116.1 (#221)

* require_safe_negotiation breaks EA

Fastfox.js

@@ -71,7 +71,7 @@ user_pref("nglayout.initialpaint.delay_in_oopif", 0); // default=5
 // false = reflow pages whenever new data is received
 //user_pref("content.notify.ontimer", true); // DEFAULT
 
-// PREF: notification interval (in microseconds) [to avoid layout thrashing]
+// PREF: notification interval (in microseconds) (to avoid layout thrashing)
 // When Firefox is loading a page, it periodically reformats
 // or "reflows" the page as it loads. The page displays new elements
 // every 0.12 seconds by default. These redraws increase the total page load time.
@@ -85,14 +85,14 @@ user_pref("nglayout.initialpaint.delay_in_oopif", 0); // default=5
 // [1] https://searchfox.org/mozilla-central/rev/c1180ea13e73eb985a49b15c0d90e977a1aa919c/modules/libpref/init/StaticPrefList.yaml#1824-1834
 // [2] https://dev.opera.com/articles/efficient-javascript/?page=3#reflow
 // [3] https://dev.opera.com/articles/efficient-javascript/?page=3#smoothspeed
-user_pref("content.notify.interval", 100000); // (.10s); alt=500000 (.50s)
+user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 
 // PREF: frequency switch threshold [HIDDEN]
 // Raising the value will make the application more responsive at the expense of page load time.
 // [1] http://kb.mozillazine.org/Content.switch.threshold
 // [2] https://www.reddit.com/r/firefox/comments/11m2yuh/comment/jbjxp8s/?context=3
-//user_pref("content.interrupt.parsing", true); // [HIDDEN]
-//user_pref("content.switch.threshold", 1000000); // alt=1500000; default=750000; [HIDDEN]
+//user_pref("content.interrupt.parsing", true); // DEFAULT [HIDDEN]
+//user_pref("content.switch.threshold", 750000); // DEFAULT [HIDDEN]
 
 // PREF: new tab preload
 // [WARNING] Disabling this may cause a delay when opening a new tab in Firefox.
@@ -117,8 +117,8 @@ user_pref("content.notify.interval", 100000); // (.10s); alt=500000 (.50s)
     //user_pref("browser.sessionstore.restore_pinned_tabs_on_demand", true);
 //user_pref("browser.sessionstore.restore_tabs_lazily", true); // DEFAULT
 
-// PREF: disable preSkeletonUI on startup
-user_pref("browser.startup.preXulSkeletonUI", false);
+// PREF: disable preSkeletonUI on startup [WINDOWS]
+user_pref("browser.startup.preXulSkeletonUI", false); // WINDOWS
 
 /****************************************************************************
  * SECTION: TAB UNLOAD                                                      *
@@ -273,11 +273,18 @@ user_pref("layout.css.has-selector.enabled", true);
 //user_pref("media.ffmpeg.vaapi.enabled", true); // LINUX
 
 // PREF: disable AV1 for hardware decodeable videos
-// AV1 may use software (CPU-based) decoding.
 // Firefox sometimes uses AV1 video decoding even to GPUs which do not support it.
 // [1] https://www.reddit.com/r/AV1/comments/s5xyph/youtube_av1_codec_have_worse_quality_than_old_vp9
 //user_pref("media.av1.enabled", false);
 
+// PREF: hardware and software decoded video overlay [FF116+]
+// [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1829063
+// [2] https://phabricator.services.mozilla.com/D175993
+//user_pref("gfx.webrender.dcomp-video-hw-overlay-win", true); // DEFAULT
+    //user_pref("gfx.webrender.dcomp-video-hw-overlay-win-force-enabled", true); // enforce
+//user_pref("gfx.webrender.dcomp-video-sw-overlay-win", true); // DEFAULT
+    //user_pref("gfx.webrender.dcomp-video-sw-overlay-win-force-enabled", true); // enforce
+
 /****************************************************************************
  * SECTION: BROWSER CACHE                                                   *
 ****************************************************************************/
@@ -308,13 +315,26 @@ user_pref("layout.css.has-selector.enabled", true);
 // PREF: memory cache
 // The "automatic" size selection (default) is based on a decade-old table
 // that only contains settings for systems at or below 8GB of system memory [1].
+// Waterfox G6 Beta 3 allows it to go above 8GB machines [3].
 // Value can be up to the max size of an unsigned 64-bit integer.
 // -1=Automatically decide the maximum memory to use to cache decoded images,
 // messages, and chrome based on the total amount of RAM
 // [1] https://kb.mozillazine.org/Browser.cache.memory.capacity#-1
 // [2] https://searchfox.org/mozilla-central/source/netwerk/cache2/CacheObserver.cpp#94-125
-user_pref("browser.cache.memory.capacity", 1048576); // default=-1; 1048576=1GB, 2097152=2GB
-user_pref("browser.cache.memory.max_entry_size", 65536); // default=5120; -1=entries bigger than than 90% of the mem-cache are never cached
+// [3] https://github.com/WaterfoxCo/Waterfox/commit/3fed16932c80a2f6b37d126fe10aed66c7f1c214
+//user_pref("browser.cache.memory.capacity", -1); // DEFAULT; 1048576=1GB, 2097152=2GB
+//user_pref("browser.cache.memory.max_entry_size", 5120); // DEFAULT; alt=25600; -1=entries bigger than than 90% of the mem-cache are never cached
+
+// PREF: amount of pages stored in memory for Back/Forward
+// Pages that were recently visited are stored in memory in such a way
+// that they don't have to be re-parsed. This improves performance
+// when pressing Back and Forward. This pref limits the maximum
+// number of pages stored in memory. If you are not using the Back
+// and Forward buttons that much, but rather using tabs, then there
+// is no reason for Firefox to keep memory for this.
+// -1=determine automatically (8 pages)
+// [1] https://kb.mozillazine.org/Browser.sessionhistory.max_total_viewers#Possible_values_and_their_effects
+//user_pref("browser.sessionhistory.max_total_viewers", 1);
 
 /****************************************************************************
  * SECTION: MEDIA CACHE                                                     *
@@ -326,9 +346,9 @@ user_pref("browser.cache.memory.max_entry_size", 65536); // default=5120; -1=ent
 // PREF: media memory cache
 // [1] https://hg.mozilla.org/mozilla-central/file/tip/modules/libpref/init/StaticPrefList.yaml#l9652
 // [2] https://github.com/arkenfox/user.js/pull/941
-user_pref("media.memory_cache_max_size", 196608); // default=8192; AF=65536; alt=131072; alt2=512000
-user_pref("media.memory_caches_combined_limit_kb", 1572864); // default=524288
-//user_pref("media.memory_caches_combined_limit_pc_sysmem", 10); // default=5; the percentage of system memory that Firefox can use for media caches
+user_pref("media.memory_cache_max_size", 65536); // default=8192; AF=65536; alt=131072
+//user_pref("media.memory_caches_combined_limit_kb", 524288); // DEFAULT; alt=1048576
+//user_pref("media.memory_caches_combined_limit_pc_sysmem", 5); // DEFAULT; alt=10; the percentage of system memory that Firefox can use for media caches
 
 // PREF: Media Source Extensions (MSE) web standard
 // Disabling MSE allows videos to fully buffer, but you're limited to 720p.
@@ -380,15 +400,18 @@ user_pref("network.http.max-persistent-connections-per-server", 10); // default=
     //user_pref("network.http.max-persistent-connections-per-proxy", 48); // default=32
 user_pref("network.websocket.max-connections", 400); // default=200
 
-// PREF: pacing requests
+// PREF: pacing requests [FF23+]
 // Controls how many HTTP requests are sent at a time.
 // Pacing HTTP requests can have some benefits, such as reducing network congestion,
 // improving web page loading speed, and avoiding server overload.
+// Pacing requests adds a slight delay between requests to throttle them.
+// If you have a fast machine and internet connection, disabling pacing
+// may provide a small speed boost when loading pages with lots of requests.
 // false=Firefox will send as many requests as possible without pacing
 // true=Firefox will pace requests (default)
-//user_pref("network.http.pacing.requests.enabled", true); // DEFAULT
-    user_pref("network.http.pacing.requests.min-parallelism", 12); // default=6
-    user_pref("network.http.pacing.requests.burst", 20); // default=10
+user_pref("network.http.pacing.requests.enabled", false);
+    //user_pref("network.http.pacing.requests.min-parallelism", 10); // default=6
+    //user_pref("network.http.pacing.requests.burst", 14); // default=10
 
 // Connection Timeouts
 // [1] https://searchfox.org/mozilla-esr115/source/modules/libpref/init/all.js#1178
@@ -410,7 +433,7 @@ user_pref("network.websocket.max-connections", 400); // default=200
 // The number (in ms) after sending a SYN for an HTTP connection,
 // to wait before trying again with a different connection.
 // 0=disable the second connection
-user_pref("network.http.connection-retry-timeout", 0); // default=250ms
+//user_pref("network.http.connection-retry-timeout", 0); // default=250ms
 
 // PREF: keep-alive request timeout
 // Default timeout on IIS7 is 120 seconds. FF needs to reuse or drop the
@@ -440,7 +463,7 @@ user_pref("network.dns.max_high_priority_threads", 8); // default=5
 //user_pref("network.dns.max_any_priority_threads", 5); // default=3
 
 // PREF: increase TLS token caching 
-user_pref("network.ssl_tokens_cache_capacity", 32768); // default=2048; more TLS token caching (fast reconnects)
+user_pref("network.ssl_tokens_cache_capacity", 20480); // default=2048; more TLS token caching (fast reconnects)
 
 /****************************************************************************
  * SECTION: SPECULATIVE CONNECTIONS                                         *
@@ -471,7 +494,7 @@ user_pref("network.ssl_tokens_cache_capacity", 32768); // default=2048; more TLS
 // [5] https://3perf.com/blog/link-rels/#prefetch
 user_pref("network.http.speculative-parallel-limit", 0);
 // or
-//user_pref("network.http.speculative-parallel-limit", 12); // default=6
+//user_pref("network.http.speculative-parallel-limit", 10); // default=6
 
 // PREF: DNS pre-resolve <link rel="dns-prefetch">
 // Resolve hostnames ahead of time. In order to reduce latency,
@@ -537,7 +560,7 @@ user_pref("browser.places.speculativeConnect.enabled", false);
 // When 0, this is limited by "network.http.speculative-parallel-limit".
 //user_pref("network.early-hints.preconnect.max_connections", 0);
 // or
-//user_pref("network.early-hints.preconnect.max_connections", 20); // default=10
+//user_pref("network.early-hints.preconnect.max_connections", 15); // default=10
 
 // PREF: Link prefetching <link rel="prefetch">
 // Firefox will prefetch certain links if any of the websites you are viewing uses the special prefetch-link tag.

