2223 lines
102 KiB
INI
Executable file
2223 lines
102 KiB
INI
Executable file
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
=======
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
//---------------|
|
|
// LibreWolf |
|
|
//---------------|
|
|
// Glossary: |
|
|
// ================================================================================================================================|
|
|
// |
|
|
// "Section" : Description of the settings section separated by "----" |
|
|
<<<<<<< HEAD
|
|
=======
|
|
// "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance |
|
|
// +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss |
|
|
// Performance can be tested here : https://chromium.github.io/octane/ |
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
// "Pref" : Preference/Settings name and or description followed by links or documentations |
|
|
// and some time explanation why the setting is commented and ignored. |
|
|
// "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here |
|
|
// lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. |
|
|
// In many cases the GUI will change to reflect this, graying out or removing options. Appears |
|
|
// in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. |
|
|
// It will not work if it set with just pref. |
|
|
// "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, |
|
|
// but they will be erased on restart. If you set a particular preference this way, |
|
|
// it shows up in about:config as "user set". |
|
|
// "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will |
|
|
// be saved between sessions. If preferences are reset to default through the GUI or some other method, |
|
|
// this is what they will go back to. Appears in about:config as "default". |
|
|
// "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions |
|
|
// that rely on comparing version numbers. |
|
|
// |
|
|
// ================================================================================================================================|
|
|
<<<<<<< HEAD
|
|
=======
|
|
// ---------
|
|
// LibreWolf
|
|
// ---------
|
|
//
|
|
// Documentation .............. :
|
|
// ==============================
|
|
//
|
|
// "Section" : Description of the settings section separated by "----"
|
|
// "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance
|
|
// +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss
|
|
// Performance can be tested here : https://chromium.github.io/octane/
|
|
// "Pref" : Preference/Settings name and or description followed by links or documentations
|
|
// and some time explanation why the setting is commented and ignored.
|
|
// "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here
|
|
// lockPref is used to lock preferences so they cannot be changed through the GUI or about:config.
|
|
// In many cases the GUI will change to reflect this, graying out or removing options. Appears
|
|
// in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled.
|
|
// It will not work if it set with just pref.
|
|
// "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes,
|
|
// but they will be erased on restart. If you set a particular preference this way,
|
|
// it shows up in about:config as "user set".
|
|
// "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will
|
|
// be saved between sessions. If preferences are reset to default through the GUI or some other method,
|
|
// this is what they will go back to. Appears in about:config as "default".
|
|
// "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions
|
|
// that rely on comparing version numbers.
|
|
//
|
|
// ====================================================================================
|
|
// Protection ................. :
|
|
// ==============================
|
|
//
|
|
// Pref : Locking librewolf.cfg itself
|
|
defaultPref("general.config.filename", "librewolf.cfg");
|
|
//
|
|
// =====================================================================================
|
|
// Index librewolf.cfg .......... :
|
|
// ==============================
|
|
//
|
|
// -----------------------------------------------------------------------
|
|
// Section : User settings // Bench Diff : +0 / 5000
|
|
// Section : Defaulting Settings // Bench Diff : +0 / 5000
|
|
// -----------------------------------------------------------------------
|
|
// Section : Controversial // Bench Diff : +0 / 5000
|
|
// Section : Firefox Fingerprint // Bench Diff : +0 / 5000
|
|
// Section : Locale/Time // Bench Diff : +0 / 5000
|
|
// Section : Ghacks-user Selection // Bench Diff : +100 / 5000
|
|
// Section : Extensions Manager // Bench Diff : +0 / 5000
|
|
// Section : IJWY To Shut Up // Bench Diff : +0 / 5000
|
|
// Section : Microsoft Windows // Bench Diff : +0 / 5000
|
|
// Section : Firefox ESR60.x // Bench Diff : +0 / 5000
|
|
// -----------------------------------------------------------------------
|
|
// Section : Security 1/3 // Bench Diff : +0 / 5000
|
|
// Section : Security 2/3 // Bench Diff : +0 / 5000
|
|
// Section : Security 3/3 (Cipher) // Bench Diff : +0 / 5000
|
|
// -----------------------------------------------------------------------
|
|
// Section : Performance 1/5 // Bench Diff : +650 / 5000
|
|
// Section : Performance 2/5 // Bench Diff : -800 / 5000
|
|
// Section : Performance 3/5 // Bench Diff : -1720 / 5000
|
|
// Section : Performance 4/5 // Bench Diff : -200 / 5000
|
|
// Section : Performance 5/5 // Bench Diff : -50 / 5000
|
|
// -----------------------------------------------------------------------
|
|
// Section : General Settings 1/3 // Bench Diff : +100 / 5000
|
|
// Section : General Settings 2/3 // Bench Diff : +0 / 5000
|
|
// Section : General Settings 3/3 // Bench Diff : -40 / 5000
|
|
// -----------------------------------------------------------------------
|
|
// Section : Disabled - ON/OFF // Bench Diff : +0 / 5000
|
|
// Section : Disabled - Deprecated Active // Bench Diff : +0 / 5000
|
|
// Section : Disabled - Deprecated Inactive // Bench Diff : +0 / 5000
|
|
// -----------------------------------------------------------------------
|
|
//
|
|
// -----------------------------------------------------------------------
|
|
// Index local-settings.js .... :
|
|
// ==============================
|
|
//
|
|
// -----------------------------------------------------------------------
|
|
// Section : General Settings // Bench Diff : ++ / 5000
|
|
// -----------------------------------------------------------------------
|
|
//
|
|
// -----------------------------------------------------------------------
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>
|
|
// Section : User Settings
|
|
// Bench Diff : +0/5000
|
|
// >>>>>>>>>>>>>>>>>>>>>>>
|
|
=======
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
|
|
<<<<<<< HEAD
|
|
// --------------------------------
|
|
// User Settings : Cookies settings
|
|
// --------------------------------
|
|
|
|
// In the future consider switching to network.cookie.cookieBehavior=5 to enable dFPI
|
|
defaultPref("network.cookie.cookieBehavior", 1);
|
|
defaultPref("network.cookie.lifetimePolicy", 2);
|
|
defaultPref("network.cookie.thirdparty.sessionOnly", true);
|
|
lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
|
|
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
|
|
|
// -----------------------------------
|
|
// # TRACKING PROTECTION
|
|
=======
|
|
|
|
// -----------------------------------
|
|
// TRACKING PROTECTION
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// -----------------------------------
|
|
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
defaultPref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI even more
|
|
=======
|
|
// set custom mode
|
|
lockPref("browser.contentblocking.category", "custom"); // changing to other options is currently broken anyway
|
|
|
|
// disabling tracking protection
|
|
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
|
=======
|
|
defaultPref("general.config.filename", "librewolf.cfg");
|
|
|
|
// -----------------------------------
|
|
// TRACKING PROTECTION
|
|
// -----------------------------------
|
|
|
|
lockPref("browser.contentblocking.category", "custom"); // changing to other options is currently broken anyway
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
lockPref("privacy.trackingprotection.enabled", false);
|
|
lockPref("privacy.trackingprotection.pbmode.enabled", false);
|
|
lockPref("privacy.trackingprotection.socialtracking.enabled", false);
|
|
lockPref("privacy.trackingprotection.cryptomining.enabled", false);
|
|
lockPref("privacy.trackingprotection.fingerprinting.enabled", false);
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
lockPref("privacy.trackingprotection.annotate_channels", false);
|
|
lockPref("urlclassifier.trackingTable", "");
|
|
lockPref("browser.contentblocking.database.enabled", false);
|
|
|
|
// remove urls
|
|
lockPref("browser.contentblocking.reportBreakage.url", "");
|
|
|
|
// hide ui elements
|
|
lockPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
|
|
lockPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
|
|
lockPref("browser.contentblocking.report.hide_vpn_banner", true);
|
|
lockPref("browser.contentblocking.report.show_mobile_app", false);
|
|
lockPref("browser.contentblocking.report.lockwise.enabled", false);
|
|
lockPref("browser.contentblocking.report.monitor.enabled", false);
|
|
lockPref("browser.contentblocking.report.proxy.enabled", false);
|
|
lockPref("browser.contentblocking.report.vpn.enabled", false);
|
|
=======
|
|
|
|
// below are potentially useless as tracking protection is disabled
|
|
=======
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
lockPref("privacy.trackingprotection.origin_telemetry.enabled", false);
|
|
lockPref("privacy.trackingprotection.annotate_channels", false);
|
|
lockPref("privacy.trackingprotection.lower_network_priority", false);
|
|
lockPref("privacy.trackingprotection.testing.report_blocked_node", false);
|
|
lockPref("telemetry.origin_telemetry_test_mode.enabled", false);
|
|
lockPref("urlclassifier.trackingTable", "");
|
|
lockPref("browser.contentblocking.database.enabled", false);
|
|
|
|
// remove urls
|
|
lockPref("browser.contentblocking.reportBreakage.url", "");
|
|
lockPref("privacy.trackingprotection.introURL", "");
|
|
lockPref("browser.contentblocking.report.cookie.url", "");
|
|
lockPref("browser.contentblocking.report.cryptominer.url", "");
|
|
lockPref("browser.contentblocking.report.endpoint_url", "");
|
|
lockPref("browser.contentblocking.report.fingerprinter.url", "");
|
|
lockPref("browser.contentblocking.report.lockwise.how_it_works.url", "");
|
|
lockPref("browser.contentblocking.report.manage_devices.url", "");
|
|
lockPref("browser.contentblocking.report.monitor.how_it_works.url", "");
|
|
lockPref("browser.contentblocking.report.monitor.sign_in_url", "");
|
|
lockPref("browser.contentblocking.report.monitor.home_page_url", "");
|
|
lockPref("browser.contentblocking.report.monitor.preferences", "");
|
|
lockPref("browser.contentblocking.report.monitor.url", "");
|
|
lockPref("browser.contentblocking.report.proxy.enabled", false);
|
|
lockPref("browser.contentblocking.report.proxy_extension.url", "");
|
|
lockPref("browser.contentblocking.report.social.url", "");
|
|
lockPref("browser.contentblocking.report.tracker.url", "");
|
|
lockPref("browser.contentblocking.report.vpn.url", "");
|
|
lockPref("browser.contentblocking.report.vpn-promo.url", "");
|
|
lockPref("browser.contentblocking.report.vpn-ios.url", "");
|
|
lockPref("browser.contentblocking.report.vpn-android.url", "");
|
|
|
|
// hide ui elements
|
|
lockPref("browser.contentblocking.cfr-milestone.enabled", false);
|
|
lockPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
|
|
lockPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
|
|
lockPref("browser.contentblocking.report.hide_vpn_banner", true);
|
|
lockPref("browser.contentblocking.report.show_mobile_app", false);
|
|
lockPref("browser.contentblocking.report.lockwise.enabled", false);
|
|
lockPref("browser.contentblocking.report.monitor.enabled", false);
|
|
lockPref("browser.contentblocking.report.proxy.enabled", false);
|
|
lockPref("browser.contentblocking.report.vpn.enabled", false);
|
|
|
|
// Windows only?
