* Remove unused code + Flash plugin
Remove user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
Remove user_pref("plugin.state.flash", 0);
Remove user_pref("security.mixed_content.block_object_subrequest", true);
The prefs still exist but all the underlying NPAPI code has been removed: https://bugzilla.mozilla.org/show_bug.cgi?id=1682030
* unused code
* HTTPS First Mode
Firefox attempts to make all connections to websites secure, and falls back to insecure connections only when a website does not support it.
HTTPS-Only Mode needs to be disabled for HTTPS First to work.
* Cache
DEPRECATED / REMOVED
user_pref("browser.cache.offline.storage.enable", false);
* Background updates
* disable automatic authentication on Microsoft sites
user_pref("network.http.windows-sso.enabled", false);
Removed due to being too subjective:
- user_pref("browser.link.open_newwindow", 3);
- user_pref("browser.link.open_newwindow.restriction", 0);
- user_pref("browser.tabs.closeWindowWithLastTab", false);
New:
- Disable javascript in PDF files
- Block virtual reality
- New "welcome" master switch disabled
- Compact mode and "view image info" restored
* Peskyfox
Removed duplicate
Small corrections
* add devtools themes and PDF viewer themes
* autoplay policies
remove trim_urlbars here and move to SecureFox
* force enable print preview
* add default tag
Added/Changed:
user_pref("privacy.trackingprotection.enabled", true);
user_pref("urlclassifier.trackingSkipURLs", "*.twitter.com, *.twimg.com");
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
user_pref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.twitter.com, *.twimg.com");
user_pref("dom.security.https_only_mode.upgrade_local", true);
user_pref("network.auth.subresource-http-auth-allow", 1);
user_pref("dom.block_download_insecure", true);
user_pref("network.http.referer.XOriginPolicy", 0);
user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
user_pref("extensions.postDownloadThirdPartyPrompt", false);
user_pref("pdfjs.defaultZoomValue", "page-width");
user_pref("extensions.pocket.api"," ");
user_pref("extensions.pocket.oAuthConsumerKey", " ");
user_pref("extensions.pocket.site", " ");
* PDF prefs now have their own section in Peskyfox. Mozilla has been adding some prefs for their built-in PDF reader every few months.
* Added prefs to allow Twitter's embedded tweets and Instagram's embedded posts on websites. Now we can keep Tracking Protection enabled in regular windows without breaking a lot of articles. Yay!!!
user_pref("urlclassifier.trackingSkipURLs", "*.twitter.com, *.twimg.com"); /* hidden */
user_pref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.twitter.com, *.twimg.com"); /* hidden */
* Moved Address/Credit Card manager from Peskyfox to SecureFox.
Added
user_pref("breakpad.reportURL", "");
user_pref("browser.tabs.crashReporting.sendReport", false);
user_pref("browser.crashReports.unsubmittedCheck.enabled", false);
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
user_pref("default-browser-agent.enabled", false);
user_pref("extensions.postDownloadThirdPartyPrompt", false);
user_pref("security.insecure_connection_text.pbmode.enabled", true);
Moved HTTPS-only to URL bar section.
Added:
user_pref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
user_pref("dom.disable_window_move_resize", true);
user_pref("dom.popup_allowed_events", "click dblclick");
ECH
// user_pref("network.dns.echconfig.enabled", true);
// user_pref("network.dns.use_https_rr_as_altsvc", true);
ESNI will be removed in later versions. See note. I generally don't keep Firefox ESR-only prefs.
MIXED CONTENT
user_pref("security.mixed_content.upgrade_display_content", true);
yokoffing