Peskyfox.js

@@ -11,8 +11,12 @@
  * SECTION: MOZILLA UI                                                      *
 ****************************************************************************/
 
-// PREF: choose what theme Firefox follows by default
-// Dark (0), Light (1), System (2), or Browser (3) (default)
+// PREF: preferred color scheme for websites
+// [SETTING] General>Language and Appearance>Website appearance
+// By default, color scheme matches the theme of your browser toolbar (3).
+// Set this pref to choose Dark on sites that support it (0) or Light (1).
+// Before FF95, the pref was 2, which determined site color based on OS theme.
+// Dark (0), Light (1), System (2), Browser (3) (default [FF95+])
 // [1] https://www.reddit.com/r/firefox/comments/rfj6yc/how_to_stop_firefoxs_dark_theme_from_overriding/hoe82i5/?context=3
 user_pref("layout.css.prefers-color-scheme.content-override", 2);
 
@@ -73,13 +77,14 @@ user_pref("browser.aboutwelcome.enabled", false); // disable Intro screens
 // PREF: disable "What's New" toolbar icon [FF69+]
 //user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
 
-// PREF: attempt to remove ugly border drawn around links when clicked [macOS]
-//user_pref("accessibility.mouse_focuses_formcontrol", 0);
-    //user_pref("browser.display.focus_ring_style", 0);
-    //user_pref("browser.display.focus_ring_width", 0);
+// PREF: remove focus indicator for links
+// [1] https://www.askvg.com/firefox-tip-restore-classic-dotted-outline-focus-indicator-for-links/
+user_pref("browser.display.focus_ring_on_anything", true); 
+user_pref("browser.display.focus_ring_style", 0);
+user_pref("browser.display.focus_ring_width", 0);
 
 // PREF: prevent private windows being separate from normal windows in taskbar [WINDOWS] [FF106+]
-user_pref("browser.privateWindowSeparation.enabled", false);
+user_pref("browser.privateWindowSeparation.enabled", false); // WINDOWS
 
 // PREF: reduce the size of the "private window" indicator in tab bar [FF106+]
 user_pref("browser.privatebrowsing.enable-new-indicator", false);
@@ -104,7 +109,7 @@ user_pref("cookiebanners.service.mode.privateBrowsing", 2);
 // [WARNING] Beware of potential bugs and performance issues. Enabling this may negatively
 // impact site performance. It requires Firefox to run rule-defined query selectors for
 // every page.
-//user_pref("cookiebanners.service.enableGlobalRules", true);
+//user_pref("cookiebanners.service.enableGlobalRules", false); // DEFAULT
 
 // PREF: Firefox Translations [NIGHTLY]
 // Automated translation of web content is done locally in Firefox, so that
@@ -116,6 +121,10 @@ user_pref("cookiebanners.service.mode.privateBrowsing", 2);
 user_pref("browser.translations.enable", true);
     //user_pref("browser.translations.autoTranslate", true);
 
+// PREF: Mozilla Shopping [FF116+]
+// [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1836265
+//user_pref("browser.shopping.experience2023.enabled", false); // DEFAULT
+
 /****************************************************************************
  * SECTION: FULLSCREEN NOTICE                                               *
 ****************************************************************************/
@@ -272,30 +281,35 @@ user_pref("extensions.pocket.enabled", false);
  * SECTION: DOWNLOADS                                 *
 ******************************************************************************/
 
+// PREF: autohide the downloads button
+//user_pref("browser.download.autohideButton", true); // DEFAULT
+
 // PREF: choose download location
 // [SETTING] To set your default "downloads": General>Downloads>Save files to...
 // 0=desktop, 1=downloads (default), 2=last used
-//user_pref("browser.download.folderList", 2);
+//user_pref("browser.download.folderList", 1); // DEFAULT
 
-// PREF: Enforce user interaction for security by always asking where to download
+// PREF: always ask where to download
+// Enforce user interaction for greater security.
 // [SETTING] General>Downloads>Always ask you where to save files
+// [DIALOGUE] "Ask whether to open or save files"
+// true=direct download (default)
 // false=the user is asked what to do
+// [1] https://github.com/yokoffing/Betterfox/issues/216
 user_pref("browser.download.useDownloadDir", false);
     //user_pref("browser.download.dir", "C:\Users\<YOUR_USERNAME>\AppData\Local\Temp"); // [WINDOWS]
 
+// PREF: always ask how to handle new mimetypes
+// Enforce user interaction for greater security.
+// [SETTING] General>Files and Applications>What should Firefox do with other files
+user_pref("browser.download.always_ask_before_handling_new_types", true);
+
 // PREF: disable downloads panel opening on every download
 user_pref("browser.download.alwaysOpenPanel", false);
 
 // PREF: disable adding downloads to the system's "recent documents" list 
 user_pref("browser.download.manager.addToRecentDocs", false);
 
-// PREF: enable user interaction for security by always asking how to handle new mimetypes
-// [SETTING] General>Files and Applications>What should Firefox do with other files
-user_pref("browser.download.always_ask_before_handling_new_types", true);
-
-// PREF: autohide the downloads button
-//user_pref("browser.download.autohideButton", true); // DEFAULT
-
 /****************************************************************************
  * SECTION: PDF                                                             *
 ****************************************************************************/

README.md

@@ -2,8 +2,10 @@
 ![GitHub Maintained](https://img.shields.io/badge/maintained-yes-yellow)
 [![Visitors](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fyokoffing%2FBetter-Fox&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=visitors&edge_flat=false)](https://hits.seeyoufarm.com)
 
-# Betterfox :fox_face:
-[`about:config`](https://kb.mozillazine.org/About:config) tweaks to enhance [Mozilla Firefox](https://www.mozilla.org/en-US/firefox/new/ "Firefox Homepage"). Files are updated as needed for your [user.js](https://kb.mozillazine.org/User.js_file#About_the_user.js_file).
+# Betterfox
+[about:config](https://support.mozilla.org/en-US/kb/about-config-editor-firefox) tweaks to enhance [Mozilla Firefox](https://www.mozilla.org/en-US/firefox/new/). 
+
+:new: Now with [ESR support](https://github.com/yokoffing/Betterfox/tree/esr115#betterfox-esr).
 
 ## Made for everyday browsing
 **A secure, blazing fast browsing experience. Without breakage.**
@@ -25,42 +27,39 @@ Betterfox is an opinionated preference list inspired by the [law of diminishing
 | [Smoothfox](https://github.com/yokoffing/Betterfox/blob/main/Smoothfox.js) | Get Edge-like smooth scrolling on your favorite browser — or choose something more your style. |
 | [user.js](https://github.com/yokoffing/Betterfox/blob/main/user.js) | All the essentials. None of the breakage. This is your `user.js`. |
 
-:bulb: `Fastfox`, `Securefox`, `Peskyfox`, and `Smoothfox` are guides to relevant prefs in Firefox. The `user.js` is curated from the options located in these documents. Please read the guides to understand the various options hidden in Firefox.
+`Fastfox`, `Securefox`, `Peskyfox`, and `Smoothfox` are guides to settings within Firefox.
 
-While Betterfox is designed to [set-and-forget](https://glosbe.com/en/en/set-and-forget), it contains plenty of options for those who like to tinker.
-
-## about:Defaults
-Easily adjust features by copying + pasting prefs to your personal file :thumbsup:
-
-Check out [Common Overrides](https://github.com/yokoffing/Betterfox/wiki/Overrides) to customize your setup.
-
-## about:Privacy
-Betterfox is already a great balance of privacy and convenience. However, you can still play with a few settings.
-
-See [Optional Hardening](https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening) for suggestions.
+The `user.js` — a configuration file that controls Firefox settings — is curated from these guides.
 
 ## Getting started
 *If you don't have it already: [Get Firefox](https://www.mozilla.org/en-US/firefox/all/#product-desktop-release)*
 
 1) Download the user.js file [here](https://raw.githubusercontent.com/yokoffing/Betterfox/main/user.js) (Right click > `Save Link As…`).
-2) Open Firefox. In the URL bar, type `about:profiles` and press `Enter`.
-3) For the profile you want to use (or default), click `Open Folder` in the **Root Directory** section.
-4) Close Firefox. With the folder open, move the `user.js` file into the folder.
+2) Review [Common Overrides](https://github.com/yokoffing/Betterfox/wiki/Common-Overrides) and make any necessary changes.
+3) Open Firefox. In the URL bar, type `about:profiles` and press `Enter`.
+4) For the profile you want to use (or use default), click `Open Folder` in the **Root Directory** section.
+5) Move the `user.js` file into the folder.
 
