notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 15:40:48 +05:30
Code Issues Releases Wiki Activity

Updated Optional Hardening (markdown)

yokoffing
2023-10-09 18:25:11 -04:00
parent 648b8d8469
commit d50ab008e7
1 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Optional-Hardening.md
+14 -14
@@ -83,25 +83,12 @@ user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
***
### `default-browser-agent` (Windows only)
On Windows, Mozilla [collects information](https://techdows.com/2020/04/what-is-firefox-default-browser-agent-and-how-to-disable-it.html) on what you've set as your default browser. However, disabling `default-browser-agent.enabled` also breaks the `Make Default...` button to set Firefox as the default browser.
Add it to your overrides if you do not use this part of the UI (or already have Firefox set as the default browser).
```javascript
// PREF: disable telemetry of what default browser you use [WINDOWS]
// [NOTE] Breaks "Make Default..." button in Settings.
user_pref("default-browser-agent.enabled", false);
```
***
### Public Key Pinning
[Public Key Pinning](https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning) (PKP) is a tool that boosts the safety of [SSL certificates](https://www.cloudflare.com/learning/ssl/what-is-an-ssl-certificate/) by linking a website to its unique security key. This process ensures that the website you're visiting is real and not fake. PKP stops any attempts to trick your computer into connecting with a fraudulent website.
:warning: Sometimes antivirus software — or some other [source](https://github.com/yokoffing/Betterfox/issues/232#issuecomment-1732346856) — won't let you open websites ([example](https://www.reddit.com/r/firefox/comments/16mlv15/kaspersky_cant_scan_encrypted_connections_with/)).
:bulb: Unless you experience unwanted behavior during setup, we strongly recommend you add this override. Reset it to `1` if you run into issues.
:bulb: Reset it to `1` if you run into issues.
```javascript
// PREF: enforce certificate pinning
@@ -170,6 +157,19 @@ user_pref("network.trr.uri", "https://dns.quad9.net/dns-query");
***
### `default-browser-agent` (Windows only)
On Windows, Mozilla [collects information](https://techdows.com/2020/04/what-is-firefox-default-browser-agent-and-how-to-disable-it.html) on what you've set as your default browser. However, disabling `default-browser-agent.enabled` also breaks the `Make Default...` button to set Firefox as the default browser.
Add it to your overrides if you do not use this part of the UI (or already have Firefox set as the default browser).
```javascript
// PREF: disable telemetry of what default browser you use [WINDOWS]
// [NOTE] Breaks "Make Default..." button in Settings.
user_pref("default-browser-agent.enabled", false);
```
***
### Require Safe Negotiation
Block connections to servers that don't support [RFC 5746](https://datatracker.ietf.org/doc/html/rfc5746) as they're potentially [vulnerable](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) to a man-in-the-middle attack.