Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v119 #1757

Merged
merged 15 commits into from Nov 20, 2023
Merged

v119 #1757

Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
f77d174
v119
Thorin-Oakenpants Nov 1, 2023
7381f4b
remove dead wood
Thorin-Oakenpants Nov 1, 2023
c2b7b10
deprecated hidden pref
Thorin-Oakenpants Nov 1, 2023
de12d5a
tidy
Thorin-Oakenpants Nov 1, 2023
f7d4a0d
tidy RFP
Thorin-Oakenpants Nov 2, 2023
5759127
remove intl.accept_languages, closes #1759
Thorin-Oakenpants Nov 2, 2023
958e56a
shortcutFavicons is windows only, see #1747
Thorin-Oakenpants Nov 3, 2023
dc6e791
tidy scopes, see #1747
Thorin-Oakenpants Nov 3, 2023
8459770
fixup FPP canvas bugzilla number
Thorin-Oakenpants Nov 5, 2023
4787adc
add separate private search
Thorin-Oakenpants Nov 17, 2023
ac9f82a
notate some hidden prefs
Thorin-Oakenpants Nov 20, 2023
61ed383
make use_us_english inactive
Thorin-Oakenpants Nov 20, 2023
6a84b38
replace link
Thorin-Oakenpants Nov 20, 2023
0c62398
tidy
Thorin-Oakenpants Nov 20, 2023
56f27a7
dont add FPP info this release
Thorin-Oakenpants Nov 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
98 changes: 37 additions & 61 deletions user.js
View file
Open in desktop
@@ -1,7 +1,7 @@
/******
* name: arkenfox user.js
* date: 18 October 2023
* version: 118
* date: 20 November 2023
* version: 119
* urls: https://github.com/arkenfox/user.js [repo]
* : https://arkenfox.github.io/gui/ [interactive]
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
Expand Down Expand Up @@ -40,7 +40,7 @@
* INDEX:
0100: STARTUP
0200: GEOLOCATION / LANGUAGE / LOCALE
0200: GEOLOCATION
0300: QUIETER FOX
0400: SAFE BROWSING
0600: BLOCK IMPLICIT OUTBOUND
Expand Down Expand Up @@ -100,7 +100,7 @@ user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); //
* [NOTE] This does not block you from adding your own ***/
user_pref("browser.newtabpage.activity-stream.default.sites", "");

/*** [SECTION 0200]: GEOLOCATION / LANGUAGE / LOCALE ***/
/*** [SECTION 0200]: GEOLOCATION ***/
user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!");
/* 0201: use Mozilla geolocation service instead of Google if permission is granted [FF74+]
* Optionally enable logging to the console (defaults to false) ***/
Expand All @@ -109,16 +109,8 @@ user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/
/* 0202: disable using the OS's geolocation service ***/
user_pref("geo.provider.ms-windows-location", false); // [WINDOWS]
user_pref("geo.provider.use_corelocation", false); // [MAC]
user_pref("geo.provider.use_gpsd", false); // [LINUX]
user_pref("geo.provider.use_gpsd", false); // [LINUX] [HIDDEN PREF]
user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX]
/* 0210: set preferred language for displaying pages
* [SETTING] General>Language and Appearance>Language>Choose your preferred language...
* [TEST] https://addons.mozilla.org/about ***/
user_pref("intl.accept_languages", "en-US, en");
/* 0211: use en-US locale regardless of the system or region locale
* [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630 ***/
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]

/*** [SECTION 0300]: QUIETER FOX ***/
user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!");
Expand Down Expand Up @@ -268,7 +260,7 @@ user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost
user_pref("network.proxy.socks_remote_dns", true);
/* 0703: disable using UNC (Uniform Naming Convention) paths [FF61+]
* [SETUP-CHROME] Can break extensions for profiles on network shares
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/
* [1] https://bugzilla.mozilla.org/1413868 ***/
user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
/* 0704: disable GIO as a potential proxy bypass vector
* Gvfs/GIO has a set of supported protocols like obex, network, archive, computer,
Expand Down Expand Up @@ -297,8 +289,6 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: ""
* [3] https://support.mozilla.org/en-US/kb/firefox-dns-over-https
* [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
// user_pref("network.trr.mode", 3);
/* 0711: disable skipping DoH when parental controls are enabled [FF70+] ***/
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
/* 0712: set DoH provider
* The custom uri is the value shown when you "Choose provider>Custom>"
* [NOTE] If you USE custom then "network.trr.uri" should be set the same
Expand All @@ -311,11 +301,11 @@ user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!");
/* 0801: disable location bar making speculative connections [FF56+]
* [1] https://bugzilla.mozilla.org/1348275 ***/
user_pref("browser.urlbar.speculativeConnect.enabled", false);
/* 0802: disable location bar contextual suggestions [FF92+]
/* 0802: disable location bar contextual suggestions
* [SETTING] Privacy & Security>Address Bar>Suggestions from...
* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+]
/* 0803: disable live search suggestions
* [NOTE] Both must be true for the location bar to work
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
Expand Down Expand Up @@ -354,6 +344,10 @@ user_pref("browser.formfill.enable", false);
* [4] https://earthlng.github.io/testpages/visited_links.html (see github wiki APPENDIX A on how to use)
* [5] https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html ***/
// user_pref("layout.css.visited_links_enabled", false);
/* 0830: enable separate default search engine in Private Windows and its UI setting
* [SETTING] Search>Default Search Engine>Choose a different default search engine for Private Windows only ***/
user_pref("browser.search.separatePrivateDefault", true); // [FF70+]
user_pref("browser.search.separatePrivateDefault.ui.enabled", true); // [FF71+]

/*** [SECTION 0900]: PASSWORDS
[1] https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas
Expand Down Expand Up @@ -396,7 +390,7 @@ user_pref("browser.sessionstore.privacy_level", 2);
/* 1005: disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS]
* [1] https://bugzilla.mozilla.org/603903 ***/
user_pref("toolkit.winRegisterApplicationRestart", false);
/* 1006: disable favicons in shortcuts
/* 1006: disable favicons in shortcuts [WINDOWS]
* URL shortcuts use a cached randomly named .ico file which is stored in your
* profile/shortcutCache directory. The .ico remains after the shortcut is deleted
* If set to false then the shortcuts use a generic Firefox icon ***/
Expand All @@ -417,7 +411,7 @@ user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
* but the problem is that the browser can't know that. Setting this pref to true is the only way for the
* browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server
* [SETUP-WEB] SSL_ERROR_UNSAFE_NEGOTIATION: is it worth overriding this for that one site?
* [STATS] SSL Labs (Feb 2023) reports over 99.3% of top sites have secure renegotiation [4]
* [STATS] SSL Labs (Nov 2023) reports over 99.5% of top sites have secure renegotiation [4]
* [1] https://wiki.mozilla.org/Security:Renegotiation
* [2] https://datatracker.ietf.org/doc/html/rfc5746
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
Expand Down Expand Up @@ -462,7 +456,7 @@ user_pref("security.cert_pinning.enforcement_level", 2);
* 0 = disabled
* 1 = consult CRLite but only collect telemetry
* 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (FF99+, default FF100+)
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default)
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071
* [2] https://blog.mozilla.org/security/tag/crlite/ ***/
user_pref("security.remote_settings.crlite_filters.enabled", true);
Expand All @@ -471,7 +465,7 @@ user_pref("security.pki.crlite_mode", 2);
/** MIXED CONTENT ***/
/* 1241: disable insecure passive content (such as images) on https pages ***/
// user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see 1244)
/* 1244: enable HTTPS-Only mode in all windows [FF76+]
/* 1244: enable HTTPS-Only mode in all windows
* When the top-level is HTTPS, insecure subresources are also upgraded (silent fail)
* [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site")
* [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions)
Expand Down Expand Up @@ -603,12 +597,13 @@ user_pref("browser.download.manager.addToRecentDocs", false);
user_pref("browser.download.always_ask_before_handling_new_types", true);

/** EXTENSIONS ***/
/* 2660: lock down allowed extension directories
* [SETUP-CHROME] This will break extensions, language packs, themes and any other
* XPI files which are installed outside of profile and application directories
/* 2660: limit allowed extension directories
* 1=profile, 2=user, 4=application, 8=system, 16=temporary, 31=all
* The pref value represents the sum: e.g. 5 would be profile and application directories
* [SETUP-CHROME] Breaks usage of files which are installed outside allowed directories
* [1] https://archive.is/DYjAM ***/
user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF]
user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
// user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15]
/* 2661: disable bypassing 3rd party extension install prompts [FF82+]
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1659530,1681331 ***/
user_pref("extensions.postDownloadThirdPartyPrompt", false);
Expand All @@ -625,7 +620,7 @@ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin
* [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/
* [SETTING] to add site exceptions: Urlbar>ETP Shield
* [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/
user_pref("browser.contentblocking.category", "strict");
user_pref("browser.contentblocking.category", "strict"); // [HIDDEN PREF]
/* 2702: disable ETP web compat features [FF93+]
* [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants
* Opener and redirect heuristics are granted for 30 days, see [3]
Expand Down Expand Up @@ -703,7 +698,6 @@ user_pref("privacy.sanitize.timeSpan", 0);
1330890 - spoof timezone as UTC0 (FF55)
1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
FF56
1369303 - spoof/disable performance API
1333651 - spoof User Agent & Navigator API
version: android version spoofed as ESR (FF119 or lower)
OS: JS spoofed as Windows 10, OS 10.15, Android 10, or Linux | HTTP Headers spoofed as Windows or Android
Expand All @@ -716,7 +710,6 @@ user_pref("privacy.sanitize.timeSpan", 0);
1369309 - spoof media statistics
1382499 - reduce screen co-ordinate fingerprinting in Touch API
1217290 & 1409677 - enable some fingerprinting resistance for WebGL
1382545 - reduce fingerprinting in Animation API
1354633 - limit MediaError.message to a whitelist
FF58+
1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
Expand All @@ -741,7 +734,7 @@ user_pref("privacy.sanitize.timeSpan", 0);
1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80)
1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82)
531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100)
1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100-115)
1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102)
1422237 - return "srgb" with color-gamut (FF110)
1794628 - return "none" with inverted-colors (FF114)
Expand Down Expand Up @@ -973,10 +966,9 @@ user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000]
* [WARNING] Replaced with network partitioning (FF85+) and TCP (2701), and enabling FPI
* disables those. FPI is no longer maintained except at Tor Project for Tor Browser's config ***/
user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false]
/* 6009: enforce SmartBlock shims [FF81+]
* In FF96+ these are listed in about:compat
/* 6009: enforce SmartBlock shims (about:compat) [FF81+]
* [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/
user_pref("extensions.webcompat.enable_shims", true); // [DEFAULT: true]
user_pref("extensions.webcompat.enable_shims", true); // [HIDDEN PREF] [DEFAULT: true]
/* 6010: enforce no TLS 1.0/1.1 downgrades
* [TEST] https://tls-v1-1.badssl.com:1010/ ***/
user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false]
Expand All @@ -987,38 +979,13 @@ user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false]
/* 6012: enforce Quarantined Domains [FF115+]
* [WHY] https://support.mozilla.org/kb/quarantined-domains */
user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true]
/* 6050: prefsCleaner: previously active items removed from arkenfox 102-114 ***/
// user_pref("beacon.enabled", "");
// user_pref("browser.startup.blankWindow", "");
// user_pref("browser.newtab.preload", "");
// user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", "");
// user_pref("browser.newtabpage.activity-stream.feeds.snippets", "");
// user_pref("browser.region.network.url", "");
// user_pref("browser.region.update.enabled", "");
// user_pref("browser.ssl_override_behavior", "");
// user_pref("devtools.chrome.enabled", "");
// user_pref("dom.disable_beforeunload", "");
// user_pref("dom.disable_open_during_load", "");
// user_pref("extensions.formautofill.available", "");
// user_pref("extensions.formautofill.addresses.supported", "");
// user_pref("extensions.formautofill.creditCards.available", "");
// user_pref("extensions.formautofill.creditCards.supported", "");
// user_pref("middlemouse.contentLoadURL", "");
/* 6051: prefsCleaner: previously active items removed from arkenfox 115-127 ***/
/* 6050: prefsCleaner: previously active items removed from arkenfox 115-127 ***/
// user_pref("accessibility.force_disabled", "");
// user_pref("browser.fixup.alternate.enabled", "");
// user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", "");
// user_pref("network.protocol-handler.external.ms-windows-store", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", "");
// user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", "");
// user_pref("privacy.partition.serviceWorkers", "");
/* 6052: prefsCleaner: deprecated ESR102 items from FF103-115 ***/
// user_pref("browser.cache.offline.enable", "");
// user_pref("extensions.formautofill.heuristics.enabled", "");
// user_pref("network.cookie.lifetimePolicy", "");
// user_pref("privacy.clearsitedata.cache.enabled", "");
// user_pref("privacy.resistFingerprinting.testGranularityMask", "");
// user_pref("security.pki.sha1_enforcement_level", "");

/*** [SECTION 7000]: DON'T BOTHER ***/
user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!");
Expand Down Expand Up @@ -1103,7 +1070,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true);
// user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+]
// user_pref("privacy.partition.network_state.ocsp_cache", true);
// user_pref("privacy.query_stripping.enabled", true); // [FF101+] [ETP FF102+]
// user_pref("privacy.query_stripping.enabled", true); // [FF101+]
// user_pref("privacy.trackingprotection.enabled", true);
// user_pref("privacy.trackingprotection.socialtracking.enabled", true);
// user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true]
Expand Down Expand Up @@ -1160,7 +1127,7 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan
/*** [SECTION 9000]: NON-PROJECT RELATED ***/
user_pref("_user.js.parrot", "9000 syntax error: the parrot's cashed in 'is chips!");
/* 9001: disable welcome notices ***/
user_pref("browser.startup.homepage_override.mstone", "ignore");
user_pref("browser.startup.homepage_override.mstone", "ignore"); // [HIDDEN PREF]
/* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
Expand Down Expand Up @@ -1209,6 +1176,15 @@ user_pref("security.family_safety.mode", 0);
// [1] https://groups.google.com/forum/#!topic/mozilla.dev.platform/BdFOMAuCGW8/discussion
// [-] https://bugzilla.mozilla.org/1697151
// user_pref("permissions.delegation.enabled", false);
// FF119
// 0211: use en-US locale regardless of the system or region locale
// [SETUP-WEB] May break some input methods e.g xim/ibus for CJK languages [1]
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=867501,1629630
// [-] https://bugzilla.mozilla.org/1846224
// user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF]
// 0711: disable skipping DoH when parental controls are enabled [FF70+]
// [-] https://bugzilla.mozilla.org/1586941
user_pref("network.dns.skipTRR-when-parental-control-enabled", false);
// ***/

/* END: internal custom pref to test for syntax errors ***/
Expand Down