<<<<<<< HEAD <<<<<<< HEAD ======= >>>>>>> 55c94dc (reorganized, revisited) //---------------| // LibreWolf | //---------------| // Glossary: | // ================================================================================================================================| // | // "Section" : Description of the settings section separated by "----" | <<<<<<< HEAD <<<<<<< HEAD ======= // "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance | // +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss | // Performance can be tested here : https://chromium.github.io/octane/ | >>>>>>> 55c94dc (reorganized, revisited) ======= >>>>>>> 45bf63e (processed everything up to EOF) // "Pref" : Preference/Settings name and or description followed by links or documentations | // and some time explanation why the setting is commented and ignored. | // "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here | // lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. | // In many cases the GUI will change to reflect this, graying out or removing options. Appears | // in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. | // It will not work if it set with just pref. | // "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, | // but they will be erased on restart. If you set a particular preference this way, | // it shows up in about:config as "user set". | // "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will | // be saved between sessions. If preferences are reset to default through the GUI or some other method, | // this is what they will go back to. Appears in about:config as "default". | // "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions | // that rely on comparing version numbers. | // | // ================================================================================================================================| <<<<<<< HEAD ======= // --------- // LibreWolf // --------- // // Documentation .............. : // ============================== // // "Section" : Description of the settings section separated by "----" // "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance // +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss // Performance can be tested here : https://chromium.github.io/octane/ // "Pref" : Preference/Settings name and or description followed by links or documentations // and some time explanation why the setting is commented and ignored. // "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here // lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. // In many cases the GUI will change to reflect this, graying out or removing options. Appears // in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. // It will not work if it set with just pref. // "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, // but they will be erased on restart. If you set a particular preference this way, // it shows up in about:config as "user set". // "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will // be saved between sessions. If preferences are reset to default through the GUI or some other method, // this is what they will go back to. Appears in about:config as "default". // "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions // that rely on comparing version numbers. // // ==================================================================================== // Protection ................. : // ============================== // // Pref : Locking librewolf.cfg itself defaultPref("general.config.filename", "librewolf.cfg"); // // ===================================================================================== // Index librewolf.cfg .......... : // ============================== // // ----------------------------------------------------------------------- // Section : User settings // Bench Diff : +0 / 5000 // Section : Defaulting Settings // Bench Diff : +0 / 5000 // ----------------------------------------------------------------------- // Section : Controversial // Bench Diff : +0 / 5000 // Section : Firefox Fingerprint // Bench Diff : +0 / 5000 // Section : Locale/Time // Bench Diff : +0 / 5000 // Section : Ghacks-user Selection // Bench Diff : +100 / 5000 // Section : Extensions Manager // Bench Diff : +0 / 5000 // Section : IJWY To Shut Up // Bench Diff : +0 / 5000 // Section : Microsoft Windows // Bench Diff : +0 / 5000 // Section : Firefox ESR60.x // Bench Diff : +0 / 5000 // ----------------------------------------------------------------------- // Section : Security 1/3 // Bench Diff : +0 / 5000 // Section : Security 2/3 // Bench Diff : +0 / 5000 // Section : Security 3/3 (Cipher) // Bench Diff : +0 / 5000 // ----------------------------------------------------------------------- // Section : Performance 1/5 // Bench Diff : +650 / 5000 // Section : Performance 2/5 // Bench Diff : -800 / 5000 // Section : Performance 3/5 // Bench Diff : -1720 / 5000 // Section : Performance 4/5 // Bench Diff : -200 / 5000 // Section : Performance 5/5 // Bench Diff : -50 / 5000 // ----------------------------------------------------------------------- // Section : General Settings 1/3 // Bench Diff : +100 / 5000 // Section : General Settings 2/3 // Bench Diff : +0 / 5000 // Section : General Settings 3/3 // Bench Diff : -40 / 5000 // ----------------------------------------------------------------------- // Section : Disabled - ON/OFF // Bench Diff : +0 / 5000 // Section : Disabled - Deprecated Active // Bench Diff : +0 / 5000 // Section : Disabled - Deprecated Inactive // Bench Diff : +0 / 5000 // ----------------------------------------------------------------------- // // ----------------------------------------------------------------------- // Index local-settings.js .... : // ============================== // // ----------------------------------------------------------------------- // Section : General Settings // Bench Diff : ++ / 5000 // ----------------------------------------------------------------------- // // ----------------------------------------------------------------------- // >>>>>>>>>>>>>>>>>>>>>>> // Section : User Settings // Bench Diff : +0/5000 // >>>>>>>>>>>>>>>>>>>>>>> ======= >>>>>>> 55c94dc (reorganized, revisited) <<<<<<< HEAD // -------------------------------- // User Settings : Cookies settings // -------------------------------- // In the future consider switching to network.cookie.cookieBehavior=5 to enable dFPI defaultPref("network.cookie.cookieBehavior", 1); defaultPref("network.cookie.lifetimePolicy", 2); defaultPref("network.cookie.thirdparty.sessionOnly", true); lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) <<<<<<< HEAD // ----------------------------------- // # TRACKING PROTECTION ======= // ----------------------------------- <<<<<<< HEAD // TRACKING PROTECTION >>>>>>> a35eb4b (re-organized and reviewed) ======= // FILENAME >>>>>>> 7887469 (reviewed and reorganized up to extensions) // ----------------------------------- <<<<<<< HEAD <<<<<<< HEAD defaultPref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI even more ======= // set custom mode lockPref("browser.contentblocking.category", "custom"); // changing to other options is currently broken anyway // disabling tracking protection >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) ======= defaultPref("general.config.filename", "librewolf.cfg"); ======= >>>>>>> 48fecfd (removed redundant stuff) // ----------------------------------- // OVERRIDES // ----------------------------------- // allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg` // or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak). // not yet verified to work on Windows and MacOS releases let home_directory = getenv("HOME"); if (home_directory) { pref("autoadmin.global_config_url", `file://${home_directory}/.librewolf/librewolf.overrides.cfg`); } // ----------------------------------- // TRACKING PROTECTION // ----------------------------------- <<<<<<< HEAD <<<<<<< HEAD lockPref("browser.contentblocking.category", "custom"); // changing to other options is currently broken anyway >>>>>>> 55c94dc (reorganized, revisited) ======= defaultPref("browser.contentblocking.category", "custom"); // changing to other options is currently broken anyway >>>>>>> 7b8bd35 (unlock content block cat as breaks cookie button) ======= defaultPref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI >>>>>>> 48fecfd (removed redundant stuff) lockPref("privacy.trackingprotection.enabled", false); lockPref("privacy.trackingprotection.pbmode.enabled", false); lockPref("privacy.trackingprotection.socialtracking.enabled", false); lockPref("privacy.trackingprotection.cryptomining.enabled", false); lockPref("privacy.trackingprotection.fingerprinting.enabled", false); <<<<<<< HEAD <<<<<<< HEAD <<<<<<< HEAD lockPref("privacy.trackingprotection.annotate_channels", false); lockPref("urlclassifier.trackingTable", ""); lockPref("browser.contentblocking.database.enabled", false); // remove urls lockPref("browser.contentblocking.reportBreakage.url", ""); // hide ui elements lockPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false); lockPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false); lockPref("browser.contentblocking.report.hide_vpn_banner", true); lockPref("browser.contentblocking.report.show_mobile_app", false); lockPref("browser.contentblocking.report.lockwise.enabled", false); lockPref("browser.contentblocking.report.monitor.enabled", false); lockPref("browser.contentblocking.report.proxy.enabled", false); lockPref("browser.contentblocking.report.vpn.enabled", false); ======= // below are potentially useless as tracking protection is disabled ======= >>>>>>> 55c94dc (reorganized, revisited) lockPref("privacy.trackingprotection.origin_telemetry.enabled", false); ======= >>>>>>> 48fecfd (removed redundant stuff) lockPref("privacy.trackingprotection.annotate_channels", false); lockPref("urlclassifier.trackingTable", ""); lockPref("browser.contentblocking.database.enabled", false); // remove urls lockPref("browser.contentblocking.reportBreakage.url", ""); lockPref("privacy.trackingprotection.introURL", ""); // hide ui elements lockPref("browser.contentblocking.cfr-milestone.enabled", false); lockPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false); lockPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false); lockPref("browser.contentblocking.report.hide_vpn_banner", true); lockPref("browser.contentblocking.report.show_mobile_app", false); lockPref("browser.contentblocking.report.lockwise.enabled", false); lockPref("browser.contentblocking.report.monitor.enabled", false); lockPref("browser.contentblocking.report.proxy.enabled", false); lockPref("browser.contentblocking.report.vpn.enabled", false); // Windows