 *After restarting Firefox:*
 1) Get an **ad blocker** like [uBlock Origin](https://addons.mozilla.org/blog/ublock-origin-everything-you-need-to-know-about-the-ad-blocker/) with our [recommended filters](https://github.com/yokoffing/filterlists#guidelines). For a simple solution, use [Ghostery](https://addons.mozilla.org/en-US/firefox/addon/ghostery/).
 3) Enable **DNS-level protection** with [NextDNS](https://nextdns.io/?from=xujj63g5), and check out our configuration [guide](https://github.com/yokoffing/NextDNS-Config).
     * See how to [quickly enable](https://support.mozilla.org/en-US/kb/dns-over-https) **secure DNS** in Firefox.
 
+## about:Privacy
+Betterfox is a great balance of privacy and convenience.
+
+See [Optional Hardening](https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening) for other suggestions.
+
 ## Recognition
 
 ### Browser Integration
-* [Waterfox](https://github.com/WaterfoxCo/Waterfox/commit/735d8067b06cca00b9b04b5a6bcd0c1414118f95) | [files](https://github.com/WaterfoxCo/Waterfox/tree/future/waterfox/browser/app/profile) (August 2023)
-* [Floorp](https://github.com/Floorp-Projects/Floorp#-betterfox) <sup>[1](https://github.com/Floorp-Projects/Floorp/issues/233#issuecomment-1543557167) [2](https://blog.ablaze.one/3135/2023-04-01/)</sup> | [files](https://github.com/Floorp-Projects/Floorp/blob/f63e87016d88535aafa2b57d690442b9a69cbaa5/toolkit/content/license.html#L200-L224) (April 2023)
+* [Waterfox](https://github.com/WaterfoxCo/Waterfox/releases/tag/G6.0b3) | [files](https://github.com/WaterfoxCo/Waterfox/tree/future/waterfox/browser/app/profile) (August 2023)
+* [Floorp](https://github.com/Floorp-Projects/Floorp#-betterfox) <sup>[1](https://github.com/Floorp-Projects/Floorp/issues/233#issuecomment-1543557167) [2](https://blog.ablaze.one/3135/2023-04-01/)</sup> | [files](https://github.com/Floorp-Projects/Floorp/blob/ESR115/floorp/browser/components/preferences/userjs.inc.xhtml) (April 2023)
 * [Pulse](https://github.com/pulse-browser/browser#%EF%B8%8F-credits) | [files](https://github.com/pulse-browser/browser/tree/alpha/src/browser/app/profile) (Dec 2021)
 * [Ghostery Private Browser](https://github.com/ghostery/user-agent-desktop#community) <sup>[1](https://web.archive.org/web/20210509171835/https://www.ghostery.com/ghostery-dawn-update-more/) [2](https://web.archive.org/web/20210921114333/https://www.ghostery.com/ghostery-dawn-product-update/)</sup> | [files](https://github.com/ghostery/user-agent-desktop/tree/main/brands/ghostery/branding/pref) (Feb 2021)
 
 ### YouTube
+* [Ukrainian] [Firefox is NOT private. I show how to fix it.](https://youtu.be/mVBxBPwI_gE?si=CdPhYN8OezQbvazX&t=222) (Aug 2023)
 * [The ULTIMATE Browser Tier List](https://youtu.be/j5r6jFE8gic?t=560) (Mar 2023)
 * [I Hate Firefox. But I'm Still Switching Back to It.](https://youtu.be/w0SJFED5xK0?t=220) (Nov 2022)
 * [Español] [Optimize and Accelerate Firefox](https://www.youtube.com/watch?v=3XtoONmq5_Q) (Nov 2022) 
@@ -84,14 +83,14 @@ See [Optional Hardening](https://github.com/yokoffing/Betterfox/wiki/Optional-Ha
 * “I use this one ... The performance is absolutely amazing. There’s definitely a huge difference when it comes to loading sites.” - [DIRIKtv](https://youtu.be/N8IOJiOFVEk?t=16)
 * "BetterFox ... will provide good-enough privacy and help with performance." - [Qdoit12Super](https://old.reddit.com/r/browsers/comments/139h4my/suggestion_for_finding_3_good_privacy_focus/jj3n3qn/?context=2)
 * "...drastically changed the experience with Firefox for me. Improved speed, security, smoothness, and removed clutter." - [AppDate](https://www.appdate.lk/technology/2023-browser-showdown/#:~:text=Used%20the%20BetterFox%20user%20config%20settings%20with%20some%20overrides%20which%20drastically%20changed%20the%20experience)
+* "I don't think I could use Firefox without Betterfox." - [Professional_Fun4616](https://old.reddit.com/r/nextdns/comments/15y815f/the_people_behind_betterfox_have_this_awesome/jxb7cir/?context=3)
+* "The best collection of tweaks available." - [AuRiMaS](https://old.reddit.com/r/MozillaFirefox/comments/15cc1vk/about_changes_in_aboutconfig/jtyx910/?context=3)
 * "FF is now much snappier! Thanks a lot for the suggestions!" - [whotheff](https://old.reddit.com/r/firefox/comments/z5auzi/firefox_not_properly_usingrecognizing_gpu_poor/iy36hyz/)
-* "...a good balance between privacy and convenience." - [Radplay](https://old.reddit.com/r/firefox/comments/115va7d/list_of_aboutconfiguserjs_privacy_tweaks/j9700bc/?context=2)
-* "The best collection of tweaks available ... doesn't go crazy with privacy/security hardening that completely breaks the usability of Firefox for most users." - [AuRiMaS](https://old.reddit.com/r/MozillaFirefox/comments/15cc1vk/about_changes_in_aboutconfig/jtyx910/?context=3)
 * "...the experience is so good now I don’t think I’ll go back to any of the chromium based browsers." - [Mr_Compromise](https://old.reddit.com/r/pcmasterrace/comments/zwioe1/what_browser_will_you_be_using_in_2023_please/j1wmbxo/)
 
 ## Support
 
-If you like the project and benefit from it, leave a :star: (top right) and become a [stargazer](https://github.com/yokoffing/Betterfox/stargazers)!
+If you like the project, leave a :star: (top right) and become a [stargazer](https://github.com/yokoffing/Betterfox/stargazers)!
 
 [![Stargazers repo roster for @yokoffing/Betterfox](https://reporoster.com/stars/dark/yokoffing/Betterfox)](https://github.com/yokoffing/Betterfox/stargazers)
 
@@ -101,7 +100,7 @@ If you like the project and benefit from it, leave a :star: (top right) and beco
 </div>
 
 * This repository benefits from the ongoing research provided by [arkenfox](https://github.com/arkenfox/user.js).
-* Appreciation goes to the [Firefox](https://www.mozilla.org/en-US/firefox/new/) team and the developers working on [Bugzilla](https://bugzilla.mozilla.org/home), fighting for the open web.
+* Appreciation goes to the [Firefox](https://www.mozilla.org/en-US/firefox/new/) team and developers working on [Bugzilla](https://bugzilla.mozilla.org/home), fighting for the open web.
 * A special thanks to [Alex Kontos](https://github.com/MrAlex94) of [Waterfox](https://github.com/WaterfoxCo/Waterfox) for his collaboration in v.116.
 * Many thanks to the 2021 [Ghostery](https://github.com/ghostery) team for testing Betterfox at scale in its early days.
 

Securefox.js

@@ -1,9 +1,9 @@
 
 /****************************************************************************
  * Securefox                                                                *
- * "Natura non contristatur"                                               *     
+ * "Natura non contristatur"                                                *     
  * priority: provide sensible security and privacy                          *
- * version: 116                                                             *
+ * version: 116.1                                                           *
  * url: https://github.com/yokoffing/Betterfox                              *                   
 ****************************************************************************/
 
@@ -15,6 +15,7 @@
 // Tracking Content blocking will strip cookies and block all resource requests to domains listed in Disconnect.me.
 // Firefox deletes all stored site data (incl. cookies, browser storage) if the site is a known tracker and hasn’t
 // been interacted with in the last 30 days.
+// [ALLOWLIST] https://disconnect.me/trackerprotection/unblocked
 // [NOTE] FF86: "Strict" tracking protection enables dFPI.
 // [1] https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
 // [2] https://www.reddit.com/r/firefox/comments/l7xetb/network_priority_for_firefoxs_enhanced_tracking/gle2mqn/?web2x&context=3
@@ -31,25 +32,22 @@ user_pref("browser.contentblocking.category", "strict");
     //user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.pbmode", true); // DEFAULT
     //user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.pbmode.top_navigation", true); // DEFAULT
     //user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // enabled with "Strict"
-
-// PREF: relax blocklist for ETP Strict
-// Using a less aggressive internal blocklist to mitigate site breakage.
-// This is easier than adjusting prefs for ETP Custom.
-// [NOTE] Sadly, this does not work on NIGHTLY; you must use Custom and adjust prefs individually.
-// [ALLOWLIST] https://disconnect.me/trackerprotection/unblocked
-//user_pref("browser.contentblocking.features.strict", "tp,tpPrivate,cookieBehavior5,cookieBehaviorPBM5,cm,fp,stp,emailTP,emailTPPrivate,lvl1,rp,rpTop,ocsp,qps,qpsPBM");
+//user_pref("privacy.annotate_channels.strict_list.enabled", true); // enabled with "Strict"
+    //user_pref("privacy.annotate_channels.strict_list.pbmode.enabled", true); // DEFAULT
 