|
|
lockPref("default-browser-agent.enabled", false);
|
|
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
|
|
|
// to check, could be deprecated/useless
|
|
lockPref("pref.privacy.disable_button.change_blocklist", true);
|
|
lockPref("pref.privacy.disable_button.tracking_protection_exceptions", true);
|
|
|
|
// ----------------------------------
|
|
<<<<<<< HEAD
|
|
// # AUTOPLAY
|
|
=======
|
|
// AUTOPLAY
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// ----------------------------------
|
|
|
|
defaultPref("media.autoplay.default", 5);
|
|
defaultPref("media.autoplay.blocking_policy", 2);
|
|
|
|
// -----------------------------------------
|
|
<<<<<<< HEAD
|
|
// # PASSWORD MANAGER
|
|
=======
|
|
// PASSWORD MANAGER
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// -----------------------------------------
|
|
|
|
lockPref("signon.rememberSignons", false);
|
|
lockPref("signon.storeWhenAutocompleteOff", false);
|
|
defaultPref("signon.management.page.breach-alerts.enabled", false);
|
|
defaultPref("signon.management.page.breachAlertUrl", "");
|
|
lockPref("signon.formlessCapture.enabled", false);
|
|
|
|
// --------------------------------
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
// # SEARCH AND URLBAR
|
|
// --------------------------------
|
|
|
|
defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
|
|
lockPref("browser.urlbar.speculativeConnect.enabled", false);
|
|
lockPref("browser.urlbar.trimURLs", false);
|
|
lockPref("browser.search.suggest.enabled", false);
|
|
lockPref("browser.search.region", "US");
|
|
lockPref("browser.fixup.alternate.enabled", false);
|
|
lockPref("browser.urlbar.suggest.searches", false);
|
|
lockPref("browser.search.update", false);
|
|
|
|
// --------------------------------
|
|
// # SANITIZING, COOKIES AND HISTORY
|
|
// --------------------------------
|
|
|
|
defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1
|
|
defaultPref("network.cookie.lifetimePolicy", 2);
|
|
defaultPref("network.cookie.thirdparty.sessionOnly", true);
|
|
lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
|
|
|
|
// includes new cookie behavior that allows to stay logged with exceptions
|
|
defaultPref("privacy.clearOnShutdown.cookies", false);
|
|
defaultPref("privacy.clearOnShutdown.offlineApps", false);
|
|
defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout
|
|
defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout
|
|
=======
|
|
// SEARCH
|
|
=======
|
|
// SEARCH AND URLBAR
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
// --------------------------------
|
|
|
|
lockPref("browser.urlbar.filter.javascript", true);
|
|
lockPref("browser.urlbar.speculativeConnect.enabled", false);
|
|
lockPref("browser.urlbar.trimURLs", false);
|
|
lockPref("browser.search.suggest.enabled", false);
|
|
lockPref("browser.search.region", "US");
|
|
lockPref("browser.search.geoip.url", "");
|
|
lockPref("browser.fixup.alternate.enabled", false);
|
|
|
|
// --------------------------------
|
|
// SANITIZING, COOKIES AND HISTORY
|
|
// --------------------------------
|
|
|
|
defaultPref("network.cookie.cookieBehavior", 1); // in the future consider switching to network.cookie.cookieBehavior=5 to enable dFPI
|
|
defaultPref("network.cookie.lifetimePolicy", 2);
|
|
defaultPref("network.cookie.thirdparty.sessionOnly", true);
|
|
lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
|
|
|
|
// includes new cookie behavior that works with exceptions
|
|
defaultPref("privacy.clearOnShutdown.siteSettings", false);
|
|
defaultPref("privacy.clearOnShutdown.cache", true);
|
|
defaultPref("privacy.clearOnShutdown.cookies", false);
|
|
defaultPref("privacy.clearOnShutdown.downloads", true);
|
|
defaultPref("privacy.clearOnShutdown.formdata", true);
|
|
defaultPref("privacy.clearOnShutdown.history", true);
|
|
defaultPref("privacy.clearOnShutdown.offlineApps", false);
|
|
defaultPref("privacy.clearOnShutdown.sessions", true);
|
|
defaultPref("privacy.cpd.siteSettings", false);
|
|
defaultPref("privacy.cpd.downloads", true);
|
|
defaultPref("privacy.cpd.cache", true);
|
|
defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout
|
|
defaultPref("privacy.cpd.formdata", true);
|
|
defaultPref("privacy.cpd.history", true);
|
|
defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout
|
|
defaultPref("privacy.cpd.passwords", false);
|
|
defaultPref("privacy.cpd.sessions", true);
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
|
|
defaultPref("privacy.sanitize.timeSpan", 0);
|
|
defaultPref("browser.formfill.enable", false);
|
|
defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
|
|
defaultPref("places.history.enabled", false);
|
|
defaultPref("privacy.history.custom", true);
|
|
lockPref("browser.sessionhistory.max_entries", 20);
|
|
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
// --------------------------------------------------------------------
|
|
// # SESSIONS
|
|
=======
|
|
=======
|
|
defaultPref("layout.css.visited_links_enabled", false);
|
|
defaultPref("layout.css.always-repaint-on-unvisited", false);
|
|
defaultPref("layout.css.notify-of-unvisited", false);
|
|
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
// this sets a cookie jar for 3rd party origin which is the same as dFPI
|
|
// and probably redundant when 3rd party cookies are disabled
|
|
// lockPref("privacy.storagePrincipal.enabledForTrackers", false);
|
|
|
|
// --------------------------------------------------------------------
|
|
// SESSIONS
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// --------------------------------------------------------------------
|
|
|
|
lockPref("browser.sessionstore.privacy_level", 2);
|
|
lockPref("browser.sessionstore.interval", 60000);
|
|
|
|
// ---------------------------------
|
|
<<<<<<< HEAD
|
|
// # AUTOFILL
|
|
=======
|
|
// AUTOFILL
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// ---------------------------------
|
|
|
|
defaultPref("extensions.formautofill.section.enabled", false);
|
|
defaultPref("extensions.formautofill.available", "off");
|
|
defaultPref("extensions.formautofill.addresses.enabled", false);
|
|
<<<<<<< HEAD
|
|
=======
|
|
defaultPref("extensions.formautofill.addresses.capture.enabled", false);
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
defaultPref("extensions.formautofill.creditCards.enabled", false);
|
|
defaultPref("extensions.formautofill.creditCards.available", false);
|
|
defaultPref("extensions.formautofill.heuristics.enabled", false);
|
|
lockPref("signon.autofillForms", false);
|
|
<<<<<<< HEAD
|
|
|
|
// -----------------------
|
|
// # DRM
|
|
=======
|
|
lockPref("signon.autofillForms.http", false);
|
|
|
|
// -----------------------
|
|
// DRM
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// -----------------------
|
|
|
|
// includes new DRM implementation for easily re-enabling it
|
|
// following four prefs must be set to true to play DRM content
|
|
// could be further reduced to 2 or 1 prefs
|
|
defaultPref("media.eme.enabled", false);
|
|
defaultPref("media.gmp-widevinecdm.visible", false);
|
|
defaultPref("media.gmp-widevinecdm.enabled", false);
|
|
defaultPref("media.gmp-provider.enabled", false);
|
|
defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections
|
|
|
|
<<<<<<< HEAD
|
|
defaultPref("media.gmp-gmpopenh264.enabled", false);
|
|
|
|
// ----------------------
|
|
// # WEBRTC
|
|
=======
|
|
defaultPref("media.gmp.trial-create.enabled", false);
|
|
defaultPref("media.gmp-gmpopenh264.enabled", false);
|
|
|
|
// ----------------------
|
|
<<<<<<< HEAD
|
|
// WebRTC
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
=======
|
|
// WEBRTC
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
// ----------------------
|
|
|
|
defaultPref("media.navigator.enabled", false);
|
|
defaultPref("media.peerconnection.enabled", false);
|
|
<<<<<<< HEAD
|
|
=======
|
|
defaultPref("media.navigator.video.enabled", false);
|
|
defaultPref("media.getusermedia.browser.enabled", false);
|
|
defaultPref("media.getusermedia.screensharing.enabled", false);
|
|
defaultPref("media.getusermedia.audiocapture.enabled", false);
|
|
defaultPref("media.peerconnection.use_document_iceservers", false);
|
|
defaultPref("media.peerconnection.identity.enabled", false);
|
|
defaultPref("media.peerconnection.identity.timeout", 1); // 10000 per default
|
|
defaultPref("media.peerconnection.turn.disable", true);
|
|
defaultPref("media.peerconnection.ice.tcp", false);
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
defaultPref("media.peerconnection.ice.default_address_only", true);
|
|
defaultPref("media.peerconnection.ice.no_host", true);
|
|
defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
|
|
|
|
// all covered by previous prefs
|
|
// defaultPref("media.navigator.video.enabled", false);
|
|
// defaultPref("media.peerconnection.use_document_iceservers", false);
|
|
// defaultPref("media.peerconnection.identity.enabled", false);
|
|
// defaultPref("media.peerconnection.identity.timeout", 1);
|
|
// defaultPref("media.peerconnection.turn.disable", true);
|
|
// defaultPref("media.peerconnection.ice.tcp", false);
|
|
|
|
// ----------------------
|
|
// # SHARING
|
|
// ----------------------
|
|
|
|
defaultPref("media.getusermedia.browser.enabled", false);
|
|
defaultPref("media.getusermedia.screensharing.enabled", false);
|
|
defaultPref("media.getusermedia.audiocapture.enabled", false);
|
|
|
|
// ----------------------------
|
|
<<<<<<< HEAD
|
|
// # DNS
|
|
=======
|
|
// DNS
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// ----------------------------
|
|
|
|
lockPref("network.trr.mode", 5);
|
|
lockPref("network.trr.bootstrapAddress", "");
|
|
lockPref("network.trr.uri", "");
|
|
lockPref("network.trr.send_empty_accept-encoding_headers", false);
|
|
defaultPref("network.dns.disableIPv6", true);
|
|
lockPref("network.dns.disablePrefetch", true);
|
|
|
|
// ------------------------------------
|
|
<<<<<<< HEAD
|
|
// # NEW TAB PAGE
|
|
=======
|
|
// NEW TAB PAGE
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// ------------------------------------
|
|
|
|
lockPref("browser.newtab.preload", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.places", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.topsites", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
|
|
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "");
|
|
lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
|
|
lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
|
|
lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
|
|
lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
|
|
lockPref("browser.newtabpage.activity-stream.showSponsored", false);
|
|
lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", "");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true);
|
|
lockPref("browser.newtabpage.activity-stream.telemetry", false);
|
|
lockPref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", "");
|
|
lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", "");
|
|
lockPref("browser.newtabpage.activity-stream.default.sites", "");
|
|
lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
|
|
lockPref("browser.newtabpage.activity-stream.discoverystream.config", "{\"collapsible\":true,\"enabled\":false,\"personalized\":false,\"layout_endpoint\":\"\"}");
|
|
lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", "");
|
|
lockPref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false);
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false);
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
|
|
lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
|
|
=======
|
|
lockPref("browser.newtab.preload", false);
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
|
|
lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "");
|
|
|
|
lockPref("extensions.getAddons.discovery.api_url", "");
|
|
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "");
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}");
|
|
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", "");
|
|
// Default Value :
|
|
// {\"id\":\"cfr\",\"enabled\":false,\"type\":\"local\",\"localProvider\":\
|
|
// "CFRMessageProvider\",\"frequency\":{\"custom\":[{\"period\":\"daily\",\"cap\":1}]}}
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.onboarding", "");
|
|
// Default Value :
|
|
// {\"id\":\"onboarding\",\"type\":\"local\",\"localProvider\":\"OnboardingMessageProvider\",\"enabled\":true}
|
|
lockPref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "");
|
|
// Default Value :
|
|
// {\"id\":\"snippets\",\"enabled\":false,\"type\":\"remote\",\"url\":\"https://snippets.cdn.mozilla.net/
|
|
// %STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%
|
|
// /%DISTRIBUTION%/%DISTRIBUTION_VERSION%/\",\"updateCycleInMs\":14400000}
|
|
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
|
|
|
// -------------------------------------------
|
|
// # DO NOT TRACK
|
|
=======
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
|
|
lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
|
|
lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
|
|
|
|
// -------------------------------------------
|
|
// DO NOT TRACK
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// -------------------------------------------
|
|
|
|
// Unlocked as some think it increases fingerprint, they can now disable it
|
|
defaultPref("privacy.donottrackheader.enabled", true);
|
|
|
|
// --------------------------------
|
|
<<<<<<< HEAD
|
|
// # DOM
|
|
=======
|
|
// DOM
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
// --------------------------------
|
|
|
|
lockPref("dom.disable_beforeunload", true);
|
|
defaultPref("dom.disable_open_during_load", true);
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
=======
|
|
=======
|
|
lockPref("dom.push.enabled", false);
|
|
lockPref("dom.push.connection.enabled", false);
|
|
lockPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/"
|
|
lockPref("dom.push.userAgentID", "");
|
|
lockPref("dom.targetBlankNoOpener.enabled", true);
|
|
lockPref("dom.reporting.crash.enabled", false);
|
|
lockPref("dom.imagecapture.enabled", false);
|
|
lockPref("dom.disable_window_move_resize", true);