only? lockPref("default-browser-agent.enabled", false); >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) // ---------------------------------- <<<<<<< HEAD // # AUTOPLAY ======= // AUTOPLAY >>>>>>> a35eb4b (re-organized and reviewed) // ---------------------------------- defaultPref("media.autoplay.default", 5); defaultPref("media.autoplay.blocking_policy", 2); // ----------------------------------------- <<<<<<< HEAD // # PASSWORD MANAGER ======= // PASSWORD MANAGER >>>>>>> a35eb4b (re-organized and reviewed) // ----------------------------------------- lockPref("signon.rememberSignons", false); lockPref("signon.storeWhenAutocompleteOff", false); defaultPref("signon.management.page.breach-alerts.enabled", false); defaultPref("signon.management.page.breachAlertUrl", ""); lockPref("signon.formlessCapture.enabled", false); <<<<<<< HEAD // -------------------------------- <<<<<<< HEAD <<<<<<< HEAD // # SEARCH AND URLBAR // -------------------------------- defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); lockPref("browser.urlbar.speculativeConnect.enabled", false); lockPref("browser.urlbar.trimURLs", false); lockPref("browser.search.suggest.enabled", false); lockPref("browser.search.region", "US"); lockPref("browser.fixup.alternate.enabled", false); lockPref("browser.urlbar.suggest.searches", false); lockPref("browser.search.update", false); ======= >>>>>>> 45bf63e (processed everything up to EOF) // -------------------------------- // # SANITIZING, COOKIES AND HISTORY // -------------------------------- defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1 defaultPref("network.cookie.lifetimePolicy", 2); defaultPref("network.cookie.thirdparty.sessionOnly", true); lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // includes new cookie behavior that allows to stay logged with exceptions defaultPref("privacy.clearOnShutdown.cookies", false); defaultPref("privacy.clearOnShutdown.offlineApps", false); defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout ======= // SEARCH ======= // SEARCH AND URLBAR >>>>>>> 653a6ed (knocked out some more prefs) // -------------------------------- defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); lockPref("browser.urlbar.speculativeConnect.enabled", false); lockPref("browser.urlbar.trimURLs", false); lockPref("browser.search.suggest.enabled", false); lockPref("browser.search.region", "US"); lockPref("browser.fixup.alternate.enabled", false); lockPref("browser.urlbar.suggest.searches", false); lockPref("browser.search.update", false); // -------------------------------- // SANITIZING, COOKIES AND HISTORY // -------------------------------- defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1 defaultPref("network.cookie.lifetimePolicy", 2); defaultPref("network.cookie.thirdparty.sessionOnly", true); lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // includes new cookie behavior that allows to stay logged with exceptions defaultPref("privacy.clearOnShutdown.cookies", false); defaultPref("privacy.clearOnShutdown.offlineApps", false); defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout <<<<<<< HEAD defaultPref("privacy.cpd.passwords", false); defaultPref("privacy.cpd.sessions", true); >>>>>>> a35eb4b (re-organized and reviewed) ======= >>>>>>> 48fecfd (removed redundant stuff) defaultPref("privacy.sanitize.timeSpan", 0); defaultPref("browser.formfill.enable", false); defaultPref("privacy.sanitize.sanitizeOnShutdown", true); defaultPref("places.history.enabled", false); defaultPref("privacy.history.custom", true); lockPref("browser.sessionhistory.max_entries", 20); <<<<<<< HEAD <<<<<<< HEAD <<<<<<< HEAD // -------------------------------------------------------------------- // # SESSIONS ======= ======= defaultPref("layout.css.visited_links_enabled", false); defaultPref("layout.css.always-repaint-on-unvisited", false); defaultPref("layout.css.notify-of-unvisited", false); >>>>>>> 653a6ed (knocked out some more prefs) // this sets a cookie jar for 3rd party origin which is the same as dFPI // and probably redundant when 3rd party cookies are disabled // lockPref("privacy.storagePrincipal.enabledForTrackers", false); ======= >>>>>>> 7887469 (reviewed and reorganized up to extensions) // -------------------------------------------------------------------- // SESSIONS >>>>>>> a35eb4b (re-organized and reviewed) // -------------------------------------------------------------------- lockPref("browser.sessionstore.privacy_level", 2); lockPref("browser.sessionstore.interval", 60000); // --------------------------------- <<<<<<< HEAD // # AUTOFILL ======= // AUTOFILL >>>>>>> a35eb4b (re-organized and reviewed) // --------------------------------- defaultPref("extensions.formautofill.section.enabled", false); defaultPref("extensions.formautofill.available", "off"); defaultPref("extensions.formautofill.addresses.enabled", false); <<<<<<< HEAD <<<<<<< HEAD ======= defaultPref("extensions.formautofill.addresses.capture.enabled", false); >>>>>>> a35eb4b (re-organized and reviewed) ======= >>>>>>> 48fecfd (removed redundant stuff) defaultPref("extensions.formautofill.creditCards.enabled", false); defaultPref("extensions.formautofill.creditCards.available", false); defaultPref("extensions.formautofill.heuristics.enabled", false); lockPref("signon.autofillForms", false); <<<<<<< HEAD <<<<<<< HEAD // ----------------------- // # DRM ======= lockPref("signon.autofillForms.http", false); ======= >>>>>>> 48fecfd (removed redundant stuff) // ----------------------- // DRM >>>>>>> a35eb4b (re-organized and reviewed) // ----------------------- // includes new DRM implementation for easily re-enabling it // following four prefs must be set to true to play DRM content // could be further reduced to 2 or 1 prefs defaultPref("media.eme.enabled", false); defaultPref("media.gmp-widevinecdm.visible", false); defaultPref("media.gmp-widevinecdm.enabled", false); defaultPref("media.gmp-provider.enabled", false); <<<<<<< HEAD <<<<<<< HEAD defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections <<<<<<< HEAD <<<<<<< HEAD defaultPref("media.gmp-gmpopenh264.enabled", false); ======= defaultPref("media.gmp-manager.url", "data:text/plain,"); had to re-add to prevent connections >>>>>>> 814a479 (reviewed DRM, removed ircs hand, moved exp prefs) ======= defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections >>>>>>> f733a19 (fixed broken comment) // ---------------------- // # WEBRTC ======= defaultPref("media.gmp.trial-create.enabled", false); ======= >>>>>>> 7887469 (reviewed and reorganized up to extensions) defaultPref("media.gmp-gmpopenh264.enabled", false); // ---------------------- <<<<<<< HEAD // WebRTC >>>>>>> a35eb4b (re-organized and reviewed) ======= // WEBRTC >>>>>>> 55c94dc (reorganized, revisited) // ---------------------- defaultPref("media.navigator.enabled", false); defaultPref("media.peerconnection.enabled", false); <<<<<<< HEAD <<<<<<< HEAD ======= defaultPref("media.navigator.video.enabled", false); defaultPref("media.getusermedia.browser.enabled", false); defaultPref("media.getusermedia.screensharing.enabled", false); defaultPref("media.getusermedia.audiocapture.enabled", false); defaultPref("media.peerconnection.use_document_iceservers", false); defaultPref("media.peerconnection.identity.enabled", false); defaultPref("media.peerconnection.identity.timeout", 1); // 10000 per default defaultPref("media.peerconnection.turn.disable", true); defaultPref("media.peerconnection.ice.tcp", false); >>>>>>> a35eb4b (re-organized and reviewed) ======= >>>>>>> 7887469 (reviewed and reorganized up to extensions) defaultPref("media.peerconnection.ice.default_address_only", true); defaultPref("media.peerconnection.ice.no_host", true); defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // all covered by previous prefs // defaultPref("media.navigator.video.enabled", false); // defaultPref("media.peerconnection.use_document_iceservers", false); // defaultPref("media.peerconnection.identity.enabled", false); // defaultPref("media.peerconnection.identity.timeout", 1); // defaultPref("media.peerconnection.turn.disable", true); // defaultPref("media.peerconnection.ice.tcp", false); // ---------------------- <<<<<<< HEAD // # SHARING ======= // SHARING >>>>>>> 7887469 (reviewed and reorganized up to extensions) // ---------------------- defaultPref("media.getusermedia.browser.enabled", false); defaultPref("media.getusermedia.screensharing.enabled", false); defaultPref("media.getusermedia.audiocapture.enabled", false); // ---------------------------- <<<<<<< HEAD // # DNS ======= // DNS >>>>>>> a35eb4b (re-organized and reviewed) // ---------------------------- lockPref("network.trr.mode", 5); lockPref("network.trr.bootstrapAddress", ""); lockPref("network.trr.uri", ""); lockPref("network.trr.send_empty_accept-encoding_headers", false); defaultPref("network.dns.disableIPv6", true); lockPref("network.dns.disablePrefetch", true); // ------------------------------------ <<<<<<< HEAD // # NEW TAB PAGE ======= // NEW TAB PAGE >>>>>>> a35eb4b (re-organized and reviewed) // ------------------------------------ lockPref("browser.newtab.preload", false); lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); lockPref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false); lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false); lockPref("browser.newtabpage.activity-stream.feeds.places", false); lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false); lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); lockPref("browser.newtabpage.activity-stream.feeds.topsites", false); lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false); lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false); lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", ""); lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); lockPref("browser.newtabpage.activity-stream.showSponsored", false); lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", ""); lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", ""); lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", ""); lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", ""); lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}"); lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true); lockPref("browser.newtabpage.activity-stream.telemetry", false); lockPref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", ""); lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", ""); lockPref("browser.newtabpage.activity-stream.default.sites", ""); lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false); lockPref("browser.newtabpage.activity-stream.discoverystream.config", "{\"collapsible\":true,\"enabled\":false,\"personalized\":false,\"layout_endpoint\":\"\"}"); lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", ""); lockPref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false); lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false); <<<<<<< HEAD <<<<<<< HEAD lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", ""); lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); ======= lockPref("browser.newtab.preload", false); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", ""); lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", ""); lockPref("extensions.getAddons.discovery.api_url", ""); lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", ""); lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}"); lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", ""); // Default Value : // {\"id\":\"cfr\",\"enabled\":false,\"type\":\"local\",\"localProvider\":\ // "CFRMessageProvider\",\"frequency\":{\"custom\":[{\"period\":\"daily\",\"cap\":1}]}} lockPref("browser.newtabpage.activity-stream.asrouter.providers.onboarding", ""); // Default Value : // {\"id\":\"onboarding\",\"type\":\"local\",\"localProvider\":\"OnboardingMessageProvider\",\"enabled\":true} lockPref("browser.newtabpage.activity-stream.asrouter.providers.snippets", ""); // Default Value : // {\"id\":\"snippets\",\"enabled\":false,\"type\":\"remote\",\"url\":\"https://snippets.cdn.mozilla.net/ // %STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION% // /%DISTRIBUTION%/%DISTRIBUTION_VERSION%/\",\"updateCycleInMs\":14400000} >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) // ------------------------------------------- // # DO NOT TRACK ======= lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", ""); lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); // ------------------------------------------- // DO NOT TRACK >>>>>>> a35eb4b (re-organized and reviewed) // ------------------------------------------- // Unlocked as some think it increases fingerprint, they can now disable it defaultPref("privacy.donottrackheader.enabled", true); // -------------------------------- <<<<<<< HEAD // # DOM ======= // DOM >>>>>>> a35eb4b (re-organized and reviewed) // -------------------------------- lockPref("dom.disable_beforeunload", true); defaultPref("dom.disable_open_during_load", true); <<<<<<< HEAD <<<<<<< HEAD ======= ======= lockPref("dom.push.enabled", false); lockPref("dom.push.connection.enabled", false); lockPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/" lockPref("dom.push.userAgentID", ""); lockPref("dom.targetBlankNoOpener.enabled", true); lockPref("dom.disable_window_move_resize", true); defaultPref("dom.serviceWorkers.enabled", false); defaultPref("dom.battery.enabled", false); lockPref("dom.popup_maximum", 4); defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); defaultPref("dom.event.clipboardevents.enabled", false); defaultPref("dom.webaudio.enabled", false); lockPref("dom.vr.enabled", false); lockPref("dom.vibrator.enabled", false); <<<<<<< HEAD // lockPref("dom.registerProtocolHandler.insecure.enabled", true); // seems to be deprecated >>>>>>> 55c94dc (reorganized, revisited) ======= >>>>>>> 7887469 (reviewed and reorganized up to extensions) // -------------------------------- // PERMISSIONS // -------------------------------- lockPref("permissions.delegation.enabled", false); defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it lockPref("permissions.manager.defaultsUrl", ""); // -------------------------------- // REFERERS // -------------------------------- lockPref("network.http.referer.XOriginTrimmingPolicy", 2); lockPref("network.http.referer.XOriginPolicy", 2); // -------------------------------- // PROXY // -------------------------------- defaultPref("network.proxy.autoconfig_url", ""); defaultPref("network.proxy.socks_remote_dns", true); defaultPref("network.proxy.socks_version", 5); // -------------------------------------- // HTTP(S) // -------------------------------------- lockPref("network.http.altsvc.enabled", false); lockPref("network.http.altsvc.oe", false); defaultPref("dom.security.https_only_mode", true); defaultPref("dom.security.https_only_mode_pbm", true); lockPref("network.http.redirection-limit", 10); defaultPref("network.auth.subresource-http-auth-allow", 1); // -------------------------------------- // TLS // -------------------------------------- defaultPref("security.ssl.require_safe_negotiation", true); lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true); lockPref("security.ssl.disable_session_identifiers", true); lockPref("browser.ssl_override_behavior", 1); lockPref("security.tls.enable_0rtt_data", false); lockPref("security.tls.version.enable-deprecated", false); lockPref("security.tls.version.fallback-limit", 3); lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos lockPref("security.insecure_field_warning.contextual.enabled", true); // to check lockPref("network.stricttransportsecurity.preloadlist", false); // -------------------------------------- // RFP // -------------------------------------- defaultPref("privacy.resistFingerprinting", true); defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); lockPref("browser.startup.blankWindow", false); // breaks RFP windows resizing // -------------------------------------- // LANGUAGE AND REGION // -------------------------------------- lockPref("javascript.use_us_english_locale", true); defaultPref("intl.accept_languages", "en-US, en"); // -------------------------------------- // USER AGENT AND IDENTITY // -------------------------------------- // worth discussing defaultPref("general.useragent.override", "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0"); defaultPref("general.appname.override", "Netscape"); defaultPref("general.appversion.override", "5.0 (Windows)"); defaultPref("general.platform.override", "Win32"); defaultPref("general.oscpu.override", "Windows NT 6.1"); lockPref("general.buildID.override", "20100101"); lockPref("browser.startup.homepage_override.buildID", "20100101"); <<<<<<< HEAD // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Ghacks-user Selection // Bench Diff : +100/5000 // >>>>>>>>>>>>>>>>>>>>>> lockPref("toolkit.coverage.endpoint.base", ""); lockPref("toolkit.coverage.opt-out", true); lockPref("browser.download.manager.addToRecentDocs", false); lockPref("browser.download.hide_plugins_without_extensions", false); lockPref("webchannel.allowObject.urlWhitelist", ""); lockPref("browser.cache.offline.storage.enable", false); lockPref("network.http.redirection-limit", 10); lockPref("extensions.enabledScopes", 5); // Is there any reason to change the default value? // lockPref("extensions.autoDisableScopes", 11); lockPref("xpinstall.whitelist.required", true); // default: true >>>>>>> a35eb4b (re-organized and reviewed) lockPref("dom.push.enabled", false); lockPref("dom.push.connection.enabled", false); lockPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/" lockPref("dom.push.userAgentID", ""); lockPref("dom.targetBlankNoOpener.enabled", true); lockPref("dom.disable_window_move_resize", true); defaultPref("dom.serviceWorkers.enabled", false); defaultPref("dom.battery.enabled", false); lockPref("dom.popup_maximum", 4); defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); defaultPref("dom.webaudio.enabled", false); lockPref("dom.vr.enabled", false); lockPref("dom.vibrator.enabled", false); defaultPref("dom.storage.next_gen", true); // -------------------------------- // # PERMISSIONS // -------------------------------- lockPref("permissions.delegation.enabled", false); defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it lockPref("permissions.manager.defaultsUrl", ""); // -------------------------------- // # REFERERS // -------------------------------- lockPref("network.http.referer.XOriginTrimmingPolicy", 2); lockPref("network.http.referer.XOriginPolicy", 0); // -------------------------------- // # PROXY // -------------------------------- <<<<<<< HEAD defaultPref("network.proxy.autoconfig_url", ""); defaultPref("network.proxy.socks_remote_dns", true); defaultPref("network.proxy.socks_version", 5); ======= lockPref("plugin.default.state", 1); lockPref("plugin.defaultXpi.state", 1); >>>>>>> a35eb4b (re-organized and reviewed) // -------------------------------------- // # HTTP(S) // -------------------------------------- lockPref("network.http.altsvc.enabled", false); lockPref("network.http.altsvc.oe", false); defaultPref("dom.security.https_only_mode", true); defaultPref("dom.security.https_only_mode_pbm", true); defaultPref("network.auth.subresource-http-auth-allow", 1); // -------------------------------------- // # TLS // -------------------------------------- defaultPref("security.ssl.require_safe_negotiation", true); lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true); lockPref("security.ssl.disable_session_identifiers", true); lockPref("browser.ssl_override_behavior", 1); lockPref("security.tls.enable_0rtt_data", false); lockPref("security.tls.version.enable-deprecated", false); lockPref("security.tls.version.fallback-limit", 3); lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos // to check lockPref("network.stricttransportsecurity.preloadlist", false); // -------------------------------------- // # RFP // -------------------------------------- defaultPref("privacy.resistFingerprinting", true); defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); lockPref("browser.startup.blankWindow", false); // breaks RFP windows resizing // -------------------------------------- // # LANGUAGE AND REGION // -------------------------------------- defaultPref("javascript.use_us_english_locale", true); defaultPref("intl.locale.requested", "en-US"); defaultPref("privacy.spoof_english", 2); // defaultPref("intl.regional_prefs.use_os_locales", false); // default // ------------------------------------------------------- // # EXTENSIONS - check readme section "Extensions Firewall" // ------------------------------------------------------- // handle