Git/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2025-09-01 17:38:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Git:59.0
Branches Tags
Git:master Git:Thorin-Oakenpants-patch-1
Git:140.0 Git:135.0 Git:133.0 Git:128.0 Git:126.1 Git:126.0 Git:122.0 Git:119.0 Git:118.0 Git:117.0 Git:115.1 Git:115.0 Git:112.0 Git:111.0 Git:110.0 Git:v110.0 Git:109.0 Git:108.0 Git:107.0 Git:106.0 Git:105.0 Git:104.0 Git:103.0 Git:102.1 Git:102.0 Git:101.0 Git:100.0 Git:99.0 Git:98.0 Git:97.0 Git:96.0 Git:95.0 Git:94.1 Git:94.0 Git:91.1 Git:93.0 Git:92.0 Git:91.0 Git:90.0 Git:89.0 Git:88.0 Git:87.0 Git:86.0 Git:85.0 Git:84.0 Git:83.0 Git:82.0 Git:v82.0-beta Git:81.0 Git:v81.0-beta Git:80.0 Git:v80.0-beta Git:79.0 Git:v79.0-beta Git:78.0 Git:v78.0-beta Git:77.0 Git:v77.0-beta Git:76.0 Git:v76.0-beta Git:75.0 Git:v75.0-beta Git:74.0 Git:v74.0-beta Git:73.0 Git:v73.0-beta Git:72.0 Git:v72.0-beta Git:71.0 Git:v71.0-beta Git:70.0 Git:v70.0-beta Git:69.0 Git:v69.0-beta Git:68.0 Git:v68.0-beta Git:67.0 Git:v67.0-beta Git:66.0 Git:v66.0-beta Git:65.0 Git:v65.0-beta Git:64.0 Git:v64.0-beta Git:63.0 Git:v63.0-beta Git:62.0 Git:v62.0-beta Git:61.0 Git:v61.0-beta Git:60.0 Git:v60.0-beta Git:59.0 Git:v59.0-alpha Git:58.0 Git:v58.0-alpha Git:57.0 Git:v57.0-alpha Git:56.0 Git:v56.0-alpha Git:55.0 Git:v55.0-alpha Git:54.0 Git:v54.0-alpha-rev1 Git:v54.0-alpha Git:53.0 Git:v53.0-alpha Git:52.0 Git:v52.0-alpha Git:51.0
...
compare: Git:v60.0-beta
Branches Tags
Git:Thorin-Oakenpants-patch-1 Git:master
Git:140.0 Git:135.0 Git:133.0 Git:128.0 Git:126.1 Git:126.0 Git:122.0 Git:119.0 Git:118.0 Git:117.0 Git:115.1 Git:115.0 Git:112.0 Git:111.0 Git:110.0 Git:v110.0 Git:109.0 Git:108.0 Git:107.0 Git:106.0 Git:105.0 Git:104.0 Git:103.0 Git:102.1 Git:102.0 Git:101.0 Git:100.0 Git:99.0 Git:98.0 Git:97.0 Git:96.0 Git:95.0 Git:94.1 Git:94.0 Git:91.1 Git:93.0 Git:92.0 Git:91.0 Git:90.0 Git:89.0 Git:88.0 Git:87.0 Git:86.0 Git:85.0 Git:84.0 Git:83.0 Git:82.0 Git:v82.0-beta Git:81.0 Git:v81.0-beta Git:80.0 Git:v80.0-beta Git:79.0 Git:v79.0-beta Git:78.0 Git:v78.0-beta Git:77.0 Git:v77.0-beta Git:76.0 Git:v76.0-beta Git:75.0 Git:v75.0-beta Git:74.0 Git:v74.0-beta Git:73.0 Git:v73.0-beta Git:72.0 Git:v72.0-beta Git:71.0 Git:v71.0-beta Git:70.0 Git:v70.0-beta Git:69.0 Git:v69.0-beta Git:68.0 Git:v68.0-beta Git:67.0 Git:v67.0-beta Git:66.0 Git:v66.0-beta Git:65.0 Git:v65.0-beta Git:64.0 Git:v64.0-beta Git:63.0 Git:v63.0-beta Git:62.0 Git:v62.0-beta Git:61.0 Git:v61.0-beta Git:60.0 Git:v60.0-beta Git:59.0 Git:v59.0-alpha Git:58.0 Git:v58.0-alpha Git:57.0 Git:v57.0-alpha Git:56.0 Git:v56.0-alpha Git:55.0 Git:v55.0-alpha Git:54.0 Git:v54.0-alpha-rev1 Git:v54.0-alpha Git:53.0 Git:v53.0-alpha Git:52.0 Git:v52.0-alpha Git:51.0

63 Commits
59.0 ... v60.0-beta

Author SHA1 Message Date
Thorin-Oakenpants
e5d23f6b40 60-beta 2018-05-15 20:40:12 +00:00
Thorin-Oakenpants
5fc48a1027 Create ghacks-clear-FF60inclusive-[RFP-alternatives].js 2018-05-16 07:29:33 +12:00
Thorin-Oakenpants
de7a8650f7 Create ghacks-clear-FF60inclusive-[removed].js 2018-05-16 07:29:11 +12:00
Thorin-Oakenpants
9c7170fc26 Create ghacks-clear-FF60inclusive-[deprecated].js 2018-05-16 07:28:32 +12:00
Thorin-Oakenpants
9406f32194 Delete ghacks-clear-all-up-to-57-[the-rest-inactive].js 2018-05-15 17:43:01 +00:00
Thorin-Oakenpants
33759ab604 Delete ghacks-clear-all-up-to-57-[the-rest-active].js 2018-05-15 17:42:46 +00:00
Thorin-Oakenpants
f97c9a05a9 Delete ghacks-clear-all-up-to-57-[removed].js 2018-05-15 17:42:30 +00:00
Thorin-Oakenpants
94abd71787 Delete ghacks-clear-all-up-to-57-[deprecated].js 2018-05-15 17:42:13 +00:00
Thorin-Oakenpants
45f1dfa912 Delete ghacks-clear-57-[changes-only].js 2018-05-15 17:42:00 +00:00
Thorin-Oakenpants
d6280d2d7a Delete ghacks-clear-all-up-to-57-[RFP-alternatives].js 2018-05-15 17:41:43 +00:00
Thorin-Oakenpants
67360332ab FF60+ parrot info 2018-05-15 15:44:37 +00:00
earthlng
b880c9da61 add network.ftp.enabled 2018-05-11 18:14:40 +02:00
Thorin-Oakenpants
1b0c9f66d9 2600s renumber/reorder #368 2018-05-08 04:13:53 +12:00
Thorin-Oakenpants
7eda26a1d0 2600s numbering part1 2018-05-07 15:51:50 +00:00
Thorin-Oakenpants
b89e247263 0707: DoH, fixes #410 2018-05-07 14:57:42 +00:00
Thorin-Oakenpants
35fd4e343c 2671 cleanup #368 2018-05-06 20:41:14 +00:00
Thorin-Oakenpants
47cf0e1640 2617 pdfjs tweak #368 
that trims 3 lines off with a little formatting
 2018-05-06 18:41:10 +00:00
Thorin-Oakenpants
5e7258ba2d remove 0705, fixes #418 2018-05-06 17:07:09 +00:00
Thorin-Oakenpants
6e6a993494 2672 punycode tweak #368 2018-05-06 16:57:00 +00:00
Thorin-Oakenpants
772fa4e06e geo changes, fixes #415 
NOTE: RFP still blocks geo, but this will be reverted at some stage: see https://bugzilla.mozilla.org/show_bug.cgi?id=1441295
 2018-05-06 13:10:30 +00:00
Thorin-Oakenpants
78dc31f6d6 remove 5 prefs #418 2018-05-06 12:30:40 +00:00
Thorin-Oakenpants
459396ed5b 2626: remove useragent.compatMode #368 
I see no point in keeping this to enforce a default that FF itself doesn't use - see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent/Firefox
-  "... is an optional compatibility token that some Gecko-based browsers may choose to incorporate, to achieve maximum compatibility with websites that expect Firefox"
 2018-05-06 10:00:13 +00:00
Thorin-Oakenpants
88b08c79cd 2685 tweak 2018-05-05 18:44:52 +00:00
Thorin-Oakenpants
cf269c982b fixup number ref 2018-05-05 18:26:33 +00:00
earthlng
36c11cb5d4 2600: downloads + extensions regroup (#417) 
* 2600: downloads + extensions regroup

* fixup
 2018-05-06 06:14:57 +12:00
Thorin-Oakenpants
517b8665c0 2685 fixup 2018-05-05 17:01:09 +00:00
earthlng
149aab6b1e 2600: security regroup (#416) 
* 2600: security regroup

* fixup
 2018-05-06 04:21:21 +12:00
earthlng
c5a1a038d2 5000: remove view_source.tab (moved to 9999) 2018-05-05 14:40:20 +02:00
Thorin-Oakenpants
cd322f39a4 2613: restrictedDomains 2018-05-04 21:55:51 +00:00
Thorin-Oakenpants
8f2b674910 60 deprecated/removed part2 2018-05-04 21:42:47 +00:00
Thorin-Oakenpants
7d65d8c173 4503 mozAddonManager => active 2018-05-04 21:18:45 +00:00
Thorin-Oakenpants
8b6eec2b46 RFP ESR version spoof info 
The last one-off ESR cycle of 8 releases is now behind us, new algorithm for FF60+ is back to 7 releases per ESR numbering, starting at 60... 67... etc. Note: This does not do anything for Aurora or Nightly spoofing the next ESR early (but we have until Nightly 67 before this becomes a problem). The ticket 1418162 was meant to cover this but instead was just used for the new algorithm. There is currently no ticket for the Aurora/Nightly issue - but never fear, Pants is here!! It is not forgotten, and I have emails with Tom Ritter et al on it
 2018-05-04 18:30:44 +00:00
Thorin-Oakenpants
13164a2d0d 4500s: RFP disable WebGL debug renderer info (60+) 2018-05-04 17:23:26 +00:00
Thorin-Oakenpants
c4a1583e99 60 RFP Alternatives 2018-05-04 17:11:34 +00:00
Thorin-Oakenpants
d10c8598f7 60 deprecated/removed prefs 2018-05-04 16:56:14 +00:00
Thorin-Oakenpants
40db113d07 2706: same-site cookies 2018-05-04 16:08:20 +00:00
overdodactyl
041e14a4d5 ghacks-user.js updater for Mac/Linux v1.3 (#406) 
* updated shebang

* The script now compares its version number to the one online.  If there is a newer version of `updater.sh` online it ask the user if he wants to download and run it.
   * 2 parameters are supported: `-donotupdate` to disable the update-check and `-update` to auto-download and run the new version without asking