 // PREF: query stripping
 // Currently uses a small list [1]
 // We set the same query stripping list that Brave and LibreWolf uses [2]
 // If using uBlock Origin or AdGuard, use filter lists as well [3]
+// Query parameters stripped [5]
 // [1] https://www.eyerys.com/articles/news/how-mozilla-firefox-improves-privacy-using-query-parameter-stripping-feature
 // [2] https://github.com/brave/brave-core/blob/f337a47cf84211807035581a9f609853752a32fb/browser/net/brave_site_hacks_network_delegate_helper.cc
 // [3] https://github.com/yokoffing/filterlists#url-tracking-parameters
+// [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1706607
+// [5] https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/records
 //user_pref("privacy.query_stripping.enabled", true); // enabled with "Strict"
 //user_pref("privacy.query_stripping.enabled.pbmode", true); // enabled with "Strict"
-user_pref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oft_c oft_ck oft_d oft_id oft_ids oft_k oft_lk oft_sk oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid");
-//user_pref("privacy.query_stripping.strip_on_share.enabled", true); // DEFAULT [FF115+]
+//user_pref("privacy.query_stripping.strip_on_share.enabled", true);
 
 // PREF: allow embedded tweets, Instagram and Reddit posts, and TikTok embeds
 // [TEST - reddit embed] https://www.pcgamer.com/amazing-halo-infinite-bugs-are-already-rolling-in/
@@ -117,7 +115,7 @@ user_pref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.
 //user_pref("privacy.partition.network_state", true); // DEFAULT
     //user_pref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+]
     //user_pref("privacy.partition.network_state.ocsp_cache", true); // enabled with "Strict"
-    //user_pref("privacy.partition.bloburl_per_agent_cluster", true); [REGRESSIONS]
+    //user_pref("privacy.partition.bloburl_per_agent_cluster", false); // DEFAULT [REGRESSIONS - DO NOT TOUCH]
 // enable APS (Always Partitioning Storage) [FF104+]
 //user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [DEFAULT: true FF109+]
 //user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [DEFAULT: false FF109+]
@@ -139,11 +137,18 @@ user_pref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.
 //user_pref("privacy.purge_trackers.enabled", true); // DEFAULT
 
 // PREF: SameSite Cookies
-// [1] https://hacks.mozilla.org/2020/08/changes-to-samesite-cookie-behavior/
-// [2] https://web.dev/samesite-cookies-explained/
-//user_pref("network.cookie.sameSite.laxByDefault", false); // DEFAULT
-//user_pref("network.cookie.sameSite.noneRequiresSecure", true); // DEFAULT
-//user_pref("network.cookie.sameSite.schemeful", false); // DEFAULT
+// [1] https://caniuse.com/?search=samesite
+// [2] https://github.com/arkenfox/user.js/issues/1640#issuecomment-1464093950
+// [3] https://support.mozilla.org/en-US/questions/1364032
+// [4] https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/
+// [5] https://hacks.mozilla.org/2020/08/changes-to-samesite-cookie-behavior/
+// [6] https://web.dev/samesite-cookies-explained/
+// [7] https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions
+// [8] https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+// [TEST] https://samesite-sandbox.glitch.me/
+//user_pref("network.cookie.sameSite.laxByDefault", true);
+//user_pref("network.cookie.sameSite.noneRequiresSecure", true);
+//user_pref("network.cookie.sameSite.schemeful", true);
 
 // PREF: Hyperlink Auditing (click tracking)
 //user_pref("browser.send_pings", false); // DEFAULT
@@ -255,6 +260,10 @@ user_pref("security.cert_pinning.enforcement_level", 2);
 //user_pref("security.enterprise_roots.enabled", false); // DEFAULT
     //user_pref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
 
+// PREF: disable Microsoft Family Safety [WINDOWS 8-10]
+// [1] https://wiki.mozilla.org/QA/Windows_Child_Mode
+//user_pref("security.family_safety.mode", 0);
+
 /****************************************************************************
  * SECTION: SSL (Secure Sockets Layer) / TLS (Transport Layer Security)    *
 ****************************************************************************/
@@ -267,6 +276,7 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 
 // PREF: require safe negotiation
 // [ERROR] SSL_ERROR_UNSAFE_NEGOTIATION
+// [WARNING] Breaks ea.com login (Sep 2023).
 // Blocks connections to servers that don't support RFC 5746 [2]
 // as they're potentially vulnerable to a MiTM attack [3].
 // A server without RFC 5746 can be safe from the attack if it
@@ -279,19 +289,19 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
 // [2] https://datatracker.ietf.org/doc/html/rfc5746
 // [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
 // [4] https://www.ssllabs.com/ssl-pulse/
-user_pref("security.ssl.require_safe_negotiation", true);
+//user_pref("security.ssl.require_safe_negotiation", true);
 
 // PREF: display advanced information on Insecure Connection warning pages
 // [TEST] https://expired.badssl.com/
 user_pref("browser.xul.error_pages.expert_bad_cert", true);
 
-// PREF: disable TLS 1.3 0-RTT (round-trip time) [FF51+]
+// PREF: disable 0-RTT (round-trip time) to improve TLS 1.3 security [FF51+]
 // This data is not forward secret, as it is encrypted solely under keys derived using
 // the offered PSK. There are no guarantees of non-replay between connections.
 // [1] https://github.com/tlswg/tls13-spec/issues/1001
 // [2] https://www.rfc-editor.org/rfc/rfc9001.html#name-replay-attacks-with-0-rtt
 // [3] https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/
-user_pref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security
+user_pref("security.tls.enable_0rtt_data", false);
 
 /****************************************************************************
  * SECTION: FONTS                                                          *
@@ -552,9 +562,14 @@ user_pref("network.IDN_show_punycode", true);
 ******************************************************************************/
 
 // PREF: HTTPS-First Policy
-// Firefox attempts to make all connections to websites secure, and falls back to insecure
-// connections only when a website does not support it. Unlike HTTPS-Only Mode, Firefox
-// will NOT ask for your permission before connecting to a website that doesn’t support secure connections.
+// Firefox attempts to make all connections to websites secure,
+// and falls back to insecure connections only when a website
+// does not support it. Unlike HTTPS-Only Mode, Firefox
+// will NOT ask for your permission before connecting to a website
+// that doesn’t support secure connections.
+// As of August 2023, Google estimates that 5-10% of traffic
+// has remained on HTTP, allowing attackers to eavesdrop
+// on or change that data [6].
 // [NOTE] HTTPS-Only Mode needs to be disabled for HTTPS First to work.
 // [TEST] http://example.com [upgrade]
 // [TEST] http://httpforever.com/ [no upgrade]
@@ -563,6 +578,7 @@ user_pref("network.IDN_show_punycode", true);
 // [3] https://github.com/brave/adblock-lists/blob/master/brave-lists/https-upgrade-exceptions-list.txt
 // [4] https://web.dev/why-https-matters/
 // [5] https://www.cloudflare.com/learning/ssl/why-use-https/
+// [6] https://blog.chromium.org/2023/08/towards-https-by-default.html
 user_pref("dom.security.https_first", true);
 //user_pref("dom.security.https_first_pbm", true); // DEFAULT
 
@@ -570,24 +586,30 @@ user_pref("dom.security.https_first", true);
  * SECTION: HTTPS-ONLY MODE                              *
 ******************************************************************************/
 
-// Firefox displays a warning page if HTTPS is not supported by a server. Options to use HTTP are then provided.
-// [NOTE] When "https_only_mode" (all windows) is true, "https_only_mode_pbm" (private windows only) is ignored.
+// Firefox displays a warning page if HTTPS is not supported
+// by a server. Options to use HTTP are then provided.
+// [NOTE] When "https_only_mode" (all windows) is true,
+// "https_only_mode_pbm" (private windows only) is ignored.
+// As of August 2023, Google estimates that 5-10% of traffic
+// has remained on HTTP, allowing attackers to eavesdrop
+// on or change that data [5].
 // [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On/Off/Off temporarily
 // [SETTING] Privacy & Security>HTTPS-Only Mode
 // [TEST] http://example.com [upgrade]
 // [TEST] http://httpforever.com/ [no upgrade]
-// [TEST] http://speedofanimals.com [no upgrade]
 // [1] https://bugzilla.mozilla.org/1613063
 // [2] https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/
 // [3] https://web.dev/why-https-matters/
 // [4] https://www.cloudflare.com/learning/ssl/why-use-https/
+// [5] https://blog.chromium.org/2023/08/towards-https-by-default.html
 
 // PREF: enable HTTPS-only Mode
 //user_pref("dom.security.https_only_mode_pbm", true); // Private Browsing windows only
 //user_pref("dom.security.https_only_mode", true); // Normal + Private Browsing windows
 
 // PREF: offer suggestion for HTTPS site when available
-// [1] https://twitter.com/leli_gibts_scho/status/1371458534186057731
+// [1] https://twitter.com/leli_gibts_scho/status/1371463866606059528
+// [TEST] http://speedofanimals.com/
 user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 
 // PREF: HTTP background requests in HTTPS-only Mode
@@ -611,22 +633,23 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 
 // PREF: DNS-over-HTTPS (DoH) mode
 // Mozilla uses Cloudfare by default. NextDNS is also an option.
-// [NOTE] You can set this to 0 if you are already using secure DNS for your entire network (e.g. OS-level, router-level).
+// You can set this to 0 if you are already using secure DNS for
+// your entire network (e.g. OS-level, router-level).
+// [NOTE] Mode 3 has site-exceptions with a nice UI on the error page
 // [1] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
 // [2] https://www.internetsociety.org/blog/2018/12/dns-privacy-support-in-mozilla-firefox/
-// 0=Disable DoH (default)
-// 2=Use DoH; fall back to traditional DNS if necessary
-// 3=Only use DoH; do not fall back to traditional DNS
-// 5=Explicitly disable DoH
+// 0=disable DoH (default)
+// 2=use DoH; fall back to native DNS if necessary
+// 3=only use DoH; do not fall back to native DNS
+// 5=explicitly disable DoH
 //user_pref("network.trr.mode", 0); // DEFAULT
 
