144.0 (#429 )

Allow Firefox installed as non-admin (#423 )
2026-06-29 08:02:12 +05:30 · 2025-10-18 21:03:42 -04:00 · 2025-09-05 14:53:22 -04:00
6 changed files with 87 additions and 57 deletions
@@ -22,6 +22,12 @@
 //user_pref("nglayout.initialpaint.delay", 5); // DEFAULT; formerly 250
    //user_pref("nglayout.initialpaint.delay_in_oopif", 5); // DEFAULT

+// PREF: Font rendering cache in Skia (32MB)
+// Increases font cache size to improve performance on text-heavy websites.
+// Especially beneficial for sites with many font faces or complex typography.
+// [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1239151#c2
+user_pref("gfx.content.skia-font-cache-size", 32); // 32 MB; default=5; Chrome=20
+
 // PREF: page reflow timer
 // Rather than wait until a page has completely downloaded to display it to the user,
 // web browsers will periodically render what has been received to that point.
@@ -47,7 +53,7 @@
 // [1] https://searchfox.org/mozilla-central/rev/c1180ea13e73eb985a49b15c0d90e977a1aa919c/modules/libpref/init/StaticPrefList.yaml#1824-1834
 // [2] https://web.archive.org/web/20240115073722/https://dev.opera.com/articles/efficient-javascript/?page=3#reflow
 // [3] https://web.archive.org/web/20240115073722/https://dev.opera.com/articles/efficient-javascript/?page=3#smoothspeed
-user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
+//user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 //user_pref("content.max.tokenizing.time", 1000000); // (1.00s); alt=2000000; HIDDEN
 //user_pref("content.interrupt.parsing", true); // HIDDEN
 //user_pref("content.notify.ontimer", true); // DEFAULT
@@ -129,13 +135,11 @@ user_pref("content.notify.interval", 100000); // (.10s); default=120000 (.12s)
 // [3] https://github.com/yokoffing/Betterfox/issues/198
 //user_pref("gfx.canvas.accelerated", true); // [DEFAULT FF133+]
 user_pref("gfx.canvas.accelerated.cache-items", 32768); // [default=8192 FF135+]; Chrome=4096
-user_pref("gfx.canvas.accelerated.cache-size", 1024); // default=256; Chrome=512
-user_pref("gfx.content.skia-font-cache-size", 20); // default=5; Chrome=20
+user_pref("gfx.canvas.accelerated.cache-size", 4096); // default=256; Chrome=512
 //user_pref("gfx.canvas.max-size", 32767); // DEFAULT=32767
-    // [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1239151#c2

 // PREF: WebGL
-user_pref("webgl.max-size", 8192); // default=1024
+user_pref("webgl.max-size", 16384); // default=1024
 //user_pref("webgl.force-enabled", true);

 // PREF: prefer GPU over CPU
@@ -284,7 +288,7 @@ user_pref("browser.cache.disk.enable", false);
 // [1] https://kb.mozillazine.org/Browser.cache.memory.capacity#-1
 // [2] https://searchfox.org/mozilla-central/source/netwerk/cache2/CacheObserver.cpp#94-125
 // [3] https://github.com/WaterfoxCo/Waterfox/commit/3fed16932c80a2f6b37d126fe10aed66c7f1c214
-user_pref("browser.cache.memory.capacity", 65536); // 64MB RAM cache; alt=131072 (128 MB RAM cache); default=32768
+user_pref("browser.cache.memory.capacity", 131072); // 128 MB RAM cache; alt=65536 (65 MB RAM cache); default=32768
 user_pref("browser.cache.memory.max_entry_size", 20480); // 20 MB max entry; default=5120 (5 MB)

 // PREF: amount of Back/Forward cached pages stored in memory for each tab
@@ -316,7 +320,7 @@ user_pref("browser.sessionstore.max_tabs_undo", 10); // default=25
 // PREF: media memory cache
 // [1] https://hg.mozilla.org/mozilla-central/file/tip/modules/libpref/init/StaticPrefList.yaml#l9652
 // [2] https://github.com/arkenfox/user.js/pull/941#issuecomment-668278121
-user_pref("media.memory_cache_max_size", 98304); // 98MB; default=8192; AF=65536
+user_pref("media.memory_cache_max_size", 262144); // 256 MB; default=8192; AF=65536