* Backup files are now saved to the directory `userjs_backups` instead of causing more bloat in the profile directory.
 2018-05-03 14:49:43 +02:00
Thorin-Oakenpants
e67fdc2ce4 5000s: ui.key.menuAccessKey 2018-04-29 19:21:58 +00:00
Thorin-Oakenpants
75534b4e6c 0515: uploading to Screenshots server 2018-04-29 13:42:02 +00:00
Thorin-Oakenpants
94c0665343 fix wiki test info on SB 2018-04-28 07:30:47 +00:00
claustromaniac
71adc43d17 v1.1 regex fix (#409) 2018-04-25 22:56:54 +02:00
earthlng
94f86465e6 updater for Windows v4.5 (#407) 
support commenting-out active user-prefs with the merge function
 2018-04-25 21:28:09 +02:00
earthlng
bb4bf835b0 v2.1 - fix TABs in regex 
for some unknown reason the tabs got replaced with spaces
 2018-04-25 02:22:14 +02:00
claustromaniac
b4f1b4dbbf prefsCleaner.sh (for Linux/Mac) (#405) 
Port of the prefsCleaner.bat for anything(?) with a bash shell.
 2018-04-24 14:47:50 +02:00
earthlng
f90c17f748 prefsCleaner 2.0 
- massive speed improvement !! m-a-s-s-i-v-e !
- small fix to the time format used in backup filenames (replace space with zeros)
- better tolerance for special characters within preference names (which counters [the one downside that v1.2 brought along](https://github.com/ghacksuserjs/ghacks-user.js/pull/321#issuecomment-354394222)).
- other minor things, mostly to do with Delayed Expansion and the removal of it

known issue (but not really an issue):
- it skips instances of `user_pref` that have any quote or double-quote before `user_pref` (like `// "this" user_pref`)
 2018-04-22 14:16:05 +02:00
claustromaniac
fdac8fba6a Update prefsCleaner.bat 2018-04-22 01:34:48 +00:00
Thorin-Oakenpants
d055560f6f 0514: tweak 2018-04-21 17:26:12 +00:00
Thorin-Oakenpants
27f87240ec 0514: Activity Stream, fixes #396 
AS is out of control. No master switch in FF60+, and in order to 100% sure nothing is collected locally (or external connections made), there are now some 28 prefs (including those coming in FF61). This is re-DICK-ulous. We're not going to bother tracking all that, let alone the labyrinth of code. All users are advised to just make sure they remove the XPI every time they update FF.
 2018-04-21 16:33:35 +00:00
Thorin-Oakenpants
17d83c1a1a 1600 info: fixes #404 , refixes #332 2018-04-21 16:22:04 +00:00
claustromaniac
8fa3a9db6b fix for missing empty lines 2018-04-21 14:34:08 +00:00
claustromaniac
b0fb59f735 shit is so fast I can't even read 2018-04-18 22:42:06 +00:00
claustromaniac
64d08dd6bc Update updater.bat 2018-04-18 20:33:39 +00:00
claustromaniac
824dec4f9e Update prefsCleaner.bat 2018-04-18 20:29:39 +00:00
claustromaniac
3d2b0703be actually working v2 2018-04-18 18:49:36 +00:00
claustromaniac
e25137ce94 v2 
Mostly a bump in performance.
 2018-04-18 16:18:43 +00:00
Thorin-Oakenpants
6ee25c2bf5 change last commit to number 0380 
note to self: listen to earthlng more
 2018-04-13 17:27:45 +00:00
Thorin-Oakenpants
6309822d33 0352: browser error reporter 2018-04-13 17:19:31 +00:00
Thorin-Oakenpants
d04ff8457e 2730b: disable appCache on insecure sites FF60+ 2018-04-12 17:38:22 +00:00
Thorin-Oakenpants
c6e3c013e0 4500: RFP info on plugins/mimetypes 2018-04-10 17:25:23 +00:00
Thorin-Oakenpants
e373a0f6e1 1273: add "Not Secure" text on HTTP 
https://bugzilla.mozilla.org/show_bug.cgi?id=1335970
 2018-04-05 18:57:08 +00:00
Thorin-Oakenpants
acce871308 2701: cookies role in persistent data, fixes #390 2018-04-04 10:42:52 +00:00
Thorin-Oakenpants
61e706641e 2800 section header info 2018-04-04 10:21:40 +00:00
Thorin-Oakenpants
1e5e2ca418 start 60 commits 2018-04-04 10:18:23 +00:00
12 changed files with 572 additions and 946 deletions
Expand all files Collapse all files

37
prefsCleaner.bat
View File

@ -1,18 +1,17 @@
@ECHO OFF
@ECHO OFF & SETLOCAL DisableDelayedExpansion
TITLE prefs.js cleaner
REM ### prefs.js cleaner for Windows
REM ## author: @claustromaniac
REM ## version: 1.2
REM ## version: 2.1
SETLOCAL EnableDelayedExpansion
:begin
ECHO:
ECHO:
ECHO ########################################
ECHO #### prefs.js cleaner for Windows ####
ECHO #### by claustromaniac ####
ECHO #### v1.2 ####
ECHO #### v2.1 ####
ECHO ########################################
ECHO:
CALL :message "This script should be run from your Firefox profile directory."
@ -29,12 +28,13 @@ IF NOT EXIST "user.js" (CALL :abort "user.js not found in the current directory.
IF NOT EXIST "prefs.js" (CALL :abort "prefs.js not found in the current directory." 30)
CALL :FFcheck
CALL :message "Backing up prefs.js..."
COPY /B /V /Y prefs.js "prefs-backup-!date:/=-!_!time::=.!.js"
SET "_time=%time: =0%"
COPY /B /V /Y prefs.js "prefs-backup-%date:/=-%_%_time::=.%.js"
CALL :message "Cleaning prefs.js..."
CALL :cleanup
CLS
CALL :message "All done^!"
CALL :message "All done!"
TIMEOUT 5 >nul
ENDLOCAL
EXIT /B
REM ########## Abort Function ###########
@ -44,11 +44,9 @@ TIMEOUT %~2 >nul
EXIT
REM ########## Message Function #########
:message
SETLOCAL DisableDelayedExpansion
ECHO:
ECHO: %~1
ECHO:
ENDLOCAL
GOTO :EOF
REM ####### Firefox Check Function ######
:FFcheck
@ -57,7 +55,7 @@ IF NOT ERRORLEVEL 1 (
CLS
CALL :message "Firefox is still running."
ECHO If you're not currently using this profile you can continue, otherwise
CALL :message "close Firefox first^!"
CALL :message "close Firefox first!"
ECHO:
PAUSE
CLS
@ -67,23 +65,20 @@ IF NOT ERRORLEVEL 1 (
GOTO :EOF
REM ######### Cleanup Function ##########
:cleanup
SETLOCAL DisableDelayedExpansion
FOR /F tokens^=2^ delims^=^'^" %%G IN ('FINDSTR /R /C:"^[^\"']*user_pref[ ]*\([ ]*[\"'][^\"']*[\"'][ ]*," user.js') DO (
IF NOT ""=="%%G" (SET "[%%G]=1")
)
(
FOR /F "tokens=1,* delims=:" %%G IN ('FINDSTR /N "^" prefs.js') DO (
SET "_line=%%H"
SETLOCAL EnableDelayedExpansion
IF /I "user_pref"=="!_line:~0,9!" (
FOR /F tokens^=2^ delims^=^" %%I IN ("!_line:.=\.!") DO (
FINDSTR /R /C:"user_pref[ ]*\([ ]*[\"']%%I[\"'][ ]*," user.js >nul
IF ERRORLEVEL 1 (ECHO:!_line!)
)
IF ""=="%%H" (
ECHO:
) ELSE (
ECHO:!_line!
FOR /F tokens^=1^,2^ delims^=^"^' %%I IN ("%%H") DO (
IF NOT DEFINED [%%J] (ECHO:%%H)
)
)
ENDLOCAL
)
)>tempcleanedprefs
ENDLOCAL
MOVE /Y tempcleanedprefs prefs.js
GOTO :EOF
REM ############### Help ##################

99
prefsCleaner.sh Normal file
View File

@ -0,0 +1,99 @@
#!/usr/bin/env bash
## prefs.js cleaner for Linux/Mac
## author: @claustromaniac
## version: 1.1
## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh
currdir=$(pwd)
## get the full path of this script (readlink for Linux, greadlink for Mac with coreutils installed)
sfp=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null)
## fallback for Macs without coreutils
if [ -z "$sfp" ]; then sfp=${BASH_SOURCE[0]}; fi
## change directory to the Firefox profile directory
cd "$(dirname "${sfp}")"
fQuit() {
## change directory back to the original working directory
cd "${currdir}"
echo -e "\n$2"
exit $1
}
fFF_check() {
# there are many ways to see if firefox is running or not, some more reliable than others
# this isn't elegant and might not be future-proof but should at least be compatible with any environment
while [ -e webappsstore.sqlite-shm ]; do
echo -e "\nThis Firefox profile seems to be in use. Close Firefox and try again.\n"
read -p "Press any key to continue."
done
}
fClean() {
# the magic happens here
prefs="@@"
prefexp="user_pref[ ]*\([ ]*[\"']([^\"']+)[\"'][ ]*,"
while read -r line; do
if [[ "$line" =~ $prefexp && $prefs != *"@@${BASH_REMATCH[1]}@@"* ]]; then
prefs="${prefs}${BASH_REMATCH[1]}@@"
fi
done <<< "`grep -E \"$prefexp\" user.js`"
while IFS='' read -r line || [[ -n "$line" ]]; do
if [[ "$line" =~ ^$prefexp ]]; then
if [[ $prefs != *"@@${BASH_REMATCH[1]}@@"* ]]; then
echo "$line"
fi
else
echo "$line"
fi
done < "$1" > prefs.js
}
echo -e "\n\n"
echo " ╔══════════════════════════╗"
echo " ║ prefs.js cleaner ║"
echo " ║ by claustromaniac ║"
echo " ║ v1.1 ║"
echo " ╚══════════════════════════╝"
echo -e "\nThis script should be run from your Firefox profile directory.\n"
echo "It will remove any entries from prefs.js that also exist in user.js."
echo "This will allow inactive preferences to be reset to their default values."
echo -e "\nThis Firefox profile shouldn't be in use during the process.\n"
select option in Start Help Exit; do
case $option in
Start)
if [ ! -e user.js ]; then
fQuit 1 "user.js not found in the current directory."
elif [ ! -e prefs.js ]; then
fQuit 1 "prefs.js not found in the current directory."
fi
fFF_check
bakfile="prefs.js.backup.$(date +"%Y-%m-%d_%H%M")"
mv prefs.js "${bakfile}" || fQuit 1 "Operation aborted.\nReason: Could not create backup file $bakfile"
echo -e "\nprefs.js backed up: $bakfile"
echo "Cleaning prefs.js..."
fClean "$bakfile"
fQuit 0 "All done!"
;;
Help)
echo -e "\nThis script creates a backup of your prefs.js file before doing anything."
echo -e "It should be safe, but you can follow these steps if something goes wrong:\n"
echo "1. Make sure Firefox is closed."
echo "2. Delete prefs.js in your profile folder."
echo "3. Delete Invalidprefs.js if you have one in the same folder."
echo "4. Rename or copy your latest backup to prefs.js."
echo "5. Run Firefox and see if you notice anything wrong with it."
echo "6. If you do notice something wrong, especially with your extensions, and/or with the UI, go to about:support, and restart Firefox with add-ons disabled. Then, restart it again normally, and see if the problems were solved."
echo -e "If you are able to identify the cause of your issues, please bring it up on ghacks-user.js GitHub repository.\n"
;;
Exit)
fQuit 0
;;
esac
done

