug-renderer-info", false);
|
||||
|
||||
// conflicting with previous prefs?
|
||||
// defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
|
||||
|
|
@ -1624,6 +1656,7 @@ lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false);
|
|||
lockPref("toolkit.telemetry.unified", false);
|
||||
lockPref("toolkit.telemetry.ecosystemtelemetry.enabled", false);
|
||||
<<<<<<< HEAD
|
||||
<<<<<<< HEAD
|
||||
lockPref("security.protectionspopup.recordEventTelemetry", false);
|
||||
lockPref("datareporting.healthreport.uploadEnabled", false);
|
||||
lockPref("datareporting.policy.dataSubmissionEnabled", false);
|
||||
|
|
@ -1658,6 +1691,11 @@ lockPref("network.IDN_show_punycode", true);
|
|||
// https://github.com/pyllyukko/user.js/issues/143
|
||||
=======
|
||||
lockPref("security.protectionspopup.recordEventTelemetry", false)
|
||||
=======
|
||||
lockPref("security.protectionspopup.recordEventTelemetry", false);
|
||||
lockPref("datareporting.healthreport.uploadEnabled", false);
|
||||
lockPref("datareporting.policy.dataSubmissionEnabled", false);
|
||||
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
|
||||
|
||||
// pocket
|
||||
>>>>>>> 653a6ed (knocked out some more prefs)
|
||||
|
|
@ -1670,8 +1708,6 @@ lockPref("browser.discovery.enabled", false);
|
|||
lockPref("browser.discovery.containers.enabled", false);
|
||||
lockPref("browser.discovery.sites", "");
|
||||
lockPref("breakpad.reportURL", "");
|
||||
lockPref("datareporting.healthreport.uploadEnabled", false);
|
||||
lockPref("datareporting.policy.dataSubmissionEnabled", false);
|
||||
lockPref("browser.send_pings", false);
|
||||
lockPref("browser.send_pings.require_same_host", true);
|
||||
<<<<<<< HEAD
|
||||
|
|
@ -1818,17 +1854,6 @@ lockPref("plugin.state.libgnome-shell-browser-plugin", 0);
|
|||
lockPref("plugins.click_to_play", true);
|
||||
lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0);
|
||||
|
||||
// Pref : Update addons automatically
|
||||
// https://blog.mozilla.org/addons/how-to-turn-off-add-on-updates/
|
||||
defaultPref("extensions.update.enabled", false);
|
||||
|
||||
// Pref : Enable add-on and certificate blocklists (OneCRL) from Mozilla
|
||||
// Updated at interval defined in extensions.blocklist.interval (default: 86400)
|
||||
lockPref("extensions.blocklist.enabled", false);
|
||||
|
||||
// Pref : Disable system add-on updates (hidden & always-enabled add-ons from Mozilla)
|
||||
lockPref("extensions.systemAddon.update.enabled", false);
|
||||
|
||||
// Pref : Disable WebIDE Web Debug
|
||||
// https://trac.torproject.org/projects/tor/ticket/16222
|
||||
// https://developer.mozilla.org/docs/Tools/WebIDE
|
||||
|
|
@ -1967,19 +1992,12 @@ lockPref("camera.control.face_detection.enabled", false);
|
|||
lockPref("datareporting.healthreport.about.reportUrl", "data:,");
|
||||
lockPref("datareporting.healthreport.service.enabled", false);
|
||||
|
||||
// Pref :
|
||||
lockPref("device.sensors.enabled", false);
|
||||
|
||||
// Pref : Disable WebIDE Web Debug
|
||||
// https://trac.torproject.org/projects/tor/ticket/16222
|
||||
// https://developer.mozilla.org/docs/Tools/WebIDE
|
||||
lockPref("devtools.webide.autoinstallFxdtAdapters", false);
|
||||
lockPref("devtools.webide.adaptersAddonURL", "");
|
||||
|
||||
// Pref : Disable resource timing API
|
||||
// https://www.w3.org/TR/resource-timing/#privacy-security
|
||||
lockPref("dom.enable_resource_timing", false);
|
||||
|
||||
// Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface)
|
||||
// https://wiki.mozilla.org/FlyWeb
|
||||
// https://wiki.mozilla.org/FlyWeb/Security_scenarios
|
||||
|
|
@ -1987,16 +2005,6 @@ lockPref("dom.enable_resource_timing", false);
|
|||
// http://www.ghacks.net/2016/07/26/firefox-flyweb
|
||||
lockPref("dom.flyweb.enabled", false);
|
||||
|
||||
// Pref :
|
||||
lockPref("dom.gamepad.enabled", false);
|
||||
|
||||
// Pref : Disable leaking network/browser connection information via Javascript
|
||||
// Network Information API provides general information about the system's connection type (WiFi, cellular, etc.)
|
||||
// https://developer.mozilla.org/en-US/docs/Web/API/Network_Information_API
|
||||
// https://wicg.github.io/netinfo/#privacy-considerations
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=960426
|
||||
lockPref("dom.netinfo.enabled", false);
|
||||
|
||||
// Pref : 2306: disable push notifications (FF44+)
|
||||
// web apps can receive messages pushed to them from a server, whether or
|
||||
// not the web app is in the foreground, or even currently loaded
|
||||
|
|
@ -2016,12 +2024,6 @@ lockPref("extensions.shield-recipe-client.enabled", false);
|
|||
// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion
|
||||
lockPref("loop.logDomains", false);
|
||||
|
||||
// Pref : Disable video stats to reduce fingerprinting threat
|
||||
// https://bugzilla.mozilla.org/show_bug.cgi?id=654550
|
||||
// https://github.com/pyllyukko/user.js/issues/9#issuecomment-100468785
|
||||
// https://github.com/pyllyukko/user.js/issues/9#issuecomment-148922065
|
||||
lockPref("media.video_stats.enabled", false);
|
||||
|
||||
// Pref : WebSockets is a technology that makes it possible to open an interactive communication
|
||||
// session between the user's browser and a server. (May leak IP when using proxy/VPN)
|
||||
lockPref("network.websocket.enabled", false);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue