librewolf-bot/settings
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

updated and started editing external protocols

Browse source
This commit is contained in:
fxbrit 2021-05-01 14:56:11 +02:00
parent 6ee5571749
commit d1eecc1226
2 changed files with 137 additions and 85 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
Changelog.md
View file

@ -433,6 +433,7 @@ lockPref("security.ssl3.rsa_aes_256_sha", false); // known to leak and increase
lockPref("security.ssl3.rsa_aes_128_sha", false); // known to leak and increase fingerprint
lockPref("browser.safebrowsing.allowOverride", false); // we do not have SB enabled so we don't care if the bypass button is shown
<<<<<<< HEAD
<<<<<<< HEAD
defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // why should be disable this?
lockPref("services.blocklist.onecrl.collection", ""); // Deprecated
lockPref("font.blacklist.underline_offset", ""); // knwown to increase fingerprint
@ -865,6 +866,16 @@ defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // why?
lockPref("services.blocklist.onecrl.collection", ""); // Deprecated
>>>>>>> 4041ab1 (reorganized and improved some entries)
=======
defaultPref("browser.ctrlTab.recentlyUsedOrder", false); // why should be disable this?
lockPref("services.blocklist.onecrl.collection", ""); // Deprecated
lockPref("font.blacklist.underline_offset", ""); // knwown to increase fingerprint
lockPref("plugin.defaultXpi.state", 1); // Deprecated
lockPref("remote.log.level", "Info"); // already default and not important in any way
lockPref("webgl.min_capability_mode", true); // small to no gain according to arkenfox and TOR, breaks websites on the other side
lockPref("network.protocol-handler.external.http",false); // Deprecated or not existent
lockPref("network.protocol-handler.external.https",false); // Deprecated or not existent
>>>>>>> 8b7a898 (updated and started editing external protocols)
```
#### Unlocked
@ -1041,10 +1052,12 @@ lockPref("services.blocklist.onecrl.collection", "");
Other points:
// DRM - should we make it even easier?
// COOKIES - now using dFPI
// MISC - check if everything should stay, re-organize
// TESTING - untouched, except two entries already addressed
// WINDOWS - untouched
// ESR - untouched
// MISC - check if fxaccounts need their pref
// SYNC - does it need to exist given that fxaccounts are off?
// SB - make re-enabling easier, test connections
```
#### Commented
@ -1053,6 +1066,7 @@ Prefs that need to be addressed and that were disabled for now
// redudant with RFP and javascript.use_us_english_locale
// defaultPref("privacy.spoof_english", 2);
<<<<<<< HEAD
// conflicting with previous prefs?
// defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
// defaultPref("layers.acceleration.disabled", false);
@ -1066,6 +1080,8 @@ Prefs that need to be addressed and that were disabled for now
=======
>>>>>>> c16522a (added re-enabling guides)
=======
>>>>>>> 8b7a898 (updated and started editing external protocols)
// apparently increases fingerprinting and redundant with browser.cache.offline.storage.enable
// should be checked
// lockPref("browser.cache.offline.enable", false);

204
librewolf.cfg
View file

@ -1013,6 +1013,7 @@ lockPref("extensions.webapi.testing", false); // hidden prefs // default false
lockPref("extensions.webservice.discoverURL", "");
lockPref("webextensions.storage.sync.serverURL", "");
lockPref("extensions.screenshots.upload-disabled", true);
lockPref("lightweightThemes.getMoreURL", "");
// -------------------------------------------------------
// NORMANDY
@ -1141,6 +1142,7 @@ lockPref("browser.safebrowsing.reportPhishURL", "");
// --------------------------------
<<<<<<< HEAD
<<<<<<< HEAD
// # FONTS
// --------------------------------
@ -1288,13 +1290,17 @@ lockPref("javascript.options.shared_memory", false);
=======
// MISC
=======
// FONTS
>>>>>>> 8b7a898 (updated and started editing external protocols)
// --------------------------------
// ui
defaultPref("browser.tabs.drawInTitlebar", true);
defaultPref("browser.aboutConfig.showWarning", false);
defaultPref("browser.download.autohideButton", false);