61
scratchpad-scripts/ghacks-clear-57-[changes-only].js
View File

@ -1,61 +0,0 @@
/***
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* --- 57-alpha --- */
/* commented out */
'browser.storageManager.enabled',
'dom.storageManager.enabled',
/* removed from the user.js */
'browser.search.geoip.timeout',
'geo.wifi.xhr.timeout',
'gfx.layerscope.enabled',
'media.webspeech.recognition.enable',
/* moved to RFP ALTERNATIVES */
'dom.w3c_touch_events.enabled',
'media.video_stats.enabled',
/* moved to DEPRECATED/REMOVED */
'browser.bookmarks.showRecentlyBookmarked',
'browser.casting.enabled',
'devtools.webide.autoinstallFxdtAdapters',
'media.eme.chromium-api.enabled',
'social.directories',
'social.enabled',
'social.remote-install.enabled',
'social.share.activationPanelEnabled',
'social.shareDirectory',
'social.toast-notifications.enabled',
'social.whitelist',
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
]
if("undefined" === typeof(Services)) {
alert("about:config needs to be the active tab!");
return;
}
let c = 0;
for (let i = 0, len = ops.length; i < len; i++) {
if (Services.prefs.prefHasUserValue(ops[i])) {
Services.prefs.clearUserPref(ops[i]);
if (!Services.prefs.prefHasUserValue(ops[i])) {
console.log("reset", ops[i]);
c++;
} else { console.log("failed to reset", ops[i]); }
}
}
focus();
let d = (c==1) ? " pref" : " prefs";
if (c > 0) {
alert("successfully reset " + c + d + "\n\nfor details check the Browser Console (Ctrl+Shift+J)");
} else { alert("nothing to reset"); }
})();

9
scratchpad-scripts/ghacks-clear-all-up-to-57-[RFP-alternatives].js → scratchpad-scripts/ghacks-clear-FF60inclusive-[RFP-alternatives].js
View File

@ -1,12 +1,10 @@
/***
This will reset the preferences that are under sections 4600 & 4700 in the ghacks user.js
up to and including release 57-alpha. These are the prefs that are no longer necessary,
or they conlfict with, privacy.resistFingerprinting if you have that enabled.
up to and including release 60-beta. These are the prefs that are no longer necessary,
or they conflict with, privacy.resistFingerprinting if you have that enabled.
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
@ -20,9 +18,10 @@
'dom.gamepad.enabled',
'dom.netinfo.enabled',
'media.webspeech.synth.enabled',
'geo.enabled',
'media.video_stats.enabled',
'dom.w3c_touch_events.enabled',
'media.ondevicechange.enabled',
'webgl.enable-debug-renderer-info',
/* section 4700 */
'general.useragent.override',
'general.buildID.override',

29
scratchpad-scripts/ghacks-clear-all-up-to-57-[deprecated].js → scratchpad-scripts/ghacks-clear-FF60inclusive-[deprecated].js
View File

@ -1,21 +1,42 @@
/***
This will reset the preferences that have been deprecated by Mozilla
and used in the ghacks user.js up to and including release 57-alpha
and used in the ghacks user.js up to and including release 60-beta
It is in reverse order, so feel free to remove sections that do not apply
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* deprecated */
/* ESR52.x users can remove sections 53-57 but it is not
/* ESR52.x users can remove sections 53-60 but it is not
crucial as your user.js will reinstate them */
/* 60 */
'browser.newtabpage.directory.source',
'browser.newtabpage.enhanced',
'browser.newtabpage.introShown',
'extensions.shield-recipe-client.enabled',
'extensions.shield-recipe-client.api_url',
'browser.newtabpage.activity-stream.enabled',
'dom.workers.enabled',
'view_source.tab',
/* 59 */
'intl.locale.matchOS',
'general.useragent.locale',
'datareporting.healthreport.about.reportUrl',
'dom.flyweb.enabled',
'security.mixed_content.use_hsts',
'security.mixed_content.send_hsts_priming',
'network.http.referer.userControlPolicy',
'security.xpconnect.plugin.unrestricted',
'media.getusermedia.screensharing.allowed_domains',
'camera.control.face_detection.enabled',
'dom.disable_window_status_change',
'dom.idle-observers-api.enabled',
/* 58 : nothing */
/* 57 */
'social.whitelist',
'social.toast-notifications.enabled',

115
scratchpad-scripts/ghacks-clear-FF60inclusive-[removed].js Normal file
View File

@ -0,0 +1,115 @@
/***
This will reset the preferences that have been removed completely
from the ghacks user.js up to and including release 60-beta
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* removed in ghacks user.js v52-57 */
/* 52-alpha */
'browser.search.reset.enabled',
'browser.search.reset.whitelist',
/* 54-alpha */
'browser.migrate.automigrate.enabled',
'services.sync.enabled',
'webextensions.storage.sync.enabled',
'webextensions.storage.sync.serverURL',
/* 55-alpha */
'dom.keyboardevent.dispatch_during_composition', // default is false anyway
'dom.vr.oculus.enabled', // covered by dom.vr.enabled
'dom.vr.openvr.enabled', // ditto
'dom.vr.osvr.enabled', // ditto
'extensions.pocket.api', // covered by extensions.pocket.enabled
'extensions.pocket.oAuthConsumerKey', // ditto
'extensions.pocket.site', // ditto
/* 56-alpha: none */
/* 57-alpha */
'geo.wifi.xhr.timeout', // covered by geo.enabled
'browser.search.geoip.timeout', // ditto
'media.webspeech.recognition.enable', // default is false anyway
'gfx.layerscope.enabled', // default is false anyway
/* 58-alpha */
// excluding these e10 settings
// 'browser.tabs.remote.autostart',
// 'browser.tabs.remote.autostart.2',
// 'browser.tabs.remote.force-enable',
// 'browser.tabs.remote.separateFileUriProcess',
// 'extensions.e10sBlocksEnabling',
// 'extensions.webextensions.remote',
// 'dom.ipc.processCount',
// 'dom.ipc.shims.enabledWarnings',
// 'dom.ipc.processCount.extension',
// 'dom.ipc.processCount.file',
// 'security.sandbox.content.level',
// 'dom.ipc.plugins.sandbox-level.default',
// 'dom.ipc.plugins.sandbox-level.flash',
// 'security.sandbox.logging.enabled',
'dom.presentation.controller.enabled',
'dom.presentation.discoverable',
'dom.presentation.discovery.enabled',
'dom.presentation.enabled',
'dom.presentation.receiver.enabled',
'dom.presentation.session_transport.data_channel.enable',
/* 59-alpha */
'browser.stopReloadAnimation.enabled',
'browser.tabs.insertRelatedAfterCurrent',
'browser.tabs.loadDivertedInBackground',
'browser.tabs.loadInBackground',
'browser.tabs.selectOwnerOnClose',
'browser.urlbar.clickSelectsAll',
'browser.urlbar.doubleClickSelectsAll',
'media.flac.enabled',
'media.mediasource.enabled',
'media.mediasource.mp4.enabled',
'media.mediasource.webm.audio.enabled',
'media.mediasource.webm.enabled',
'media.mp4.enabled',
'media.ogg.enabled',
'media.ogg.flac.enabled',
'media.opus.enabled',
'media.raw.enabled',
'media.wave.enabled',
'media.webm.enabled',
'media.wmf.amd.vp9.enabled',
'media.wmf.enabled',
'media.wmf.vp9.enabled',
'ui.submenuDelay',
/* 60-beta - these were all at default anyway */
'device.storage.enabled',
'general.useragent.compatMode.firefox',
'network.dns.blockDotOnion',
'network.stricttransportsecurity.preloadlist',
'security.block_script_with_wrong_mime',
'security.fileuri.strict_origin_policy',
'security.sri.enable',
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
]
if("undefined" === typeof(Services)) {
alert("about:config needs to be the active tab!");
return;
}
let c = 0;
for (let i = 0, len = ops.length; i < len; i++) {
if (Services.prefs.prefHasUserValue(ops[i])) {
Services.prefs.clearUserPref(ops[i]);
if (!Services.prefs.prefHasUserValue(ops[i])) {
console.log("reset", ops[i]);
c++;
} else { console.log("failed to reset", ops[i]); }
}
}
focus();
let d = (c==1) ? " pref" : " prefs";
if (c > 0) {
alert("successfully reset " + c + d + "\n\nfor details check the Browser Console (Ctrl+Shift+J)");
} else { alert("nothing to reset"); }
})();

63
scratchpad-scripts/ghacks-clear-all-up-to-57-[removed].js
View File

@ -1,63 +0,0 @@
/***
This will reset the preferences that have been removed completely
from the ghacks user.js up to and including release 57-alpha
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* removed in ghacks user.js v52-57 */
/* 52-alpha */
'browser.search.reset.enabled',
'browser.search.reset.whitelist',
/* 54-alpha */
'browser.migrate.automigrate.enabled',
'services.sync.enabled',
'webextensions.storage.sync.enabled',
'webextensions.storage.sync.serverURL',
/* 55-alpha */
'dom.keyboardevent.dispatch_during_composition', // default is false anyway
'dom.vr.oculus.enabled', // covered by dom.vr.enabled
'dom.vr.openvr.enabled', // ditto
'dom.vr.osvr.enabled', // ditto
'extensions.pocket.api', // covered by extensions.pocket.enabled
'extensions.pocket.oAuthConsumerKey', // ditto
'extensions.pocket.site', // ditto
/* 56-alpha: none */
/* 57-alpha */
'geo.wifi.xhr.timeout', // covered by geo.enabled
'browser.search.geoip.timeout', // ditto
'media.webspeech.recognition.enable', // default is false anyway
'gfx.layerscope.enabled', // default is false anyway
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
]
if("undefined" === typeof(Services)) {
alert("about:config needs to be the active tab!");
return;
}
let c = 0;
for (let i = 0, len = ops.length; i < len; i++) {
if (Services.prefs.prefHasUserValue(ops[i])) {
Services.prefs.clearUserPref(ops[i]);
if (!Services.prefs.prefHasUserValue(ops[i])) {
console.log("reset", ops[i]);
c++;
} else { console.log("failed to reset", ops[i]); }
}
}
focus();
let d = (c==1) ? " pref" : " prefs";
if (c > 0) {
alert("successfully reset " + c + d + "\n\nfor details check the Browser Console (Ctrl+Shift+J)");
} else { alert("nothing to reset"); }
})();

