From 42dfce8766676f7f69e134cbf7dd6bdfc8a70d20 Mon Sep 17 00:00:00 2001
From: yokoffing <hjstephens09@gmail.com>
Date: Tue, 14 Apr 2020 17:33:14 -0400
Subject: [PATCH] FF 75 privacy updates

---
 SecureFox.js | 37 +++++++++++++++++++++++++++++++------
 user.js      |  8 +++++++-
 2 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/SecureFox.js b/SecureFox.js
index 29d38ef..551249c 100644
--- a/SecureFox.js
+++ b/SecureFox.js
@@ -11,7 +11,7 @@
  * SecureFox                                                                *
  * "Natura non constristatur."                                              *     
  * priority: increase security and privacy without causing site breakage    *  
- * version: 31 March 2020                                                   *
+ * version: 14 April 2020                                                   *
  * url: https://github.com/yokoffing/Better-Fox                             *                   
 ****************************************************************************/
 
@@ -44,7 +44,8 @@ user_pref("privacy.trackingprotection.fingerprinting.enabled", true);
 // with providing exceptions or encountering rare site issues, alter this value.
 // 1=disable third-party cookies, 3=blocks from unvisited websites,
 // 4=block cross site and social media trackers (default)
-user_pref("network.cookie.cookieBehavior", 1);
+// FF77+ 5=block cross site and social media trackers, and isolate remaining cookies
+user_pref("network.cookie.cookieBehavior", 4);
 user_pref("pref.privacy.disable_button.cookie_exceptions", false);
 
 // PREF: Limit third-party cookies to the current session even when they are allowed
@@ -56,6 +57,18 @@ user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true);
 // user_pref("network.cookie.lifetimePolicy", 3);
 // user_pref("network.cookie.lifetime.days", 5);
 
+// PREF: Purge site data of sites associated with tracking cookies automatically
+// Identify sites that set tracking cookies, remove those cookies (and other site data)
+// if the site has not been interacted with in 30 days.
+// https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/
+user_pref("privacy.purge_trackers.enabled", true);
+user_pref("privacy.purge_trackers.logging.enabled", false);
+
+// PREF: Samesite Cookies
+// https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/
+// user_pref("network.cookie.sameSite.laxByDefault", true);
+// user_pref("network.cookie.sameSite.noneRequiresSecure", true);
+
 // PREF: Disable offline cache to limit tracking
 user_pref("browser.cache.offline.enable", false);
 
@@ -176,6 +189,9 @@ user_pref("network.auth.subresource-http-auth-allow", 1);
  * SECTION: VARIOUS SECURITY/PRIVACY ENHANCEMENTS                            *
 ******************************************************************************/
 
+// PREF: Enforce TLS 1.0 and 1.1 downgrades as session only
+user_pref("security.tls.version.enable-deprecated", false);
+
 // 1030: disable favicons in shortcuts
 // URL shortcuts use a cached randomly named .ico file which is stored in your
 // profile/shortcutCache directory. The .ico remains after the shortcut is deleted.
@@ -227,6 +243,11 @@ user_pref("webgl.disable-fail-if-major-performance-caveat", true);
 // default=false
 user_pref("pdfjs.disabled", false);
 
+// PREF: Enable QUIC protocol / HTTP3
+// https://www.litespeedtech.com/
+// https://quic.rocks
+user_pref("network.http.http3.enabled", true);
+
 // PREF: Disable Windows jumplist [WINDOWS-only]
 // user_pref("browser.taskbar.lists.enabled", false);
 // user_pref("browser.taskbar.lists.frequent.enabled", false);
@@ -344,19 +365,23 @@ user_pref("toolkit.telemetry.updatePing.enabled", false);
 // https://www.ghacks.net/2020/03/04/firefox-75-will-purge-site-data-if-associated-with-tracking-cookies/
 // user_pref("privacy.purge_trackers.enabled", true);
 // user_pref("privacy.purge_trackers.logging.enabled", false);
-// user_pref("privacy.purge_trackers.max_purge_count", 100); // default=100
+
+// PREF: Enable QUIC protocol / HTTP3
+// https://www.litespeedtech.com/
+// https://quic.rocks
+// user_pref("network.http.http3.enabled", true);
 
