Merge branch 'pre-v94' into 'master'
address #93, #94 and #95 See merge request librewolf-community/settings!22
This commit is contained in:
fabrizio
commit
c7ebafbd3c
3 changed files with 108 additions and 78 deletions
|
|
@ -8,7 +8,6 @@
|
|||
"DisableSystemAddonUpdate": true,
|
||||
"DisableFirefoxAccounts": true,
|
||||
"DisableProfileImport": false,
|
||||
"DisableMasterPasswordCreation": true,
|
||||
"DisableFirefoxStudies": true,
|
||||
"DisableTelemetry": true,
|
||||
"DisableFeedbackCommands": true,
|
||||
|
|
@ -31,7 +30,7 @@
|
|||
},
|
||||
"Extensions": {
|
||||
"Install": [
|
||||
"https://addons.cdn.mozilla.net/user-media/addons/607454/ublock_origin-1.38.2-an+fx.xpi"
|
||||
"https://addons.cdn.mozilla.net/user-media/addons/607454/ublock_origin-1.38.6-an+fx.xpi"
|
||||
],
|
||||
"Uninstall": [
|
||||
"google@search.mozilla.org",
|
||||
|
|
|
|||
|
|
@ -1,8 +1,48 @@
|
|||
This changelog will be used from now on to document changes in a precise manner, with a list of changes for each setting version.
|
||||
Setting versions are documented using the pref `librewolf.cfg.version`, available in about:config.
|
||||
|
||||
## 3.0
|
||||
|
||||
**target commit**:
|
||||
|
||||
**base librewolf version**: 94.x
|
||||
|
||||
**References**:
|
||||
- as reported in #95 and discussed [here](https://gitlab.com/librewolf-community/browser/linux/-/issues/246) we are re-enabling TP by default, setting it to strict.
|
||||
- the sponsored shortcuts in about:preferences#home were already locked, now they are properly hidden.
|
||||
|
||||
**Notes**: all the removed preferences were either related to disabling TP, or unecessary when using strict mode. as a result of this trimming the tracking protection section of the .cfg file doesn't need to exist anymore.
|
||||
|
||||
#### Added preferences
|
||||
```
|
||||
defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button from about:preferences#home
|
||||
defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default
|
||||
```
|
||||
|
||||
#### Removed preferences
|
||||
```
|
||||
lockPref("privacy.trackingprotection.enabled", false);
|
||||
lockPref("privacy.trackingprotection.pbmode.enabled", false);
|
||||
lockPref("privacy.trackingprotection.annotate_channels", false);
|
||||
defaultPref("browser.safebrowsing.provider.mozilla.updateURL", "");
|
||||
defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
|
||||
defaultPref("privacy.trackingprotection.cryptomining.enabled", false);
|
||||
defaultPref("privacy.trackingprotection.fingerprinting.enabled", false);
|
||||
defaultPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
|
||||
defaultPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
|
||||
```
|
||||
|
||||
#### Changed preferences
|
||||
```
|
||||
pref("browser.contentblocking.category", "strict");
|
||||
```
|
||||
|
||||
## 2.0
|
||||
|
||||
**target commit**: from 6451faa167568313e5ed065fcb3ee2bb76132063 to b17a1ed657e22ac61b4399699223d36724b842e7
|
||||
|
||||
**base librewolf version**: 92.x
|
||||
|
||||
**References**:
|
||||
- [web content can no longer access the battery api](https://bugzilla.mozilla.org/show_bug.cgi?id=1313580).
|
||||
- http alternative services are [isolated by network partitioning and FPI](https://github.com/arkenfox/user.js/blob/269cf965bd51022ca69823f8f66a8e402280d856/user.js#L1350) and they are unchanged even in tor browser. from a security standpoint, the alternate service will need to provide the certificate of the origin in order to be considered trusthworthy.