409
scratchpad-scripts/ghacks-clear-all-up-to-57-[the-rest-active].js
View File

@ -1,409 +0,0 @@
/***
This will reset EVERYTHING that is ACTIVE in the ghacks user.js
release 57-alpha master, but excludes the following:
- prefs removed since publishing on github
- e10s section 1100
- privacy.resistFingerprinting alternatives sections 4600 & 4700
- deprecated section 9999
It does not matter if you clear everything, as a restart will reapply your user.js
Total 477 prefs from 57-alpha master: 118 inactive, 359 active
These have been broken into two scripts for convenience
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* 359 ACTIVE prefs in 57-alpha master */
'accessibility.force_disabled',
'alerts.showFavicons',
'app.update.auto',
'app.update.service.enabled',
'app.update.silent',
'app.update.staging.enabled',
'beacon.enabled',
'breakpad.reportURL',
'browser.aboutHomeSnippets.updateUrl',
'browser.backspace_action',
'browser.bookmarks.max_backups',
'browser.cache.disk.capacity',
'browser.cache.disk.enable',
'browser.cache.disk.smart_size.enabled',
'browser.cache.disk.smart_size.first_run',
'browser.cache.disk_cache_ssl',
'browser.cache.frecency_experiment',
'browser.cache.offline.enable',
'browser.crashReports.unsubmittedCheck.autoSubmit',
'browser.crashReports.unsubmittedCheck.enabled',
'browser.ctrlTab.previews',
'browser.display.use_document_fonts',
'browser.download.folderList',
'browser.download.forbid_open_with',
'browser.download.hide_plugins_without_extensions',
'browser.download.manager.addToRecentDocs',
'browser.download.useDownloadDir',
'browser.eme.ui.enabled',
'browser.fixup.alternate.enabled',
'browser.fixup.hide_user_pass',
'browser.formfill.enable',
'browser.helperApps.deleteTempFileOnExit',
'browser.laterrun.enabled',
'browser.library.activity-stream.enabled',
'browser.link.open_newwindow',
'browser.link.open_newwindow.restriction',
'browser.newtab.preload',
'browser.newtabpage.activity-stream.enabled',
'browser.newtabpage.directory.source',
'browser.newtabpage.enabled',
'browser.newtabpage.enhanced',
'browser.newtabpage.introShown',
'browser.offline-apps.notify',
'browser.onboarding.enabled',
'browser.pagethumbnails.capturing_disabled',
'browser.ping-centre.telemetry',
'browser.rights.3.shown',
'browser.safebrowsing.downloads.remote.enabled',
'browser.safebrowsing.downloads.remote.url',
'browser.safebrowsing.provider.google.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google.reportPhishMistakeURL',
'browser.safebrowsing.provider.google.reportURL',
'browser.safebrowsing.provider.google4.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google4.reportPhishMistakeURL',
'browser.safebrowsing.provider.google4.reportURL',
'browser.safebrowsing.reportPhishURL',
'browser.search.countryCode',
'browser.search.geoip.url',
'browser.search.geoSpecificDefaults',
'browser.search.geoSpecificDefaults.url',
'browser.search.region',
'browser.search.suggest.enabled',
'browser.search.update',
'browser.send_pings',
'browser.send_pings.require_same_host',
'browser.sessionhistory.max_entries',
'browser.sessionstore.interval',
'browser.sessionstore.max_tabs_undo',
'browser.sessionstore.max_windows_undo',
'browser.sessionstore.privacy_level',
'browser.sessionstore.resume_from_crash',
'browser.shell.checkDefaultBrowser',
'browser.shell.shortcutFavicons',
'browser.slowStartup.maxSamples',
'browser.slowStartup.notificationDisabled',
'browser.slowStartup.samples',
'browser.ssl_override_behavior',
'browser.startup.homepage_override.mstone',
'browser.tabs.closeWindowWithLastTab',
'browser.tabs.crashReporting.sendReport',
'browser.tabs.insertRelatedAfterCurrent',
'browser.tabs.loadDivertedInBackground',
'browser.tabs.loadInBackground',
'browser.tabs.selectOwnerOnClose',
'browser.tabs.warnOnClose',
'browser.tabs.warnOnCloseOtherTabs',
'browser.tabs.warnOnOpen',
'browser.taskbar.lists.enabled',
'browser.taskbar.lists.frequent.enabled',
'browser.taskbar.lists.recent.enabled',
'browser.taskbar.lists.tasks.enabled',
'browser.taskbar.previews.enable',
'browser.uitour.enabled',
'browser.uitour.url',
'browser.urlbar.autoFill',
'browser.urlbar.autoFill.typed',
'browser.urlbar.clickSelectsAll',
'browser.urlbar.decodeURLsOnCopy',
'browser.urlbar.doubleClickSelectsAll',
'browser.urlbar.filter.javascript',
'browser.urlbar.maxHistoricalSearchSuggestions',
'browser.urlbar.oneOffSearches',
'browser.urlbar.speculativeConnect.enabled',
// 'browser.urlbar.suggest.bookmark', // this may not get reset by your user.js - see issue #308
// 'browser.urlbar.suggest.history', // ditto
// 'browser.urlbar.suggest.openpage', // ditto
'browser.urlbar.suggest.searches',
'browser.urlbar.trimURLs',
'browser.urlbar.usepreloadedtopurls.enabled',
'browser.urlbar.userMadeSearchSuggestionsChoice',
'browser.xul.error_pages.expert_bad_cert',
'camera.control.face_detection.enabled',
'canvas.capturestream.enabled',
'captivedetect.canonicalURL',
'datareporting.healthreport.about.reportUrl',
'datareporting.healthreport.uploadEnabled',
'datareporting.policy.dataSubmissionEnabled',
'device.storage.enabled',
'devtools.chrome.enabled',
'devtools.debugger.remote-enabled',
'devtools.webide.autoinstallADBHelper',
'devtools.webide.enabled',
'dom.allow_cut_copy',
'dom.allow_scripts_to_close_windows',
'dom.caches.enabled',
'dom.disable_beforeunload',
'dom.disable_window_flip',
'dom.disable_window_move_resize',
'dom.disable_window_open_feature.close',
'dom.disable_window_open_feature.location',
'dom.disable_window_open_feature.menubar',
'dom.disable_window_open_feature.minimizable',
'dom.disable_window_open_feature.personalbar',
'dom.disable_window_open_feature.resizable',
'dom.disable_window_open_feature.status',
'dom.disable_window_open_feature.titlebar',
'dom.disable_window_open_feature.toolbar',
'dom.disable_window_status_change',
'dom.event.clipboardevents.enabled',
'dom.flyweb.enabled',
'dom.idle-observers-api.enabled',
'dom.imagecapture.enabled',
'dom.IntersectionObserver.enabled',
'dom.ipc.plugins.flash.subprocess.crashreporter.enabled',
'dom.ipc.plugins.reportCrashURL',
'dom.popup_allowed_events',
'dom.popup_maximum',
'dom.push.connection.enabled',
'dom.push.enabled',
'dom.push.serverURL',
'dom.push.userAgentID',
'dom.serviceWorkers.enabled',
'dom.vibrator.enabled',
'dom.webaudio.enabled',
'dom.webnotifications.enabled',
'dom.webnotifications.serviceworker.enabled',
'dom.workers.enabled',
'experiments.activeExperiment',
'experiments.enabled',
'experiments.manifest.uri',
'experiments.supported',
'extensions.autoDisableScopes',
'extensions.blocklist.enabled',
'extensions.blocklist.url',
'extensions.enabledScopes',
'extensions.formautofill.addresses.enabled',
'extensions.formautofill.available',
'extensions.formautofill.creditCards.enabled',
'extensions.formautofill.heuristics.enabled',
'extensions.getAddons.cache.enabled',
'extensions.getAddons.showPane',
'extensions.pocket.enabled',
'extensions.shield-recipe-client.api_url',
'extensions.shield-recipe-client.enabled',
'extensions.update.autoUpdateDefault',
'extensions.webcompat-reporter.enabled',
'extensions.webextensions.keepStorageOnUninstall',
'extensions.webextensions.keepUuidOnUninstall',
'extensions.webservice.discoverURL',
'font.blacklist.underline_offset',
'full-screen-api.enabled',
'general.useragent.compatMode.firefox',
'general.useragent.locale',
'general.warnOnAboutConfig',
'geo.wifi.uri',
'gfx.downloadable_fonts.enabled',
'gfx.downloadable_fonts.woff2.enabled',
'gfx.font_rendering.graphite.enabled',
'gfx.font_rendering.opentype_svg.enabled',
'gfx.offscreencanvas.enabled',
'intl.accept_languages',
'intl.locale.matchOS',
'intl.regional_prefs.use_os_locales',
'javascript.options.asmjs',
'javascript.options.wasm',
'javascript.use_us_english_locale',
'keyword.enabled',
'layers.acceleration.disabled',
'layout.css.font-loading-api.enabled',
'layout.css.visited_links_enabled',
'layout.spellcheckDefault',
'lightweightThemes.update.enabled',
'mathml.disabled',
'media.autoplay.enabled',
'media.block-autoplay-until-in-foreground',
'media.eme.enabled',
'media.getusermedia.audiocapture.enabled',
'media.getusermedia.browser.enabled',
'media.getusermedia.screensharing.allowed_domains',
'media.getusermedia.screensharing.enabled',
'media.gmp-gmpopenh264.autoupdate',
'media.gmp-gmpopenh264.enabled',
'media.gmp-manager.updateEnabled',
'media.gmp-manager.url',
'media.gmp-manager.url.override',
'media.gmp-provider.enabled',
'media.gmp-widevinecdm.autoupdate',
'media.gmp-widevinecdm.enabled',
'media.gmp-widevinecdm.visible',
'media.gmp.trial-create.enabled',
'media.navigator.enabled',
'media.navigator.video.enabled',
'media.ondevicechange.enabled',
'media.peerconnection.enabled',
'media.peerconnection.ice.default_address_only',
'media.peerconnection.ice.no_host',
'media.peerconnection.ice.tcp',
'media.peerconnection.identity.enabled',
'media.peerconnection.identity.timeout',
'media.peerconnection.turn.disable',
'media.peerconnection.use_document_iceservers',
'media.peerconnection.video.enabled',
'middlemouse.contentLoadURL',
'network.allow-experiments',
'network.auth.subresource-img-cross-origin-http-auth-allow',
'network.captive-portal-service.enabled',
'network.cookie.cookieBehavior',
'network.cookie.leave-secure-alone',
'network.cookie.thirdparty.sessionOnly',
'network.dns.blockDotOnion',
'network.dns.disablePrefetch',
'network.dns.disablePrefetchFromHTTPS',
'network.http.altsvc.enabled',
'network.http.altsvc.oe',
'network.http.redirection-limit',
'network.http.referer.hideOnionSource',
'network.http.referer.spoofSource',
'network.http.referer.trimmingPolicy',
'network.http.referer.userControlPolicy',
'network.http.referer.XOriginPolicy',
'network.http.referer.XOriginTrimmingPolicy',
'network.http.sendRefererHeader',
'network.http.spdy.enabled',
'network.http.spdy.enabled.deps',
'network.http.spdy.enabled.http2',
'network.http.speculative-parallel-limit',
'network.IDN_show_punycode',
'network.jar.block-remote-files',
'network.jar.open-unsafe-types',
'network.manage-offline-status',
'network.predictor.enable-prefetch',
'network.predictor.enabled',
'network.prefetch-next',
'network.protocol-handler.external.ms-windows-store',
'network.proxy.autoconfig_url.include_path',
'network.proxy.socks_remote_dns',
'network.stricttransportsecurity.preloadlist',
'offline-apps.allow_by_default',
'pdfjs.disabled',
'pdfjs.enableWebGL',
'permissions.manager.defaultsUrl',
'plugin.default.state',
'plugin.defaultXpi.state',
'plugin.scan.plid.all',
'plugin.sessionPermissionNow.intervalInMinutes',
'plugins.click_to_play',
'privacy.clearOnShutdown.cache',
'privacy.clearOnShutdown.cookies',
'privacy.clearOnShutdown.downloads',
'privacy.clearOnShutdown.formdata',
'privacy.clearOnShutdown.history',
'privacy.clearOnShutdown.offlineApps',
'privacy.clearOnShutdown.sessions',
'privacy.clearOnShutdown.siteSettings',
'privacy.cpd.cache',
'privacy.cpd.cookies',
'privacy.cpd.formdata',
'privacy.cpd.history',
'privacy.cpd.offlineApps',
'privacy.cpd.passwords',
'privacy.cpd.sessions',
'privacy.cpd.siteSettings',
'privacy.donottrackheader.enabled',
'privacy.firstparty.isolate',
'privacy.firstparty.isolate.restrict_opener_access',
'privacy.resistFingerprinting',
'privacy.sanitize.sanitizeOnShutdown',
'privacy.sanitize.timeSpan',
'privacy.trackingprotection.ui.enabled',
'security.ask_for_password',
'security.block_script_with_wrong_mime',
'security.cert_pinning.enforcement_level',
'security.csp.enable',
'security.csp.experimentalEnabled',
'security.data_uri.block_toplevel_data_uri_navigations',
'security.dialog_enable_delay',
'security.family_safety.mode',
'security.fileuri.strict_origin_policy',
'security.insecure_field_warning.contextual.enabled',
'security.insecure_password.ui.enabled',
'security.mixed_content.block_active_content',
'security.mixed_content.send_hsts_priming',
'security.mixed_content.use_hsts',
'security.OCSP.enabled',
'security.OCSP.require',
'security.password_lifetime',
'security.pki.sha1_enforcement_level',
'security.sri.enable',
'security.ssl.disable_session_identifiers',
'security.ssl.enable_ocsp_stapling',
'security.ssl.errorReporting.automatic',
'security.ssl.errorReporting.enabled',
'security.ssl.errorReporting.url',
'security.ssl.treat_unsafe_negotiation_as_broken',
'security.tls.enable_0rtt_data',
'security.tls.version.fallback-limit',
'security.tls.version.max',
'security.tls.version.min',
'security.xpconnect.plugin.unrestricted',
'services.blocklist.signing.enforced',
'services.blocklist.update_enabled',
'signon.autofillForms',
'signon.autofillForms.http',
'signon.formlessCapture.enabled',
'signon.storeWhenAutocompleteOff',
'startup.homepage_override_url',
'startup.homepage_welcome_url',
'startup.homepage_welcome_url.additional',
'toolkit.telemetry.archive.enabled',
'toolkit.telemetry.bhrPing.enabled',
'toolkit.telemetry.cachedClientID',
'toolkit.telemetry.enabled',
'toolkit.telemetry.firstShutdownPing.enabled',
'toolkit.telemetry.newProfilePing.enabled',
'toolkit.telemetry.server',
'toolkit.telemetry.shutdownPingSender.enabled',
'toolkit.telemetry.unified',
'toolkit.telemetry.updatePing.enabled',
'ui.submenuDelay',
'ui.use_standins_for_native_colors',
'view_source.tab',
'webchannel.allowObject.urlWhitelist',
'webgl.disable-extensions',
'webgl.disable-fail-if-major-performance-caveat',
'webgl.disabled',
'webgl.dxgl.enabled',
'webgl.enable-debug-renderer-info',
'webgl.enable-webgl2',
'webgl.min_capability_mode',
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
]
if("undefined" === typeof(Services)) {
alert("about:config needs to be the active tab!");
return;
}
let c = 0;
for (let i = 0, len = ops.length; i < len; i++) {
if (Services.prefs.prefHasUserValue(ops[i])) {
Services.prefs.clearUserPref(ops[i]);
if (!Services.prefs.prefHasUserValue(ops[i])) {
console.log("reset", ops[i]);
c++;
} else { console.log("failed to reset", ops[i]); }
}
}
focus();
let d = (c==1) ? " pref" : " prefs";
if (c > 0) {
alert("successfully reset " + c + d + "\n\nfor details check the Browser Console (Ctrl+Shift+J)");
} else { alert("nothing to reset"); }
})();

167
scratchpad-scripts/ghacks-clear-all-up-to-57-[the-rest-inactive].js
View File

@ -1,167 +0,0 @@
/***
This will reset EVERYTHING that is INACTIVE in the ghacks user.js
release 57-alpha master, but excludes the following:
- prefs removed since publishing on github
- e10s section 1100
- privacy.resistFingerprinting alternatives sections 4600 & 4700
- deprecated section 9999
It does not matter if you clear everything, as a restart will reapply your user.js
Total 477 prefs from 57-alpha master: 118 inactive, 359 active
These have been broken into two scripts for convenience
For instructions see:
https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
***/
(function() {
let ops = [
/* 118 INACTIVE prefs in 57-alpha master */
'accessibility.typeaheadfind',
'app.update.enabled',
'browser.cache.memory.capacity',
'browser.cache.memory.enable',
'browser.chrome.favicons',
'browser.chrome.site_icons',
'browser.download.autohideButton',
'browser.privatebrowsing.autostart',
'browser.safebrowsing.allowOverride',
'browser.safebrowsing.blockedURIs.enabled',
'browser.safebrowsing.downloads.enabled',
'browser.safebrowsing.downloads.remote.block_dangerous',
'browser.safebrowsing.downloads.remote.block_dangerous_host',
'browser.safebrowsing.downloads.remote.block_potentially_unwanted',
'browser.safebrowsing.downloads.remote.block_uncommon',
'browser.safebrowsing.malware.enabled',
'browser.safebrowsing.phishing.enabled',
'browser.safebrowsing.provider.google.gethashURL',
'browser.safebrowsing.provider.google.updateURL',
'browser.safebrowsing.provider.google4.gethashURL',
'browser.safebrowsing.provider.google4.updateURL',
'browser.safebrowsing.provider.mozilla.gethashURL',
'browser.safebrowsing.provider.mozilla.updateURL',
'browser.sessionhistory.max_total_viewers',
'browser.startup.page',
'browser.stopReloadAnimation.enabled',
'browser.storageManager.enabled',
'browser.tabs.loadBookmarksInTabs',
'browser.urlbar.autocomplete.enabled',
'browser.urlbar.maxRichResults',
'clipboard.autocopy',
'dom.event.contextmenu.enabled',
'dom.indexedDB.enabled',
'dom.presentation.controller.enabled',
'dom.presentation.discoverable',
'dom.presentation.discovery.enabled',
'dom.presentation.enabled',
'dom.presentation.receiver.enabled',
'dom.presentation.session_transport.data_channel.enable',
'dom.storage.enabled',
'dom.storageManager.enabled',
'dom.vr.enabled',
'extensions.screenshots.disabled',
'extensions.systemAddon.update.url',
'extensions.update.enabled',
'font.name.monospace.x-unicode',
'font.name.monospace.x-western',
'font.name.sans-serif.x-unicode',
'font.name.sans-serif.x-western',
'font.name.serif.x-unicode',
'font.name.serif.x-western',
'font.system.whitelist',
'full-screen-api.warning.delay',
'full-screen-api.warning.timeout',
'general.autoScroll',
'geo.wifi.logging.enabled',
'gfx.direct2d.disabled',
'javascript.options.baselinejit',
'javascript.options.ion',
'media.flac.enabled',
'media.mediasource.enabled',
'media.mediasource.mp4.enabled',
'media.mediasource.webm.audio.enabled',
'media.mediasource.webm.enabled',
'media.mp4.enabled',
'media.ogg.enabled',
'media.ogg.flac.enabled',
'media.opus.enabled',
'media.raw.enabled',
'media.wave.enabled',
'media.webm.enabled',
'media.wmf.amd.vp9.enabled',
'media.wmf.enabled',
'media.wmf.vp9.enabled',
'network.cookie.lifetime.days',
'network.cookie.lifetimePolicy',
'network.dns.disableIPv6',
'network.dnsCacheEntries',
'network.dnsCacheExpiration',
'network.http.fast-fallback-to-IPv4',
'offline-apps.quota.warn',
'permissions.memory_only',
'places.history.enabled',
'plugin.state.flash',
'privacy.clearOnShutdown.openWindows',
'privacy.cpd.downloads',
'privacy.cpd.openWindows',
'privacy.resistFingerprinting.block_mozAddonManager',
'privacy.trackingprotection.annotate_channels',
'privacy.trackingprotection.enabled',
'privacy.trackingprotection.lower_network_priority',
'privacy.trackingprotection.pbmode.enabled',
'privacy.usercontext.about_newtab_segregation.enabled',
'privacy.userContext.enabled',
'privacy.userContext.longPressBehavior',
'privacy.userContext.ui.enabled',
'privacy.window.maxInnerHeight',
'privacy.window.maxInnerWidth',
'reader.parse-on-load.enabled',
'security.mixed_content.block_display_content',
'security.nocertdb',
'security.ssl.require_safe_negotiation',
'security.ssl3.dhe_rsa_aes_128_sha',
'security.ssl3.dhe_rsa_aes_256_sha',
'security.ssl3.ecdhe_ecdsa_aes_128_sha',
'security.ssl3.ecdhe_rsa_aes_128_sha',
'security.ssl3.rsa_aes_128_sha',
'security.ssl3.rsa_aes_256_sha',
'security.ssl3.rsa_des_ede3_sha',
'services.blocklist.addons.collection',
'services.blocklist.gfx.collection',
'services.blocklist.onecrl.collection',
'services.blocklist.plugins.collection',
'signon.rememberSignons',
'svg.disabled',
'toolkit.cosmeticAnimations.enabled',
'urlclassifier.trackingTable',
'xpinstall.signatures.required',
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
]
if("undefined" === typeof(Services)) {
alert("about:config needs to be the active tab!");
return;
}
let c = 0;
for (let i = 0, len = ops.length; i < len; i++) {
if (Services.prefs.prefHasUserValue(ops[i])) {
Services.prefs.clearUserPref(ops[i]);
if (!Services.prefs.prefHasUserValue(ops[i])) {
console.log("reset", ops[i]);
c++;
} else { console.log("failed to reset", ops[i]); }
}
}
focus();
let d = (c==1) ? " pref" : " prefs";
if (c > 0) {
alert("successfully reset " + c + d + "\n\nfor details check the Browser Console (Ctrl+Shift+J)");
} else { alert("nothing to reset"); }
})();