|
|
defaultPref("dom.serviceWorkers.enabled", false);
|
|
defaultPref("dom.battery.enabled", false);
|
|
lockPref("dom.popup_maximum", 4);
|
|
defaultPref("dom.event.contextmenu.enabled", false);
|
|
defaultPref("dom.event.clipboardevents.enabled", false);
|
|
defaultPref("dom.webaudio.enabled", false);
|
|
lockPref("dom.vr.enabled", false);
|
|
lockPref("dom.vibrator.enabled", false);
|
|
|
|
// lockPref("dom.registerProtocolHandler.insecure.enabled", true); // seems to be deprecated
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
|
|
// --------------------------------
|
|
// PERMISSIONS
|
|
// --------------------------------
|
|
|
|
lockPref("permissions.delegation.enabled", false);
|
|
defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it
|
|
|
|
// --------------------------------
|
|
// REFERERS
|
|
// --------------------------------
|
|
|
|
defaultPref("network.http.referer.defaultPolicy", 2);
|
|
defaultPref("network.http.referer.defaultPolicy.pbmode", 2); // (FF59+) default: 2
|
|
lockPref("network.http.referer.XOriginTrimmingPolicy", 2);
|
|
lockPref("network.http.referer.XOriginPolicy", 2);
|
|
lockPref("network.http.referer.spoofSource", false);
|
|
lockPref("network.http.referer.trimmingPolicy", 0);
|
|
//defaultPref("network.http.sendRefererHeader", 1);
|
|
|
|
// --------------------------------
|
|
// PROXY
|
|
// --------------------------------
|
|
|
|
defaultPref("network.proxy.autoconfig_url", "");
|
|
defaultPref("network.proxy.autoconfig_url.include_path", false);
|
|
defaultPref("network.proxy.socks_remote_dns", true);
|
|
defaultPref("network.proxy.socks_version", 5);
|
|
|
|
// --------------------------------------
|
|
// HTTP(S)
|
|
// --------------------------------------
|
|
|
|
lockPref("network.http.altsvc.enabled", false);
|
|
lockPref("network.http.altsvc.oe", false);
|
|
defaultPref("dom.security.https_only_mode", true);
|
|
defaultPref("dom.security.https_only_mode_ever_enabled", true);
|
|
|
|
// --------------------------------------
|
|
// TLS
|
|
// --------------------------------------
|
|
|
|
defaultPref("security.ssl.require_safe_negotiation", true);
|
|
lockPref("security.tls.enable_0rtt_data", false);
|
|
lockPref("security.tls.version.enable-deprecated", false);
|
|
lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos
|
|
lockPref("browser.ssl_override_behavior", 1);
|
|
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
|
lockPref("security.insecure_field_warning.contextual.enabled", true);
|
|
lockPref("network.stricttransportsecurity.preloadlist", false);
|
|
lockPref("security.ssl.disable_session_identifiers", true);
|
|
lockPref("security.tls.version.fallback-limit", 3);
|
|
lockPref("security.tls.version.min", 3);
|
|
|
|
// --------------------------------------
|
|
// RFP
|
|
// --------------------------------------
|
|
|
|
defaultPref("privacy.resistFingerprinting", true);
|
|
defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true);
|
|
|
|
// --------------------------------------
|
|
// LANGUAGE AND REGION
|
|
// --------------------------------------
|
|
|
|
//defaultPref("privacy.spoof_english", 2); // redudant with RFP and javascript.use_us_english_locale
|
|
lockPref("javascript.use_us_english_locale", true);
|
|
lockPref("intl.regional_prefs.use_os_locales", false);
|
|
defaultPref("intl.locale.requested", "en-US");
|
|
defaultPref("intl.accept_languages", "en-US, en");
|
|
|
|
// --------------------------------------
|
|
// USER AGENT AND IDENTITY
|
|
// --------------------------------------
|
|
|
|
defaultPref("general.useragent.override", "Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0");
|
|
defaultPref("general.appname.override", "Netscape");
|
|
defaultPref("general.appversion.override", "5.0 (Windows)");
|
|
defaultPref("general.platform.override", "Win32");
|
|
defaultPref("general.oscpu.override", "Windows NT 6.1");
|
|
lockPref("general.buildID.override", "20100101");
|
|
lockPref("browser.startup.homepage_override.buildID", "20100101");
|
|
|
|
<<<<<<< HEAD
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
// Section : Ghacks-user Selection
|
|
// Bench Diff : +100/5000
|
|
// >>>>>>>>>>>>>>>>>>>>>>
|
|
|
|
lockPref("toolkit.coverage.endpoint.base", "");
|
|
lockPref("toolkit.coverage.opt-out", true);
|
|
lockPref("browser.download.manager.addToRecentDocs", false);
|
|
lockPref("browser.download.hide_plugins_without_extensions", false);
|
|
lockPref("webchannel.allowObject.urlWhitelist", "");
|
|
lockPref("browser.cache.offline.storage.enable", false);
|
|
lockPref("network.http.redirection-limit", 10);
|
|
lockPref("extensions.enabledScopes", 5);
|
|
|
|
// Is there any reason to change the default value?
|
|
// lockPref("extensions.autoDisableScopes", 11);
|
|
|
|
lockPref("xpinstall.whitelist.required", true); // default: true
|
|
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
lockPref("dom.push.enabled", false);
|
|
lockPref("dom.push.connection.enabled", false);
|
|
lockPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/"
|
|
lockPref("dom.push.userAgentID", "");
|
|
lockPref("dom.targetBlankNoOpener.enabled", true);
|
|
lockPref("dom.disable_window_move_resize", true);
|
|
defaultPref("dom.serviceWorkers.enabled", false);
|
|
defaultPref("dom.battery.enabled", false);
|
|
lockPref("dom.popup_maximum", 4);
|
|
defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
|
|
defaultPref("dom.webaudio.enabled", false);
|
|
lockPref("dom.vr.enabled", false);
|
|
lockPref("dom.vibrator.enabled", false);
|
|
defaultPref("dom.storage.next_gen", true);
|
|
|
|
// --------------------------------
|
|
// # PERMISSIONS
|
|
// --------------------------------
|
|
|
|
lockPref("permissions.delegation.enabled", false);
|
|
defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it
|
|
lockPref("permissions.manager.defaultsUrl", "");
|
|
|
|
// --------------------------------
|
|
// # REFERERS
|
|
// --------------------------------
|
|
|
|
lockPref("network.http.referer.XOriginTrimmingPolicy", 2);
|
|
lockPref("network.http.referer.XOriginPolicy", 0);
|
|
|
|
// --------------------------------
|
|
// # PROXY
|
|
// --------------------------------
|
|
|
|
<<<<<<< HEAD
|
|
defaultPref("network.proxy.autoconfig_url", "");
|
|
defaultPref("network.proxy.socks_remote_dns", true);
|
|
defaultPref("network.proxy.socks_version", 5);
|
|
=======
|
|
|
|
lockPref("plugin.default.state", 1);
|
|
lockPref("plugin.defaultXpi.state", 1);
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
|
|
// --------------------------------------
|
|
// # HTTP(S)
|
|
// --------------------------------------
|
|
|
|
lockPref("network.http.altsvc.enabled", false);
|
|
lockPref("network.http.altsvc.oe", false);
|
|
defaultPref("dom.security.https_only_mode", true);
|
|
defaultPref("dom.security.https_only_mode_pbm", true);
|
|
defaultPref("network.auth.subresource-http-auth-allow", 1);
|
|
|
|
// --------------------------------------
|
|
// # TLS
|
|
// --------------------------------------
|
|
|
|
defaultPref("security.ssl.require_safe_negotiation", true);
|
|
lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
|
lockPref("security.ssl.disable_session_identifiers", true);
|
|
lockPref("browser.ssl_override_behavior", 1);
|
|
lockPref("security.tls.enable_0rtt_data", false);
|
|
lockPref("security.tls.version.enable-deprecated", false);
|
|
lockPref("security.tls.version.fallback-limit", 3);
|
|
lockPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos
|
|
|
|
// to check
|
|
lockPref("network.stricttransportsecurity.preloadlist", false);
|
|
|
|
// --------------------------------------
|
|
// # RFP
|
|
// --------------------------------------
|
|
|
|
defaultPref("privacy.resistFingerprinting", true);
|
|
defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true);
|
|
lockPref("browser.startup.blankWindow", false); // breaks RFP windows resizing
|
|
|
|
// --------------------------------------
|
|
// # LANGUAGE AND REGION
|
|
// --------------------------------------
|
|
|
|
defaultPref("javascript.use_us_english_locale", true);
|
|
defaultPref("intl.locale.requested", "en-US");
|
|
defaultPref("privacy.spoof_english", 2);
|
|
// defaultPref("intl.regional_prefs.use_os_locales", false); // default
|
|
|
|
// -------------------------------------------------------
|
|
// # EXTENSIONS - check readme section "Extensions Firewall"
|
|
// -------------------------------------------------------
|
|
|
|
// handle default restricted domains
|
|
defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log"
|
|
lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org"
|
|
|
|
=======
|
|
// -------------------------------------------------------
|
|
// EXTENSIONS - check readme section "Extensions Firewall"
|
|
// -------------------------------------------------------
|
|
|
|
// handle default restriced domains
|
|
defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log"
|
|
lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org"
|
|
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
// disable network for the extensions
|
|
// Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>>
|
|
defaultPref("extensions.webextensions.base-content-security-policy", "script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' https://* moz-extension: blob: filesystem:;");
|
|
|
|
<<<<<<< HEAD
|
|
// set extensions scopes
|
|
lockPref("extensions.enabledScopes", 5);
|
|
lockPref("extensions.autoDisableScopes", 11);
|
|
|
|
// Relevant for addons and lang packs search
|
|
defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
|
|
defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
|
|
|
|
// other urls
|
|
defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE%
|
|
defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/
|
|
defaultPref("extensions.update.url", "");
|
|
// Default Value
|
|
// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
|
|
// %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
|
|
// %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=
|
|
// %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=
|
|
// %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%
|
|
|
|
// ui
|
|
defaultPref("extensions.getAddons.showPane", false);
|
|
lockPref("extensions.getAddons.discovery.api_url", "");
|
|
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
|
lockPref("extensions.webcompat-reporter.enabled", false);
|
|
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new
|
|
|
|
// background checking and updating
|
|
defaultPref("extensions.update.enabled", false);
|
|
defaultPref("extensions.update.autoUpdateDefault", false);
|
|
defaultPref("extensions.update.background.url", "");
|
|
defaultPref("extensions.getAddons.cache.enabled", false);
|
|
|
|
// blocklist
|
|
defaultPref("extensions.blocklist.enabled", false);
|
|
defaultPref("extensions.blocklist.detailsURL", "");
|
|
defaultPref("extensions.blocklist.itemURL", "");
|
|
|
|
// system addons
|
|
lockPref("extensions.systemAddon.update.url", "");
|
|
lockPref("extensions.systemAddon.update.enabled", false);
|
|
|
|
lockPref("xpinstall.signatures.devInfoURL", "");
|
|
lockPref("extensions.webservice.discoverURL", "");
|
|
lockPref("webextensions.storage.sync.serverURL", "");
|
|
lockPref("extensions.screenshots.upload-disabled", true);
|
|
lockPref("lightweightThemes.getMoreURL", "");
|
|
defaultPref("extensions.postDownloadThirdPartyPrompt", false);
|
|
|
|
// -------------------------------------------------------
|
|
// # NORMANDY
|
|
// -------------------------------------------------------
|
|
|
|
lockPref("app.normandy.enabled", false);
|
|
lockPref("app.normandy.api_url", "");
|
|
lockPref("app.normandy.user_id", "");
|
|
lockPref("app.normandy.shieldLearnMoreUrl", "");
|
|
|
|
// --------------------------------
|
|
// # SECURITY
|
|
// --------------------------------
|
|
|
|
// certificates
|
|
lockPref("security.cert_pinning.enforcement_level", 2);
|
|
defaultPref("security.OCSP.enabled", 0);
|
|
defaultPref("security.OCSP.require", false);
|
|
lockPref("security.ssl.enable_ocsp_stapling", true);
|
|
lockPref("security.pki.sha1_enforcement_level", 1);
|
|
|
|
// mixed content
|
|
lockPref("security.mixed_content.block_object_subrequest", true);
|
|
lockPref("security.mixed_content.block_display_content", true);
|
|
lockPref("security.mixed_content.block_active_content", true);
|
|
|
|
// ui
|
|
lockPref("security.insecure_connection_text.enabled", true);
|
|
lockPref("security.insecure_connection_text.pbmode.enabled", true);
|
|
|
|
<<<<<<< HEAD
|
|
lockPref("security.dialog_enable_delay", 700);
|
|
lockPref("security.csp.enable", true);
|
|
=======
|
|
// Remove a bunch of URLs :
|
|
lockPref("lightweightThemes.getMoreURL", "");
|
|
lockPref("media.decoder-doctor.new-issue-endpoint", "");
|
|
lockPref("identity.sync.tokenserver.uri", "");
|
|
lockPref("network.trr.confirmationNS", "");
|
|
lockPref("browser.translation.engine", ""); // default Google
|
|
lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail
|
|
lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail
|
|
lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.irc.0.name", "");
|
|
lockPref("services.sync.lastversion", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists.base", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists.content", "");
|
|
lockPref("browser.safebrowsing.provider.google.advisoryName", "");
|
|
lockPref("browser.safebrowsing.provider.google4.advisoryName", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists", "");
|
|
lockPref("identity.fxaccounts.remote.root", "");
|
|
lockPref("services.settings.server", "");
|
|
lockPref("services.blocklist.addons.signer", "");
|
|
lockPref("services.blocklist.gfx.signer", "");
|
|
lockPref("services.settings.security.onecrl.signer", "");
|
|
lockPref("services.blocklist.pinning.signer", "");
|
|
lockPref("services.blocklist.plugins.signer", "");
|
|
lockPref("accessibility.support.url", "");
|
|
lockPref("app.normandy.shieldLearnMoreUrl", "");
|
|
lockPref("app.support.baseURL", "");
|
|
lockPref("browser.chrome.errorReporter.infoURL", "");
|
|
lockPref("browser.dictionaries.download.url", "");
|
|
lockPref("browser.geolocation.warning.infoURL", "");