-// PREF: DoH fallback warning page
-// Whether DoH fallback warning page will be displayed when DoH doesn't work in TRR first mode.
-//user_pref("network.trr.display_fallback_warning", false); // DEFAULT; 
-// Show the checkbox to enable the fallback warning page in the settings UI
-    //user_pref("network.trr_ui.show_fallback_warning_option", false); // DEFAULT; show the checkbox to enable the fallback warning page in the settings UI
+// PREF: display fallback warning page [FF115+]
+// Show a warning checkbox UI in modes 0 + 2.
+//user_pref("network.trr_ui.show_fallback_warning_option", false); // DEFAULT
+//user_pref("network.trr.display_fallback_warning", false); // DEFAULT
 
-// PREF: enable fallback to native DNS upon network errors
+// PREF: fallback to native DNS upon network errors
 //user_pref("network.trr.strict_native_fallback", false); // DEFAULT
 
 // PREF: DoH resolver
@@ -634,14 +657,17 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 //user_pref("network.trr.uri", "https://xxxx/dns-query");
     //user_pref("network.trr.custom_uri", "https://xxxx/dns-query");
 
-// PREF: EDNS Client Subnet DNS extension (DNSSEC validation)
-// When set to false, TRR asks the resolver to enable EDNS Client Subnet (ECS).
-// [WARNING] Some websites won't resolve when enabled, usually due to
-// misconfiguration on the part of the domain owner.
-// [NOTE] DNSSEC is not needed if you’re using DoH, as long as you trust the
-// DoH resolver to perform DNSSEC validation correctly. However, if you don’t
-// trust the DoH resolver, you may still want to use DNSSEC along with DoH [1].
-// [1] https://docs.controld.com/docs/disable-dnssec-option
+// PREF: adjust providers
+//user_pref("network.trr.resolvers", '[{ "name": "Cloudflare", "url": "https://mozilla.cloudflare-dns.com/dns-query" },{ "name": "SecureDNS", "url": "https://doh.securedns.eu/dns-query" },{ "name": "AppliedPrivacy", "url": "https://doh.appliedprivacy.net/query" },{ "name": "Digitale Gesellschaft (CH)", "url": "https://dns.digitale-gesellschaft.ch/dns-query" }, { "name": "Quad9", "url": "https://dns.quad9.net/dns-query" }]'); 
+
+// PREF: EDNS Client Subnet (ECS)
+// [WARNING] In some circumstances, enabling ECS may result
+// in suboptimal routing between CDN origins and end users [2].
+// [NOTE] You will also need to enable this with your
+// DoH provider most likely.
+// [1] https://en.wikipedia.org/wiki/EDNS_Client_Subnet
+// [2] https://www.quad9.net/support/faq/#edns
+// [3] https://datatracker.ietf.org/doc/html/rfc7871
 //user_pref("network.trr.disable-ECS", true); // DEFAULT
 
 // PREF: DNS Rebind Protection
@@ -650,10 +676,10 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 // [1] https://docs.controld.com/docs/dns-rebind-option
 //user_pref("network.trr.allow-rfc1918", false); // DEFAULT
 
-// PREF: Assorted Options
+// PREF: assorted options
 //user_pref("network.trr.confirmationNS", "skip"); // skip undesired DOH test connection
 //user_pref("network.dns.skipTRR-when-parental-control-enabled", false); // bypass parental controls when using DoH
-//user_pref("network.trr.skip-AAAA-when-not-supported", true); DEFAULT; If Firefox detects that your system does not have IPv6 connectivity, it will not request IPv6 addresses from the DoH server
+//user_pref("network.trr.skip-AAAA-when-not-supported", true); // DEFAULT; If Firefox detects that your system does not have IPv6 connectivity, it will not request IPv6 addresses from the DoH server
 //user_pref("network.trr.clear-cache-on-pref-change", true); // DEFAULT; DNS+TRR cache will be cleared when a relevant TRR pref changes
 //user_pref("network.trr.wait-for-portal", false); // DEFAULT; set this to true to tell Firefox to wait for the captive portal detection before TRR is used
 
@@ -661,17 +687,16 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 //user_pref("network.trr.excluded-domains", ""); // DEFAULT; comma-separated list of domain names to be resolved using the native resolver instead of TRR. This pref can be used to make /etc/hosts works with DNS over HTTPS in Firefox.
 //user_pref("network.trr.builtin-excluded-domains", "localhost,local"); // DEFAULT; comma-separated list of domain names to be resolved using the native resolver instead of TRR
 
-// PREF: enable Oblivious DoH setup (Cloudfare) [HIDDEN]
-// [1] https://www.reddit.com/r/firefox/comments/xc9y4g/how_to_enable_oblivious_doh_odoh_for_enhanced_dns/
-// [2] https://blog.cloudflare.com/oblivious-dns/
-// [3] https://techpp.com/2020/12/14/odoh-oblivious-dns-over-https-explained/
+// PREF: Oblivious HTTP (OHTTP)
+// Enable DNS over Oblivious HTTP.
+// [1] https://blog.cloudflare.com/stronger-than-a-promise-proving-oblivious-http-privacy-properties/
+// [2] https://www.ietf.org/archive/id/draft-thomson-http-oblivious-01.html
+// [3] https://old.reddit.com/r/dnscrypt/comments/11ukt43/what_is_dns_over_oblivious_http_targetrelay/ji1nl0m/?context=3
 //user_pref("network.trr.mode", 2);
-//user_pref("network.trr.odoh.enabled", true);
-//user_pref("network.trr.odoh.configs_uri", "https://odoh.cloudflare-dns.com/.well-known/odohconfigs");
-//user_pref("network.trr.odoh.target_host", "https://odoh.cloudflare-dns.com/");
-//user_pref("network.trr.odoh.target_path", "dns-query");
-//user_pref("network.trr.odoh.proxy_uri", "https://odoh1.surfdomeinen.nl/proxy");
-//user_pref("network.trr.odoh.min_ttl", 86400); // 1 day
+//user_pref("network.trr.ohttp.config_uri", "https://dooh.cloudflare-dns.com/.well-known/doohconfig");
+//user_pref("network.trr.ohttp.uri", "https://dooh.cloudflare-dns.com/dns-query");
+//user_pref("network.trr.ohttp.relay_uri", "https://dooh.waterfox.net/");
+//user_pref("network.trr.use_ohttp", true);
 
 /******************************************************************************
  * SECTION: ESNI / ECH                            *
@@ -691,14 +716,8 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 ******************************************************************************/
 
 // PREF: disable IPv6
-// IPv6 can be abused, especially with MAC addresses, and can leak with VPNs: assuming
-// your ISP and/or router and/or website is IPv6 capable. Most sites will fall back to IPv4
-// [STATS] Firefox telemetry (Sept 2022) shows ~8% of all successful connections are IPv6
-// [NOTE] This is an application level fallback. Disabling IPv6 is best done at an
-// OS/network level, and/or configured properly in VPN setups. If you are not masking your IP,
-// then this won't make much difference. If you are masking your IP, then it can only help.
-// [NOTE] However, many VPN options now provide IPv6 coverage.
-// [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT"
+// If you are not masking your IP, then this won't make much difference.
+// And some VPNs now cover IPv6.
 // [TEST] https://ipleak.org/
 // [1] https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6)
 //user_pref("network.dns.disableIPv6", true);
@@ -724,6 +743,9 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
 // [3] https://en.wikipedia.org/wiki/GIO_(software)
 //user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
 
+// PREF: disable check for proxies
+//user_pref("network.notify.checkForProxies", false);
+
 /******************************************************************************
  * SECTION: PASSWORDS                             *
 ******************************************************************************/
@@ -786,8 +808,9 @@ user_pref("signon.rememberSignons", false); // Privacy & Security>Logins and Pas
 user_pref("editor.truncate_user_pastes", false);
 
 // PREF: reveal password icon
-//user_pref("layout.forms.reveal-password-button.enabled", true); // always show icon in password fields
 //user_pref("layout.forms.reveal-password-context-menu.enabled", true); // right-click menu option; DEFAULT [FF112]
+// [DO NOT TOUCH] Icons will double-up if the website implements it natively:
+//user_pref("layout.forms.reveal-password-button.enabled", true); // always show icon in password fields
 
 /****************************************************************************
  * SECTION: ADDRESS + CREDIT CARD MANAGER                                   *
@@ -804,6 +827,8 @@ user_pref("extensions.formautofill.creditCards.enabled", false);
  * SECTION: MIXED CONTENT + CROSS-SITE                             *
 ******************************************************************************/
 
+// [TEST] https://mixed-script.badssl.com/
+
 // PREF: limit (or disable) HTTP authentication credentials dialogs triggered by sub-resources
 // Hardens against potential credentials phishing.
 // 0=don't allow sub-resources to open HTTP authentication credentials dialogs
@@ -816,7 +841,7 @@ user_pref("network.auth.subresource-http-auth-allow", 1);
 // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1695693,1719301
 //user_pref("network.http.windows-sso.enabled", false);
 