20
updater.bat
View File

@ -3,7 +3,7 @@ TITLE ghacks user.js updater
REM ## ghacks-user.js updater for Windows
REM ## author: @claustromaniac
REM ## version: 4.4
REM ## version: 4.5
REM ## instructions: https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.3-Updater-Scripts
SET _myname=%~n0
@ -75,7 +75,7 @@ ECHO:
ECHO: ########################################
ECHO: #### user.js Updater for Windows ####
ECHO: #### by claustromaniac ####
ECHO: #### v4.4 ####
ECHO: #### v4.5 ####
ECHO: ########################################
ECHO:
SET /A "_line=0"
@ -157,7 +157,8 @@ IF EXIST user.js.new (
IF DEFINED _singlebackup (
MOVE /Y user.js user.js.bak >nul
) ELSE (
MOVE /Y user.js "user-backup-!date:/=-!_!time::=.!.js" >nul
SET "_time=!time: =0!"
MOVE /Y user.js "user-backup-!date:/=-!_!_time::=.!.js" >nul
)
REN user.js.new user.js
CALL :message "Update complete."
@ -190,8 +191,9 @@ GOTO :EOF
REM ############ Merge function ############
:merge
SETLOCAL DisableDelayedExpansion
FOR /F tokens^=2^,^*^ delims^=^'^" %%G IN ('FINDSTR /R /C:"^user_pref[ ]*\([ ]*[\"'].*[\"'][ ]*,.*\)[ ]*;" "%~1"') DO (SET "[%%G]=%%H")
FOR /F tokens^=2^,^*^ delims^=^' %%G IN ('FINDSTR /R /C:"^//// --- comment-out --- '[^'][^']*'.*" "%~1"') DO (SET "__unset__%%G=1")
(
FOR /F tokens^=2^,^*^ delims^=^'^" %%G IN ('FINDSTR /B /R /C:"user_pref.*\)[ ]*;" "%~1"') DO (IF NOT "%%H"=="" (SET "%%G=%%H"))
FOR /F "tokens=1,* delims=:" %%I IN ('FINDSTR /N "^" "%~1"') DO (
SET "_temp=%%J"
SETLOCAL EnableDelayedExpansion
@ -204,11 +206,15 @@ SETLOCAL DisableDelayedExpansion
ENDLOCAL
FOR /F tokens^=2^ delims^=^'^" %%K IN ("%%J") DO (
IF NOT "_user.js.parrot"=="%%K" (
IF DEFINED %%K (
IF DEFINED __unset__%%K (
ECHO://%%J
) ELSE (
IF DEFINED [%%K] (
SETLOCAL EnableDelayedExpansion
FOR /F "delims=" %%L IN ("!%%K!") DO (
FOR /F "delims=" %%L IN ("![%%K]!") DO (
ENDLOCAL & ECHO:user_pref("%%K"%%L
SET "%%K="
SET "[%%K]="
)
)
)
) ELSE (ECHO:%%J)

95
updater.sh Normal file → Executable file
View File

@ -1,12 +1,14 @@
#!/bin/bash
#!/usr/bin/env bash
### ghacks-user.js updater for Mac/Linux
## author: @overdodactyl
## version: 1.2
## version: 1.3
## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in check_for_update() )
ghacksjs="https://raw.githubusercontent.com/ghacksuserjs/ghacks-user.js/master/user.js"
echo -e "\nThis script should be run from your Firefox profile directory.\n"
updater="https://raw.githubusercontent.com/ghacksuserjs/ghacks-user.js/master/updater.sh"
update_pref=${1:--ask}
currdir=$(pwd)
@ -19,26 +21,60 @@ if [ -z "$sfp" ]; then sfp=${BASH_SOURCE[0]}; fi
## change directory to the Firefox profile directory
cd "$(dirname "${sfp}")"
echo -e "Updating the user.js for Firefox profile:\n$(pwd)\n"
## Used to check if a new version of updater.sh is available
update_available="no"
check_for_update () {
online_version="$(curl -s ${updater} | sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p')"
path_to_script="$(dirname "${sfp}")/updater.sh"
current_version="$(sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p' "$path_to_script")"
if [[ "$current_version" < "$online_version" ]]; then
update_available="yes"
fi
}
if [ -e user.js ]; then
## Used to backup the current script, and download and execute the latest version of updater.sh
update_script () {
echo -e "This script will be backed up and the latest version of updater.sh will be executed.\n"
mv updater.sh "updater.sh.backup.$(date +"%Y-%m-%d_%H%M")"
curl -O ${updater} && echo -e "\nThe latest updater script has been downloaded\n"
# make new file executable
chmod +x updater.sh
# execute new updater script
./updater.sh -donotupdate
# exit script
exit 1
}
main () {
## create backup folder if it doesn't exist
mkdir -p userjs_backups;
echo -e "\nThis script should be run from your Firefox profile directory.\n"
echo -e "Updating the user.js for Firefox profile:\n$(pwd)\n"
if [ -e user.js ]; then
echo "Your current user.js file for this profile will be backed up and the latest ghacks version from github will take its place."
echo -e "\nIf currently using the ghacks user.js, please compare versions:"
echo " Available online: $(curl -s ${ghacksjs} | sed -n '4p')"
echo " Currently using: $(sed -n '4p' user.js)"
else
else
echo "A user.js file does not exist in this profile. If you continue, the latest ghacks version from github will be downloaded."
fi
fi
echo -e "\nIf a user-overrides.js file exists in this profile, it will be appended to the user.js.\n"
echo -e "\nIf a user-overrides.js file exists in this profile, it will be appended to the user.js.\n"
read -p "Continue Y/N? " -n 1 -r
echo -e "\n\n"
read -p "Continue Y/N? " -n 1 -r
echo -e "\n\n"
if [[ $REPLY =~ ^[Yy]$ ]]; then
if [[ $REPLY =~ ^[Yy]$ ]]; then
if [ -e user.js ]; then
# backup current user.js
bakfile="user.js.backup.$(date +"%Y-%m-%d_%H%M")"
bakfile="userjs_backups/user.js.backup.$(date +"%Y-%m-%d_%H%M")"
mv user.js "${bakfile}" && echo "Your previous user.js file was backed up: ${bakfile}"
fi
@ -50,9 +86,34 @@ if [[ $REPLY =~ ^[Yy]$ ]]; then
echo "user-overrides.js file found"
cat user-overrides.js >> user.js && echo "user-overrides.js has been appended to user.js"
fi
else
else
echo "Process aborted"
fi
fi
## change directory back to the original working directory
cd "${currdir}"
## change directory back to the original working directory
cd "${currdir}"
}
update_pref="$(echo $update_pref | tr '[A-Z]' '[a-z]')"
if [ $update_pref = "-donotupdate" ]; then
main
else
check_for_update
if [ $update_available = "no" ]; then
main
else
## there is an update available
if [ $update_pref = "-update" ]; then
## update without asking
update_script
else
read -p "There is a newer version of updater.sh available. Download and execute? Y/N? " -n 1 -r
echo -e "\n\n"
if [[ $REPLY =~ ^[Yy]$ ]]; then
update_script
else
main
fi
fi
fi
fi

