Merged all the changes from custom.js
This commit is contained in:
@@ -214,8 +214,65 @@ user_pref("layout.word_select.eat_space_to_next_word", false);
|
||||
// visit https://github.com/yokoffing/Betterfox/wiki/Optional-Hardening
|
||||
// Enter your personal overrides below this line:
|
||||
|
||||
// PREF: restore login manager
|
||||
user_pref("signon.rememberSignons", true);
|
||||
|
||||
// PREF: restore Top Sites on New Tab page
|
||||
user_pref("browser.newtabpage.activity-stream.feeds.topsites", true);
|
||||
|
||||
// PREF: enable container tabs
|
||||
user_pref("privacy.userContext.enabled", true);
|
||||
|
||||
/***********************************
|
||||
* START: HARDENING *
|
||||
***********************************/
|
||||
|
||||
// PREF: disable Firefox Sync
|
||||
user_pref("identity.fxaccounts.enabled", false);
|
||||
|
||||
// PREF: disable the Firefox View tour from popping up
|
||||
user_pref("browser.firefox-view.feature-tour", '{"screen":"","complete":true}');
|
||||
|
||||
// PREF: enable HTTPS-Only Mode
|
||||
// Warn me before loading sites that don't support HTTPS
|
||||
// in both Normal and Private Browsing windows.
|
||||
user_pref("dom.security.https_only_mode", true);
|
||||
user_pref("dom.security.https_only_mode_error_page_user_suggestions", true);
|
||||
|
||||
// PREF: disable captive portal detection
|
||||
// [WARNING] Do NOT use for mobile devices!
|
||||
user_pref("captivedetect.canonicalURL", "");
|
||||
user_pref("network.captive-portal-service.enabled", false);
|
||||
user_pref("network.connectivity-service.enabled", false);
|
||||
|
||||
// PREF: set DoH provider
|
||||
user_pref("network.trr.uri", "https://family.dns.mullvad.net/dns-query");
|
||||
user_pref("network.trr.custom_uri", "https://family.dns.mullvad.net/dns-query");
|
||||
|
||||
// PREF: enforce DNS-over-HTTPS (DoH)
|
||||
user_pref("network.trr.mode", 3);
|
||||
|
||||
// PREF: enforce certificate pinning
|
||||
// [ERROR] MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE
|
||||
// 1 = allow user MiTM (such as your antivirus) (default)
|
||||
// 2 = strict
|
||||
user_pref("security.cert_pinning.enforcement_level", 2);
|
||||
|
||||
// PREF: delete all browsing data on shutdown
|
||||
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
|
||||
user_pref("privacy.clearOnShutdown_v2.cache", true);
|
||||
user_pref("privacy.clearOnShutdown_v2.formdata", true);
|
||||
|
||||
// PREF: after crashes or restarts, do not save extra session data
|
||||
// such as form content, scrollbar positions, and POST data
|
||||
user_pref("browser.sessionstore.privacy_level", 2);
|
||||
|
||||
// PREF: disable all DRM content
|
||||
user_pref("media.eme.enabled", false);
|
||||
|
||||
/***********************************
|
||||
* END: HARDENING *
|
||||
***********************************/
|
||||
|
||||
/****************************************************************************
|
||||
* END: MY OVERRIDES *
|
||||
@@ -225,6 +282,9 @@ user_pref("layout.word_select.eat_space_to_next_word", false);
|
||||
* START: ARKEN FOX MODS *
|
||||
****************************************************************************/
|
||||
|
||||
// Disable IPv6
|
||||
user_pref("network.dns.disableIPv6", true);
|
||||
|
||||
// Enforce no "Hyperlink Auditing" (click tracking)
|
||||
user_pref("browser.send_pings", false); // [DEFAULT: false]
|
||||
|
||||
@@ -263,10 +323,166 @@ user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: fa
|
||||
user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+]
|
||||
user_pref("browser.urlbar.clipboard.featureGate", false);
|
||||
|
||||
// Disable location bar suggestion types
|
||||
user_pref("browser.urlbar.suggest.history", false);
|
||||
// user_pref("browser.urlbar.suggest.bookmark", false);
|
||||
// user_pref("browser.urlbar.suggest.openpage", false);
|
||||
// user_pref("browser.urlbar.suggest.topsites", false);
|
||||
|
||||
// Disable Form Autofill
|
||||
user_pref("extensions.formautofill.addresses.enabled", false); // [FF55+]
|
||||
user_pref("extensions.formautofill.creditCards.enabled", false); // [FF56+]
|
||||
|
||||
// Limit events that can cause a pop-up
|
||||
user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
|
||||
|
||||
// Enable CRLite [FF73+]
|
||||
/*
|
||||
* 0 = disabled
|
||||
* 1 = consult CRLite but only collect telemetry
|
||||
* 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results
|
||||
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default)
|
||||
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071
|
||||
* [2] https://blog.mozilla.org/security/tag/crlite/
|
||||
*/
|
||||
user_pref("security.remote_settings.crlite_filters.enabled", true); // [DEFAULT: true FF137+]
|
||||
|
||||
// Enable HTTPS-Only mode in all windows
|
||||
/*
|
||||
* When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
|
||||
* [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site")
|
||||
* [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
|
||||
* [TEST] http://example.com [upgrade]
|
||||
* [TEST] http://httpforever.com/ | http://http.rip [no upgrade]
|
||||
*/
|
||||
user_pref("dom.security.https_only_mode", true); // [FF76+]
|
||||
user_pref("dom.security.https_only_mode_pbm", true); // [FF80+]
|
||||
|
||||
// Disable RFP spoof english prompt
|
||||
// [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English...
|
||||
user_pref("privacy.spoof_english", 1);
|
||||
|
||||
// DOM (DOCUMENT OBJECT MODEL)
|
||||
// Prevent scripts from moving and resizing open windows
|
||||
user_pref("dom.disable_window_move_resize", true);
|
||||
|
||||
// Disable UITour backend so there is no chance that a remote page can use it
|
||||
user_pref("browser.uitour.url", ""); // Defense-in-depth
|
||||
|
||||
// Reset remote debugging to disabled
|
||||
user_pref("devtools.debugger.remote-enabled", false); // [DEFAULT: false]
|
||||
|
||||
// Enforce PDFJS
|
||||
user_pref("pdfjs.disabled", false); // [DEFAULT: false]
|
||||
|
||||
// Disable content analysis by DLP (Data Loss Prevention) agents
|
||||
user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT: false]
|
||||
user_pref("browser.contentanalysis.default_result", 0); // [FF127+] [DEFAULT: 0]
|
||||
|
||||
// DOWNLOADS
|
||||
/*
|
||||
* Enable user interaction for security by always asking how to handle new mimetypes [FF101+]
|
||||
* [SETTING] General>Files and Applications>What should Firefox do with other files
|
||||
*/
|
||||
user_pref("browser.download.always_ask_before_handling_new_types", true);
|
||||
|
||||
// Fingerprint Protection
|
||||
// Enable FPP in PB mode
|
||||
user_pref("privacy.fingerprintingProtection.pbmode", true);
|
||||
// Disable remote FPP overrides
|
||||
user_pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false);
|
||||
|
||||
// Enfore Firefox blocklist
|
||||
user_pref("extensions.blocklist.enabled", true); // [DEFAULT: true]
|
||||
|
||||
// Enfore no referer spoofing
|
||||
user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
|
||||
|
||||
// Security delay on confirmation dialogues
|
||||
user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000]
|
||||
|
||||
// Enfore no First Party Isolation
|
||||
user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false]
|
||||
|
||||
// Enfore SmartBlock shims
|
||||
user_pref("extensions.webcompat.enable_shims", true); // [HIDDEN PREF] [DEFAULT: true]
|
||||
|
||||
// Enforce no TLS 1.0/1.1 downgrades
|
||||
user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false]
|
||||
|
||||
// Enforce disabling of Web Compatibility Reporter [FF56+]
|
||||
user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false]
|
||||
|
||||
// Enforce Quarantined Domains [FF115+]
|
||||
user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]
|
||||
|
||||
// Disable using the OS's geolocation service
|
||||
user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX]
|
||||
|
||||
// Disable APIs
|
||||
/*
|
||||
* Location-Aware Browsing, Full Screen
|
||||
* [WHY] The API state is easily fingerprintable.
|
||||
* Geo is behind a prompt (7002). Full screen requires user interaction
|
||||
*/
|
||||
user_pref("geo.enabled", false);
|
||||
user_pref("full-screen-api.enabled", false);
|
||||
|
||||
// Enable the DNT (Do Not Track) HTTP header
|
||||
user_pref("privacy.donottrackheader.enabled", true);
|
||||
|
||||
// Customize Enhanced Tracking Protection (ETP)
|
||||
user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5]
|
||||
user_pref("network.cookie.cookieBehavior.optInPartitioning", true); // [ETP FF132+]
|
||||
user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
|
||||
user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
|
||||
user_pref("privacy.bounceTrackingProtection.mode", 1); // [FF131+] [ETP FF133+]
|
||||
user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+]
|
||||
user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true]
|
||||
user_pref("privacy.query_stripping.enabled", true); // [FF101+]
|
||||
user_pref("privacy.trackingprotection.enabled", true);
|
||||
user_pref("privacy.trackingprotection.socialtracking.enabled", true);
|
||||
user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true]
|
||||
user_pref("privacy.trackingprotection.fingerprinting.enabled", true); // [DEFAULT: true]
|
||||
|
||||
// Disable WebRTC (Web Real-Time Communication)
|
||||
user_pref("media.peerconnection.enabled", false);
|
||||
|
||||
// Set the proxy server to do any DNS lookups when using SOCKS
|
||||
user_pref("network.proxy.socks_remote_dns", true);
|
||||
|
||||
// SSL (Secure Sockets Layer) / TLS (Transport Layer Security)
|
||||
// Require safe negotiation
|
||||
user_pref("security.ssl.require_safe_negotiation", true);
|
||||
// Set OCSP fetch failures (non-stapled, see 1211) to hard-fail
|
||||
user_pref("security.OCSP.require", true);
|
||||
|
||||
/****************************************************************************
|
||||
* END: ARKEN FOX MODS *
|
||||
****************************************************************************/
|
||||
|
||||
/****************************************************************************
|
||||
* START: CUSTOMISABLE *
|
||||
****************************************************************************/
|
||||
|
||||
// Disable location bar suggestion types
|
||||
// user_pref("browser.urlbar.suggest.bookmark", false);
|
||||
// user_pref("browser.urlbar.suggest.openpage", false);
|
||||
// user_pref("browser.urlbar.suggest.topsites", false);
|
||||
|
||||
/** disable websites overriding Firefox's keyboard shortcuts [FF58+]
|
||||
* 0 (default) or 1=allow, 2=block
|
||||
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Override Keyboard Shortcuts ***
|
||||
**/
|
||||
// user_pref("permissions.default.shortcuts", 2);
|
||||
|
||||
// Disable WebGL (Web Graphics Library)
|
||||
// user_pref("webgl.disabled", true);
|
||||
|
||||
/****************************************************************************
|
||||
* END: CUSTOMISABLE *
|
||||
****************************************************************************/
|
||||
|
||||
/****************************************************************************
|
||||
* SECTION: SMOOTHFOX *
|
||||
****************************************************************************/
|
||||
|
||||
Reference in New Issue
Block a user