-// PREF: block insecure active content (scripts) on HTTPS pages.
+// PREF: block insecure active content (scripts) on HTTPS pages
 // [1] https://trac.torproject.org/projects/tor/ticket/21323
 //user_pref("security.mixed_content.block_active_content", true); // DEFAULT
 
@@ -871,16 +896,6 @@ user_pref("permissions.delegation.enabled", false);
  * SECTION: HEADERS / REFERERS                                             *
 ******************************************************************************/
 
-// PREF: HTTP Referrer Header
-// [NOTE] Only cross-origin referers need control.
-// See network.http.referer.XOriginPolicy.
-// This may cause breakage where third party images and videos
-// may not load, and with authentication on sites such as banks.
-// 0 = Never send
-// 1 = Send only when clicking on links and similar elements
-// 2 = Send on all requests (default)
-//user_pref("network.http.sendRefererHeader", 2); // DEFAULT
-
 // PREF: default referrer policy (used unless overriden by the site)
 // 0=no-referrer, 1=same-origin, 2=strict-origin-when-cross-origin (default),
 // 3=no-referrer-when-downgrade
@@ -898,12 +913,15 @@ user_pref("permissions.delegation.enabled", false);
 //user_pref("network.http.referer.defaultPolicy.trackers", 1);
 //user_pref("network.http.referer.defaultPolicy.trackers.pbmode", 1);
 
-// PREF: control the amount of cross-origin information to send
-// Controls how much referrer to send across origins (different domains).
-// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port
-// [1] https://blog.mozilla.org/security/2021/03/22/firefox-87-trims-http-referrers-by-default-to-protect-user-privacy/
-// [2] https://web.dev/referrer-best-practices/
-user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
+// PREF: HTTP Referrer Header
+// [NOTE] Only cross-origin referers need control.
+// See network.http.referer.XOriginPolicy.
+// This may cause breakage where third party images and videos
+// may not load, and with authentication on sites such as banks.
+// 0 = Never send
+// 1 = Send only when clicking on links and similar elements
+// 2 = Send on all requests (default)
+//user_pref("network.http.sendRefererHeader", 2); // DEFAULT
 
 // PREF: control when to send a cross-origin referer
 // Controls whether or not to send a referrer across different sites.
@@ -918,6 +936,13 @@ user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
 // [2] https://web.dev/referrer-best-practices/
 //user_pref("network.http.referer.XOriginPolicy", 0); // DEFAULT
 
+// PREF: control the amount of cross-origin information to send
+// Controls how much referrer to send across origins (different domains).
+// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port
+// [1] https://blog.mozilla.org/security/2021/03/22/firefox-87-trims-http-referrers-by-default-to-protect-user-privacy/
+// [2] https://web.dev/referrer-best-practices/
+user_pref("network.http.referer.XOriginTrimmingPolicy", 2);
+
 /******************************************************************************
  * SECTION: CONTAINERS                                                        *
 ******************************************************************************/
@@ -980,15 +1005,17 @@ user_pref("media.peerconnection.ice.default_address_only", true);
 
 // PREF: disable all DRM content (EME: Encryption Media Extension)
 // EME is a JavaScript API for playing DRMed (not free) video content in HTML.
-// A DRM component called a Content Decryption Module (CDM) decrypts, decodes, and displays the video.
+// A DRM component called a Content Decryption Module (CDM) decrypts,
+// decodes, and displays the video.
 // e.g. Netflix, Amazon Prime, Hulu, HBO, Disney+, Showtime, Starz, DirectTV
+// DRM is a propriety and closed source, but disabling is overkill.
 // [SETTING] General>DRM Content>Play DRM-controlled content
 // [TEST] https://bitmovin.com/demos/drm
 // [1] https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next
 // [2] https://www.reddit.com/r/firefox/comments/10gvplf/comment/j55htc7
 //user_pref("media.eme.enabled", false);
-// Optionally, hide the setting which also disables the DRM prompt:
-//user_pref("browser.eme.ui.enabled", false);
+    // Optionally, hide the setting which also disables the DRM prompt:
+    //user_pref("browser.eme.ui.enabled", false);
 
 /******************************************************************************
  * SECTION: VARIOUS                            *
@@ -1021,6 +1048,8 @@ user_pref("media.peerconnection.ice.default_address_only", true);
 // [2] https://wiki.mozilla.org/Security/Safe_Browsing
 // [3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work
 // [4] https://educatedguesswork.org/posts/safe-browsing-privacy/
+// [5] https://www.google.com/chrome/privacy/whitepaper.html#malware
+// [6] https://security.googleblog.com/2022/08/how-hash-based-safe-browsing-works-in.html
 
 // PREF: Safe Browsing
 // [WARNING] Be sure to have alternate security measures if you disable SB! Adblockers do not count!
@@ -1038,7 +1067,7 @@ user_pref("media.peerconnection.ice.default_address_only", true);
 // [10] https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)#services-we-proxy-through-brave-servers
 //user_pref("browser.safebrowsing.malware.enabled", false); // all checks happen locally
 //user_pref("browser.safebrowsing.phishing.enabled", false); // all checks happen locally
-    //user_pref("browser.safebrowsing.blockedURIs.enabled", false);
+//user_pref("browser.safebrowsing.blockedURIs.enabled", false); // all checks happen locally
     //user_pref("browser.safebrowsing.provider.google4.gethashURL", "");
     //user_pref("browser.safebrowsing.provider.google4.updateURL", "");
     //user_pref("browser.safebrowsing.provider.google.gethashURL", "");
@@ -1079,7 +1108,7 @@ user_pref("browser.safebrowsing.downloads.remote.enabled", false);
 // Disable it if you’re not using any type of physical impairment assistive software.
 // [1] https://support.mozilla.org/kb/accessibility-services
 // [2] https://www.ghacks.net/2021/08/25/firefox-tip-turn-off-accessibility-services-to-improve-performance/
-// [3] https://www.troddit.com/r/firefox/comments/p8g5zd/why_does_disabling_accessibility_services_improve
+// [3] https://www.reddit.com/r/firefox/comments/p8g5zd/why_does_disabling_accessibility_services_improve
 // [4] https://winaero.com/firefox-has-accessibility-service-memory-leak-you-should-disable-it/
 // [5] https://www.ghacks.net/2022/12/26/firefoxs-accessibility-performance-is-getting-a-huge-boost/
 user_pref("accessibility.force_disabled", 1);
@@ -1247,8 +1276,9 @@ user_pref("network.captive-portal-service.enabled", false);
 user_pref("network.connectivity-service.enabled", false);
 
 // PREF: software that continually reports what default browser you are using [WINDOWS]
-// [WARNING] Breaks "Make Default..." button in Preferences to set Firefox as the default browser [1].
-// [1] https://github.com/yokoffing/Betterfox/issues/166
+// [WARNING] Breaks "Make Default..." button in Preferences to set Firefox as the default browser [2].
+// [1] https://techdows.com/2020/04/what-is-firefox-default-browser-agent-and-how-to-disable-it.html
+// [2] https://github.com/yokoffing/Betterfox/issues/166
 //user_pref("default-browser-agent.enabled", false);
 
 // PREF: "report extensions for abuse"
@@ -1267,5 +1297,17 @@ user_pref("browser.ping-centre.telemetry", false);
 user_pref("browser.newtabpage.activity-stream.telemetry", false);
 user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
 
-// PREF: disable check for proxies
-//user_pref("network.notify.checkForProxies", false);
+// PREF: assorted telemetry
+// [NOTE] Shouldn't be needed for user.js, but browser forks
+// may want to disable these prefs.
+//user_pref("doh-rollout.disable-heuristics", true); // ensure DoH doesn't get enabled automatically
+//user_pref("dom.security.unexpected_system_load_telemetry_enabled", false);
+//user_pref("messaging-system.rsexperimentloader.enabled", false);
+//user_pref("network.trr.confirmation_telemetry_enabled", false);
+//user_pref("security.app_menu.recordEventTelemetry", false);
+//user_pref("security.certerrors.mitm.priming.enabled", false);
+//user_pref("security.certerrors.recordEventTelemetry", false);
+//user_pref("security.protectionspopup.recordEventTelemetry", false);
+//user_pref("signon.recipes.remoteRecipes.enabled", false);
+//user_pref("security.identitypopup.recordEventTelemetry", false); // ESR only; removed FF116+ [1]
+// [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1837979

librewolf.overrides.cfg

@@ -8,14 +8,18 @@
  */
 
 /****************************************************************************
- * Betterfox - LibreWolf overrides (beta)                                   *
+ * Betterfox - LibreWolf overrides                                          *
  * Quis custodiet ipsos custodes                                            *
- * version: November 2022                                                   *
+ * version: August 2023                                                     *
  * url: https://github.com/yokoffing/Betterfox                              *
- * license: https://github.com/yokoffing/Betterfox/blob/master/LICENSE      *
- * README: https://github.com/yokoffing/Betterfox/blob/master/README.md     *
+ * license: https://github.com/yokoffing/Betterfox/blob/main/LICENSE        *
+ * README: https://github.com/yokoffing/Betterfox/blob/main/README.md       *
 ****************************************************************************/
 
+// Better off just using a user.js file:
+// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41963
+// [2] https://github.com/arkenfox/user.js/issues/1695#issuecomment-1666505218
+
 // Where do I find my librewolf.overrides.cfg? https://librewolf.net/docs/settings/#where-do-i-find-my-librewolfoverridescfg
 // LibreWolf default prefs: https://gitlab.com/librewolf-community/settings/-/blob/master/librewolf.cfg
 