|
|
lockPref("browser.search.searchEnginesURL", "");
|
|
lockPref("browser.uitour.themeOrigin", "");
|
|
lockPref("extensions.getAddons.compatOverides.url", "");
|
|
lockPref("services.sync.addons.trustedSourceHostnames", "");
|
|
lockPref("toolkit.datacollection.infoURL", "");
|
|
lockPref("xpinstall.signatures.devInfoURL", "");
|
|
lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
|
|
=======
|
|
// enable Content Security Policy (CSP)
|
|
lockPref("security.csp.enable", true);
|
|
|
|
// set extensions scopes
|
|
lockPref("extensions.enabledScopes", 5);
|
|
lockPref("extensions.autoDisableScopes", 11);
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
|
|
// Relevant for addons and lang packs search
|
|
defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE%
|
|
defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
|
|
defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/
|
|
defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
|
|
defaultPref("extensions.getAddons.themes.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox
|
|
defaultPref("extensions.update.url", "");
|
|
// Default Value
|
|
// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
|
|
// %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
|
|
// %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=
|
|
// %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=
|
|
// %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%
|
|
|
|
defaultPref("extensions.update.autoUpdateDefault", false);
|
|
lockPref("xpinstall.whitelist.required", true); // default: true
|
|
lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new
|
|
lockPref("extensions.webcompat-reporter.enabled", false);
|
|
defaultPref("extensions.webextensions.background-delayed-startup", true); //default true
|
|
lockPref("xpinstall.signatures.devInfoURL", "");
|
|
lockPref("extensions.getAddons.compatOverides.url", "");
|
|
lockPref("extensions.webapi.testing", false); // hidden prefs // default false
|
|
lockPref("extensions.getAddons.discovery.api_url", "");
|
|
lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
|
lockPref("extensions.systemAddon.update.url", "");
|
|
lockPref("extensions.blocklist.detailsURL", "");
|
|
lockPref("extensions.blocklist.itemURL", "");
|
|
defaultPref("extensions.update.background.url", "");
|
|
defaultPref("extensions.getAddons.showPane", false);
|
|
lockPref("extensions.webservice.discoverURL", "");
|
|
lockPref("webextensions.storage.sync.serverURL", "");
|
|
lockPref("extensions.screenshots.upload-disabled", true);
|
|
defaultPref("extensions.ui.experiment.hidden", false);
|
|
|
|
// Likely deprecated https://phabricator.services.mozilla.com/D97092 or https://blog.mozilla.org/addons/2021/02/09/extensions-in-firefox-86/
|
|
// defaultPref("extensions.webextensions.tabhide.enabled", false); //Default true
|
|
|
|
// -------------------------------------------------------
|
|
// NORMANDY
|
|
// -------------------------------------------------------
|
|
|
|
lockPref("app.normandy.enabled", false);
|
|
lockPref("app.normandy.api_url", "");
|
|
lockPref("app.normandy.first_run", false);
|
|
lockPref("app.normandy.user_id", "");
|
|
lockPref("app.normandy.shieldLearnMoreUrl", "");
|
|
lockPref("app.normandy.dev_mode", false);
|
|
|
|
// --------------------------------
|
|
// SECURITY
|
|
// --------------------------------
|
|
|
|
// certs
|
|
lockPref("security.cert_pinning.enforcement_level", 2);
|
|
lockPref("security.OCSP.enabled", 0);
|
|
lockPref("security.OCSP.require", false);
|
|
lockPref("security.ssl.enable_ocsp_stapling", true);
|
|
|
|
// mixed content
|
|
lockPref("security.mixed_content.upgrade_display_content", true);
|
|
lockPref("security.mixed_content.block_object_subrequest", true);
|
|
lockPref("security.mixed_content.block_display_content", true);
|
|
lockPref("security.mixed_content.block_active_content", true);
|
|
|
|
// ciphers
|
|
lockPref("security.pki.sha1_enforcement_level", 1);
|
|
lockPref("security.ssl3.rsa_des_ede3_sha", false);
|
|
lockPref("security.ssl3.rsa_aes_256_sha", false);
|
|
lockPref("security.ssl3.rsa_aes_128_sha", false);
|
|
lockPref("security.ssl3.ecdh_ecdsa_rc4_128_sha", false);
|
|
lockPref("security.ssl3.ecdh_rsa_rc4_128_sha", false);
|
|
lockPref("security.ssl3.rsa_seed_sha", false);
|
|
|
|
// reduce breakage
|
|
defaultPref("security.remote_settings.intermediates.enabled", true);
|
|
|
|
<<<<<<< HEAD
|
|
// Pref :
|
|
lockPref("browser.chrome.errorReporter.submitUrl", "");
|
|
lockPref("browser.chrome.errorReporter.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("browser.ping-centre.staging.endpoint", "");
|
|
lockPref("browser.ping-centre.telemetry", false);
|
|
>>>>>>> 034d451 (reorganized tracking section + 3rd set of changes)
|
|
|
|
// -------------------------------------------------------
|
|
// # SAFE BROWSING
|
|
// -------------------------------------------------------
|
|
|
|
lockPref("browser.safebrowsing.malware.enabled", false);
|
|
lockPref("browser.safebrowsing.passwords.enabled", false);
|
|
lockPref("browser.safebrowsing.phishing.enabled", false);
|
|
|
|
// downloads and unwanted software
|
|
=======
|
|
// ui
|
|
lockPref("security.insecure_connection_icon.enabled", true);
|
|
lockPref("security.insecure_connection_icon.pbmode.enabled", true);
|
|
lockPref("security.insecure_connection_text.enabled", true);
|
|
lockPref("security.insecure_connection_text.pbmode.enabled", true);
|
|
|
|
// -------------------------------------------------------
|
|
// SAFE BROWSING
|
|
// -------------------------------------------------------
|
|
|
|
lockPref("browser.safebrowsing.malware.enabled", false);
|
|
lockPref("browser.safebrowsing.passwords.enabled", false);
|
|
lockPref("browser.safebrowsing.phishing.enabled", false);
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
lockPref("browser.safebrowsing.downloads.enabled", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.enabled", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false);
|
|
lockPref("browser.safebrowsing.downloads.remote.url", "");
|
|
<<<<<<< HEAD
|
|
|
|
// could try re-enabling some of these urls to see if it causes connections
|
|
lockPref("browser.safebrowsing.id", "");
|
|
=======
|
|
lockPref("browser.safebrowsing.id", "");
|
|
lockPref("browser.safebrowsing.allowOverride", false);
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
lockPref("browser.safebrowsing.blockedURIs.enabled", false);
|
|
lockPref("browser.safebrowsing.provider.google4.pver", "");
|
|
lockPref("browser.safebrowsing.provider.google4.advisoryName", "");
|
|
lockPref("browser.safebrowsing.provider.google4.advisoryURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
|
|
lockPref("browser.safebrowsing.provider.google4.dataSharingURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.gethashURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.lists", "");
|
|
lockPref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.reportURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.updateURL", "");
|
|
lockPref("browser.safebrowsing.provider.google4.lastupdatetime", "");
|
|
lockPref("browser.safebrowsing.provider.google4.nextupdatetime", "");
|
|
lockPref("browser.safebrowsing.provider.google.advisoryName", "");
|
|
lockPref("browser.safebrowsing.provider.google.advisoryURL", "");
|
|
lockPref("browser.safebrowsing.provider.google.gethashURL", "");
|
|
lockPref("browser.safebrowsing.provider.google.lastupdatetime", "");
|
|
lockPref("browser.safebrowsing.provider.google.lists", "");
|
|
lockPref("browser.safebrowsing.provider.google.nextupdatetime", "");
|
|
lockPref("browser.safebrowsing.provider.google.pver", "");
|
|
lockPref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", "");
|
|
lockPref("browser.safebrowsing.provider.google.reportPhishMistakeURL", "");
|
|
lockPref("browser.safebrowsing.provider.google.reportURL", "");
|
|
lockPref("browser.safebrowsing.provider.google.updateURL", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.pver", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists.base", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lists.content", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.updateURL", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.lastupdatetime", "");
|
|
lockPref("browser.safebrowsing.provider.mozilla.nextupdatetime", "");
|
|
lockPref("browser.safebrowsing.reportPhishURL", "");
|
|
|
|
// --------------------------------
|
|
<<<<<<< HEAD
|
|
// # FONTS
|
|
// --------------------------------
|
|
|
|
lockPref("gfx.font_rendering.graphite.enabled", false);
|
|
lockPref("gfx.font_rendering.opentype_svg.enabled", false);
|
|
|
|
// --------------------------------
|
|
// # MISC
|
|
// --------------------------------
|
|
|
|
// keep track of, should be useless as mozilla removed flash from source code
|
|
lockPref("dom.ipc.plugins.reportCrashURL", false);
|
|
lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
|
|
lockPref("plugin.state.flash", 0);
|
|
|
|
// more important stuff
|
|
lockPref("browser.shell.shortcutFavicons", false);
|
|
defaultPref("alerts.showFavicons", false);
|
|
defaultPref("browser.link.open_newwindow", 3);
|
|
defaultPref("browser.link.open_newwindow.restriction", 0);
|
|
lockPref("network.file.disable_unc_paths", true); // (hidden pref)
|
|
lockPref("network.gio.supported-protocols", ""); // (hidden pref)
|
|
lockPref("plugin.default.state", 1);
|
|
lockPref("network.IDN_show_punycode", true);
|
|
defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP
|
|
|
|
// pocket, to check if we can remove
|
|
lockPref("extensions.pocket.enabled", false);
|
|
lockPref("extensions.pocket.site", "");
|
|
lockPref("extensions.pocket.oAuthConsumerKey", "");
|
|
lockPref("extensions.pocket.api", "");
|
|
|
|
// pdf reader
|
|
defaultPref("pdfjs.disabled", false);
|
|
defaultPref("pdfjs.enableScripting", false);
|
|
defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
|
|
defaultPref("pdfjs.enabledCache.state", false);
|
|
|
|
// remote agent
|
|
lockPref("remote.enabled", false);
|
|
|
|
// settings and behavior
|
|
lockPref("browser.shell.checkDefaultBrowser", false);
|
|
lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
|
|
defaultPref("startup.homepage_override_url", "about:blank");
|
|
defaultPref("startup.homepage_welcome_url", "about:blank");
|
|
defaultPref("startup.homepage_welcome_url.additional", "");
|
|
lockPref("browser.startup.homepage_override.mstone", "ignore");
|
|
defaultPref("privacy.userContext.enabled", true);
|
|
defaultPref("general.autoScroll", false);
|
|
defaultPref("clipboard.autocopy", false);
|
|
defaultPref("browser.tabs.loadBookmarksInTabs", true);
|
|
lockPref("browser.download.manager.addToRecentDocs", false);
|
|
lockPref("accessibility.force_disabled", 1);
|
|
lockPref("browser.uitour.enabled", false);
|
|
lockPref("middlemouse.contentLoadURL", false);
|
|
defaultPref("accessibility.typeaheadfind", false);
|
|
lockPref("network.manage-offline-status", false);
|
|
lockPref("browser.helperApps.deleteTempFileOnExit", true);
|
|
lockPref("browser.pagethumbnails.capturing_disabled", true);
|
|
lockPref("browser.bookmarks.max_backups", 2);
|
|
defaultPref("reader.parse-on-load.enabled", false);
|
|
|
|
// devtools
|
|
defaultPref("devtools.debugger.remote-enabled", false);
|
|
defaultPref("devtools.chrome.enabled", false);
|
|
lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com
|
|
lockPref("devtools.devices.url", "");
|
|
lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+]
|
|
lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+]
|
|
defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80
|
|
|
|
// ui
|
|
defaultPref("browser.tabs.drawInTitlebar", true);
|
|
defaultPref("browser.aboutConfig.showWarning", false);
|
|
defaultPref("general.warnOnAboutConfig", false);
|
|
defaultPref("browser.download.autohideButton", false);
|
|
defaultPref("privacy.userContext.ui.enabled", true);
|
|
lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
|
|
|
|
// urls and handlers
|
|
lockPref("media.decoder-doctor.new-issue-endpoint", "");
|
|
lockPref("identity.sync.tokenserver.uri", "");
|
|
lockPref("network.trr.confirmationNS", "");
|
|
lockPref("browser.translation.engine", ""); // default Google
|
|
lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail
|
|
lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail
|
|
lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.irc.0.name", "");
|
|
lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.ircs.0.name", "");
|
|
lockPref("services.settings.server", "");
|
|
lockPref("accessibility.support.url", "");
|
|
lockPref("app.support.baseURL", "");
|
|
lockPref("browser.uitour.url", "");
|
|
lockPref("webchannel.allowObject.urlWhitelist", "");
|
|
lockPref("browser.dictionaries.download.url", "");
|
|
lockPref("browser.geolocation.warning.infoURL", "");
|
|
lockPref("browser.search.searchEnginesURL", "");
|
|
lockPref("browser.uitour.themeOrigin", "");
|
|
lockPref("toolkit.datacollection.infoURL", "");
|
|
lockPref("identity.mobilepromo.android", "");
|
|
lockPref("identity.mobilepromo.ios", "");
|
|
defaultPref("identity.sendtabpromo.url", "");
|
|
lockPref("datareporting.healthreport.infoURL", "");
|
|
lockPref("app.feedback.baseURL", "");
|
|
lockPref("app.releaseNotesURL", "");
|
|
lockPref("app.releaseNotesURL.aboutDialog", "");
|
|
lockPref("browser.chrome.errorReporter.infoURL", "");
|
|
lockPref("datareporting.policy.firstRunURL", "");
|
|
lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", "");
|
|
|
|
// --------------------------------
|
|
// # CACHE
|
|
// --------------------------------
|
|
|
|
lockPref("browser.cache.offline.storage.enable", false);
|
|
lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
|
|
defaultPref("media.memory_cache_max_size", 65536);
|
|
|
|
// --------------------------------
|
|
// # WEBGL AND PERFORMANCE
|
|
// --------------------------------
|
|
|
|
lockPref("webgl.enable-webgl2", false);
|
|
lockPref("webgl.disable-fail-if-major-performance-caveat", true);
|
|
|
|
// --------------------------------
|
|
// # JS
|
|
// --------------------------------
|
|
|
|
// should we consider disabling WebAssembly ?