default restricted domains defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log" lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org" ======= // ------------------------------------------------------- // EXTENSIONS - check readme section "Extensions Firewall" // ------------------------------------------------------- // handle default restricted domains defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log" lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org" >>>>>>> 55c94dc (reorganized, revisited) // disable network for the extensions // Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>> defaultPref("extensions.webextensions.base-content-security-policy", "script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' https://* moz-extension: blob: filesystem:;"); <<<<<<< HEAD <<<<<<< HEAD // set extensions scopes lockPref("extensions.enabledScopes", 5); lockPref("extensions.autoDisableScopes", 11); // Relevant for addons and lang packs search defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION% defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% // other urls defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE% defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/ defaultPref("extensions.update.url", ""); // Default Value // https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion= // %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion= // %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS= // %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion= // %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE% // ui defaultPref("extensions.getAddons.showPane", false); lockPref("extensions.getAddons.discovery.api_url", ""); lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); lockPref("extensions.webcompat-reporter.enabled", false); lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new // background checking and updating defaultPref("extensions.update.enabled", false); defaultPref("extensions.update.autoUpdateDefault", false); defaultPref("extensions.update.background.url", ""); defaultPref("extensions.getAddons.cache.enabled", false); // blocklist defaultPref("extensions.blocklist.enabled", false); defaultPref("extensions.blocklist.detailsURL", ""); defaultPref("extensions.blocklist.itemURL", ""); // system addons lockPref("extensions.systemAddon.update.url", ""); lockPref("extensions.systemAddon.update.enabled", false); lockPref("xpinstall.signatures.devInfoURL", ""); <<<<<<< HEAD ======= lockPref("extensions.webapi.testing", false); // hidden prefs // default false >>>>>>> 48fecfd (removed redundant stuff) lockPref("extensions.webservice.discoverURL", ""); lockPref("webextensions.storage.sync.serverURL", ""); lockPref("extensions.screenshots.upload-disabled", true); lockPref("lightweightThemes.getMoreURL", ""); defaultPref("extensions.postDownloadThirdPartyPrompt", false); <<<<<<< HEAD <<<<<<< HEAD ======= ======= lockPref("xpinstall.whitelist.required", true); // default >>>>>>> 7732277 (imrpoved referers and language settings) <<<<<<< HEAD // to check defaultPref("xpinstall.signatures.required", true); >>>>>>> 0267245 (added some new prefs from arkenfox) ======= >>>>>>> 48fecfd (removed redundant stuff) // ------------------------------------------------------- // # NORMANDY // ------------------------------------------------------- lockPref("app.normandy.enabled", false); lockPref("app.normandy.api_url", ""); lockPref("app.normandy.user_id", ""); lockPref("app.normandy.shieldLearnMoreUrl", ""); // -------------------------------- // # SECURITY // -------------------------------- // certificates lockPref("security.cert_pinning.enforcement_level", 2); defaultPref("security.OCSP.enabled", 0); defaultPref("security.OCSP.require", false); lockPref("security.ssl.enable_ocsp_stapling", true); lockPref("security.pki.sha1_enforcement_level", 1); // mixed content lockPref("security.mixed_content.block_object_subrequest", true); lockPref("security.mixed_content.block_display_content", true); lockPref("security.mixed_content.block_active_content", true); // ui lockPref("security.insecure_connection_text.enabled", true); lockPref("security.insecure_connection_text.pbmode.enabled", true); <<<<<<< HEAD lockPref("security.dialog_enable_delay", 700); lockPref("security.csp.enable", true); ======= // Remove a bunch of URLs : lockPref("lightweightThemes.getMoreURL", ""); lockPref("media.decoder-doctor.new-issue-endpoint", ""); lockPref("identity.sync.tokenserver.uri", ""); lockPref("network.trr.confirmationNS", ""); lockPref("browser.translation.engine", ""); // default Google lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.irc.0.name", ""); lockPref("services.sync.lastversion", ""); lockPref("browser.safebrowsing.provider.mozilla.lists.base", ""); lockPref("browser.safebrowsing.provider.mozilla.lists.content", ""); lockPref("browser.safebrowsing.provider.google.advisoryName", ""); lockPref("browser.safebrowsing.provider.google4.advisoryName", ""); lockPref("browser.safebrowsing.provider.mozilla.lists", ""); lockPref("identity.fxaccounts.remote.root", ""); lockPref("services.settings.server", ""); lockPref("services.blocklist.addons.signer", ""); lockPref("services.blocklist.gfx.signer", ""); lockPref("services.settings.security.onecrl.signer", ""); lockPref("services.blocklist.pinning.signer", ""); lockPref("services.blocklist.plugins.signer", ""); lockPref("accessibility.support.url", ""); lockPref("app.normandy.shieldLearnMoreUrl", ""); lockPref("app.support.baseURL", ""); lockPref("browser.chrome.errorReporter.infoURL", ""); lockPref("browser.dictionaries.download.url", ""); lockPref("browser.geolocation.warning.infoURL", ""); lockPref("browser.search.searchEnginesURL", ""); lockPref("browser.uitour.themeOrigin", ""); lockPref("extensions.getAddons.compatOverides.url", ""); lockPref("services.sync.addons.trustedSourceHostnames", ""); lockPref("toolkit.datacollection.infoURL", ""); lockPref("xpinstall.signatures.devInfoURL", ""); lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); ======= // enable Content Security Policy (CSP) lockPref("security.csp.enable", true); ======= >>>>>>> 45bf63e (processed everything up to EOF) // set extensions scopes lockPref("extensions.enabledScopes", 5); lockPref("extensions.autoDisableScopes", 11); >>>>>>> 55c94dc (reorganized, revisited) // Relevant for addons and lang packs search defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION% defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% // other urls defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE% defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/ defaultPref("extensions.update.url", ""); // Default Value // https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion= // %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion= // %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS= // %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion= // %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE% // ui defaultPref("extensions.getAddons.showPane", false); lockPref("extensions.getAddons.discovery.api_url", ""); lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); lockPref("extensions.webcompat-reporter.enabled", false); lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new // background checking and updating defaultPref("extensions.update.enabled", false); defaultPref("extensions.update.autoUpdateDefault", false); defaultPref("extensions.update.background.url", ""); defaultPref("extensions.getAddons.cache.enabled", false); // blocklist defaultPref("extensions.blocklist.enabled", false); defaultPref("extensions.blocklist.detailsURL", ""); defaultPref("extensions.blocklist.itemURL", ""); // system addons lockPref("extensions.systemAddon.update.url", ""); lockPref("extensions.systemAddon.update.enabled", false); lockPref("xpinstall.whitelist.required", true); // default: true lockPref("xpinstall.signatures.devInfoURL", ""); defaultPref("extensions.webextensions.background-delayed-startup", true); //default true lockPref("extensions.webapi.testing", false); // hidden prefs // default false lockPref("extensions.webservice.discoverURL", ""); lockPref("webextensions.storage.sync.serverURL", ""); lockPref("extensions.screenshots.upload-disabled", true); lockPref("lightweightThemes.getMoreURL", ""); // to check defaultPref("xpinstall.signatures.required", true); // ------------------------------------------------------- // NORMANDY // ------------------------------------------------------- lockPref("app.normandy.enabled", false); lockPref("app.normandy.api_url", ""); lockPref("app.normandy.first_run", false); lockPref("app.normandy.user_id", ""); lockPref("app.normandy.shieldLearnMoreUrl", ""); lockPref("app.normandy.dev_mode", false); // -------------------------------- // SECURITY // -------------------------------- // certificates lockPref("security.cert_pinning.enforcement_level", 2); defaultPref("security.OCSP.enabled", 0); defaultPref("security.OCSP.require", false); lockPref("security.ssl.enable_ocsp_stapling", true); lockPref("security.pki.sha1_enforcement_level", 1); // mixed content lockPref("security.mixed_content.block_object_subrequest", true); lockPref("security.mixed_content.block_display_content", true); lockPref("security.mixed_content.block_active_content", true); // reduce breakage defaultPref("security.remote_settings.intermediates.enabled", true); <<<<<<< HEAD // Pref : lockPref("browser.chrome.errorReporter.submitUrl", ""); lockPref("browser.chrome.errorReporter.enabled", false); // Pref : lockPref("browser.ping-centre.staging.endpoint", ""); lockPref("browser.ping-centre.telemetry", false); >>>>>>> 034d451 (reorganized tracking section + 3rd set of changes) // ------------------------------------------------------- // # SAFE BROWSING // ------------------------------------------------------- lockPref("browser.safebrowsing.malware.enabled", false); lockPref("browser.safebrowsing.passwords.enabled", false); lockPref("browser.safebrowsing.phishing.enabled", false); // downloads and unwanted software ======= // ui lockPref("security.insecure_connection_icon.enabled", true); lockPref("security.insecure_connection_icon.pbmode.enabled", true); lockPref("security.insecure_connection_text.enabled", true); lockPref("security.insecure_connection_text.pbmode.enabled", true); lockPref("security.dialog_enable_delay", 700); lockPref("security.csp.enable", true); // ------------------------------------------------------- // SAFE BROWSING // ------------------------------------------------------- lockPref("browser.safebrowsing.malware.enabled", false); lockPref("browser.safebrowsing.passwords.enabled", false); lockPref("browser.safebrowsing.phishing.enabled", false); <<<<<<< HEAD >>>>>>> 55c94dc (reorganized, revisited) ======= // downloads and unwanted software >>>>>>> 4041ab1 (reorganized and improved some entries) lockPref("browser.safebrowsing.downloads.enabled", false); lockPref("browser.safebrowsing.downloads.remote.enabled", false); lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false); lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false); lockPref("browser.safebrowsing.downloads.remote.url", ""); <<<<<<< HEAD <<<<<<< HEAD // could try re-enabling some of these urls to see if it causes connections lockPref("browser.safebrowsing.id", ""); ======= lockPref("browser.safebrowsing.id", ""); lockPref("browser.safebrowsing.allowOverride", false); >>>>>>> 55c94dc (reorganized, revisited) ======= // could try re-enabling some of these urls to see if it causes connections lockPref("browser.safebrowsing.id", ""); >>>>>>> 4041ab1 (reorganized and improved some entries) lockPref("browser.safebrowsing.blockedURIs.enabled", false); lockPref("browser.safebrowsing.provider.google4.pver", ""); lockPref("browser.safebrowsing.provider.google4.advisoryName", ""); lockPref("browser.safebrowsing.provider.google4.advisoryURL", ""); lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); lockPref("browser.safebrowsing.provider.google4.gethashURL", ""); lockPref("browser.safebrowsing.provider.google4.lists", ""); lockPref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", ""); lockPref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); lockPref("browser.safebrowsing.provider.google4.reportURL", ""); lockPref("browser.safebrowsing.provider.google4.updateURL", ""); lockPref("browser.safebrowsing.provider.google4.lastupdatetime", ""); lockPref("browser.safebrowsing.provider.google4.nextupdatetime", ""); lockPref("browser.safebrowsing.provider.google.advisoryName", ""); lockPref("browser.safebrowsing.provider.google.advisoryURL", ""); lockPref("browser.safebrowsing.provider.google.gethashURL", ""); lockPref("browser.safebrowsing.provider.google.lastupdatetime", ""); lockPref("browser.safebrowsing.provider.google.lists", ""); lockPref("browser.safebrowsing.provider.google.nextupdatetime", ""); lockPref("browser.safebrowsing.provider.google.pver", ""); lockPref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", ""); lockPref("browser.safebrowsing.provider.google.reportPhishMistakeURL", ""); lockPref("browser.safebrowsing.provider.google.reportURL", ""); lockPref("browser.safebrowsing.provider.google.updateURL", ""); lockPref("browser.safebrowsing.provider.mozilla.pver", ""); lockPref("browser.safebrowsing.provider.mozilla.lists", ""); lockPref("browser.safebrowsing.provider.mozilla.lists.base", ""); lockPref("browser.safebrowsing.provider.mozilla.lists.content", ""); lockPref("browser.safebrowsing.provider.mozilla.updateURL", ""); lockPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); lockPref("browser.safebrowsing.provider.mozilla.lastupdatetime", ""); lockPref("browser.safebrowsing.provider.mozilla.nextupdatetime", ""); lockPref("browser.safebrowsing.reportPhishURL", ""); // -------------------------------- <<<<<<< HEAD <<<<<<< HEAD // # FONTS // -------------------------------- lockPref("gfx.font_rendering.graphite.enabled", false); lockPref("gfx.font_rendering.opentype_svg.enabled", false); // -------------------------------- // # MISC // -------------------------------- // keep track of, should be useless as mozilla removed flash from source code lockPref("dom.ipc.plugins.reportCrashURL", false); lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); lockPref("plugin.state.flash", 0); // more important stuff lockPref("browser.shell.shortcutFavicons", false); defaultPref("alerts.showFavicons", false); defaultPref("browser.link.open_newwindow", 3); defaultPref("browser.link.open_newwindow.restriction", 0); lockPref("network.file.disable_unc_paths", true); // (hidden pref) lockPref("network.gio.supported-protocols", ""); // (hidden pref) lockPref("plugin.default.state", 1); lockPref("network.IDN_show_punycode", true); defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP // pocket, to check if we can remove lockPref("extensions.pocket.enabled", false); lockPref("extensions.pocket.site", ""); lockPref("extensions.pocket.oAuthConsumerKey", ""); lockPref("extensions.pocket.api", ""); // pdf reader defaultPref("pdfjs.disabled", false); defaultPref("pdfjs.enableScripting", false); defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); defaultPref("pdfjs.enabledCache.state", false); // remote agent lockPref("remote.enabled", false); // settings and behavior lockPref("browser.shell.checkDefaultBrowser", false); lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); defaultPref("startup.homepage_override_url", "about:blank"); defaultPref("startup.homepage_welcome_url", "about:blank"); defaultPref("startup.homepage_welcome_url.additional", ""); lockPref("browser.startup.homepage_override.mstone", "ignore"); defaultPref("privacy.userContext.enabled", true); defaultPref("general.autoScroll", false); defaultPref("clipboard.autocopy", false); defaultPref("browser.tabs.loadBookmarksInTabs", true); lockPref("browser.download.manager.addToRecentDocs", false); lockPref("accessibility.force_disabled", 1); lockPref("browser.uitour.enabled", false); lockPref("middlemouse.contentLoadURL", false); defaultPref("accessibility.typeaheadfind", false); lockPref("network.manage-offline-status", false); lockPref("browser.helperApps.deleteTempFileOnExit", true); lockPref("browser.pagethumbnails.capturing_disabled", true); lockPref("browser.bookmarks.max_backups", 2); defaultPref("reader.parse-on-load.enabled", false); // devtools defaultPref("devtools.debugger.remote-enabled", false); defaultPref("devtools.chrome.enabled", false); lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com lockPref("devtools.devices.url", ""); lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+] lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 // ui defaultPref("browser.tabs.drawInTitlebar", true); defaultPref("browser.aboutConfig.showWarning", false); defaultPref("general.warnOnAboutConfig", false); defaultPref("browser.download.autohideButton", false); defaultPref("privacy.userContext.ui.enabled", true); lockPref("browser.messaging-system.whatsNewPanel.enabled", false); // urls and handlers lockPref("media.decoder-doctor.new-issue-endpoint", ""); lockPref("identity.sync.tokenserver.uri", ""); lockPref("network.trr.confirmationNS", ""); lockPref("browser.translation.engine", ""); // default Google lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.irc.0.name", ""); lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.ircs.0.name", ""); lockPref("services.settings.server", ""); lockPref("accessibility.support.url", ""); lockPref("app.support.baseURL", ""); lockPref("browser.uitour.url", ""); lockPref("webchannel.allowObject.urlWhitelist", ""); lockPref("browser.dictionaries.download.url", ""); lockPref("browser.geolocation.warning.infoURL", ""); lockPref("browser.search.searchEnginesURL", ""); lockPref("browser.uitour.themeOrigin", ""); lockPref("toolkit.datacollection.infoURL", ""); lockPref("identity.mobilepromo.android", ""); lockPref("identity.mobilepromo.ios", ""); defaultPref("identity.sendtabpromo.url", ""); lockPref("datareporting.healthreport.infoURL", ""); lockPref("app.feedback.baseURL", ""); lockPref("app.releaseNotesURL", ""); lockPref("app.releaseNotesURL.aboutDialog", ""); lockPref("browser.chrome.errorReporter.infoURL", ""); lockPref("datareporting.policy.firstRunURL", ""); lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", ""); // -------------------------------- // # CACHE // -------------------------------- lockPref("browser.cache.offline.storage.enable", false); lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] defaultPref("media.memory_cache_max_size", 65536); // -------------------------------- // # WEBGL AND PERFORMANCE // -------------------------------- lockPref("webgl.enable-webgl2", false); lockPref("webgl.disable-fail-if-major-performance-caveat", true); // -------------------------------- // # JS // -------------------------------- // should we consider disabling WebAssembly ? // lockPref("javascript.options.wasm", false); // left as it is worth considering // lockPref("javascript.options.asmjs", false); lockPref("javascript.options.shared_memory", false); // -------------------------------- // # GEO // -------------------------------- ======= // MISC ======= // FONTS >>>>>>> 8b7a898 (updated and started editing external protocols) // -------------------------------- lockPref("gfx.font_rendering.graphite.enabled", false); lockPref("gfx.font_rendering.opentype_svg.enabled", false); // -------------------------------- // MISC // -------------------------------- // more important stuff lockPref("browser.shell.shortcutFavicons", false); defaultPref("alerts.showFavicons", false); defaultPref("browser.link.open_newwindow", 3); defaultPref("browser.link.open_newwindow.restriction", 0); lockPref("security.data_uri.block_toplevel_data_uri_navigations", true); lockPref("network.file.disable_unc_paths", true); // (hidden pref) lockPref("network.gio.supported-protocols", ""); // (hidden pref) lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false); lockPref("plugin.default.state", 1); lockPref("plugin.state.flash", 0); lockPref("gfx.offscreencanvas.enabled", false); // default: false lockPref("canvas.capturestream.enabled", false); lockPref("network.IDN_show_punycode", true); lockPref("security.fileuri.strict_origin_policy", true); // pocket, to check if we can remove lockPref("extensions.pocket.enabled", false); lockPref("extensions.pocket.site", ""); lockPref("extensions.pocket.oAuthConsumerKey", ""); lockPref("extensions.pocket.api", ""); // pdf reader defaultPref("pdfjs.disabled", false); defaultPref("pdfjs.enableScripting", false); defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); defaultPref("pdfjs.enabledCache.state", false); // remote agent lockPref("remote.enabled", false); lockPref("remote.force-local", true); // settings and behavior lockPref("browser.shell.checkDefaultBrowser", false); lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); defaultPref("startup.homepage_override_url", "about:blank"); defaultPref("startup.homepage_welcome_url", "about:blank"); defaultPref("startup.homepage_welcome_url.additional", ""); lockPref("browser.startup.homepage_override.mstone", "ignore"); defaultPref("privacy.userContext.enabled", true); defaultPref("layout.spellcheckDefault", 2); defaultPref("general.autoScroll", false); defaultPref("clipboard.autocopy", false); defaultPref("browser.tabs.loadBookmarksInTabs", true); lockPref("browser.download.manager.addToRecentDocs", false); lockPref("accessibility.force_disabled", 1); lockPref("browser.uitour.enabled", false); lockPref("middlemouse.contentLoadURL", false); defaultPref("accessibility.typeaheadfind", false); lockPref("browser.bookmarks.restore_default_bookmarks", false); defaultPref("browser.tabs.closeTabByDblclick", true); lockPref("media.webspeech.recognition.enable", false); lockPref("network.manage-offline-status", false); lockPref("browser.helperApps.deleteTempFileOnExit", true); lockPref("browser.pagethumbnails.capturing_disabled", true); lockPref("browser.bookmarks.max_backups", 2); lockPref("reader.parse-on-load.enabled", false); // devtools defaultPref("devtools.debugger.remote-enabled", false); defaultPref("devtools.chrome.enabled", false); lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com lockPref("devtools.devices.url", ""); lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+] lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] lockPref("devtools.debugger.force-local", true); defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 // ui defaultPref("browser.tabs.drawInTitlebar", true); defaultPref("browser.aboutConfig.showWarning", false); defaultPref("general.warnOnAboutConfig", false); defaultPref("browser.download.autohideButton", false); defaultPref("privacy.userContext.ui.enabled", true); lockPref("browser.messaging-system.whatsNewPanel.enabled", false); // urls and handlers lockPref("media.decoder-doctor.new-issue-endpoint", ""); lockPref("identity.sync.tokenserver.uri", ""); lockPref("network.trr.confirmationNS", ""); lockPref("browser.translation.engine", ""); // default Google lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.irc.0.name", ""); lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); lockPref("gecko.handlerService.schemes.ircs.0.name", ""); lockPref("services.settings.server", ""); lockPref("accessibility.support.url", ""); lockPref("app.support.baseURL", ""); lockPref("browser.uitour.url", ""); lockPref("webchannel.allowObject.urlWhitelist", ""); lockPref("browser.chrome.errorReporter.infoURL", ""); lockPref("browser.dictionaries.download.url", ""); lockPref("browser.geolocation.warning.infoURL", ""); lockPref("browser.search.searchEnginesURL", ""); lockPref("browser.uitour.themeOrigin", ""); lockPref("toolkit.datacollection.infoURL", ""); lockPref("identity.mobilepromo.android", ""); lockPref("identity.mobilepromo.ios", ""); defaultPref("identity.sendtabpromo.url", ""); lockPref("datareporting.healthreport.infoURL", ""); lockPref("app.feedback.baseURL", ""); lockPref("app.releaseNotesURL", ""); lockPref("app.releaseNotesURL.aboutDialog", ""); lockPref("browser.chrome.errorReporter.infoURL", ""); lockPref("datareporting.policy.firstRunURL", ""); lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", ""); // -------------------------------- // CACHE // -------------------------------- lockPref("browser.cache.offline.storage.enable", false); lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] lockPref("media.memory_cache_max_size", 16384); // -------------------------------- // WEBGL AND PERFORMANCE // -------------------------------- lockPref("webgl.enable-webgl2", false); lockPref("webgl.disable-fail-if-major-performance-caveat", true); // -------------------------------- // JS // -------------------------------- // should we consider disabling WebAssembly ? // lockPref("javascript.options.wasm", false); // left as it is worth considering // lockPref("javascript.options.asmjs", false); lockPref("javascript.options.shared_memory", false); // -------------------------------- // GEO // -------------------------------- >>>>>>> 55c94dc (reorganized, revisited) lockPref("geo.enabled", false); lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] lockPref("geo.provider.use_corelocation", false); // [MAC] lockPref("geo.provider.use_gpsd", false); // [LINUX] lockPref("geo.provider.network.url", ""); lockPref("geo.provider.network.logging.enabled", false); lockPref("browser.region.network.url", ""); lockPref("browser.region.update.enabled", false); <<<<<<< HEAD <<<<<<< HEAD // -------------------------------- // # PREFETCHING // -------------------------------- ======= // Pref : lockPref("layout.css.visited_links_enabled", false); lockPref("layout.css.always-repaint-on-unvisited", false); lockPref("layout.css.layout.css.notify-of-unvisited", false); >>>>>>> 55c94dc (reorganized, revisited) lockPref("network.predictor.enabled", false); lockPref("network.prefetch-next", false); lockPref("network.http.speculative-parallel-limit", 0); // -------------------------------- // # OUTGOING CONNECTIONS // -------------------------------- // updates lockPref("app.update.auto", false); lockPref("app.update.staging.enabled", false); lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0); lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); ======= // -------------------------------- // PREFETCHING // -------------------------------- lockPref("network.predictor.enabled", false); lockPref("network.prefetch-next", false); lockPref("network.http.speculative-parallel-limit", 0); // -------------------------------- // OUTGOING CONNECTIONS // -------------------------------- <<<<<<< HEAD >>>>>>> 653a6ed (knocked out some more prefs) ======= // updates lockPref("app.update.auto", false); lockPref("app.update.staging.enabled", false); lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0); lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); >>>>>>> 4041ab1 (reorganized and improved some entries) // connectivity service lockPref("network.connectivity-service.enabled", false); lockPref("network.connectivity-service.IPv6.url", "http://0.0.0.0"); lockPref("network.connectivity-service.IPv4.url", "http://0.0.0.0"); lockPref("network.connectivity-service.DNSv6.domain", ""); lockPref("network.connectivity-service.DNSv4.domain", ""); <<<<<<< HEAD <<<<<<< HEAD // telemetry ======= // Pref : lockPref("plugins.crash.supportUrl", ""); // Pref : lockPref("sync.enabled", false); // Pref : lockPref("sync.jpake.serverURL", ""); // Pref : lockPref("sync.serverURL", ""); // Pref : >>>>>>> 55c94dc (reorganized, revisited) ======= // telemetry >>>>>>> 653a6ed (knocked out some more prefs) lockPref("toolkit.crashreporter.infoURL", ""); lockPref("toolkit.telemetry.archive.enabled", false); lockPref("toolkit.telemetry.updatePing.enabled", false); lockPref("toolkit.telemetry.bhrPing.enabled", false); lockPref("toolkit.telemetry.cachedClientID", ""); lockPref("toolkit.telemetry.enabled", false); lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); lockPref("toolkit.telemetry.newProfilePing.enabled", false); lockPref("toolkit.telemetry.previousBuildID", ""); lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); lockPref("toolkit.telemetry.server", "data:,"); lockPref("toolkit.telemetry.server_owner", ""); lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); lockPref("toolkit.telemetry.unified", false); lockPref("toolkit.telemetry.ecosystemtelemetry.enabled", false); <<<<<<< HEAD <<<<<<< HEAD lockPref("security.protectionspopup.recordEventTelemetry", false); lockPref("datareporting.healthreport.uploadEnabled", false); lockPref("datareporting.policy.dataSubmissionEnabled", false); <<<<<<< HEAD <<<<<<< HEAD lockPref("toolkit.coverage.endpoint.base", ""); lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF] lockPref("toolkit.coverage.opt-out", true); lockPref("toolkit.coverage.enabled", false); lockPref("app.shield.optoutstudies.enabled", false); ======= // Pref : Disable right-click menu manipulation via JavaScript (disabled) defaultPref("dom.event.contextmenu.enabled", false); // Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript // Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in // JS-based web applications (Google Docs etc.) // https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled lockPref("dom.event.clipboardevents.enabled", false); // Pref : Force Punycode for Internationalized Domain Names // http://kb.mozillazine.org/Network.IDN_show_punycode // https://www.xudongz.com/blog/2017/idn-phishing/ // https://wiki.mozilla.org/IDN_Display_Algorithm // https://en.wikipedia.org/wiki/IDN_homograph_attack // https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ // CIS Mozilla Firefox 24 ESR v1.0.0 - 3.6 lockPref("network.IDN_show_punycode", true); // Pref : Disable Pocket // https://support.mozilla.org/en-US/kb/save-web-pages-later-pocket-firefox // https://github.com/pyllyukko/user.js/issues/143 ======= lockPref("security.protectionspopup.recordEventTelemetry", false) ======= lockPref("security.protectionspopup.recordEventTelemetry", false); lockPref("datareporting.healthreport.uploadEnabled", false); lockPref("datareporting.policy.dataSubmissionEnabled", false); >>>>>>> 7887469 (reviewed and reorganized up to extensions) ======= lockPref("toolkit.coverage.endpoint.base", ""); lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF] lockPref("toolkit.coverage.opt-out", true); lockPref("toolkit.coverage.enabled", false); <<<<<<< HEAD >>>>>>> 4041ab1 (reorganized and improved some entries) // pocket >>>>>>> 653a6ed (knocked out some more prefs) lockPref("extensions.pocket.enabled", false); lockPref("extensions.pocket.site", ""); lockPref("extensions.pocket.oAuthConsumerKey", ""); lockPref("extensions.pocket.api", ""); ======= lockPref("app.shield.optoutstudies.enabled", false); lockPref("beacon.enabled", false); lockPref("browser.ping-centre.telemetry", false); // ping lockPref("browser.send_pings", false); lockPref("browser.send_pings.require_same_host", true); >>>>>>> 8b7a898 (updated and started editing external protocols) // discovery lockPref("browser.discovery.enabled", false); lockPref("browser.discovery.containers.enabled", false); lockPref("browser.discovery.sites", ""); <<<<<<< HEAD lockPref("breakpad.reportURL", ""); lockPref("browser.send_pings", false); lockPref("browser.send_pings.require_same_host", true); <<<<<<< HEAD // Pref : Do