@@ -24,13 +28,11 @@
 ****************************************************************************/
 defaultPref("layout.css.grid-template-masonry-value.enabled", true);
 defaultPref("dom.enable_web_task_scheduling", true);
-defaultPref("layout.css.animation-composition.enabled", true);
 
 /****************************************************************************
  * SECTION: SECUREFOX                                                       *
 ****************************************************************************/
 /** TRACKING PROTECTION ***/
-defaultPref("privacy.trackingprotection.emailtracking.enabled", true);
 defaultPref("urlclassifier.trackingSkipURLs", "*.reddit.com, *.twitter.com, *.twimg.com");
 defaultPref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.twitter.com, *.twimg.com");
 
@@ -76,7 +78,6 @@ defaultPref("dom.push.enabled", false);
 defaultPref("layout.css.prefers-color-scheme.content-override", 2);
 defaultPref("toolkit.legacyUserProfileCustomizations.stylesheets", true);
 defaultPref("browser.compactmode.show", true);
-defaultPref("findbar.highlightAll", true);
 
 /** FULLSCREEN ***/
 defaultPref("full-screen-api.transition-duration.enter", "0 0");
@@ -94,6 +95,9 @@ defaultPref("browser.urlbar.unitConversion.enabled", true);
 // Default breaks some video players
 defaultPref("media.autoplay.blocking_policy", 0);
 
+/** PASSWORDS ***/
+defaultPref("editor.truncate_user_pastes", false);
+
 /** DOWNLOADS ***/
 defaultPref("browser.download.autohideButton", true);
 
@@ -103,8 +107,7 @@ defaultPref("browser.download.open_pdf_attachments_inline", true);
 /** TAB BEHAVIOR ***/
 defaultPref("browser.tabs.loadBookmarksInTabs", true);
 defaultPref("browser.bookmarks.openInTabClosesMenu", false);
-defaultPref("editor.truncate_user_pastes", false);
-defaultPref("clipboard.plainTextOnly", true);
+defaultPref("findbar.highlightAll", true);
 
 /****************************************************************************
  * END: BETTERFOX                                                           *

user-overrides.js

@@ -14,53 +14,48 @@
  * START: MY OVERRIDES                                                      *
 ****************************************************************************/
 
+/** SETUP ON FIRST INSTALLATION ***/
+//user_pref("network.trr.uri", "https://dns.nextdns.io/******/Firefox"); // TRR/DoH
+
 /** FASTFOX ***/
+//user_pref("dom.ipc.processCount.webIsolated", 2); // process per site
+//user_pref("dom.ipc.processPrelaunch.fission.number", 1); // number of Preallocated processes
 user_pref("browser.sessionstore.restore_pinned_tabs_on_demand", true);
-user_pref("browser.sessionstore.interval", 50000); // 5 min.; set minimum interval between session save operations
-user_pref("media.av1.enabled", false); // disable AV1 to force video hardware decoding
-user_pref("network.http.pacing.requests.min-parallelism", 18); // default=6
-user_pref("network.dnsCacheEntries", 20000); // maximum # of DNS entries
-//user_pref("network.dnsCacheExpiration", 86400); // keep DNS entries for 24 hours
-//user_pref("network.dnsCacheExpirationGracePeriod", 240); // 4 minutes
-user_pref("network.http.speculative-parallel-limit", 18); // default=6
-user_pref("network.dns.disablePrefetch", false);
-    user_pref("network.dns.disablePrefetchFromHTTPS", false);
-user_pref("network.early-hints.enabled", true);
-    user_pref("network.early-hints.preconnect.enabled", true);
-    user_pref("network.early-hints.preconnect.max_connections", 20); // Nightly=10
-user_pref("network.prefetch-next", true);
-user_pref("network.predictor.enabled", true);
-user_pref("network.predictor.enable-prefetch", true);
-user_pref("network.predictor.enable-hover-on-ssl", true);
-    user_pref("network.predictor.preresolve-min-confidence", 10);
-    user_pref("network.predictor.preconnect-min-confidence", 20);
-    user_pref("network.predictor.prefetch-min-confidence", 30);
-        user_pref("network.predictor.prefetch-force-valid-for", 3600);
-        user_pref("network.predictor.prefetch-rolling-load-count", 120);
-    user_pref("network.predictor.max-resources-per-entry", 250);
-    user_pref("network.predictor.max-uri-length", 1000);
+user_pref("network.http.speculative-parallel-limit", 6); // DEFAULT
+user_pref("network.dns.disablePrefetch", false); // DEFAULT; using DoH / ODNS
+user_pref("network.dns.disablePrefetchFromHTTPS", false); // using DoH / ODNS
+user_pref("browser.urlbar.speculativeConnect.enabled", true); // DEFAULT
+user_pref("browser.places.speculativeConnect.enabled", true); // DEFAULT
+user_pref("network.early-hints.enabled", true); // DEFAULT NIGHTLY
+user_pref("network.early-hints.preconnect.enabled", true);
+//user_pref("network.early-hints.preconnect.max_connections", 10); // DEFAULT; when 0, this is limited by "network.http.speculative-parallel-limit"
+user_pref("network.prefetch-next", true); // DEFAULT if using DOH/ODNS
+user_pref("network.predictor.enabled", false);
+user_pref("network.predictor.enable-prefetch", false);
 
 /** SECUREFOX ***/
+//user_pref("urlclassifier.features.socialtracking.skipURLs", "*.twitter.com, *.twimg.com"); // removed *.instagram.com
 user_pref("browser.urlbar.showSearchSuggestionsFirst", false); // unselect "Show search suggestions ahead of browsing history in address bar results" for clean UI
 user_pref("browser.urlbar.groupLabels.enabled", false); // hide Firefox Suggest label in URL dropdown box
-//user_pref("signon.rememberSignons", false); // Privacy & Security>Logins and Passwords>Ask to save logins and passwords for websites
 user_pref("signon.management.page.breach-alerts.enabled", false); // extra hardening
+user_pref("signon.autofillForms", false); // unselect "Autofill logins and passwords" for clean UI
 user_pref("signon.generation.enabled", false); // unselect "Suggest and generate strong passwords" for clean UI
 user_pref("signon.firefoxRelay.feature", "unavailable"); // unselect suggestions from Firefox Relay for clean UI
-user_pref("privacy.sanitize.sanitizeOnShutdown", true); // clear browsing data on shutdown
-user_pref("privacy.clearOnShutdown.offlineApps", true); // clear Site Data on shutdown
+//user_pref("privacy.sanitize.sanitizeOnShutdown", true); // clear browsing data on shutdown
+//user_pref("privacy.clearOnShutdown.offlineApps", true); // clear Site Data on shutdown
 user_pref("browser.safebrowsing.downloads.enabled", false); // deny SB to scan downloads to identify suspicious files; local checks only
 user_pref("browser.safebrowsing.downloads.remote.url", ""); // enforce no remote checks for downloads by SB
 user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); // clean up UI; not needed in user.js if remote downloads are disabled
 user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); // clean up UI; not needed in user.js if remote downloads are disabled
 user_pref("browser.safebrowsing.allowOverride", false); // do not allow user to override SB
-user_pref("dom.push.enabled", false); // disable Push API; breaks FF Sync
+user_pref("dom.push.enabled", false); // disable Push API; breaks FF Sync and Site Notifications
 user_pref("browser.search.update", false); // do not update opensearch engines
-user_pref("network.notify.checkForProxies", false); // skip proxy request check
+user_pref("network.dns.skipTRR-when-parental-control-enabled", false); // bypass parental controls when using DoH
 user_pref("network.trr.confirmationNS", "skip"); // skip TRR confirmation request
+user_pref("extensions.webextensions.restrictedDomains", ""); // remove Mozilla domains so adblocker works on pages
 
 /** PESKYFOX ***/
-user_pref("devtools.accessibility.enabled", false); // removes annoying "Inspect Accessibility Properties" on right-click
+user_pref("devtools.accessibility.enabled", false); // removes un-needed "Inspect Accessibility Properties" on right-click
 user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // Settings>Home>Firefox Home Content>Recent Activity>Shortcuts>Sponsored shortcuts
 user_pref("browser.newtabpage.activity-stream.showSponsored", false); // Settings>Home>Firefox Home Content>Recent Activity>Recommended by Pocket>Sponsored Stories  
 user_pref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); // Settings>Home>Firefox Home Content>Recent Activity>Bookmarks
@@ -70,6 +65,7 @@ user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket",
 user_pref("browser.download.folderList", 0); // 0=desktop, 1=downloads, 2=last used
 user_pref("browser.toolbars.bookmarks.visibility", "never"); // always hide bookmark bar
 user_pref("browser.startup.homepage_override.mstone", "ignore"); // What's New page after updates; master switch
+user_pref("browser.translations.autoTranslate", true); // make Firefox auto-translate non-English pages
 user_pref("browser.urlbar.suggest.bookmark", false); // hide URL bar dropdown suggestions
 user_pref("browser.urlbar.suggest.history", false); // hide URL bar dropdown suggestions
 user_pref("browser.urlbar.suggest.openpage", false); // hide URL bar dropdown suggestions
@@ -87,11 +83,10 @@ user_pref("ui.SpellCheckerUnderlineStyle", 1); // dots for spell check errors
 user_pref("media.videocontrols.picture-in-picture.display-text-tracks.size", "small"); // PiP
 user_pref("media.videocontrols.picture-in-picture.urlbar-button.enabled", false); // PiP in address bar
 user_pref("reader.parse-on-load.enabled", false); // disable reader mode
-    //user_pref("reader.color_scheme", "auto"); // match system theme for when reader is enabled
+//user_pref("reader.color_scheme", "auto"); // match system theme for when reader is enabled
 //user_pref("browser.urlbar.openintab", true); // stay on current site and open new tab when typing in URL bar
 