|
||||
|
|
@ -120,7 +160,7 @@ defaultPref("browser.download.useDownloadDir", false); // force user interaction
|
|||
pref("browser.urlbar.quicksuggest.scenario", ""); // disable firefox suggests and hide its UI
|
||||
```
|
||||
|
||||
#### Commented prefs
|
||||
#### Commented preferences
|
||||
```
|
||||
// pref("network.trr.mode", 2); // previously uncommented defaultPref with value 5
|
||||
// pref("network.trr.uri", "https://dns.quad9.net/dns-query"); // previously uncommented defaultPref with empty value
|
||||
|
|
@ -173,7 +213,7 @@ defaultPref("browser.safebrowsing.downloads.enabled", false);
|
|||
|
||||
## 1.6
|
||||
|
||||
**target commit**:
|
||||
**target commit**: 192f51abe21e9aeb9b01d396079e9b8533cab7bb
|
||||
|
||||
**base librewolf version**: 91.x
|
||||
|
||||
|
|
|
|||
125
librewolf.cfg
125
librewolf.cfg
|
|
@ -9,13 +9,23 @@
|
|||
|
||||
*/
|
||||
|
||||
defaultPref("librewolf.cfg.version", "2.0");
|
||||
defaultPref("librewolf.cfg.version", "3.0");
|
||||
|
||||
// -------------------------------------------
|
||||
// # SANITIZING COOKIES AND HISTORY, SESSIONS
|
||||
// -------------------------------------------
|
||||
// -------------------------------
|
||||
// # SANITIZING, TP, SESSIONS
|
||||
// -------------------------------
|
||||
|
||||
defaultPref("network.cookie.cookieBehavior", 5); // dFPI, same as strict mode
|
||||
/**
|
||||
strict mode includes:
|
||||
- dFPI for both normal and private browsing
|
||||
- strict blocking lists for trackers, including crypto, fping and socialtracking
|
||||
- shims to avoid breakage caused by blocking lists
|
||||
- stricter policies for xorigin referrers
|
||||
- cookie cleaning mechanism specific to dFPI
|
||||
*/
|
||||
pref("browser.contentblocking.category", "strict");
|
||||
|
||||
defaultPref("network.cookie.cookieBehavior", 5); // dFPI is default for strict mode, but enforce
|
||||
defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until the browser is closed then delete everything minus exceptions
|
||||
|
||||
// make third party and http cookies session-only
|
||||
|
|
@ -141,6 +151,8 @@ defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); // prev
|
|||
defaultPref("browser.startup.blankWindow", false); // if set to true it breaks RFP windows resizing
|
||||
defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP
|
||||
|
||||
defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default
|
||||
|
||||
// librewolf specifc pref that prevents rfp from forcing light theme, review
|
||||
lockPref("privacy.override_rfp_for_color_scheme", false);
|
||||
|
||||
|
|
@ -161,7 +173,7 @@ defaultPref("security.OCSP.enabled", 0); // disable OCSP fetching
|
|||
|
||||
// safe negotiation
|
||||
defaultPref("security.ssl.require_safe_negotiation", true); // block websites that do not support safe negotiation, occasional breakage
|
||||
defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); // show warning when safe negotiation is not enable and website is accessed
|
||||
defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); // show warning when safe negotiation is not enable and website is accessed
|
||||
|
||||
// tls behavior
|
||||
lockPref("security.tls.enable_0rtt_data", false); // disable 0 round trip time to improve tls 1.3 security
|
||||
|
|
@ -302,36 +314,6 @@ defaultPref("browser.download.autohideButton", false); // hide download button a
|
|||
defaultPref("browser.download.manager.addToRecentDocs", false); // do not add downloads to recents
|
||||
defaultPref("browser.tabs.loadBookmarksInTabs", true); // always open bookmarks in new tab
|
||||
|
||||
// -----------------------------------
|
||||
// # TRACKING PROTECTION
|
||||
// -----------------------------------
|
||||
|
||||
pref("browser.contentblocking.category", "custom"); // set tracking protection category, using pref solves the UI bug
|
||||
|
||||
// enable / disable TP in normal and private browsing
|
||||
lockPref("privacy.trackingprotection.enabled", false);
|
||||
lockPref("privacy.trackingprotection.pbmode.enabled", false);
|
||||
|
||||
lockPref("privacy.trackingprotection.annotate_channels", false); // reduce priority of trackers, remove if TP is on
|
||||
|
||||
// remove urls to fetch contentblocking lists.
|
||||
// without these urls TP cannot work. the lists are not shipped with the browser but download on first launch.
|
||||
defaultPref("browser.safebrowsing.provider.mozilla.updateURL", "");
|
||||
defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
|
||||
|
||||
// disable blocking lists and hide ui elements in custom mode UI, if TP is enabled revert to true
|
||||
defaultPref("privacy.trackingprotection.cryptomining.enabled", false);
|
||||
defaultPref("privacy.trackingprotection.fingerprinting.enabled", false);
|
||||
defaultPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
|
||||
defaultPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
|
||||
|
||||
// hide annoying ui elements from about:protections
|
||||
defaultPref("browser.contentblocking.report.lockwise.enabled", false);
|
||||
defaultPref("browser.contentblocking.report.monitor.enabled", false);
|
||||
lockPref("browser.contentblocking.report.hide_vpn_banner", true);
|
||||
lockPref("browser.contentblocking.report.vpn.enabled", false);
|
||||
lockPref("browser.contentblocking.report.show_mobile_app", false);
|
||||
|
||||
// --------------------------------------
|
||||
// # EXTENSIONS
|
||||
// --------------------------------------
|
||||
|
|
@ -340,41 +322,41 @@ lockPref("browser.contentblocking.report.show_mobile_app", false);
|
|||
allow extensions to work on all domains.
|
||||
default is "debug-notes.log"
|
||||
*/
|
||||
defaultPref("extensions.webextensions.restrictedDomains", "");
|
||||
defaultPref("extensions.webextensions.restrictedDomains", "");
|
||||
|
||||
// set extensions scopes
|
||||
defaultPref("extensions.enabledScopes", 5);
|
||||
defaultPref("extensions.autoDisableScopes", 11);
|
||||
// set extensions scopes
|
||||
defaultPref("extensions.enabledScopes", 5);
|
||||
defaultPref("extensions.autoDisableScopes", 11);
|
||||
|
||||
defaultPref("extensions.postDownloadThirdPartyPrompt", false); // force install prompt for thrid party extensions
|
||||
defaultPref("extensions.postDownloadThirdPartyPrompt", false); // force install prompt for thrid party extensions
|
||||
|
||||
/**
|
||||
prevent users from adding lang packs, which would cause leaks.
