security.csp.reporting.enabled

2026-06-29 16:11:23 +05:30 · 2025-08-16 15:56:44 -04:00
parent 72ef31240c
commit 427d1f6d34
1 changed files with 10 additions and 7 deletions
@@ -3,7 +3,7 @@
 * Securefox                                                                *
 * "Natura non contristatur"                                                *     
 * priority: provide sensible security and privacy                          *
- * version: 140                                                             *
+ * version: 142                                                             *
 * url: https://github.com/yokoffing/Betterfox                              *
 * credit: Most prefs are reproduced and adapted from the arkenfox project  *
 * credit urL: https://github.com/arkenfox/user.js                          *
@@ -317,6 +317,13 @@ user_pref("security.pki.crlite_mode", 2);
 //user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT]
 //user_pref("browser.contentanalysis.default_result", 0; // [FF127+] [DEFAULT]

+// PREF: disable referrer and storage access for resources injected by content scripts [FF139+]
+//user_pref("privacy.antitracking.isolateContentScriptResources", true);
+
+// PREF: disable CSP Level 2 Reporting [FF140+]
+// [1] https://github.com/yokoffing/Betterfox/issues/415
+user_pref("security.csp.reporting.enabled", false);
+
 /****************************************************************************
 * SECTION: SSL (Secure Sockets Layer) / TLS (Transport Layer Security)    *
 ****************************************************************************/
@@ -980,9 +987,9 @@ user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF]
 // Users may see a notification when running add-ons that are not monitored by Mozilla when they visit certain sites.
 // The notification informs them that “some extensions are not allowed” and were blocked from running on that site.
 // There's no details as to which sites are affected.
-// [1] https://support.mozilla.org/en-US/kb/quarantined-domains
+// [1] https://support.mozilla.org/kb/quarantined-domains
 // [2] https://www.ghacks.net/2023/07/04/firefox-115-new-esr-base-and-some-add-ons-may-be-blocked-from-running-on-certain-sites/
-//user_pref("extensions.quarantinedDomains.enabled", false);
+//user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]

 /******************************************************************************
 * SECTION: HEADERS / REFERERS                                               *
@@ -1166,10 +1173,6 @@ user_pref("privacy.userContext.ui.enabled", true);
 // [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
 //user_pref("javascript.options.wasm", false);

-// PREF: CSP reporting
-// [1] https://github.com/yokoffing/Betterfox/issues/415
-//user_pref("security.csp.reporting.enabled", false);
-
 /******************************************************************************
 * SECTION: SAFE BROWSING (SB)                                               *
 ******************************************************************************/