not download URLs for the offline cache // http://kb.mozillazine.org/Browser.cache.offline.enable lockPref("browser.cache.offline.enable", false); /* 1007: disable media cache from writing to disk in Private Browsing * [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB */ lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] lockPref("media.memory_cache_max_size", 16384); // Pref : Disable prefetching of URLs // http://kb.mozillazine.org/Network.prefetch-next // https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F // Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, // so the browser downloads them immediately so they can be displayed immediately when the user requests it. lockPref("network.prefetch-next", false); // Pref : Disable speculative pre-connections // Disable prefetch link on hover. // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections // https://bugzilla.mozilla.org/show_bug.cgi?id=814169 lockPref("network.http.speculative-parallel-limit", 0); // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : General Settings 3/3 // Bench Diff : -40/5000 // >>>>>>>>>>>>>>>>>>>>> // Pref : Disable DOM timing API // https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI // https://www.w3.org/TR/navigation-timing/#privacy lockPref("dom.enable_performance", false); //Deprecated Active lockPref("dom.enable_performance_navigation_timing", false); // Pref : Make sure the User Timing API does not provide a new high resolution timestamp // https://trac.torproject.org/projects/tor/ticket/16336 // https://www.w3.org/TR/2013/REC-user-timing-20131212/#privacy-security lockPref("dom.enable_user_timing", false); // Pref : Disable Web Audio API // https://bugzilla.mozilla.org/show_bug.cgi?id=1288359 // Avoid fingerprinting defaultPref("dom.webaudio.enabled", false); // Pref : When geolocation is enabled, don't log geolocation requests to the console lockPref("geo.wifi.logging.enabled", false); // Pref : Disable "beacon" asynchronous HTTP transfers (used for analytics) // https://developer.mozilla.org/en-US/docs/Web/API/navigator.sendBeacon >>>>>>> a35eb4b (re-organized and reviewed) ======= >>>>>>> 653a6ed (knocked out some more prefs) lockPref("beacon.enabled", false); lockPref("browser.ping-centre.telemetry", false); <<<<<<< HEAD // discovery lockPref("browser.discovery.enabled", false); lockPref("browser.discovery.containers.enabled", false); lockPref("browser.discovery.sites", ""); ======= ======= // crash report lockPref("breakpad.reportURL", ""); lockPref("browser.tabs.crashReporting.sendReport", false); lockPref("browser.crashReports.unsubmittedCheck.enabled", false); lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); <<<<<<< HEAD >>>>>>> 8b7a898 (updated and started editing external protocols) ======= lockPref("dom.ipc.plugins.reportCrashURL", false); lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); >>>>>>> 45bf63e (processed everything up to EOF) // captive portal lockPref("network.captive-portal-service.enabled", false); lockPref("captivedetect.canonicalURL", ""); // -------------------------------- // WINDOWS // -------------------------------- <<<<<<< HEAD <<<<<<< HEAD lockPref("network.protocol-handler.warn-external-default",true); lockPref("network.protocol-handler.external.javascript",false); lockPref("network.protocol-handler.external.moz-extension",false); lockPref("network.protocol-handler.external.ftp",false); lockPref("network.protocol-handler.external.file",false); lockPref("network.protocol-handler.external.about",false); lockPref("network.protocol-handler.external.chrome",false); lockPref("network.protocol-handler.external.blob",false); lockPref("network.protocol-handler.external.data",false); lockPref("network.protocol-handler.expose-all",false); lockPref("network.protocol-handler.expose.http",true); lockPref("network.protocol-handler.expose.https",true); lockPref("network.protocol-handler.expose.javascript",true); lockPref("network.protocol-handler.expose.moz-extension",true); lockPref("network.protocol-handler.expose.ftp",true); lockPref("network.protocol-handler.expose.file",true); lockPref("network.protocol-handler.expose.about",true); lockPref("network.protocol-handler.expose.chrome",true); lockPref("network.protocol-handler.expose.blob",true); lockPref("network.protocol-handler.expose.data",true); // Pref : Ensure there is a security delay when installing add-ons (milliseconds) // http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox // http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ lockPref("security.dialog_enable_delay", 700); // Pref : Opt-out of add-on metadata updates // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ defaultPref("extensions.getAddons.cache.enabled", false); // Pref : Opt-out of theme (Persona) updates // https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287 lockPref("lightweightThemes.update.enabled", false); lockPref("lightweightThemes.persisted.headerURL", false); lockPref("lightweightThemes.persisted.footerURL", false); // Pref : Disable Flash Player NPAPI plugin // http://kb.mozillazine.org/Flash_plugin lockPref("plugin.state.flash", 0); // Pref : Disable sending Flash Player crash reports lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); // Pref : When Flash Player crash reports are enabled, don't send the visited URL in the crash report lockPref("dom.ipc.plugins.reportCrashURL", false); // Pref : Disable Shumway (Mozilla Flash renderer) // https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Shumway lockPref("shumway.disabled", true); // Pref : Disable Gnome Shell Integration NPAPI plugin lockPref("plugin.state.libgnome-shell-browser-plugin", 0); // Pref : Enable click-to-play plugin // https://wiki.mozilla.org/Firefox/Click_To_Play // https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/ lockPref("plugins.click_to_play", true); lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0); // Pref : Disable WebIDE Web Debug // https://trac.torproject.org/projects/tor/ticket/16222 // https://developer.mozilla.org/docs/Tools/WebIDE lockPref("devtools.webide.enabled", false); lockPref("devtools.webide.autoinstallADBExtension", false); // [FF64+] lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+] lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] // Pref : Disable remote debugging // https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop // https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings lockPref("devtools.debugger.force-local", true); // Pref : Disallow Necko to do A/B testing // https://trac.torproject.org/projects/tor/ticket/13170 lockPref("network.allow-experiments", false); >>>>>>> 653a6ed (knocked out some more prefs) <<<<<<< HEAD // crash report lockPref("breakpad.reportURL", ""); lockPref("browser.tabs.crashReporting.sendReport", false); lockPref("browser.crashReports.unsubmittedCheck.enabled", false); lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // captive portal lockPref("network.captive-portal-service.enabled", false); lockPref("captivedetect.canonicalURL", ""); <<<<<<< HEAD // -------------------------------- // # WINDOWS // -------------------------------- ======= ======= // Pref : Disable "Show search suggestions in location bar results" lockPref("browser.urlbar.suggest.searches", false); lockPref("browser.urlbar.userMadeSearchSuggestionsChoice", true); // Pref : Never check for updates to search engines // https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking lockPref("browser.search.update", false); >>>>>>> 8b7a898 (updated and started editing external protocols) lockPref("network.netlink.route.check.IPv4", "127.0.0.1"); lockPref("network.netlink.route.check.IPv6", "::1"); // Pref : Disallow NTLMv1 // https://bugzilla.mozilla.org/show_bug.cgi?id=828183 lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // it is still allowed through HTTPS. lockPref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false); // Pref : Disable formless login capture // https://bugzilla.mozilla.org/show_bug.cgi?id=1166947 lockPref("signon.formlessCapture.enabled", false); // Pref : Delete temporary files on exit // https://bugzilla.mozilla.org/show_bug.cgi?id=238789 lockPref("browser.helperApps.deleteTempFileOnExit", true); // Pref : Do not create screenshots of visited pages (relates to the "new tab page" feature) // https://support.mozilla.org/en-US/questions/973320 // https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/browser.pagethumbnails.capturing_disabled lockPref("browser.pagethumbnails.capturing_disabled", true); // - Disabled - Section ON ------------------------------------------------------------------ // Pref : Tor settings // This browser is not meant for tor // Enabling those settings for user torifying their whole connection defaultPref("network.dns.blockDotOnion", true); lockPref("network.http.referer.hideOnionSource", true); // Pref : 1603 : CROSS ORIGIN: control when to send a referer // 0=always (default), 1=only if base domains match, 2=only if hosts match // Can break some important site... (payment... ) lockPref("network.http.referer.XOriginPolicy", 1); // Pref : Only allow TLS 1.