|
|
// lockPref("javascript.options.wasm", false);
|
|
|
|
// left as it is worth considering
|
|
// lockPref("javascript.options.asmjs", false);
|
|
|
|
lockPref("javascript.options.shared_memory", false);
|
|
|
|
// --------------------------------
|
|
// # GEO
|
|
// --------------------------------
|
|
|
|
=======
|
|
// MISC
|
|
// --------------------------------
|
|
|
|
lockPref("app.update.auto", false);
|
|
lockPref("app.update.staging.enabled", false);
|
|
lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0);
|
|
lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser");
|
|
lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser");
|
|
defaultPref("browser.tabs.drawInTitlebar", true);
|
|
lockPref("browser.shell.checkDefaultBrowser", false);
|
|
lockPref("browser.shell.shortcutFavicons", false);
|
|
defaultPref("alerts.showFavicons", false); // default: false
|
|
defaultPref("startup.homepage_override_url", "about:blank");
|
|
defaultPref("startup.homepage_welcome_url", "about:blank");
|
|
defaultPref("startup.homepage_welcome_url.additional", "");
|
|
lockPref("browser.startup.blankWindow", false);
|
|
defaultPref("privacy.userContext.ui.enabled", true);
|
|
defaultPref("privacy.userContext.enabled", true);
|
|
defaultPref("browser.aboutConfig.showWarning", false);
|
|
defaultPref("browser.download.autohideButton", false);
|
|
defaultPref("browser.ctrlTab.recentlyUsedOrder", false);
|
|
defaultPref("browser.link.open_newwindow", 3);
|
|
defaultPref("browser.link.open_newwindow.restriction", 0);
|
|
defaultPref("layout.spellcheckDefault", 2);
|
|
defaultPref("general.autoScroll", false);
|
|
defaultPref("clipboard.autocopy", false);
|
|
defaultPref("pdfjs.disabled", false);
|
|
defaultPref("pdfjs.enableScripting", false);
|
|
defaultPref("pdfjs.enableWebGL", false);
|
|
defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
|
|
defaultPref("pdfjs.enabledCache.state", false);
|
|
defaultPref("browser.tabs.loadBookmarksInTabs", true);
|
|
defaultPref("devtools.debugger.remote-enabled", false);
|
|
defaultPref("devtools.chrome.enabled", false);
|
|
lockPref("toolkit.coverage.endpoint.base", "");
|
|
lockPref("toolkit.coverage.opt-out", true);
|
|
lockPref("toolkit.coverage.enabled", false);
|
|
lockPref("webchannel.allowObject.urlWhitelist", "");
|
|
lockPref("browser.download.manager.addToRecentDocs", false);
|
|
lockPref("network.http.redirection-limit", 10);
|
|
lockPref("security.data_uri.block_toplevel_data_uri_navigations", true);
|
|
lockPref("services.blocklist.onecrl.collection", ""); // could it be replaced by services.settings.security.onecrl.collection ?
|
|
lockPref("services.blocklist.addons.collection", "");
|
|
lockPref("services.blocklist.plugins.collection", "");
|
|
lockPref("services.blocklist.gfx.collection", "");
|
|
lockPref("network.file.disable_unc_paths", true); // (hidden pref)
|
|
lockPref("network.gio.supported-protocols", ""); // (hidden pref)
|
|
lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false);
|
|
lockPref("font.blacklist.underline_offset", "");
|
|
lockPref("gfx.font_rendering.graphite.enabled", false);
|
|
lockPref("plugin.default.state", 1);
|
|
lockPref("plugin.defaultXpi.state", 1);
|
|
lockPref("canvas.capturestream.enabled", false);
|
|
lockPref("gfx.offscreencanvas.enabled", false); // default: false
|
|
lockPref("accessibility.force_disabled", 1);
|
|
lockPref("browser.uitour.enabled", false);
|
|
lockPref("browser.uitour.url", "");
|
|
lockPref("middlemouse.contentLoadURL", false);
|
|
lockPref("permissions.manager.defaultsUrl", "");
|
|
lockPref("lightweightThemes.getMoreURL", "");
|
|
lockPref("media.decoder-doctor.new-issue-endpoint", "");
|
|
lockPref("identity.sync.tokenserver.uri", "");
|
|
lockPref("network.trr.confirmationNS", "");
|
|
lockPref("browser.translation.engine", ""); // default Google
|
|
lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail
|
|
lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail
|
|
lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", "");
|
|
lockPref("gecko.handlerService.schemes.irc.0.name", "");
|
|
lockPref("identity.fxaccounts.remote.root", "");
|
|
lockPref("services.settings.server", "");
|
|
lockPref("services.blocklist.addons.signer", "");
|
|
lockPref("services.blocklist.gfx.signer", "");
|
|
lockPref("services.settings.security.onecrl.signer", "");
|
|
lockPref("services.blocklist.pinning.signer", "");
|
|
lockPref("services.blocklist.plugins.signer", "");
|
|
lockPref("accessibility.support.url", "");
|
|
lockPref("app.support.baseURL", "");
|
|
lockPref("browser.chrome.errorReporter.infoURL", "");
|
|
lockPref("browser.dictionaries.download.url", "");
|
|
lockPref("browser.geolocation.warning.infoURL", "");
|
|
lockPref("browser.search.searchEnginesURL", "");
|
|
lockPref("browser.uitour.themeOrigin", "");
|
|
lockPref("toolkit.datacollection.infoURL", "");
|
|
lockPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com
|
|
lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
|
|
defaultPref("accessibility.typeaheadfind", false);
|
|
lockPref("browser.bookmarks.restore_default_bookmarks", false);
|
|
lockPref("identity.mobilepromo.android", "");
|
|
lockPref("identity.mobilepromo.ios", "");
|
|
defaultPref("identity.sendtabpromo.url", "");
|
|
lockPref("datareporting.healthreport.infoURL", "");
|
|
lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
|
|
lockPref("app.feedback.baseURL", "");
|
|
lockPref("app.releaseNotesURL", "");
|
|
lockPref("app.releaseNotesURL.aboutDialog", "");
|
|
lockPref("browser.chrome.errorReporter.infoURL", false);
|
|
lockPref("browser.ping-centre.log", "");
|
|
lockPref("browser.ping-centre.telemetry", false);
|
|
lockPref("captivedetect.canonicalURL", "");
|
|
lockPref("datareporting.policy.firstRunURL", "");
|
|
lockPref("devtools.devices.url", "");
|
|
lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", "");
|
|
lockPref("identity.fxaccounts.auth.uri", "");
|
|
lockPref("identity.fxaccounts.commands.enabled", false);
|
|
lockPref("identity.fxaccounts.remote.oauth.uri", "");
|
|
lockPref("identity.fxaccounts.remote.profile.uri", "");
|
|
lockPref("identity.fxaccounts.service.monitorLoginUrl", "");
|
|
lockPref("remote.enabled", false);
|
|
lockPref("remote.force-local", true);
|
|
lockPref("remote.log.level", "Info");
|
|
defaultPref("browser.tabs.closeTabByDblclick", true);
|
|
lockPref("network.IDN_show_punycode", true);
|
|
lockPref("media.webspeech.recognition.enable", false);
|
|
|
|
// --------------------------------
|
|
// CACHE
|
|
// --------------------------------
|
|
|
|
lockPref("browser.cache.offline.storage.enable", false);
|
|
lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
|
|
lockPref("media.memory_cache_max_size", 16384);
|
|
|
|
// apparently increases fingerprinting and redundant with browser.cache.offline.storage.enable
|
|
// should be checked
|
|
// lockPref("browser.cache.offline.enable", false);
|
|
|
|
// --------------------------------
|
|
// SYNC
|
|
// --------------------------------
|
|
|
|
lockPref("services.sync.addons.trustedSourceHostnames", "");
|
|
lockPref("services.sync.lastversion", "");
|
|
lockPref("services.sync.maxResyncs", 0); // 1
|
|
lockPref("services.sync.telemetry.maxPayloadCount", 0); //500
|
|
lockPref("services.sync.addons.ignoreUserEnabledChanges", true); //false
|
|
lockPref("services.sync.engine.addons", false); //true
|
|
lockPref("services.sync.engine.addresses", false); //false
|
|
lockPref("services.sync.engine.addresses.available", false);
|
|
lockPref("services.sync.engine.bookmarks", false); //true
|
|
lockPref("services.sync.engine.creditcards", false); //false
|
|
lockPref("services.sync.engine.creditcards.available", false); //false
|
|
lockPref("services.sync.engine.history", false); //true
|
|
lockPref("services.sync.engine.passwords", false); //true
|
|
lockPref("services.sync.engine.prefs", false); //true
|
|
lockPref("services.sync.engine.tabs", false); //true
|
|
lockPref("services.sync.log.appender.file.logOnError", false); //true
|
|
lockPref("services.sync.log.appender.file.logOnSuccess", false); //false
|
|
lockPref("services.sync.log.cryptoDebug", false); //false
|
|
lockPref("services.sync.sendVersionInfo", false); //true
|
|
lockPref("services.sync.syncedTabs.showRemoteIcons", true); //true
|
|
lockPref("services.sync.prefs.sync.services.sync.syncedTabs.showRemoteIcons", false); //true
|
|
lockPref("services.sync.prefs.sync.accessibility.blockautorefresh", false); //true
|
|
lockPref("services.sync.prefs.sync.accessibility.browsewithcaret", false); //true
|
|
lockPref("services.sync.prefs.sync.accessibility.typeaheadfind", false); //true
|
|
lockPref("services.sync.prefs.sync.accessibility.typeaheadfind.linksonly", false); //true
|
|
lockPref("services.sync.prefs.sync.addons.ignoreUserEnabledChanges", true); //true
|
|
lockPref("services.sync.prefs.sync.browser.contentblocking.category", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.contentblocking.features.strict", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.ctrlTab.recentlyUsedOrder", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.download.useDownloadDir", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.formfill.enable", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.link.open_newwindow", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.pinned", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includePocket", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includeVisited", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.rows", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.newtabpage.activity-stream.section.topstories.rows", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.offline-apps.notify", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.search.update", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.search.widget.inNavBar", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.sessionstore.warnOnQuit", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.startup.homepage", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.startup.page", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.tabs.loadInBackground", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.tabs.warnOnClose", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.tabs.warnOnOpen", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.maxRichResults", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.bookmark", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.history", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.engines", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.topsites", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.openpage", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.suggest.searches", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.resultBuckets", false); //true
|
|
lockPref("services.sync.prefs.sync.browser.urlbar.showSearchSuggestionsFirst", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.disable_open_during_load", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.disable_window_flip", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.disable_window_move_resize", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.event.contextmenu.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.security.https_only_mode", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.security.https_only_mode_ever_enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.security.https_only_mode_ever_enabled_pbm", false); //true
|
|
lockPref("services.sync.prefs.sync.dom.security.https_only_mode_pbm", false); //true
|
|
lockPref("services.sync.prefs.sync.extensions.activeThemeID", false); //true
|
|
lockPref("services.sync.prefs.sync.extensions.update.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.intl.accept_languages", false); //true
|
|
lockPref("services.sync.prefs.sync.intl.regional_prefs.use_os_locales", false); //true
|
|
lockPref("services.sync.prefs.sync.layout.spellcheckDefault", false); //true
|
|
lockPref("services.sync.prefs.sync.network.cookie.cookieBehavior", false); //true
|
|
lockPref("services.sync.prefs.sync.network.cookie.lifetimePolicy", false); //true
|
|
lockPref("services.sync.prefs.sync.network.cookie.thirdparty.sessionOnly", false); //true
|
|
lockPref("services.sync.prefs.sync.permissions.default.image", false); //true
|
|
lockPref("services.sync.prefs.sync.pref.downloads.disable_button.edit_actions", false); //true
|
|
lockPref("services.sync.prefs.sync.pref.privacy.disable_button.cookie_exceptions", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.cache", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.cookies", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.downloads", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.formdata", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.history", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.offlineApps", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.sessions", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.siteSettings", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.donottrackheader.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.fuzzyfox.clockgrainus", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.fuzzyfox.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.reduceTimerPrecision", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.resistFingerprinting", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.resistFingerprinting.reduceTimerPrecision.jitter", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.resistFingerprinting.reduceTimerPrecision.microseconds", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.sanitize.sanitizeOnShutdown", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.trackingprotection.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.trackingprotection.pbmode.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.trackingprotection.cryptomining.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.trackingprotection.fingerprinting.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.userContext.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.privacy.userContext.newTabContainerOnLeftClick.enabled", false); //true
|
|
lockPref("services.sync.prefs.sync.security.default_personal_cert", false); //true
|
|
lockPref("services.sync.prefs.sync.spellchecker.dictionary", false); //true
|
|
lockPref("services.sync.prefs.sync.signon.rememberSignons", false);
|
|
lockPref("services.sync.prefs.sync.signon.management.page.breach-alerts.enabled", false);
|
|
lockPref("services.sync.prefs.sync.signon.generation.enabled", false);
|
|
lockPref("services.sync.prefs.sync.signon.autofillForms", false);
|
|
lockPref("services.sync.declinedEngines", "");
|
|
lockPref("services.sync.globalScore", 0);
|
|
lockPref("services.sync.nextSync", 0);
|
|
lockPref("services.sync.prefs.sync.browser.safebrowsing.downloads.enabled", false);
|
|
lockPref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false);
|
|
lockPref("services.sync.prefs.sync.browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
|
|
lockPref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false);
|
|
lockPref("services.sync.tabs.lastSync", "0");
|
|
|
|
// --------------------------------
|
|
// WEBGL
|
|
// --------------------------------
|
|
|
|
defaultPref("webgl.force-enabled", true);
|
|
defaultPref("layers.acceleration.force-enabled", true);
|
|
lockPref("webgl.enable-webgl2", false);
|
|
lockPref("webgl.min_capability_mode", true);
|
|
lockPref("webgl.disable-fail-if-major-performance-caveat", true);
|
|
lockPref("webgl.enable-debug-renderer-info", false);
|
|
|
|
// conflicting with previous prefs?
|
|
// defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
|
|
// defaultPref("layers.acceleration.disabled", false);
|
|
|
|
// --------------------------------
|
|
// JS
|
|
// --------------------------------
|
|
|
|
// should we consider disabling WebAssembly ?
|
|
// lockPref("javascript.options.wasm", false);
|
|
|
|
// left as it is worth considering
|
|
// lockPref("javascript.options.asmjs", false);
|
|
|
|
lockPref("javascript.options.shared_memory", false);
|
|
|
|
// --------------------------------
|
|
// GEO
|
|
// --------------------------------
|
|
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
lockPref("geo.enabled", false);
|
|
lockPref("geo.provider.ms-windows-location", false); // [WINDOWS]
|
|
lockPref("geo.provider.use_corelocation", false); // [MAC]
|
|
lockPref("geo.provider.use_gpsd", false); // [LINUX]
|
|
lockPref("geo.provider.network.url", "");
|
|
lockPref("geo.provider.network.logging.enabled", false);
|
|
lockPref("browser.region.network.url", "");
|
|
lockPref("browser.region.update.enabled", false);
|
|
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
// --------------------------------
|
|
// # PREFETCHING
|
|
// --------------------------------
|
|
=======
|
|
|
|
// Pref :
|
|
lockPref("layout.css.visited_links_enabled", false);
|
|
lockPref("layout.css.always-repaint-on-unvisited", false);
|
|
lockPref("layout.css.layout.css.notify-of-unvisited", false);
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
|
|
lockPref("network.predictor.enabled", false);
|
|
lockPref("network.prefetch-next", false);
|
|
lockPref("network.http.speculative-parallel-limit", 0);
|
|
|
|
// --------------------------------
|
|
// # OUTGOING CONNECTIONS
|
|
// --------------------------------
|
|
|
|
// updates
|
|
lockPref("app.update.auto", false);
|
|
lockPref("app.update.staging.enabled", false);
|
|
lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0);
|
|
lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser");
|
|
lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser");
|
|
|
|
=======
|
|
// --------------------------------
|
|
// PREFETCHING
|
|
// --------------------------------
|
|
|
|
lockPref("network.predictor.enabled", false);
|
|
lockPref("network.predictor.enable-prefetch", false);
|
|
lockPref("network.prefetch-next", false);
|
|
lockPref("network.http.speculative-parallel-limit", 0);
|
|
|
|
// --------------------------------
|
|
// OUTGOING CONNECTIONS
|
|
// --------------------------------
|
|
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
// connectivity service
|
|
lockPref("network.connectivity-service.enabled", false);
|
|
lockPref("network.connectivity-service.IPv6.url", "http://0.0.0.0");
|
|
lockPref("network.connectivity-service.IPv4.url", "http://0.0.0.0");
|
|
lockPref("network.connectivity-service.DNSv6.domain", "");
|
|
lockPref("network.connectivity-service.DNSv4.domain", "");
|
|
|
|
<<<<<<< HEAD
|
|
<<<<<<< HEAD
|
|
// telemetry
|
|
=======
|
|
// Pref :
|
|
lockPref("plugins.crash.supportUrl", "");
|
|
|
|
// Pref :
|
|
lockPref("sync.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("sync.jpake.serverURL", "");
|
|
|
|
// Pref :
|
|
lockPref("sync.serverURL", "");
|
|
|
|
// Pref :
|
|
>>>>>>> 55c94dc (reorganized, revisited)
|
|
=======
|
|
// telemetry
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
lockPref("toolkit.crashreporter.infoURL", "");
|
|
lockPref("toolkit.telemetry.archive.enabled", false);
|
|
lockPref("toolkit.telemetry.updatePing.enabled", false);
|
|
lockPref("toolkit.telemetry.bhrPing.enabled", false);
|
|
lockPref("toolkit.telemetry.cachedClientID", "");
|
|
lockPref("toolkit.telemetry.enabled", false);
|
|
lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
|
|
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
|
|
lockPref("toolkit.telemetry.previousBuildID", "");
|
|
lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
|
|
lockPref("toolkit.telemetry.server", "data:,");
|
|
lockPref("toolkit.telemetry.server_owner", "");
|
|
lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
|
|
lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false);
|
|
lockPref("toolkit.telemetry.unified", false);
|
|
lockPref("toolkit.telemetry.ecosystemtelemetry.enabled", false);
|
|
<<<<<<< HEAD
|
|
lockPref("security.protectionspopup.recordEventTelemetry", false);
|
|
lockPref("datareporting.healthreport.uploadEnabled", false);
|
|
lockPref("datareporting.policy.dataSubmissionEnabled", false);
|
|
<<<<<<< HEAD
|
|
lockPref("toolkit.coverage.endpoint.base", "");
|
|
lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
|
|
lockPref("toolkit.coverage.opt-out", true);
|
|
lockPref("toolkit.coverage.enabled", false);
|
|
lockPref("app.shield.optoutstudies.enabled", false);
|
|
=======
|
|
|
|
// Pref : Disable right-click menu manipulation via JavaScript (disabled)
|
|
defaultPref("dom.event.contextmenu.enabled", false);
|
|
|
|
// Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
|
|
// Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in
|
|
// JS-based web applications (Google Docs etc.)
|
|
// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled
|
|
lockPref("dom.event.clipboardevents.enabled", false);
|
|
|
|
// Pref : Force Punycode for Internationalized Domain Names
|
|
// http://kb.mozillazine.org/Network.IDN_show_punycode
|
|
// https://www.xudongz.com/blog/2017/idn-phishing/
|
|
// https://wiki.mozilla.org/IDN_Display_Algorithm
|
|
// https://en.wikipedia.org/wiki/IDN_homograph_attack
|
|
// https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
|
|
// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.6
|
|
lockPref("network.IDN_show_punycode", true);
|
|
|
|
// Pref : Disable Pocket
|
|
// https://support.mozilla.org/en-US/kb/save-web-pages-later-pocket-firefox
|
|
// https://github.com/pyllyukko/user.js/issues/143
|
|
=======
|
|
lockPref("security.protectionspopup.recordEventTelemetry", false)
|
|
|
|
// pocket
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
lockPref("extensions.pocket.enabled", false);
|
|
lockPref("extensions.pocket.site", "");
|
|
lockPref("extensions.pocket.oAuthConsumerKey", "");
|
|
lockPref("extensions.pocket.api", "");
|
|
|
|
lockPref("browser.discovery.enabled", false);
|
|
lockPref("browser.discovery.containers.enabled", false);
|
|
lockPref("browser.discovery.sites", "");
|
|
lockPref("breakpad.reportURL", "");
|
|
lockPref("datareporting.healthreport.uploadEnabled", false);
|
|
lockPref("datareporting.policy.dataSubmissionEnabled", false);
|
|
lockPref("browser.send_pings", false);
|
|
lockPref("browser.send_pings.require_same_host", true);
|
|
<<<<<<< HEAD
|
|
|
|
// Pref : Do not download URLs for the offline cache
|
|
// http://kb.mozillazine.org/Browser.cache.offline.enable
|
|
lockPref("browser.cache.offline.enable", false);
|
|
|
|
/* 1007: disable media cache from writing to disk in Private Browsing
|
|
* [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB */
|
|
lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
|
|
lockPref("media.memory_cache_max_size", 16384);
|
|
|
|
// Pref : Disable prefetching of <link rel="next"> URLs
|
|
// http://kb.mozillazine.org/Network.prefetch-next
|
|
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F
|
|
// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited,
|
|
// so the browser downloads them immediately so they can be displayed immediately when the user requests it.
|
|
lockPref("network.prefetch-next", false);
|
|
|
|
// Pref : Disable speculative pre-connections
|
|
// Disable prefetch link on hover.
|
|
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=814169
|
|
lockPref("network.http.speculative-parallel-limit", 0);
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
// Section : General Settings 3/3
|
|
// Bench Diff : -40/5000
|
|
// >>>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Pref : Disable DOM timing API
|
|
// https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI
|
|
// https://www.w3.org/TR/navigation-timing/#privacy
|
|
lockPref("dom.enable_performance", false); //Deprecated Active
|
|
lockPref("dom.enable_performance_navigation_timing", false);
|
|
|
|
// Pref : Make sure the User Timing API does not provide a new high resolution timestamp
|
|
// https://trac.torproject.org/projects/tor/ticket/16336
|
|
// https://www.w3.org/TR/2013/REC-user-timing-20131212/#privacy-security
|
|
lockPref("dom.enable_user_timing", false);
|
|
|
|
// Pref : Disable Web Audio API
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1288359
|
|
// Avoid fingerprinting
|
|
defaultPref("dom.webaudio.enabled", false);
|
|
|
|
// Pref : When geolocation is enabled, don't log geolocation requests to the console
|
|
lockPref("geo.wifi.logging.enabled", false);
|
|
|
|
// Pref : Disable "beacon" asynchronous HTTP transfers (used for analytics)
|
|
// https://developer.mozilla.org/en-US/docs/Web/API/navigator.sendBeacon
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
=======
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
lockPref("beacon.enabled", false);
|
|
lockPref("browser.ping-centre.telemetry", false);
|
|
|
|
<<<<<<< HEAD
|
|
// discovery
|
|
lockPref("browser.discovery.enabled", false);
|
|
lockPref("browser.discovery.containers.enabled", false);
|
|
lockPref("browser.discovery.sites", "");
|
|
=======
|
|
|
|
|
|
|
|
// Pref : Don't monitor OS online/offline connection state
|
|
// https://trac.torproject.org/projects/tor/ticket/18945
|
|
lockPref("network.manage-offline-status", false);
|
|
|
|
// Pref : Set File URI Origin Policy
|
|
// http://kb.mozillazine.org/Security.fileuri.strict_origin_policy
|
|
// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.8
|
|
lockPref("security.fileuri.strict_origin_policy", true);
|
|
|
|
// Pref : Disable SVG in OpenType fonts
|
|
// https://wiki.mozilla.org/SVGOpenTypeFonts
|
|
// https://github.com/iSECPartners/publications/tree/master/reports/Tor%20Browser%20Bundle
|
|
lockPref("gfx.font_rendering.opentype_svg.enabled", false);
|
|
|
|
// Pref : Enable only whitelisted URL protocol handlers
|
|
// Disabling non-essential protocols breaks all interaction with custom protocols such
|
|
// as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/...
|
|
// clients when clicking on links with these protocols
|
|
lockPref("network.protocol-handler.warn-external-default",true);
|
|
lockPref("network.protocol-handler.external.http",false);
|
|
lockPref("network.protocol-handler.external.https",false);
|
|
lockPref("network.protocol-handler.external.javascript",false);
|
|
lockPref("network.protocol-handler.external.moz-extension",false);
|
|
lockPref("network.protocol-handler.external.ftp",false);
|
|
lockPref("network.protocol-handler.external.file",false);
|
|
lockPref("network.protocol-handler.external.about",false);
|
|
lockPref("network.protocol-handler.external.chrome",false);
|
|
lockPref("network.protocol-handler.external.blob",false);
|
|
lockPref("network.protocol-handler.external.data",false);
|
|
lockPref("network.protocol-handler.expose-all",false);
|
|
lockPref("network.protocol-handler.expose.http",true);
|
|
lockPref("network.protocol-handler.expose.https",true);
|
|
lockPref("network.protocol-handler.expose.javascript",true);
|
|
lockPref("network.protocol-handler.expose.moz-extension",true);
|
|
lockPref("network.protocol-handler.expose.ftp",true);
|
|
lockPref("network.protocol-handler.expose.file",true);
|
|
lockPref("network.protocol-handler.expose.about",true);
|
|
lockPref("network.protocol-handler.expose.chrome",true);
|
|
lockPref("network.protocol-handler.expose.blob",true);
|
|
lockPref("network.protocol-handler.expose.data",true);
|
|
|
|
// Pref : Ensure there is a security delay when installing add-ons (milliseconds)
|
|
// http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
|
|
// http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
|
|
lockPref("security.dialog_enable_delay", 700);
|
|
|
|
// Pref : Opt-out of add-on metadata updates
|
|
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
|
|
defaultPref("extensions.getAddons.cache.enabled", false);
|
|
|
|
// Pref : Opt-out of theme (Persona) updates
|
|
// https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287
|
|
lockPref("lightweightThemes.update.enabled", false);
|
|
lockPref("lightweightThemes.persisted.headerURL", false);
|
|
lockPref("lightweightThemes.persisted.footerURL", false);
|
|
|
|
// Pref : Disable Flash Player NPAPI plugin
|
|
// http://kb.mozillazine.org/Flash_plugin
|
|
lockPref("plugin.state.flash", 0);
|
|
|
|
// Pref : Disable sending Flash Player crash reports
|
|
lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
|
|
|
|
// Pref : When Flash Player crash reports are enabled, don't send the visited URL in the crash report
|
|
lockPref("dom.ipc.plugins.reportCrashURL", false);
|
|
|
|
// Pref : Disable Shumway (Mozilla Flash renderer)
|
|
// https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Shumway
|
|
lockPref("shumway.disabled", true);
|
|
|
|
// Pref : Disable Gnome Shell Integration NPAPI plugin
|
|
lockPref("plugin.state.libgnome-shell-browser-plugin", 0);
|
|
|
|
// Pref : Enable click-to-play plugin
|
|
// https://wiki.mozilla.org/Firefox/Click_To_Play
|
|
// https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/
|
|
lockPref("plugins.click_to_play", true);
|
|
lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0);
|
|
|
|
// Pref : Update addons automatically
|
|
// https://blog.mozilla.org/addons/how-to-turn-off-add-on-updates/
|
|
defaultPref("extensions.update.enabled", false);
|
|
|
|
// Pref : Enable add-on and certificate blocklists (OneCRL) from Mozilla
|
|
// Updated at interval defined in extensions.blocklist.interval (default: 86400)
|
|
lockPref("extensions.blocklist.enabled", false);
|
|
|
|
// Pref : Disable system add-on updates (hidden & always-enabled add-ons from Mozilla)
|
|
lockPref("extensions.systemAddon.update.enabled", false);
|
|
|
|
// Pref : Disable WebIDE Web Debug
|
|
// https://trac.torproject.org/projects/tor/ticket/16222
|
|
// https://developer.mozilla.org/docs/Tools/WebIDE
|
|
lockPref("devtools.webide.enabled", false);
|
|
lockPref("devtools.webide.autoinstallADBExtension", false); // [FF64+]
|
|
lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+]
|
|
lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+]
|
|
|
|
// Pref : Disable remote debugging
|
|
// https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop
|
|
// https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings
|
|
lockPref("devtools.debugger.force-local", true);
|
|
|
|
// Pref : Disallow Necko to do A/B testing
|
|
// https://trac.torproject.org/projects/tor/ticket/13170
|
|
lockPref("network.allow-experiments", false);
|
|
>>>>>>> 653a6ed (knocked out some more prefs)
|
|
|
|
// crash report
|
|
lockPref("breakpad.reportURL", "");
|
|
lockPref("browser.tabs.crashReporting.sendReport", false);
|
|
lockPref("browser.crashReports.unsubmittedCheck.enabled", false);
|
|
lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
|
|
|
|
// captive portal
|
|
lockPref("network.captive-portal-service.enabled", false);
|
|
lockPref("captivedetect.canonicalURL", "");
|
|
|
|
<<<<<<< HEAD
|
|
// --------------------------------
|
|
// # WINDOWS
|
|
// --------------------------------
|
|
=======
|
|
lockPref("network.netlink.route.check.IPv4", "127.0.0.1");
|
|
lockPref("network.netlink.route.check.IPv6", "::1");
|
|
|
|
// Pref : Disallow NTLMv1
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=828183
|
|
lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false);
|
|
// it is still allowed through HTTPS.
|
|
lockPref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false);
|
|
|
|
// Pref : Disable formless login capture
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1166947
|
|
lockPref("signon.formlessCapture.enabled", false);
|
|
|
|
// Pref : Delete temporary files on exit
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=238789
|
|
lockPref("browser.helperApps.deleteTempFileOnExit", true);
|
|
|
|
// Pref : Do not create screenshots of visited pages (relates to the "new tab page" feature)
|
|
// https://support.mozilla.org/en-US/questions/973320
|
|
// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/browser.pagethumbnails.capturing_disabled
|
|
lockPref("browser.pagethumbnails.capturing_disabled", true);
|
|
|
|
// - Disabled - Section ON ------------------------------------------------------------------
|
|
|
|
// Pref : Tor settings
|
|
// This browser is not meant for tor
|
|
// Enabling those settings for user torifying their whole connection
|
|
defaultPref("network.dns.blockDotOnion", true);
|
|
lockPref("network.http.referer.hideOnionSource", true);
|
|
|
|
// Pref : 1603 : CROSS ORIGIN: control when to send a referer
|
|
// 0=always (default), 1=only if base domains match, 2=only if hosts match
|
|
// Can break some important site... (payment... )
|
|
lockPref("network.http.referer.XOriginPolicy", 1);
|
|
|
|
// Pref : Only allow TLS 1.[0-3]
|
|
lockPref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3
|
|
|
|
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
|
|
// Section : Disabled - Deprecated Active
|
|
// Deprecated settings but left active for various reasons
|
|
// Bench Diff : +0/5000
|
|
// >>>>>>>>>>>>>>>>>>>>
|
|
|
|
// Pref : 0516 : disable Onboarding (FF55+)
|
|
// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time
|
|
// about:home or about:newtab is opened, the onboarding overlay is injected into it
|
|
// [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3]
|
|
// [1] https://wiki.mozilla.org/Firefox/Onboarding
|
|
// [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf
|
|
// [3] https://bugzilla.mozilla.org/863246#c154
|
|
lockPref("browser.onboarding.enabled", false); // Removed in v64 //Deprecated Active
|
|
|
|
// Pref : Disable WebIDE Web Debug Extension
|
|
// https://trac.torproject.org/projects/tor/ticket/16222
|
|
// https://developer.mozilla.org/docs/Tools/WebIDE
|
|
lockPref("devtools.webide.autoinstallADBHelper", false);
|
|
// Replaced by "devtools.webide.autoinstallADBExtension" in 64
|
|
|
|
// Pref : Disable raw TCP socket support (mozTCPSocket)
|
|
// https://trac.torproject.org/projects/tor/ticket/18863
|
|
// https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
|
|
// https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket
|
|
// is only exposed to chrome ( https://trac.torproject.org/projects/tor/ticket/27268#comment:2 )
|
|
// Not important
|
|
lockPref("dom.mozTCPSocket.enabled", false);
|
|
|
|
// Pref : Enforce checking for Firefox updates
|
|
lockPref("app.update.enabled", false);
|
|
|
|
// Pref : Disable bookmark backups (default: 15)
|
|
// http://kb.mozillazine.org/Browser.bookmarks.max_backups
|
|
lockPref("browser.bookmarks.max_backups", 2);
|
|
|
|
// Pref : Disable SSDP
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1111967
|
|
lockPref("browser.casting.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("browser.newtabpage.activity-stream.enabled", false);
|
|
lockPref("browser.newtabpage.directory.ping", "data:text/plain,");
|
|
lockPref("browser.newtabpage.directory.source", "data:text/plain,");
|
|
lockPref("browser.newtabpage.enhanced", false);
|
|
|
|
// Pref :
|
|
lockPref("browser.pocket.enabled", false);
|
|
|
|
// Pref : Disable Heartbeat (Mozilla user rating telemetry)
|
|
// https://wiki.mozilla.org/Advocacy/heartbeat
|
|
// https://trac.torproject.org/projects/tor/ticket/19047
|
|
lockPref("browser.selfsupport.url", "");
|
|
|
|
// Pref : Don't reveal build ID
|
|
// Value taken from Tor Browser
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=583181
|
|
// Already enforced with 'privacy.resistFingerprinting' ?