 /** DELETE IF NOT NIGHTLY ***/
-user_pref("layout.css.scroll-driven-animations.enabled", true); // CSS scroll-linked animations 
 user_pref("privacy.userContext.enabled", false); // disable Containers functionality
 user_pref("browser.crashReports.unsubmittedCheck.enabled", false); // true by default on NIGHTLY
 //user_pref("browser.urlbar.suggest.quickactions", false); // Quick Actions in URL bar
@@ -99,21 +94,19 @@ user_pref("browser.crashReports.unsubmittedCheck.enabled", false); // true by de
 
 /** DELETE IF NOT WINDOWS DESKTOP ***/
 user_pref("network.trr.mode", 3); // enable TRR (without System fallback)
-user_pref("pdfjs.defaultZoomValue", "125"); // DESKTOP; alt=page-width; PDF zoom level
+user_pref("gfx.canvas.accelerated", true); // DEFAULT except on WINDOWS; enable if not using an integrated GPU
+user_pref("default-browser-agent.enabled", false); // deny Mozilla monitoring default browser (breaks "Make Default" button)
+user_pref("pdfjs.defaultZoomValue", "125"); // alt=page-width; PDF zoom level
 user_pref("gfx.font_rendering.cleartype_params.rendering_mode", 5);
 user_pref("gfx.font_rendering.cleartype_params.cleartype_level", 100);
 user_pref("gfx.font_rendering.cleartype_params.force_gdi_classic_for_families", "");
 user_pref("gfx.font_rendering.cleartype_params.force_gdi_classic_max_size", 6);
 user_pref("gfx.font_rendering.directwrite.use_gdi_table_loading", false);
 //user_pref("gfx.font_rendering.cleartype_params.gamma", 898); // 1000-2200; https://www.reddit.com/r/firefox/comments/10ed7o2/comment/j4qar9y/
-user_pref("image.mem.decode_bytes_at_a_time", 262144); // alt=512000
-user_pref("browser.cache.memory.capacity", 2097152); // fixed maximum 2 GB in memory cache
-user_pref("browser.cache.memory.max_entry_size", 327680); // maximum size of in memory cached objects
-//user_pref("media.memory_caches_combined_limit_pc_sysmem", 40);
-user_pref("media.memory_caches_combined_limit_kb", 3145728);
 //user_pref("font.name.serif.x-western", "Roboto Slab"); // serif font
 //user_pref("font.name.sans-serif.x-western", "Roboto"); // sans-serif font
 //user_pref("font.name.monospace.x-western", "Fira Code"); // monospace font
+//user_pref("security.family_safety.mode", 0); // disable parental controls [WINDOWS 8-10]
 
 /** DELETE IF NOT macOS LAPTOP ***/
 user_pref("network.trr.mode", 2); // enable TRR (with System fallback)

user.js

@@ -10,7 +10,7 @@
 /****************************************************************************
  * Betterfox                                                                *
  * "Ad meliora"                                                             *
- * version: 116                                                             *
+ * version: 116.1                                                           *
  * url: https://github.com/yokoffing/Betterfox                              *
 ****************************************************************************/
 
@@ -20,7 +20,7 @@
 user_pref("nglayout.initialpaint.delay", 0);
 user_pref("nglayout.initialpaint.delay_in_oopif", 0);
 user_pref("content.notify.interval", 100000);
-user_pref("browser.startup.preXulSkeletonUI", false);
+user_pref("browser.startup.preXulSkeletonUI", false); // WINDOWS
 
 /** EXPERIMENTAL ***/
 user_pref("layout.css.grid-template-masonry-value.enabled", true);
@@ -28,23 +28,16 @@ user_pref("dom.enable_web_task_scheduling", true);
 user_pref("layout.css.has-selector.enabled", true);
 
 /** GFX ***/
-//user_pref("gfx.webrender.precache-shaders", true); // optional
 //user_pref("gfx.canvas.accelerated", true); // enable if using a dedicated GPU on WINDOWS
 user_pref("gfx.canvas.accelerated.cache-items", 4096);
 user_pref("gfx.canvas.accelerated.cache-size", 512);
 user_pref("gfx.content.skia-font-cache-size", 20);
 
 /** BROWSER CACHE ***/
-//user_pref("browser.cache.disk.enable", true); // DEFAULT
-//user_pref("browser.cache.disk.smart_size.enabled", false);
-//user_pref("browser.cache.disk.capacity", 8192000);
-//user_pref("browser.cache.disk.metadata_memory_limit", 10000);
-user_pref("browser.cache.memory.capacity", 1048576);
-user_pref("browser.cache.memory.max_entry_size", 65536);
+user_pref("browser.cache.disk.enable", false);
 
 /** MEDIA CACHE ***/
-user_pref("media.memory_cache_max_size", 196608);
-user_pref("media.memory_caches_combined_limit_kb", 1572864);
+user_pref("media.memory_cache_max_size", 65536);
 user_pref("media.cache_readahead_limit", 7200);
 user_pref("media.cache_resume_threshold", 3600);
 
@@ -58,13 +51,11 @@ user_pref("network.http.max-connections", 1800);
 user_pref("network.http.max-persistent-connections-per-server", 10);
 user_pref("network.http.max-urgent-start-excessive-connections-per-host", 5);
 user_pref("network.websocket.max-connections", 400);
-user_pref("network.http.pacing.requests.min-parallelism", 12);
-user_pref("network.http.pacing.requests.burst", 20);
-user_pref("network.http.connection-retry-timeout", 0);
+user_pref("network.http.pacing.requests.enabled", false);
 user_pref("network.dnsCacheEntries", 10000);
 user_pref("network.dnsCacheExpiration", 86400);
 user_pref("network.dns.max_high_priority_threads", 8);
-user_pref("network.ssl_tokens_cache_capacity", 32768);
+user_pref("network.ssl_tokens_cache_capacity", 20480);
 
 /** SPECULATIVE CONNECTIONS ***/
 user_pref("network.http.speculative-parallel-limit", 0);
@@ -82,7 +73,6 @@ user_pref("network.predictor.enable-prefetch", false);
 user_pref("browser.contentblocking.category", "strict");
 user_pref("urlclassifier.trackingSkipURLs", "*.reddit.com, *.twitter.com, *.twimg.com, *.tiktok.com");
 user_pref("urlclassifier.features.socialtracking.skipURLs", "*.instagram.com, *.twitter.com, *.twimg.com");
-user_pref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oft_c oft_ck oft_d oft_id oft_ids oft_k oft_lk oft_sk oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid");
 user_pref("browser.uitour.enabled", false);
 user_pref("privacy.globalprivacycontrol.enabled", true);
 user_pref("privacy.globalprivacycontrol.functionality.enabled", true);
@@ -95,14 +85,12 @@ user_pref("security.cert_pinning.enforcement_level", 2);
 
 /** SSL / TLS ***/
 user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
-user_pref("security.ssl.require_safe_negotiation", true);
 user_pref("browser.xul.error_pages.expert_bad_cert", true);
 user_pref("security.tls.enable_0rtt_data", false);
 
 /** DISK AVOIDANCE ***/
 user_pref("browser.privatebrowsing.forceMediaMemoryCache", true);
 user_pref("browser.sessionstore.interval", 60000);
-user_pref("browser.sessionstore.privacy_level", 2);
 
 /** SHUTDOWN & SANITIZING ***/
 user_pref("privacy.history.custom", true);
@@ -121,9 +109,6 @@ user_pref("network.IDN_show_punycode", true);
 /** HTTPS-FIRST POLICY ***/
 user_pref("dom.security.https_first", true);
 
-/** HTTPS-ONLY MODE ***/
-user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
-
 /** PASSWORDS AND AUTOFILL ***/
 user_pref("signon.rememberSignons", false);
 user_pref("editor.truncate_user_pastes", false);
@@ -208,6 +193,9 @@ user_pref("browser.preferences.moreFromMozilla", false);
 user_pref("browser.tabs.tabmanager.enabled", false);
 user_pref("browser.aboutConfig.showWarning", false);
 user_pref("browser.aboutwelcome.enabled", false);
+user_pref("browser.display.focus_ring_on_anything", true);
+user_pref("browser.display.focus_ring_style", 0);
+user_pref("browser.display.focus_ring_width", 0);
 user_pref("browser.privateWindowSeparation.enabled", false); // WINDOWS
 user_pref("browser.privatebrowsing.enable-new-indicator", false);
 user_pref("cookiebanners.service.mode", 2);
@@ -235,9 +223,9 @@ user_pref("extensions.pocket.enabled", false);
 
 /** DOWNLOADS ***/
 user_pref("browser.download.useDownloadDir", false);
+user_pref("browser.download.always_ask_before_handling_new_types", true);
 user_pref("browser.download.alwaysOpenPanel", false);
 user_pref("browser.download.manager.addToRecentDocs", false);
-user_pref("browser.download.always_ask_before_handling_new_types", true);
 
 /** PDF ***/
 user_pref("browser.download.open_pdf_attachments_inline", true);
@@ -252,7 +240,7 @@ user_pref("findbar.highlightAll", true);
 /****************************************************************************
  * SECTION: SMOOTHFOX                                                       *
 ****************************************************************************/
-// visit https://github.com/yokoffing/Betterfox/blob/master/Smoothfox.js
+// visit https://github.com/yokoffing/Betterfox/blob/main/Smoothfox.js
 // Enter your scrolling prefs below this line:
 
 /****************************************************************************