388
user.js
View File

@ -1,8 +1,8 @@
/******
* name: ghacks user.js
* date: 4 April 2018
* version 59: Sweet Dreams (Are Made of Pants)
* "Sweet dreams are made of pants. Who are you to disagree?"
* date: 15 May 2018
* version 60-beta: Call Me Pants, Maybe
* "Your stare was holding, ripped JEANS, skin was showin'"
* authors: v52+ github | v51- www.ghacks.net
* url: https://github.com/ghacksuserjs/ghacks-user.js
* license: MIT: https://github.com/ghacksuserjs/ghacks-user.js/blob/master/LICENSE.txt
@ -40,9 +40,10 @@
******/
/* START: internal custom pref to test for syntax errors (thanks earthling)
* Yes, this next pref setting is redundant, but we like it!
* [1] https://en.wikipedia.org/wiki/Dead_parrot
* [2] https://en.wikipedia.org/wiki/Warrant_canary ***/
* [NOTE] In FF60+, not all syntax errors cause parsing to abort i.e. reaching the last debug
* pref no longer necessarily means that all prefs have been applied. Check the console right
* after startup for any warnings/error messages related to non-applied prefs
* [1] https://blog.mozilla.org/nnethercote/2018/03/09/a-new-preferences-parser-for-firefox/ ***/
user_pref("_user.js.parrot", "START: Oh yes, the Norwegian Blue... what's wrong with it?");
/* 0000: disable about:config warning ***/
@ -86,7 +87,11 @@ user_pref("browser.shell.checkDefaultBrowser", false);
user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!");
/* 0201: disable Location-Aware Browsing
* [1] https://www.mozilla.org/firefox/geolocation/ ***/
user_pref("geo.enabled", false);
// user_pref("geo.enabled", false);
/* 0201b: set a default permission for Location (FF58+)
* [SETTING] to add site exceptions: Page Info>Permissions>Access Your Location
* [SETTING] to manage site exceptions: Privacy & Security>Permissions>Location>Settings ***/
user_pref("permissions.default.geo", 2); // 0=always ask (default), 1=allow, 2=block
/* 0202: disable GeoIP-based search results
* [NOTE] May not be hidden if Firefox has changed your settings due to your locale
* [1] https://trac.torproject.org/projects/tor/ticket/16254
@ -113,10 +118,6 @@ user_pref("intl.regional_prefs.use_os_locales", false);
* Optionally enable logging to the console (defaults to false) ***/
user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
// user_pref("geo.wifi.logging.enabled", true); // (hidden pref)
/* 0211: set a default permission for Location (FF58+)
* [SETTING] to add site exceptions: Page Info>Permissions>Access Your Location
* [SETTING] to manage site exceptions: Privacy & Security>Permissions>Location>Settings ***/
// user_pref("permissions.default.geo", 2); // 0=always ask (default), 1=allow, 2=block
/*** 0300: QUIET FOX
We choose to not disable auto-CHECKs (0301's) but to disable auto-INSTALLs (0302's).
@ -202,13 +203,15 @@ user_pref("browser.crashReports.unsubmittedCheck.autoSubmit", false); // (FF51-5
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // (FF58+)
/* 0360: disable new tab tile ads & preload & marketing junk ***/
user_pref("browser.newtab.preload", false);
user_pref("browser.newtabpage.directory.source", "data:text/plain,");
user_pref("browser.newtabpage.enabled", false);
user_pref("browser.newtabpage.enhanced", false);
user_pref("browser.newtabpage.introShown", true);
/* 0370: disable "Snippets" (Mozilla content shown on about:home screen)
* [1] https://wiki.mozilla.org/Firefox/Projects/Firefox_Start/Snippet_Service ***/
user_pref("browser.aboutHomeSnippets.updateUrl", "data:,");
/* 0380: disable Browser Error Reporter (FF60+)
* [1] https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection
* [2] https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html ***/
user_pref("browser.chrome.errorReporter.enabled", false);
user_pref("browser.chrome.errorReporter.submitUrl", "");
/*** 0400: BLOCKLISTS / SAFE BROWSING / TRACKING PROTECTION
This section has security & tracking protection implications vs privacy concerns vs effectiveness
@ -279,7 +282,7 @@ user_pref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", "");
user_pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); // (FF54+)
/* 0416: disable 'ignore this warning' on Safe Browsing warnings which when clicked
* bypasses the block for that session. This is a means for admins to enforce SB
* [TEST] see github wiki APPENDIX C: Test Sites: Section 5
* [TEST] see github wiki APPENDIX A: Test Sites: Section 5
* [1] https://bugzilla.mozilla.org/1226490 ***/
// user_pref("browser.safebrowsing.allowOverride", false);
/* 0417: disable data sharing (FF58+) ***/
@ -360,26 +363,24 @@ user_pref("browser.ping-centre.telemetry", false);
* [1] https://en.wikipedia.org/wiki/Pocket_(application)
* [2] https://www.gnu.gl/blog/Posts/multiple-vulnerabilities-in-pocket/ ***/
user_pref("extensions.pocket.enabled", false);
/* 0512: disable Shield (FF53-FF59) - replaced internally by Normandy (see 0503)
* Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
* [1] https://wiki.mozilla.org/Firefox/Shield
* [2] https://github.com/mozilla/normandy ***/
user_pref("extensions.shield-recipe-client.enabled", false);
user_pref("extensions.shield-recipe-client.api_url", "");
/* 0513: disable Follow On Search (FF53+)
* Just DELETE the XPI file in your System Add-ons directory
* [1] https://blog.mozilla.org/data/2017/06/05/measuring-search-in-firefox/ ***/
/* 0514: disable Activity Stream (FF54+)
* Activity Stream replaces "New Tab" with one based on metadata and browsing behavior,
* and includes telemetry as well as web content such as snippets and "spotlight"
* Activity Stream is the default homepage/newtab in FF57+. It is based on metadata and browsing behavior,
* and includes telemetry and web content such as snippets, top stories (pocket), top sites, etc.
* - ONE: make sure to set your "home" and "newtab" to about:blank (or use an extension to control them)
* - TWO: DELETE the XPI file in your System Add-ons directory (note this get reinstalled on app updates)
* And/or you can try to control the ever-growing, ever-changing "browser.newtabpage.activity-stream.*" prefs
* [1] https://wiki.mozilla.org/Firefox/Activity_Stream
* [2] https://www.ghacks.net/2016/02/15/firefox-mockups-show-activity-stream-new-tab-page-and-share-updates/ ***/
user_pref("browser.newtabpage.activity-stream.enabled", false);
user_pref("browser.library.activity-stream.enabled", false); // (FF57+)
/* 0515: disable Screenshots (FF55+)
* alternatively in FF60+, disable uploading to the Screenshots server
* [1] https://github.com/mozilla-services/screenshots
* [2] https://www.ghacks.net/2017/05/28/firefox-screenshots-integrated-in-firefox-nightly/ ***/
// user_pref("extensions.screenshots.disabled", true);
// user_pref("extensions.screenshots.upload-disabled", true); // (FF60+)
/* 0516: disable Onboarding (FF55+)
* Onboarding is an interactive tour/setup for new installs/profiles and features. Every time
* about:home or about:newtab is opened, the onboarding overlay is injected into that page
@ -471,13 +472,21 @@ user_pref("network.http.altsvc.oe", false);
* [1] http://kb.mozillazine.org/Network.proxy.socks_remote_dns
* [2] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers ***/
user_pref("network.proxy.socks_remote_dns", true);
/* 0705: disable DNS requests for hostnames with a .onion TLD (FF45+)
* [1] https://bugzilla.mozilla.org/1228457 ***/
user_pref("network.dns.blockDotOnion", true);
/* 0706: remove paths when sending URLs to PAC scripts (FF51+)
* CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC)
* [1] https://bugzilla.mozilla.org/1255474 ***/
user_pref("network.proxy.autoconfig_url.include_path", false);
/* 0707: disable (or setup) DNS-over-HTTPS (DoH) (FF60+)
* TRR = Trusted Recursive Resolver
* .mode: 0=off, 1=race, 2=TRR first, 3=TRR only, 4=race for stats, but always use native result
* [WARNING] DoH bypasses hosts and gives info to yet another party (e.g. Cloudflare)
* [1] https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/ ***/
// user_pref("network.trr.mode", 0);
// user_pref("network.trr.bootstrapAddress", "");
// user_pref("network.trr.uri", "");
/* 0708: disable FTP (FF60+)
* [1] https://www.ghacks.net/2018/02/20/firefox-60-with-new-preference-to-disable-ftp/ ***/
// user_pref("network.ftp.enabled", false);
/*** 0800: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS [SETUP]
If you are in a private environment (no unwanted eyeballs) and your device is private
@ -775,11 +784,6 @@ user_pref("security.family_safety.mode", 0);
* by inspecting ALL your web traffic, then leave at current default=1
* [1] https://trac.torproject.org/projects/tor/ticket/16206 ***/
user_pref("security.cert_pinning.enforcement_level", 2);
/* 1223: enforce HSTS preload list (default is true)
* The list is compiled into Firefox and used to always load those domains over HTTPS
* [1] https://blog.mozilla.org/security/2012/11/01/preloading-hsts/
* [2] https://wiki.mozilla.org/Privacy/Features/HSTS_Preload_List ***/
user_pref("network.stricttransportsecurity.preloadlist", true);
/** MIXED CONTENT ***/
/* 1240: disable insecure active content on https pages - mixed content
* [1] https://trac.torproject.org/projects/tor/ticket/21323 ***/
@ -827,9 +831,11 @@ user_pref("browser.ssl_override_behavior", 1);
* i.e. it doesn't work for HSTS discrepancies (https://subdomain.preloaded-hsts.badssl.com/)
* [TEST] https://expired.badssl.com/ ***/
user_pref("browser.xul.error_pages.expert_bad_cert", true);
/* 1273: display HTTP sites as insecure (FF59+) ***/
/* 1273: display "insecure" icon (FF59+) and "Not Secure" text (FF60+) on HTTP sites ***/
user_pref("security.insecure_connection_icon.enabled", true); // all windows
user_pref("security.insecure_connection_text.enabled", true);
// user_pref("security.insecure_connection_icon.pbmode.enabled", true); // private windows only
// user_pref("security.insecure_connection_text.pbmode.enabled", true);
/*** 1400: FONTS ***/
user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!");
@ -883,7 +889,7 @@ user_pref("gfx.font_rendering.graphite.enabled", false);
Our default settings provide the best balance between protection and amount of breakage.
To harden it a bit more you can set XOriginPolicy (1603) to 2 (+ optionally 1604 to 1 or 2).
To fix broken sites, temporarily set XOriginPolicy=0 and XOriginTrimmingPolicy=2 in about:config,
To fix broken sites (including your modem/router), temporarily set XOriginPolicy=0 and XOriginTrimmingPolicy=2 in about:config,
use the site and then change the values back. If you visit those sites regularly (e.g. Vimeo), use an extension.
full URI: https://example.com:8888/foo/bar.html?id=1234
@ -1017,10 +1023,6 @@ user_pref("pdfjs.enableWebGL", false);
user_pref("webgl.min_capability_mode", true);
user_pref("webgl.disable-extensions", true);
user_pref("webgl.disable-fail-if-major-performance-caveat", true);
/* 2011: disable WebGL debug info being available to websites
* [1] https://bugzilla.mozilla.org/1171228
* [2] https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info ***/
user_pref("webgl.enable-debug-renderer-info", false);
/* 2012: disable two more webgl preferences (FF51+) ***/
user_pref("webgl.dxgl.enabled", false); // [WINDOWS]
user_pref("webgl.enable-webgl2", false);
@ -1097,7 +1099,7 @@ user_pref("dom.popup_allowed_events", "click dblclick");
communicate between browsing contexts (windows/tabs/iframes) and can even control your cache.
[WARNING] Disabling workers *will* break sites (e.g. Google Street View, Twitter).
[UPDATE] uMatrix 1.2.0+ allows a per-scope control for workers (2301) and service workers (2302)
[UPDATE] uMatrix 1.2.0+ allows a per-scope control for workers (2301-deprecated) and service workers (2302)
#Required reading [#] https://github.com/gorhill/uMatrix/releases/tag/1.2.0
[1] Web Workers: https://developer.mozilla.org/docs/Web/API/Web_Workers_API
@ -1108,9 +1110,6 @@ user_pref("dom.popup_allowed_events", "click dblclick");
[6] Notifications: https://support.mozilla.org/questions/1165867#answer-981820
***/
user_pref("_user.js.parrot", "2300 syntax error: the parrot's off the twig!");
/* 2301: disable workers
* [NOTE] CVE-2016-5259, CVE-2016-2812, CVE-2016-1949, CVE-2016-5287 (fixed) ***/
user_pref("dom.workers.enabled", false);
/* 2302: disable service workers
* Service workers essentially act as proxy servers that sit between web apps, and the browser
* and network, are event driven, and can control the web page/site it is associated with,
@ -1214,163 +1213,149 @@ user_pref("dom.w3c_pointer_events.enabled", false);
/*** 2600: MISCELLANEOUS ***/
user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!");
/* 2601: disable sending additional analytics to web servers
/* 2601: prevent accessibility services from accessing your browser [RESTART]
* [SETTING] Privacy & Security>Permissions>Prevent accessibility services from accessing your browser
* [1] https://support.mozilla.org/kb/accessibility-services ***/
user_pref("accessibility.force_disabled", 1);
/* 2602: disable sending additional analytics to web servers
* [1] https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/
user_pref("beacon.enabled", false);
/* 2602: discourage downloading to desktop (0=desktop 1=downloads 2=last used)
* [SETTING] To set your default "downloads": General>Downloads>Save files to ***/
user_pref("browser.download.folderList", 2);
/* 2603: enforce user interaction for security by always asking the user where to download ***/
user_pref("browser.download.useDownloadDir", false);
/* 2604: remove temp files opened with an external application
/* 2603: remove temp files opened with an external application
* [1] https://bugzilla.mozilla.org/302433 ***/
user_pref("browser.helperApps.deleteTempFileOnExit", true);
/* 2605: disable adding downloads to the system's "recent documents" list ***/
user_pref("browser.download.manager.addToRecentDocs", false);
/* 2606: disable hiding mime types (Options>General>Applications) not associated with a plugin ***/
user_pref("browser.download.hide_plugins_without_extensions", false);
/* 2607: disable page thumbnail collection