|
||||
default is https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
|
||||
*/
|
||||
defaultPref("extensions.getAddons.langpacks.url", "");
|
||||
/**
|
||||
prevent users from adding lang packs, which would cause leaks.
|
||||
default is https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
|
||||
*/
|
||||
defaultPref("extensions.getAddons.langpacks.url", "");
|
||||
|
||||
// about:addons ui
|
||||
defaultPref("extensions.getAddons.showPane", false); // disable recommendations section
|
||||
defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); // disable recommendations from addons list
|
||||
defaultPref("lightweightThemes.getMoreURL", ""); // disable button to get more themes
|
||||
// about:addons ui
|
||||
defaultPref("extensions.getAddons.showPane", false); // disable recommendations section
|
||||
defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); // disable recommendations from addons list
|
||||
defaultPref("lightweightThemes.getMoreURL", ""); // disable button to get more themes
|
||||
|
||||
// background checking and updating of extensions
|
||||
defaultPref("extensions.update.enabled", false); // disable automatic checks for extension updates
|
||||
defaultPref("extensions.update.autoUpdateDefault", false); // disable automatic installs of extension updates
|
||||
defaultPref("extensions.getAddons.cache.enabled", false); // disable fetching of extension metadata
|
||||
// background checking and updating of extensions
|
||||
defaultPref("extensions.update.enabled", false); // disable automatic checks for extension updates
|
||||
defaultPref("extensions.update.autoUpdateDefault", false); // disable automatic installs of extension updates
|
||||
defaultPref("extensions.getAddons.cache.enabled", false); // disable fetching of extension metadata
|
||||
|
||||
// extension firewall, disabled by default
|
||||
// defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';");
|
||||
// defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';");
|
||||
// extension firewall, disabled by default
|
||||
// defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';");
|
||||
// defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';");
|
||||
|
||||
// report site issue, disable button and url for in depth defense
|
||||
lockPref("extensions.webcompat-reporter.enabled", false);
|
||||
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");
|
||||
// report site issue, disable button and url for in depth defense
|
||||
lockPref("extensions.webcompat-reporter.enabled", false);
|
||||
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");
|
||||
|
||||
// system addons, prevent updates and strip url for in depth defense
|
||||
defaultPref("extensions.systemAddon.update.enabled", false);
|
||||
defaultPref("extensions.systemAddon.update.url", "");
|
||||
// system addons, prevent updates and strip url for in depth defense
|
||||
defaultPref("extensions.systemAddon.update.enabled", false);
|
||||
defaultPref("extensions.systemAddon.update.url", "");
|
||||
|
||||
// --------------------------------
|
||||
// # URLS AND ANNOYANCES
|
||||
|
|
@ -401,7 +383,7 @@ lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", "");
|
|||
lockPref("gecko.handlerService.schemes.ircs.0.name", "");
|
||||
lockPref("browser.translation.engine", "");
|
||||
|
||||
// disable welcome, what's new pages and ui tour
|
||||
// disable welcome, what is new pages and ui tour
|
||||
defaultPref("browser.startup.homepage_override.mstone", "ignore");
|
||||
defaultPref("startup.homepage_override_url", "about:blank");
|
||||
defaultPref("startup.homepage_welcome_url", "about:blank");
|
||||
|
|
@ -410,6 +392,15 @@ lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
|
|||
lockPref("browser.uitour.enabled", false);
|
||||
lockPref("browser.uitour.url", "");
|
||||
|
||||
// hide annoying ui elements from about:protections
|
||||
defaultPref("browser.contentblocking.report.lockwise.enabled", false);
|
||||
defaultPref("browser.contentblocking.report.monitor.enabled", false);
|
||||
lockPref("browser.contentblocking.report.hide_vpn_banner", true);
|
||||
lockPref("browser.contentblocking.report.vpn.enabled", false);
|
||||
lockPref("browser.contentblocking.report.show_mobile_app", false);
|
||||
|
||||
defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button from about:preferences#home
|
||||
|
||||
// ------------------------------------
|
||||
// # NEW TAB PAGE
|
||||
// ------------------------------------
|
||||
|
|
@ -417,11 +408,11 @@ lockPref("browser.uitour.url", "");
|
|||
defaultPref("browser.newtab.preload", false);
|
||||
defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
|
||||
defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
|
||||
defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false);
|
||||
defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false);
|
||||
|
||||
// hide pocket and sponsored content, from new tab page and search bar
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
||||
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "{\"hidden\":true}"); // hide buggy pocket section from about:preferences#home
|
||||
lockPref("browser.newtabpage.activity-stream.showSponsored", false);
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue