notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 07:30:47 +05:30
Code Issues Releases Wiki Activity

Updated Optional Hardening (markdown)

yokoffing
2024-08-17 10:46:07 -04:00
parent d72d0817d7
commit 66e8c64daa
1 changed files with 24 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Optional-Hardening.md
+24 -17
@@ -84,6 +84,30 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
***
### Downloads
Enforce Firefox to inform you of any download attempts.
#### Always ask where to save files
* `☰` *→ Settings → General → Files and Applications → Downloads → Always ask you where to save files*
```javascript
// PREF: ask where to save every file
user_pref("browser.download.useDownloadDir", false);
```
#### Ask to open or save new file types
* `☰` *→ Settings → General → Files and Applications → Applications → What should Firefox do with other files?*
```javascript
// PREF: ask whether to open or save new file types
user_pref("browser.download.always_ask_before_handling_new_types", true);
```
***
### Disk Cache
Keep in mind that disabling the disk cache is only available on Firefox. It is consider a non-issue in any other browser.
@@ -212,23 +236,6 @@ You can confirm if DRM is disabled by going [here](https://bitmovin.com/demos/dr
***
### Require Secure Renegotiation
Block connections to servers that do not support RFC 5746, as they are potentially [vulnerable](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) to man-in-the-middle attacks.
A server without [RFC 5746](https://datatracker.ietf.org/doc/html/rfc5746) can be safe from the attack if it disables renegotiations. However, the browser cannot know that. Setting this pref to `true` is the only way to ensure no unsafe renegotiations occur between the browser and the server.
> [!WARNING]
> Some sites, like `EA.com`, will not let you login due to their weak encryption.
```javascript
// PREF: require safe SSL negotiation
// [ERROR] SSL_ERROR_UNSAFE_NEGOTIATION
user_pref("security.ssl.require_safe_negotiation", true);
```
***
### default-browser-agent
On Windows, Mozilla [collects](https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/data/default-browser-ping.html) information on what you've set as your default browser.