 // PREF: media cache combine sizes
 user_pref("media.memory_caches_combined_limit_kb", 1048576); // 1GB; default=524288
@@ -405,7 +409,7 @@ user_pref("network.dnsCacheExpiration", 3600); // keep entries for 1 hour; defau
 //user_pref("network.dns.max_any_priority_threads", 24); // DEFAULT [FF 123?]

 // PREF: increase TLS token caching 
-//user_pref("network.ssl_tokens_cache_capacity", 6144); // default=2048; more TLS token caching (fast reconnects)
+user_pref("network.ssl_tokens_cache_capacity", 10240); // default=2048; more TLS token caching (fast reconnects)

 /****************************************************************************
 * SECTION: SPECULATIVE LOADING                                            *
@@ -109,12 +109,15 @@ user_pref("browser.ml.enable", false);
 // PREF: AI chat
 user_pref("browser.ml.chat.enabled", false);

+// PREF: AI chatbot option in right click menu
+user_pref("browser.ml.chat.menu", false);
+
 // PREF: AI-enhanced tab groups
 // [1] https://support.mozilla.org/kb/how-use-ai-enhanced-tab-groups
-//user_pref("browser.tabs.groups.smart.enabled", false);
+user_pref("browser.tabs.groups.smart.enabled", false);

 // PREF: link previews
-//user_pref("browser.ml.linkPreview.enabled", false);
+user_pref("browser.ml.linkPreview.enabled", false);

 /****************************************************************************
 * SECTION: COOKIE BANNER HANDLING                                          *
@@ -46,6 +46,7 @@ The `user.js` — a configuration file that controls Firefox settings — is cur
 > While the browsers listed below incorporate Betterfox to some extent, they often modify it in ways that reduce its effectiveness. For optimal results, apply the `user.js` file even when using Firefox forks.

 * [Zen](https://github.com/zen-browser/desktop?tab=readme-ov-file) | [files](https://github.com/zen-browser/desktop/blob/stable/src/browser/app/profile/zen-browser.js) (July 2024)
+* [FireDragon](https://github.com/dr460nf1r3/firedragon-browser/blob/master/README.md) | [files](https://github.com/dr460nf1r3/firedragon-browser/blob/55fc6e5029542cd90fabe23cb44c89568d74d006/firedragon.cfg#L822-L824) (Jan 2024?)
 * [Midori](https://github.com/goastian/midori-desktop/blob/ESR115/README.md) | [files](https://github.com/goastian/midori-desktop/blob/f3d8d96eb8e08f35a64e3c957bea4e839d7c7730/floorp/browser/components/userjsUtils.sys.mjs#L28-L33) (Dec 2023?)
 * [Mercury](https://github.com/Alex313031/Mercury/releases/tag/v.115.3.0) | [files](https://github.com/Alex313031/Mercury/commit/eb9600f9fb8f48c8f5b5c6f3264fbcdb5caff7f5) (Sep 2023)
 * [Waterfox](https://www.waterfox.net/docs/releases/G6.0/) | [files](https://github.com/WaterfoxCo/Waterfox/tree/current/waterfox/browser/app/profile) (Sep 2023)
@@ -1138,6 +1138,53 @@ user_pref("privacy.userContext.ui.enabled", true);
    // Optionally, hide the setting which also disables the DRM prompt:
    //user_pref("browser.eme.ui.enabled", false);

+/******************************************************************************
+ * SECTION: JIT                                                              *
+******************************************************************************/
+// PREF: Just-In-Time Compilation
+// Around half of zero-day exploits are directly related to "just in time"
+// (JIT) compilers, and disabling that can greatly improve your protection against
+// these potential exploits.
+// [1] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
+// [2] https://www.youtube.com/watch?v=i7qlZeDt9o4
+
+// PREF: JavaScript JIT
+// PREF: disable Ion and baseline JIT to harden against JS exploits
+// [NOTE] When both Ion and JIT are disabled, and trustedprincipals
+// is enabled, then Ion can still be used by extensions [4].
+// Tor Browser doesn't even ship with these disabled by default.
+// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
+// [2] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
+// [3] https://support.microsoft.com/en-us/microsoft-edge/enhance-your-security-on-the-web-with-microsoft-edge-b8199f13-b21b-4a08-a806-daed31a1929d
+// [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
+// [5] https://wiki.mozilla.org/IonMonkey
+// [6] https://github.com/arkenfox/user.js/issues/1791#issuecomment-1891273681
+//user_pref("javascript.options.baselinejit", false);
+//user_pref("javascript.options.ion", false);
+//user_pref("javascript.options.jit_trustedprincipals", false);
+
+// PREF: WebAssembly JIT [FF52+]
+// Vulnerabilities [1] have increasingly been found, including those known and fixed
+// in native programs years ago [2]. WASM has powerful low-level access, making
+// certain attacks (brute-force) and vulnerabilities more possible.
+// [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
+// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
+// [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
+// [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
+//user_pref("javascript.options.wasm", false);
+    //user_pref("javascript.options.wasm_trustedprincipals", false);
+    //user_pref("javascript.options.wasm_baselinejit", false);
+    //user_pref("javascript.options.wasm_optimizingjit", false);
+
+// PREF: Asm.js JIT [FF22+]
+// [1] http://asmjs.org/
+// [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
+// [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
+//user_pref("javascript.options.asmjs", false);
+
+// PREF: Blinterp (JIT-like)
+//user_pref("javascript.options.blinterp", false);
+     
 /******************************************************************************
 * SECTION: VARIOUS                                                          *
 ******************************************************************************/
@@ -1151,39 +1198,6 @@ user_pref("privacy.userContext.ui.enabled", true);
 // If this is less than 5, then pasting code into the web console is disabled.
 //user_pref("devtools.selfxss.count", 5);

-// PREF: disable asm.js [FF22+]
-// [WARNING] Disabling this pref may disrupt your browsing experience.
-// [1] http://asmjs.org/
-// [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
-// [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/
-//user_pref("javascript.options.asmjs", false);
-
-// PREF: disable Ion and baseline JIT to harden against JS exploits
-// [NOTE] When both Ion and JIT are disabled, and trustedprincipals
-// is enabled, then Ion can still be used by extensions [4].
-// [WARNING] Disabling these prefs will disrupt your browsing experience [6].
-// Tor Browser doesn't even ship with these disabled by default.
-// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit
-// [2] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/
-// [3] https://support.microsoft.com/en-us/microsoft-edge/enhance-your-security-on-the-web-with-microsoft-edge-b8199f13-b21b-4a08-a806-daed31a1929d
-// [4] https://bugzilla.mozilla.org/show_bug.cgi?id=1599226
-// [5] https://wiki.mozilla.org/IonMonkey
-// [6] https://github.com/arkenfox/user.js/issues/1791#issuecomment-1891273681
-//user_pref("javascript.options.ion", false);
-//user_pref("javascript.options.baselinejit", false);
-//user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
-
-// PREF: disable WebAssembly [FF52+]
-// [WARNING] Disabling this pref may disrupt your browsing experience.
-// Vulnerabilities [1] have increasingly been found, including those known and fixed
-// in native programs years ago [2]. WASM has powerful low-level access, making
-// certain attacks (brute-force) and vulnerabilities more possible.
-// [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3]
-// [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
-// [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
-// [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes
-//user_pref("javascript.options.wasm", false);
-
 /******************************************************************************
 * SECTION: SAFE BROWSING (SB)                                               *
 ******************************************************************************/
@@ -51,6 +51,10 @@ INSTALLATIONS_TO_CHECK = [
        "command": [str(Path("C:/Program Files/Mozilla Firefox/firefox"))],
        "root": Path(getenv("APPDATA") or "").joinpath("Mozilla/Firefox").resolve(),
    },
+    {
+        "command": [str(Path(getenv("LOCALAPPDATA") or "").joinpath("Mozilla Firefox/firefox").resolve())],
+        "root": Path(getenv("APPDATA") or "").joinpath("Mozilla/Firefox").resolve(),
+    },
    # linux
    {
        "command": ["firefox"],
@@ -18,31 +18,39 @@
 * SECTION: FASTFOX                                                         *
 ****************************************************************************/
 /** GENERAL ***/
-user_pref("content.notify.interval", 100000);
+user_pref("gfx.content.skia-font-cache-size", 32);

 /** GFX ***/
-user_pref("gfx.canvas.accelerated.cache-size", 512);
-user_pref("gfx.content.skia-font-cache-size", 20);
+user_pref("gfx.canvas.accelerated.cache-items", 32768);
+user_pref("gfx.canvas.accelerated.cache-size", 4096);
+user_pref("webgl.max-size", 16384);

 /** DISK CACHE ***/
 user_pref("browser.cache.disk.enable", false);

 /** MEMORY CACHE ***/
+user_pref("browser.cache.memory.capacity", 131072);
+user_pref("browser.cache.memory.max_entry_size", 20480);
 user_pref("browser.sessionhistory.max_total_viewers", 4);
+user_pref("browser.sessionstore.max_tabs_undo", 10);

 /** MEDIA CACHE ***/
-user_pref("media.memory_cache_max_size", 65536);
-user_pref("media.cache_readahead_limit", 7200);
-user_pref("media.cache_resume_threshold", 3600);
+user_pref("media.memory_cache_max_size", 262144);
+user_pref("media.memory_caches_combined_limit_kb", 1048576);
+user_pref("media.cache_readahead_limit", 600);
+user_pref("media.cache_resume_threshold", 300);

 /** IMAGE CACHE ***/
-user_pref("image.mem.decode_bytes_at_a_time", 32768);
+user_pref("image.cache.size", 10485760);
+user_pref("image.mem.decode_bytes_at_a_time", 65536);

 /** NETWORK ***/
 user_pref("network.http.max-connections", 1800);
 user_pref("network.http.max-persistent-connections-per-server", 10);
 user_pref("network.http.max-urgent-start-excessive-connections-per-host", 5);
+user_pref("network.http.request.max-start-delay", 5);
 user_pref("network.http.pacing.requests.enabled", false);
+user_pref("network.dnsCacheEntries", 10000);
 user_pref("network.dnsCacheExpiration", 3600);
 user_pref("network.ssl_tokens_cache_capacity", 10240);

@@ -55,9 +63,6 @@ user_pref("browser.places.speculativeConnect.enabled", false);
 user_pref("network.prefetch-next", false);
 user_pref("network.predictor.enabled", false);

-/** EXPERIMENTAL ***/
-user_pref("layout.css.grid-template-masonry-value.enabled", true);
-
 /****************************************************************************
 * SECTION: SECUREFOX                                                       *
 ****************************************************************************/
@@ -178,7 +183,9 @@ user_pref("browser.privateWindowSeparation.enabled", false); // WINDOWS
 /** AI ***/
 user_pref("browser.ml.enable", false);
 user_pref("browser.ml.chat.enabled", false);
+user_pref("browser.ml.chat.menu", false);
 user_pref("browser.tabs.groups.smart.enabled", false);
+user_pref("browser.ml.linkPreview.enabled", false);

 /** FULLSCREEN NOTICE ***/
 user_pref("full-screen-api.transition-duration.enter", "0 0");
@@ -227,6 +234,3 @@ user_pref("layout.word_select.eat_space_to_next_word", false);
 /****************************************************************************
 * END: BETTERFOX                                                           *
 ****************************************************************************/
-
-
-
Author	SHA1	Message	Date
yokoffing	9efeb601f6	144.0 (#429 )	2025-10-18 21:03:42 -04:00
Vadim Zyamalov	7b3cee24cc	Allow Firefox installed as non-admin (#423 )	2025-09-05 14:53:22 -04:00