defaultPref("privacy.userContext.ui.enabled", true);
lockPref("gfx.font_rendering.graphite.enabled", false);
lockPref("gfx.font_rendering.opentype_svg.enabled", false);
// --------------------------------
// MISC
// --------------------------------
// more important stuff
lockPref("browser.shell.shortcutFavicons", false);
@ -1302,9 +1308,43 @@ defaultPref("alerts.showFavicons", false);
defaultPref("browser.link.open_newwindow", 3);
defaultPref("browser.link.open_newwindow.restriction", 0);
lockPref("security.data_uri.block_toplevel_data_uri_navigations", true);
lockPref("network.file.disable_unc_paths", true); // (hidden pref)
lockPref("network.gio.supported-protocols", ""); // (hidden pref)
lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false);
lockPref("plugin.default.state", 1);
lockPref("gfx.offscreencanvas.enabled", false); // default: false
lockPref("canvas.capturestream.enabled", false);
lockPref("network.IDN_show_punycode", true);
lockPref("security.fileuri.strict_origin_policy", true);
// settings
// fxaccount, to check
lockPref("identity.fxaccounts.remote.root", "");
lockPref("identity.fxaccounts.auth.uri", "");
lockPref("identity.fxaccounts.commands.enabled", false);
lockPref("identity.fxaccounts.remote.oauth.uri", "");
lockPref("identity.fxaccounts.remote.profile.uri", "");
lockPref("identity.fxaccounts.service.monitorLoginUrl", "");
// pocket
lockPref("extensions.pocket.enabled", false);
lockPref("extensions.pocket.site", "");
lockPref("extensions.pocket.oAuthConsumerKey", "");
lockPref("extensions.pocket.api", "");
// pdf reader
defaultPref("pdfjs.disabled", false);
defaultPref("pdfjs.enableScripting", false);
defaultPref("pdfjs.enableWebGL", false);
defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
defaultPref("pdfjs.enabledCache.state", false);
// remote agent
lockPref("remote.enabled", false);
lockPref("remote.force-local", true);
// settings and behavior
lockPref("browser.shell.checkDefaultBrowser", false);
lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
defaultPref("startup.homepage_override_url", "about:blank");
defaultPref("startup.homepage_welcome_url", "about:blank");
defaultPref("startup.homepage_welcome_url.additional", "");
@ -1314,35 +1354,29 @@ defaultPref("general.autoScroll", false);
defaultPref("clipboard.autocopy", false);
defaultPref("browser.tabs.loadBookmarksInTabs", true);
lockPref("browser.download.manager.addToRecentDocs", false);
lockPref("webchannel.allowObject.urlWhitelist", "");
// pdf reader
defaultPref("pdfjs.disabled", false);
defaultPref("pdfjs.enableScripting", false);
defaultPref("pdfjs.enableWebGL", false);
defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
defaultPref("pdfjs.enabledCache.state", false);
defaultPref("devtools.debugger.remote-enabled", false);
defaultPref("devtools.chrome.enabled", false);
lockPref("services.blocklist.addons.collection", "");
lockPref("services.blocklist.plugins.collection", "");
lockPref("services.blocklist.gfx.collection", "");
lockPref("network.file.disable_unc_paths", true); // (hidden pref)
lockPref("network.gio.supported-protocols", ""); // (hidden pref)
lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false);
lockPref("font.blacklist.underline_offset", "");
lockPref("gfx.font_rendering.graphite.enabled", false);
lockPref("plugin.default.state", 1);
lockPref("plugin.defaultXpi.state", 1);
lockPref("canvas.capturestream.enabled", false);
lockPref("gfx.offscreencanvas.enabled", false); // default: false
lockPref("accessibility.force_disabled", 1);
lockPref("browser.uitour.enabled", false);
lockPref("browser.uitour.url", "");
lockPref("middlemouse.contentLoadURL", false);
lockPref("lightweightThemes.getMoreURL", "");
defaultPref("accessibility.typeaheadfind", false);
lockPref("browser.bookmarks.restore_default_bookmarks", false);
defaultPref("browser.tabs.closeTabByDblclick", true);
lockPref("media.webspeech.recognition.enable", false);
lockPref("network.manage-offline-status", false);
// devtools
defaultPref("devtools.debugger.remote-enabled", false);
defaultPref("devtools.chrome.enabled", false);
lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com
lockPref("devtools.devices.url", "");
// ui
defaultPref("browser.tabs.drawInTitlebar", true);
defaultPref("browser.aboutConfig.showWarning", false);
defaultPref("browser.download.autohideButton", false);
defaultPref("privacy.userContext.ui.enabled", true);
lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
// urls and handlers
lockPref("media.decoder-doctor.new-issue-endpoint", "");
lockPref("identity.sync.tokenserver.uri", "");
lockPref("network.trr.confirmationNS", "");
@ -1353,51 +1387,38 @@ lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", "");
lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail
lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", "");
lockPref("gecko.handlerService.schemes.irc.0.name", "");
lockPref("identity.fxaccounts.remote.root", "");
lockPref("services.settings.server", "");
lockPref("services.blocklist.addons.signer", "");
lockPref("services.blocklist.gfx.signer", "");
lockPref("services.settings.security.onecrl.signer", "");
lockPref("services.blocklist.pinning.signer", "");
lockPref("services.blocklist.plugins.signer", "");
lockPref("accessibility.support.url", "");
lockPref("app.support.baseURL", "");
lockPref("browser.uitour.url", "");
lockPref("webchannel.allowObject.urlWhitelist", "");
lockPref("browser.chrome.errorReporter.infoURL", "");
lockPref("browser.dictionaries.download.url", "");
lockPref("browser.geolocation.warning.infoURL", "");
lockPref("browser.search.searchEnginesURL", "");
lockPref("browser.uitour.themeOrigin", "");
lockPref("toolkit.datacollection.infoURL", "");
lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com
lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
defaultPref("accessibility.typeaheadfind", false);
lockPref("browser.bookmarks.restore_default_bookmarks", false);
lockPref("identity.mobilepromo.android", "");
lockPref("identity.mobilepromo.ios", "");
defaultPref("identity.sendtabpromo.url", "");
lockPref("datareporting.healthreport.infoURL", "");
lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
lockPref("app.feedback.baseURL", "");
lockPref("app.releaseNotesURL", "");
lockPref("app.releaseNotesURL.aboutDialog", "");
lockPref("browser.chrome.errorReporter.infoURL", false);
lockPref("browser.ping-centre.log", "");
lockPref("browser.ping-centre.telemetry", false);
lockPref("captivedetect.canonicalURL", "");
lockPref("browser.chrome.errorReporter.infoURL", "");
lockPref("datareporting.policy.firstRunURL", "");
lockPref("devtools.devices.url", "");
lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", "");
lockPref("identity.fxaccounts.auth.uri", "");
lockPref("identity.fxaccounts.commands.enabled", false);
lockPref("identity.fxaccounts.remote.oauth.uri", "");
lockPref("identity.fxaccounts.remote.profile.uri", "");
lockPref("identity.fxaccounts.service.monitorLoginUrl", "");
lockPref("remote.enabled", false);
lockPref("remote.force-local", true);
lockPref("remote.log.level", "Info");
defaultPref("browser.tabs.closeTabByDblclick", true);
lockPref("network.IDN_show_punycode", true);
lockPref("media.webspeech.recognition.enable", false);
// to check, should all be handled by lockPref("services.settings.server", "")
lockPref("services.blocklist.addons.collection", "");
lockPref("services.blocklist.plugins.collection", "");
lockPref("services.blocklist.gfx.collection", "");
lockPref("services.blocklist.addons.signer", "");
lockPref("services.blocklist.gfx.signer", "");
lockPref("services.settings.security.onecrl.signer", "");
lockPref("services.blocklist.pinning.signer", "");
lockPref("services.blocklist.plugins.signer", "");
// --------------------------------
// CACHE
@ -1530,18 +1551,15 @@ lockPref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false
lockPref("services.sync.tabs.lastSync", "0");
// --------------------------------
// WEBGL
// WEBGL AND PERFORMANCE
// --------------------------------
defaultPref("webgl.force-enabled", true);
defaultPref("layers.acceleration.force-enabled", true);
lockPref("webgl.enable-webgl2", false);
lockPref("webgl.min_capability_mode", true);
lockPref("webgl.disable-fail-if-major-performance-caveat", true);
// conflicting with previous prefs?
// defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
// defaultPref("layers.acceleration.disabled", false);
defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
defaultPref("layers.acceleration.disabled", false);
// --------------------------------
// JS
@ -1710,8 +1728,10 @@ lockPref("datareporting.policy.dataSubmissionEnabled", false);
>>>>>>> 7887469 (reviewed and reorganized up to extensions)
=======
lockPref("toolkit.coverage.endpoint.base", "");
lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
lockPref("toolkit.coverage.opt-out", true);
lockPref("toolkit.coverage.enabled", false);
<<<<<<< HEAD
>>>>>>> 4041ab1 (reorganized and improved some entries)
// pocket
@ -1720,10 +1740,20 @@ lockPref("extensions.pocket.enabled", false);
lockPref("extensions.pocket.site", "");
lockPref("extensions.pocket.oAuthConsumerKey", "");
lockPref("extensions.pocket.api", "");
=======
lockPref("app.shield.optoutstudies.enabled", false);
lockPref("beacon.enabled", false);
// ping
lockPref("browser.send_pings", false);
lockPref("browser.send_pings.require_same_host", true);
>>>>>>> 8b7a898 (updated and started editing external protocols)
// discovery
lockPref("browser.discovery.enabled", false);
lockPref("browser.discovery.containers.enabled", false);
lockPref("browser.discovery.sites", "");
<<<<<<< HEAD
lockPref("breakpad.reportURL", "");
lockPref("browser.send_pings", false);
lockPref("browser.send_pings.require_same_host", true);
@ -1789,30 +1819,24 @@ lockPref("browser.discovery.enabled", false);
lockPref("browser.discovery.containers.enabled", false);
lockPref("browser.discovery.sites", "");
=======
=======
// crash report
lockPref("breakpad.reportURL", "");
lockPref("browser.tabs.crashReporting.sendReport", false);
lockPref("browser.crashReports.unsubmittedCheck.enabled", false);
lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
>>>>>>> 8b7a898 (updated and started editing external protocols)
// captive portal
lockPref("network.captive-portal-service.enabled", false);
lockPref("captivedetect.canonicalURL", "");
// Pref : Don't monitor OS online/offline connection state
// https://trac.torproject.org/projects/tor/ticket/18945
lockPref("network.manage-offline-status", false);
// --------------------------------
// EXTERNAL PROTOCOLS
// --------------------------------
// Pref : Set File URI Origin Policy
// http://kb.mozillazine.org/Security.fileuri.strict_origin_policy
// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.8
lockPref("security.fileuri.strict_origin_policy", true);
// Pref : Disable SVG in OpenType fonts
// https://wiki.mozilla.org/SVGOpenTypeFonts
// https://github.com/iSECPartners/publications/tree/master/reports/Tor%20Browser%20Bundle
lockPref("gfx.font_rendering.opentype_svg.enabled", false);
// Pref : Enable only whitelisted URL protocol handlers
// Disabling non-essential protocols breaks all interaction with custom protocols such
// as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/...
// clients when clicking on links with these protocols
lockPref("network.protocol-handler.warn-external-default",true);
lockPref("network.protocol-handler.external.http",false);
lockPref("network.protocol-handler.external.https",false);
lockPref("network.protocol-handler.external.javascript",false);
lockPref("network.protocol-handler.external.moz-extension",false);
lockPref("network.protocol-handler.external.ftp",false);
@ -1889,6 +1913,7 @@ lockPref("devtools.debugger.force-local", true);
lockPref("network.allow-experiments", false);
>>>>>>> 653a6ed (knocked out some more prefs)
<<<<<<< HEAD
// crash report
lockPref("breakpad.reportURL", "");
lockPref("browser.tabs.crashReporting.sendReport", false);
@ -1904,6 +1929,17 @@ lockPref("captivedetect.canonicalURL", "");
// # WINDOWS
// --------------------------------
=======
=======
// Pref : Disable "Show search suggestions in location bar results"
lockPref("browser.urlbar.suggest.searches", false);
lockPref("browser.urlbar.userMadeSearchSuggestionsChoice", true);
// Pref : Never check for updates to search engines
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking
lockPref("browser.search.update", false);
>>>>>>> 8b7a898 (updated and started editing external protocols)
lockPref("network.netlink.route.check.IPv4", "127.0.0.1");
lockPref("network.netlink.route.check.IPv6", "::1");