|
|
lockPref("browser.startup.homepage_override.mstone", "ignore");
|
|
|
|
// Pref : Disable face detection
|
|
lockPref("camera.control.face_detection.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("datareporting.healthreport.about.reportUrl", "data:,");
|
|
lockPref("datareporting.healthreport.service.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("device.sensors.enabled", false);
|
|
|
|
// Pref : Disable WebIDE Web Debug
|
|
// https://trac.torproject.org/projects/tor/ticket/16222
|
|
// https://developer.mozilla.org/docs/Tools/WebIDE
|
|
lockPref("devtools.webide.autoinstallFxdtAdapters", false);
|
|
lockPref("devtools.webide.adaptersAddonURL", "");
|
|
|
|
// Pref : Disable resource timing API
|
|
// https://www.w3.org/TR/resource-timing/#privacy-security
|
|
lockPref("dom.enable_resource_timing", false);
|
|
|
|
// Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface)
|
|
// https://wiki.mozilla.org/FlyWeb
|
|
// https://wiki.mozilla.org/FlyWeb/Security_scenarios
|
|
// https://docs.google.com/document/d/1eqLb6cGjDL9XooSYEEo7mE-zKQ-o-AuDTcEyNhfBMBM/edit
|
|
// http://www.ghacks.net/2016/07/26/firefox-flyweb
|
|
lockPref("dom.flyweb.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("dom.gamepad.enabled", false);
|
|
|
|
// Pref : Disable leaking network/browser connection information via Javascript
|
|
// Network Information API provides general information about the system's connection type (WiFi, cellular, etc.)
|
|
// https://developer.mozilla.org/en-US/docs/Web/API/Network_Information_API
|
|
// https://wicg.github.io/netinfo/#privacy-considerations
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=960426
|
|
lockPref("dom.netinfo.enabled", false);
|
|
|
|
// Pref : 2306: disable push notifications (FF44+)
|
|
// web apps can receive messages pushed to them from a server, whether or
|
|
// not the web app is in the foreground, or even currently loaded
|
|
// [1] https://developer.mozilla.org/docs/Web/API/Push_API
|
|
lockPref("dom.push.udp.wakeupEnabled", false); //UDP Wake-up
|
|
|
|
// Pref : Disable telephony API
|
|
// https://wiki.mozilla.org/WebAPI/Security/WebTelephony
|
|
lockPref("dom.telephony.enabled", false);
|
|
|
|
// Pref : Disable SHIELD
|
|
// https://support.mozilla.org/en-US/kb/shield
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801
|
|
lockPref("extensions.shield-recipe-client.enabled", false);
|
|
|
|
// Pref : Disable Firefox Hello metrics collection
|
|
// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion
|
|
lockPref("loop.logDomains", false);
|
|
|
|
// Pref : Disable video stats to reduce fingerprinting threat
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=654550
|
|
// https://github.com/pyllyukko/user.js/issues/9#issuecomment-100468785
|
|
// https://github.com/pyllyukko/user.js/issues/9#issuecomment-148922065
|
|
lockPref("media.video_stats.enabled", false);
|
|
|
|
// Pref : WebSockets is a technology that makes it possible to open an interactive communication
|
|
// session between the user's browser and a server. (May leak IP when using proxy/VPN)
|
|
lockPref("network.websocket.enabled", false);
|
|
|
|
// Pref : Disable Reader
|
|
// Not deprecated but useful to be located here
|
|
lockPref("reader.parse-on-load.enabled", false);
|
|
|
|
// CIS 2.7.4 Disable Scripting of Plugins by JavaScript
|
|
// http://forums.mozillazine.org/viewtopic.php?f=7&t=153889
|
|
lockPref("security.xpconnect.plugin.unrestricted", false);
|
|
|
|
// Pref :
|
|
lockPref("social.directories", "");
|
|
|
|
// Pref :
|
|
lockPref("social.remote-install.enabled", false);
|
|
|
|
// Pref :
|
|
lockPref("social.whitelist", "");
|
|
|
|
// Pref : Disable RC4
|
|
// https://developer.mozilla.org/en-US/Firefox/Releases/38#Security
|
|
// https://bugzilla.mozilla.org/show_bug.cgi?id=1138882
|
|
// https://rc4.io/
|
|
// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566
|
|
lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
|
|
lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
|
|
lockPref("security.ssl3.rsa_rc4_128_md5", false);
|
|
lockPref("security.ssl3.rsa_rc4_128_sha", false);
|
|
lockPref("security.tls.unrestricted_rc4_fallback", false);
|
|
|
|
|
|
|
|
defaultPref("xpinstall.signatures.required", true);
|
|
|
|
// https://www.ghacks.net/2019/05/24/firefox-69-userchrome-css-and-usercontent-css-disabled-by-default/
|
|
// might increase startup time, so keep it disabled, but modifiable by default
|
|
defaultPref("toolkit.legacyUserProfileCustomizations.stylesheets", false);
|
|
|
|
// to be set for the console to work, see https://gitlab.com/librewolf-community/browser/linux/-/issues/80:
|
|
defaultPref("devtools.selfxss.count", 0);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// --------------------------------
|
|
// TESTING
|
|
// --------------------------------
|
|
|
|
// Pref :
|
|
//lockPref("urlclassifier.phishTable", "");
|
|
// Default Value
|
|
// goog-phish-proto,test-phish-simple
|
|
|
|
// Pref :
|
|
//lockPref("urlclassifier.passwordAllowTable", "");
|
|
// Default Value
|
|
// goog-passwordwhite-proto
|
|
|
|
// Pref :
|
|
//lockPref("urlclassifier.downloadAllowTable", "");
|
|
// Default Value
|
|
// goog-downloadwhite-proto
|
|
|
|
// Pref :
|
|
//lockPref("urlclassifier.downloadBlockTable", "");
|
|
// Default Value
|
|
// goog-badbinurl-proto
|
|
|
|
// Pref : Test To Make FFox Silent
|
|
//lockPref("security.content.signature.root_hash", "");
|
|
// Default Value
|
|
// 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E
|
|
|
|
// --------------------------------
|
|
// WINDOWS
|
|
// --------------------------------
|
|
|
|
// Pref : Other webGl [WINDOWS]
|
|
lockPref("webgl.dxgl.enabled", false);
|
|
|
|
// Pref : disable scanning for plugins [WINDOWS]
|
|
lockPref("plugin.scan.plid.all", false);
|
|
|
|
// Pref : disable Windows jumplist [WINDOWS]
|
|
lockPref("browser.taskbar.lists.enabled", false);
|
|
lockPref("browser.taskbar.lists.frequent.enabled", false);
|
|
lockPref("browser.taskbar.lists.recent.enabled", false);
|
|
lockPref("browser.taskbar.lists.tasks.enabled", false);
|
|
|
|
// Pref : disable Windows taskbar preview [WINDOWS]
|
|
lockPref("browser.taskbar.previews.enable", false);
|
|
|
|
// Pref : disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS]
|
|
// [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/
|
|
lockPref("network.protocol-handler.external.ms-windows-store", false);
|
|
|
|
// Pref : disable background update service [WINDOWS]
|
|
// [SETTING] General>Firefox Updates>Use a background service to install updates
|
|
lockPref("app.update.service.enabled", false);
|
|
|
|
// Pref : disable automatic Firefox start and session restore after reboot [WINDOWS] (FF62+)
|
|
// [1] https://bugzilla.mozilla.org/603903
|
|
lockPref("toolkit.winRegisterApplicationRestart", false);
|
|
|
|
// Pref : 1220: disable Windows 8.1's Microsoft Family Safety cert [WINDOWS] (FF50+)
|
|
// 0=disable detecting Family Safety mode and importing the root
|
|
// 1=only attempt to detect Family Safety mode (don't import the root)
|
|
// 2=detect Family Safety mode and import the root
|
|
// [1] https://trac.torproject.org/projects/tor/ticket/21686
|
|
lockPref("security.family_safety.mode", 0);
|
|
|
|
// --------------------------------
|
|
// ESR
|
|
// --------------------------------
|
|
|
|
// Pref : Geolocation
|
|
lockPref("browser.search.countryCode", "US");
|
|
|
|
// Pref : Disable Mozilla telemetry/experiments
|
|
// https://wiki.mozilla.org/Platform/Features/Telemetry
|
|
// https://wiki.mozilla.org/Privacy/Reviews/Telemetry
|
|
// https://wiki.mozilla.org/Telemetry
|
|
// https://www.mozilla.org/en-US/legal/privacy/firefox.html#telemetry
|
|
// https://support.mozilla.org/t5/Firefox-crashes/Mozilla-Crash-Reporter/ta-p/1715
|
|
// https://wiki.mozilla.org/Security/Reviews/Firefox6/ReviewNotes/telemetry
|
|
// https://gecko.readthedocs.io/en/latest/browser/experiments/experiments/manifest.html
|
|
// https://wiki.mozilla.org/Telemetry/Experiments
|
|
// https://support.mozilla.org/en-US/questions/1197144
|
|
lockPref("experiments.activeExperiment", false);
|
|
lockPref("experiments.enabled", false);
|
|
lockPref("experiments.manifest.uri", "");
|
|
lockPref("experiments.supported", false);
|
|
|
|
// Pref : 2612: disable remote JAR files being opened, regardless of content type (FF42+)
|
|
// [1] https://bugzilla.mozilla.org/1173171
|
|
// [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/
|
|
// [-] https://bugzilla.mozilla.org/1427726
|
|
lockPref("network.jar.block-remote-files", true);
|
|
|
|
// Pref : 2613: disable JAR from opening Unsafe File Types
|
|
// [-] https://bugzilla.mozilla.org/1427726
|
|
lockPref("network.jar.open-unsafe-types", false);
|
|
|
|
// Pref : Disable Java NPAPI plugin
|
|
lockPref("plugin.state.java", 0);
|
|
|
|
// Discussion at https://github.com/ghacksuserjs/ghacks-user.js/issues/743
|
|
lockPref("trailhead.firstrun.branches", "join-privacy");
|
|
|
|
// Pref : 0402: enable Kinto blocklist updates (FF50+)
|
|
// What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications
|
|
// As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be
|
|
// revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes
|
|
// [-] https://bugzilla.mozilla.org/1458917
|
|
lockPref("services.blocklist.update_enabled", false);
|
|
|
|
// Pref : 0503: disable "Savant" Shield study (FF61+)
|
|
// [-] https://bugzilla.mozilla.org/1457226
|
|
lockPref("shield.savant.enabled", false);
|
|
|
|
// Fix ESR Devtools
|
|
//lockPref("devtools.telemetry.tools.opened.version", "");
|
|
// Default {"DEVTOOLS_SCREEN_RESOLUTION_ENUMERATED_PER_USER":"60.4.0"}
|
|
|
|
|
|
|
|
|
|
|
|
>>>>>>> a35eb4b (re-organized and reviewed)
|
|
|
|
// disable links launching Windows Store [WINDOWS]
|
|
lockPref("network.protocol-handler.external.ms-windows-store", false);
|
|
|
|
// disable background update service [WINDOWS]
|
|
lockPref("app.update.service.enabled", false);
|
|
|
|
// disable automatic Firefox start and session restore after reboot [WINDOWS]
|
|
lockPref("toolkit.winRegisterApplicationRestart", false);
|
|
|
|
// disable Windows 8.1 Family Safety cert [WINDOWS]
|
|
lockPref("security.family_safety.mode", 0);
|
|
|
|
// Windows only?
|
|
lockPref("default-browser-agent.enabled", false);
|
|
|
|
// -----------------------------------
|
|
// # OVERRIDES
|
|
// -----------------------------------
|
|
|
|
// allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg`
|
|
// or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak).
|
|
let profile_directory;
|
|
if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) {
|
|
pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`);
|
|
}
|