[0-3] lockPref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3 // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> // Section : Disabled - Deprecated Active // Deprecated settings but left active for various reasons // Bench Diff : +0/5000 // >>>>>>>>>>>>>>>>>>>> // Pref : 0516 : disable Onboarding (FF55+) // Onboarding is an interactive tour/setup for new installs/profiles and features. Every time // about:home or about:newtab is opened, the onboarding overlay is injected into it // [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3] // [1] https://wiki.mozilla.org/Firefox/Onboarding // [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf // [3] https://bugzilla.mozilla.org/863246#c154 lockPref("browser.onboarding.enabled", false); // Removed in v64 //Deprecated Active // Pref : Disable WebIDE Web Debug Extension // https://trac.torproject.org/projects/tor/ticket/16222 // https://developer.mozilla.org/docs/Tools/WebIDE lockPref("devtools.webide.autoinstallADBHelper", false); // Replaced by "devtools.webide.autoinstallADBExtension" in 64 // Pref : Disable raw TCP socket support (mozTCPSocket) // https://trac.torproject.org/projects/tor/ticket/18863 // https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/ // https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket // is only exposed to chrome ( https://trac.torproject.org/projects/tor/ticket/27268#comment:2 ) // Not important lockPref("dom.mozTCPSocket.enabled", false); // Pref : Enforce checking for Firefox updates lockPref("app.update.enabled", false); // Pref : Disable bookmark backups (default: 15) // http://kb.mozillazine.org/Browser.bookmarks.max_backups lockPref("browser.bookmarks.max_backups", 2); // Pref : Disable SSDP // https://bugzilla.mozilla.org/show_bug.cgi?id=1111967 lockPref("browser.casting.enabled", false); // Pref : lockPref("browser.newtabpage.activity-stream.enabled", false); lockPref("browser.newtabpage.directory.ping", "data:text/plain,"); lockPref("browser.newtabpage.directory.source", "data:text/plain,"); lockPref("browser.newtabpage.enhanced", false); // Pref : lockPref("browser.pocket.enabled", false); // Pref : Disable Heartbeat (Mozilla user rating telemetry) // https://wiki.mozilla.org/Advocacy/heartbeat // https://trac.torproject.org/projects/tor/ticket/19047 lockPref("browser.selfsupport.url", ""); // Pref : Don't reveal build ID // Value taken from Tor Browser // https://bugzilla.mozilla.org/show_bug.cgi?id=583181 // Already enforced with 'privacy.resistFingerprinting' ? lockPref("browser.startup.homepage_override.mstone", "ignore"); // Pref : Disable face detection lockPref("camera.control.face_detection.enabled", false); // Pref : lockPref("datareporting.healthreport.about.reportUrl", "data:,"); lockPref("datareporting.healthreport.service.enabled", false); // Pref : Disable WebIDE Web Debug // https://trac.torproject.org/projects/tor/ticket/16222 // https://developer.mozilla.org/docs/Tools/WebIDE lockPref("devtools.webide.autoinstallFxdtAdapters", false); lockPref("devtools.webide.adaptersAddonURL", ""); // Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface) // https://wiki.mozilla.org/FlyWeb // https://wiki.mozilla.org/FlyWeb/Security_scenarios // https://docs.google.com/document/d/1eqLb6cGjDL9XooSYEEo7mE-zKQ-o-AuDTcEyNhfBMBM/edit // http://www.ghacks.net/2016/07/26/firefox-flyweb lockPref("dom.flyweb.enabled", false); // Pref : 2306: disable push notifications (FF44+) // web apps can receive messages pushed to them from a server, whether or // not the web app is in the foreground, or even currently loaded // [1] https://developer.mozilla.org/docs/Web/API/Push_API lockPref("dom.push.udp.wakeupEnabled", false); //UDP Wake-up // Pref : Disable telephony API // https://wiki.mozilla.org/WebAPI/Security/WebTelephony lockPref("dom.telephony.enabled", false); // Pref : Disable SHIELD // https://support.mozilla.org/en-US/kb/shield // https://bugzilla.mozilla.org/show_bug.cgi?id=1370801 lockPref("extensions.shield-recipe-client.enabled", false); // Pref : Disable Firefox Hello metrics collection // https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion lockPref("loop.logDomains", false); // Pref : WebSockets is a technology that makes it possible to open an interactive communication // session between the user's browser and a server. (May leak IP when using proxy/VPN) lockPref("network.websocket.enabled", false); // Pref : Disable Reader // Not deprecated but useful to be located here lockPref("reader.parse-on-load.enabled", false); // CIS 2.7.4 Disable Scripting of Plugins by JavaScript // http://forums.mozillazine.org/viewtopic.php?f=7&t=153889 lockPref("security.xpconnect.plugin.unrestricted", false); // Pref : lockPref("social.directories", ""); // Pref : lockPref("social.remote-install.enabled", false); // Pref : lockPref("social.whitelist", ""); defaultPref("xpinstall.signatures.required", true); // https://www.ghacks.net/2019/05/24/firefox-69-userchrome-css-and-usercontent-css-disabled-by-default/ // might increase startup time, so keep it disabled, but modifiable by default defaultPref("toolkit.legacyUserProfileCustomizations.stylesheets", false); // to be set for the console to work, see https://gitlab.com/librewolf-community/browser/linux/-/issues/80: defaultPref("devtools.selfxss.count", 0); ======= // disable Windows jumplist [WINDOWS] lockPref("browser.taskbar.lists.enabled", false); lockPref("browser.taskbar.lists.frequent.enabled", false); lockPref("browser.taskbar.lists.recent.enabled", false); lockPref("browser.taskbar.lists.tasks.enabled", false); >>>>>>> 45bf63e (processed everything up to EOF) // disable Windows taskbar preview [WINDOWS] lockPref("browser.taskbar.previews.enable", false); ======= >>>>>>> 5b1fc33 (removed some more) // disable links launching Windows Store [WINDOWS] lockPref("network.protocol-handler.external.ms-windows-store", false); // disable background update service [WINDOWS] lockPref("app.update.service.enabled", false); // disable automatic Firefox start and session restore after reboot [WINDOWS] lockPref("toolkit.winRegisterApplicationRestart", false); // disable Windows 8.1 Family Safety cert [WINDOWS] <<<<<<< HEAD lockPref("security.family_safety.mode", 0); // -------------------------------- // TESTING - unchanged // -------------------------------- // Pref : //lockPref("urlclassifier.phishTable", ""); // Default Value // goog-phish-proto,test-phish-simple // Pref : //lockPref("urlclassifier.passwordAllowTable", ""); // Default Value // goog-passwordwhite-proto // Pref : //lockPref("urlclassifier.downloadAllowTable", ""); // Default Value // goog-downloadwhite-proto // Pref : //lockPref("urlclassifier.downloadBlockTable", ""); // Default Value // goog-badbinurl-proto // Pref : Test To Make FFox Silent //lockPref("security.content.signature.root_hash", ""); // Default Value <<<<<<< HEAD // 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E // -------------------------------- // WINDOWS // -------------------------------- // Pref : Other webGl [WINDOWS] lockPref("webgl.dxgl.enabled", false); // Pref : disable scanning for plugins [WINDOWS] lockPref("plugin.scan.plid.all", false); // Pref : disable Windows jumplist [WINDOWS] lockPref("browser.taskbar.lists.enabled", false); lockPref("browser.taskbar.lists.frequent.enabled", false); lockPref("browser.taskbar.lists.recent.enabled", false); lockPref("browser.taskbar.lists.tasks.enabled", false); // Pref : disable Windows taskbar preview [WINDOWS] lockPref("browser.taskbar.previews.enable", false); // Pref : disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS] // [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/ lockPref("network.protocol-handler.external.ms-windows-store", false); // Pref : disable background update service [WINDOWS] // [SETTING] General>Firefox Updates>Use a background service to install updates lockPref("app.update.service.enabled", false); // Pref : disable automatic Firefox start and session restore after reboot [WINDOWS] (FF62+) // [1] https://bugzilla.mozilla.org/603903 lockPref("toolkit.winRegisterApplicationRestart", false); // Pref : 1220: disable Windows 8.1's Microsoft Family Safety cert [WINDOWS] (FF50+) // 0=disable detecting Family Safety mode and importing the root // 1=only attempt to detect Family Safety mode (don't import the root) // 2=detect Family Safety mode and import the root // [1] https://trac.torproject.org/projects/tor/ticket/21686 lockPref("security.family_safety.mode", 0); // -------------------------------- // ESR // -------------------------------- // Pref : Geolocation lockPref("browser.search.countryCode", "US"); // Pref : Disable Mozilla telemetry/experiments // https://wiki.mozilla.org/Platform/Features/Telemetry // https://wiki.mozilla.org/Privacy/Reviews/Telemetry // https://wiki.mozilla.org/Telemetry // https://www.mozilla.org/en-US/legal/privacy/firefox.html#telemetry // https://support.mozilla.org/t5/Firefox-crashes/Mozilla-Crash-Reporter/ta-p/1715 // https://wiki.mozilla.org/Security/Reviews/Firefox6/ReviewNotes/telemetry // https://gecko.readthedocs.io/en/latest/browser/experiments/experiments/manifest.html // https://wiki.mozilla.org/Telemetry/Experiments // https://support.mozilla.org/en-US/questions/1197144 lockPref("experiments.activeExperiment", false); lockPref("experiments.enabled", false); lockPref("experiments.manifest.uri", ""); lockPref("experiments.supported", false); // Pref : 2612: disable remote JAR files being opened, regardless of content type (FF42+) // [1] https://bugzilla.mozilla.org/1173171 // [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ // [-] https://bugzilla.mozilla.org/1427726 lockPref("network.jar.block-remote-files", true); // Pref : 2613: disable JAR from opening Unsafe File Types // [-] https://bugzilla.mozilla.org/1427726 lockPref("network.jar.open-unsafe-types", false); // Pref : Disable Java NPAPI plugin lockPref("plugin.state.java", 0); // Discussion at https://github.com/ghacksuserjs/ghacks-user.js/issues/743 lockPref("trailhead.firstrun.branches", "join-privacy"); // Pref : 0402: enable Kinto blocklist updates (FF50+) // What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications // As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be // revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes // [-] https://bugzilla.mozilla.org/1458917 lockPref("services.blocklist.update_enabled", false); // Pref : 0503: disable "Savant" Shield study (FF61+) // [-] https://bugzilla.mozilla.org/1457226 lockPref("shield.savant.enabled", false); // Fix ESR Devtools //lockPref("devtools.telemetry.tools.opened.version", ""); // Default {"DEVTOOLS_SCREEN_RESOLUTION_ENUMERATED_PER_USER":"60.4.0"} >>>>>>> a35eb4b (re-organized and reviewed) // disable links launching Windows Store [WINDOWS] lockPref("network.protocol-handler.external.ms-windows-store", false); // disable background update service [WINDOWS] lockPref("app.update.service.enabled", false); // disable automatic Firefox start and session restore after reboot [WINDOWS] lockPref("toolkit.winRegisterApplicationRestart", false); // disable Windows 8.1 Family Safety cert [WINDOWS] lockPref("security.family_safety.mode", 0); // Windows only? lockPref("default-browser-agent.enabled", false); // ----------------------------------- // # OVERRIDES // ----------------------------------- // allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg` // or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak). let profile_directory; if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) { pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); } ======= // 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E >>>>>>> 45bf63e (processed everything up to EOF) ======= lockPref("security.family_safety.mode", 0); >>>>>>> 48fecfd (removed redundant stuff)