 // PREF: Samesite Cookies
 // Samesite=Lax
 // [1] https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/
-// user_pref("network.cookie.sameSite.laxByDefault", true); // default=false
-// user_pref("network.cookie.sameSite.noneRequiresSecure", false); default=false
+// user_pref("network.cookie.sameSite.laxByDefault", true);
+// user_pref("network.cookie.sameSite.noneRequiresSecure", true);
 
 /******************************************************************************
  * SECTION: FIREFOX 76                                   *
 ******************************************************************************/
 
-// PREF: Allow HTTPS-only connections
+// PREF: Allow HTTPS-only connections [FF76+]
 // There is currently no way to relax this setting browser-side to make an exception.
 // https://www.ghacks.net/2020/03/24/firefox-76-gets-optional-https-only-mode
 // Alternative: HTTPZ extension https://addons.mozilla.org/en-US/firefox/addon/httpz/
diff --git a/user.js b/user.js
index 93e9f16..b5c2187 100644
--- a/user.js
+++ b/user.js
@@ -2,7 +2,7 @@
 /****************************************************************************
  * BetterFox                                                                *
  * name: yokoffing user.js                                                  *
- * version: 31 March 2020                                                   *
+ * version: 3 April 2020                                                    *
  * url: https://github.com/yokoffing/Better-Fox                             *
  * license: https://github.com/yokoffing/Better-Fox/blob/master/LICENSE     *
  * README: https://github.com/yokoffing/Better-Fox/blob/master/README.md    *
@@ -27,6 +27,7 @@ user_pref("security.dialog_enable_delay", 0);
 /****************************************************************************
  * START: SECUREFOX                                                         *
 ****************************************************************************/
+user_pref("security.tls.version.enable-deprecated", false);
 user_pref("privacy.trackingprotection.pbmode.enabled", true);
 user_pref("privacy.trackingprotection.enabled", true);
 user_pref("privacy.trackingprotection.socialtracking.enabled", true);
@@ -37,6 +38,8 @@ user_pref("network.cookie.cookieBehavior", 1);
 user_pref("pref.privacy.disable_button.cookie_exceptions", false);
 user_pref("network.cookie.thirdparty.sessionOnly", true);
 user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true);
+user_pref("privacy.purge_trackers.enabled", true);
+user_pref("privacy.purge_trackers.logging.enabled", false);
 user_pref("browser.cache.offline.enable", false);
 user_pref("network.dns.disablePrefetch", true);
 user_pref("network.dns.disablePrefetchFromHTTPS", true);
@@ -72,6 +75,7 @@ user_pref("browser.urlbar.decodeURLsOnCopy", true);
 user_pref("webgl.enable-debug-renderer-info", false);
 user_pref("webgl.disable-fail-if-major-performance-caveat", true);
 user_pref("pdfjs.disabled", false);
+user_pref("network.http.http3.enabled", true);
 user_pref("browser.safebrowsing.allowOverride", true);
 user_pref("browser.safebrowsing.appRepURL", "");
 user_pref("browser.safebrowsing.blockedURIs.enabled", false);
@@ -195,6 +199,8 @@ user_pref("browser.tabs.loadBookmarksInBackground", true);
 user_pref("browser.tabs.loadBookmarksInTabs", true);
 user_pref("media.videocontrols.picture-in-picture.audio-toggle.enabled", true);
 user_pref("media.videocontrols.picture-in-picture.video-toggle.flyout-enabled", true);
+user_pref("gfx.color_management.mode", 1);
+user_pref("gfx.color_management.enablev4", true);
 
 /****************************************************************************
  * END: BETTERFOX                                                           *