/* 2604: disable page thumbnail collection
* look in profile/thumbnails directory - you may want to clean that out ***/
user_pref("browser.pagethumbnails.capturing_disabled", true); // (hidden pref)
/* 2608: disable JAR from opening Unsafe File Types ***/
user_pref("network.jar.open-unsafe-types", false);
/* 2609: disable exposure of system colors to CSS or canvas (FF44+)
* [NOTE] see second listed bug: may cause black on black for elements with undefined colors
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 ***/
user_pref("ui.use_standins_for_native_colors", true); // (hidden pref)
/* 2610: remove special permissions for certain mozilla domains (FF35+)
* [1] resource://app/defaults/permissions ***/
user_pref("permissions.manager.defaultsUrl", "");
/* 2611: disable WebIDE to prevent remote debugging and extension downloads
/* 2605: block web content in file processes (FF55+)
* [WARNING] [SETUP] You may want to disable this for corporate or developer environments
* [1] https://bugzilla.mozilla.org/1343184 ***/
user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false);
/* 2606: disable UITour backend so there is no chance that a remote page can use it ***/
user_pref("browser.uitour.enabled", false);
user_pref("browser.uitour.url", "");
/* 2607: disable various developer tools in browser context
* [SETTING] Devtools>Advanced Settings>Enable browser chrome and add-on debugging toolboxes
* [1] https://github.com/pyllyukko/user.js/issues/179#issuecomment-246468676 ***/
user_pref("devtools.chrome.enabled", false);
/* 2608: disable WebIDE to prevent remote debugging and extension downloads
* [1] https://trac.torproject.org/projects/tor/ticket/16222 ***/
user_pref("devtools.webide.autoinstallADBHelper", false);
user_pref("devtools.debugger.remote-enabled", false);
user_pref("devtools.webide.enabled", false);
/* 2617: enable Firefox's built-in PDF reader [SETUP]
/* 2609: disable MathML (Mathematical Markup Language) (FF51+)
* [TEST] http://browserspy.dk/mathml.php
* [1] https://bugzilla.mozilla.org/1173199 ***/
user_pref("mathml.disabled", true);
/* 2610: disable in-content SVG (Scalable Vector Graphics) (FF53+)
* [WARNING] Expect breakage incl. youtube player controls. Best left for a "hardened" profile.
* [1] https://bugzilla.mozilla.org/1216893 ***/
// user_pref("svg.disabled", true);
/* 2611: disable middle mouse click opening links from clipboard
* [1] https://trac.torproject.org/projects/tor/ticket/10089
* [2] http://kb.mozillazine.org/Middlemouse.contentLoadURL ***/
user_pref("middlemouse.contentLoadURL", false);
/* 2612: disable remote JAR files being opened, regardless of content type (FF42+)
* [1] https://bugzilla.mozilla.org/1173171
* [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ ***/
user_pref("network.jar.block-remote-files", true);
/* 2613: disable JAR from opening Unsafe File Types ***/
user_pref("network.jar.open-unsafe-types", false);
/* 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
* [WARNING] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
* To control HTML Meta tag and JS redirects, use an extension. Default is 20 ***/
user_pref("network.http.redirection-limit", 10);
/* 2615: disable websites overriding Firefox's keyboard shortcuts (FF58+)
* [SETTING] to add site exceptions: Page Info>Permissions>Override Keyboard Shortcuts
* [NOTE] At the time of writing, causes issues with delete and backspace keys ***/
// user_pref("permissions.default.shortcuts", 2); // 0 (default) or 1=allow, 2=block
/* 2616: remove special permissions for certain mozilla domains (FF35+)
* [1] resource://app/defaults/permissions ***/
user_pref("permissions.manager.defaultsUrl", "");
/* 2617: remove webchannel whitelist ***/
user_pref("webchannel.allowObject.urlWhitelist", "");
/* 2618: disable exposure of system colors to CSS or canvas (FF44+)
* [NOTE] see second listed bug: may cause black on black for elements with undefined colors
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 ***/
user_pref("ui.use_standins_for_native_colors", true); // (hidden pref)
/* 2619: enforce Punycode for Internationalized Domain Names to eliminate possible spoofing
* Firefox has *some* protections, but it is better to be safe than sorry. The downside: it will also
* display legitimate IDN's punycoded, which might be undesirable for users of non-latin alphabets
* [TEST] https://www.xn--80ak6aa92e.com/ (www.apple.com)
* [1] https://wiki.mozilla.org/IDN_Display_Algorithm
* [2] https://en.wikipedia.org/wiki/IDN_homograph_attack
* [3] CVE-2017-5383: https://www.mozilla.org/security/advisories/mfsa2017-02/
* [4] https://www.xudongz.com/blog/2017/idn-phishing/ ***/
user_pref("network.IDN_show_punycode", true);
/* 2620: enable Firefox's built-in PDF reader [SETUP]
* [SETTING] General>Applications>Portable Document Format (PDF)
* [SETTING-ESR52] Applications>Portable Document Format (PDF)
* This setting controls if the option "Display in Firefox" in the above setting is available
* and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With")
* [WHY USE false=default=view PDFs in Firefox]
* pdfjs is lightweight, open source and as secure as any pdf reader out there, certainly better and more
* vetted than most. Exploits are rare (1 serious case in 3 years), treated seriously and patched quickly.
* It doesn't break "state separation" of browser content (by not sharing with OS, independent apps). It
* maintains disk avoidance and application data isolation. It's convenient. You can still save to disk.
* [WHY USE true=open with or save to disk]
* If you think a particular external app is more secure...
* [NOTE]
* See 2662, and JS can still force a pdf to open in-browser by bundling its own code (rare) ***/
* PROS: pdfjs is lightweight, open source, and as secure/vetted as any pdf reader out there (more than most)
* Exploits are rare (1 serious case in 4 yrs), treated seriously and patched quickly.
* It doesn't break "state separation" of browser content (by not sharing with OS, independent apps).
* It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk.
* CONS: You may prefer a different pdf reader for security reasons
* CAVEAT: JS can still force a pdf to open in-browser by bundling its own code (rare) ***/
user_pref("pdfjs.disabled", false);
/* 2619: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
* [WARNING] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
* To control HTML Meta tag and JS redirects, use an extension. Default is 20 ***/
user_pref("network.http.redirection-limit", 10);
/* 2620: disable middle mouse click opening links from clipboard
* [1] https://trac.torproject.org/projects/tor/ticket/10089
* [2] http://kb.mozillazine.org/Middlemouse.contentLoadURL ***/
user_pref("middlemouse.contentLoadURL", false);
/* 2621: enable warning when websites try to install extensions
* [SETTING] Privacy & Security>Permissions>Warn you when websites try to install add-ons
* [SETTING-ESR52] Security>General>Warn me when sites try to install add-ons ***/
user_pref("xpinstall.whitelist.required", true); // default: true
/* 2622: enforce a security delay when installing extensions (milliseconds)
* default=1000, This also covers the delay in "Save" on downloading files.
* [1] http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
* [2] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 700);
/* 2623: enable Strict File Origin Policy on local files
* [1] http://kb.mozillazine.org/Security.fileuri.strict_origin_policy ***/
user_pref("security.fileuri.strict_origin_policy", true);
/* 2624: enable Subresource Integrity (SRI) (FF43+)
* [1] https://developer.mozilla.org/docs/Web/Security/Subresource_Integrity
* [2] https://wiki.mozilla.org/Security/Subresource_Integrity ***/
user_pref("security.sri.enable", true); // default: true
/* 2625: clear localStorage and UUID when an extension is uninstalled
* [NOTE] Both preferences must be the same
* [1] https://developer.mozilla.org/Add-ons/WebExtensions/API/storage/local
* [2] https://bugzilla.mozilla.org/1213990 ***/
user_pref("extensions.webextensions.keepStorageOnUninstall", false);
user_pref("extensions.webextensions.keepUuidOnUninstall", false);
/* 2626: disable optional user agent token
* [1] https://developer.mozilla.org/docs/Web/HTTP/Headers/User-Agent/Firefox ***/
user_pref("general.useragent.compatMode.firefox", false); // default: false
/* 2628: disable UITour backend so there is no chance that a remote page can use it ***/
user_pref("browser.uitour.enabled", false);
user_pref("browser.uitour.url", "");
/* 2629: disable remote JAR files being opened, regardless of content type (FF42+)
* [1] https://bugzilla.mozilla.org/1173171
* [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ ***/
user_pref("network.jar.block-remote-files", true);
/* 2630: prevent accessibility services from accessing your browser [RESTART]
* [SETTING] Privacy & Security>Permissions>Prevent accessibility services from accessing your browser
* [1] https://support.mozilla.org/kb/accessibility-services ***/
user_pref("accessibility.force_disabled", 1);
/* 2631: block web content in file processes (FF55+)
* [WARNING] [SETUP] You may want to disable this for corporate or developer environments
* [1] https://bugzilla.mozilla.org/1343184 ***/
user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false);
/* 2632: disable websites overriding Firefox's keyboard shortcuts (FF58+)
* [SETTING] to add site exceptions: Page Info>Permissions>Override Keyboard Shortcuts
* [NOTE] At the time of writing, causes issues with delete and backspace keys ***/
// user_pref("permissions.default.shortcuts", 2); // 0 (default) or 1=allow, 2=block
/* 2662: disable "open with" in download dialog (FF50+)
/** DOWNLOADS ***/
/* 2650: discourage downloading to desktop (0=desktop 1=downloads 2=last used)
* [SETTING] To set your default "downloads": General>Downloads>Save files to ***/
user_pref("browser.download.folderList", 2);
/* 2651: enforce user interaction for security by always asking the user where to download ***/
user_pref("browser.download.useDownloadDir", false);
/* 2652: disable adding downloads to the system's "recent documents" list ***/
user_pref("browser.download.manager.addToRecentDocs", false);
/* 2653: disable hiding mime types (Options>General>Applications) not associated with a plugin ***/
user_pref("browser.download.hide_plugins_without_extensions", false);
/* 2654: disable "open with" in download dialog (FF50+)
* This is very useful to enable when the browser is sandboxed (e.g. via AppArmor)
* in such a way that it is forbidden to run external applications.
* [SETUP] This may interfere with some users' workflow or methods
* [1] https://bugzilla.mozilla.org/1281959 ***/
user_pref("browser.download.forbid_open_with", true);
/* 2663: disable MathML (Mathematical Markup Language) (FF51+)
* [TEST] http://browserspy.dk/mathml.php
* [1] https://bugzilla.mozilla.org/1173199 ***/
user_pref("mathml.disabled", true);
/* 2664: disable DeviceStorage API
* [1] https://wiki.mozilla.org/WebAPI/DeviceStorageAPI ***/
user_pref("device.storage.enabled", false);
/* 2665: remove webchannel whitelist ***/
user_pref("webchannel.allowObject.urlWhitelist", "");
/* 2667: disable various developer tools in browser context
* [SETTING] Devtools>Advanced Settings>Enable browser chrome and add-on debugging toolboxes
* [1] https://github.com/pyllyukko/user.js/issues/179#issuecomment-246468676 ***/
user_pref("devtools.chrome.enabled", false);
/* 2668: lock down allowed extension directories
/** EXTENSIONS ***/
/* 2660: lock down allowed extension directories
* [WARNING] This will break extensions that do not use the default XPI directories
* [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
* [1] archived: https://archive.is/DYjAM ***/
user_pref("extensions.enabledScopes", 1); // (hidden pref)
user_pref("extensions.autoDisableScopes", 15);
/* 2670: disable "image/" mime types bypassing CSP (FF51+)
* [1] https://bugzilla.mozilla.org/1288361 ***/
user_pref("security.block_script_with_wrong_mime", true);
/* 2671: disable in-content SVG (Scalable Vector Graphics) (FF53+)
* [WARNING] SVG is fairly common (~15% of the top 10K sites), so will cause some breakage
* including youtube player controls. Best left for "hardened" or specific profiles.
* [1] https://bugzilla.mozilla.org/1216893 ***/
// user_pref("svg.disabled", true);
/* 2672: enforce Punycode for Internationalized Domain Names to eliminate possible spoofing security risk
* Firefox has *some* protections to mitigate the risk, but it is better to be safe
* than sorry. The downside: it will also display legitimate IDN's punycoded, which
* might be undesirable for users from countries with non-latin alphabets
* [TEST] https://www.xn--80ak6aa92e.com/ (www.apple.com)
* [1] http://kb.mozillazine.org/Network.IDN_show_punycode
* [2] https://wiki.mozilla.org/IDN_Display_Algorithm
* [3] https://en.wikipedia.org/wiki/IDN_homograph_attack
* [4] CVE-2017-5383: https://www.mozilla.org/security/advisories/mfsa2017-02/
* [5] https://www.xudongz.com/blog/2017/idn-phishing/ ***/
user_pref("network.IDN_show_punycode", true);
/* 2673: enable CSP (Content Security Policy)
/* 2661: clear localStorage and UUID when an extension is uninstalled
* [NOTE] Both preferences must be the same
* [1] https://developer.mozilla.org/Add-ons/WebExtensions/API/storage/local
* [2] https://bugzilla.mozilla.org/1213990 ***/
user_pref("extensions.webextensions.keepStorageOnUninstall", false);
user_pref("extensions.webextensions.keepUuidOnUninstall", false);
/* 2662: disable webextension restrictions on certain mozilla domains (also see 4503) (FF60+)
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
// user_pref("extensions.webextensions.restrictedDomains", "");
/* 2663: enable warning when websites try to install add-ons
* [SETTING] Privacy & Security>Permissions>Warn you when websites try to install add-ons
* [SETTING-ESR52] Security>General>Warn me when sites try to install add-ons ***/
user_pref("xpinstall.whitelist.required", true); // default: true
/** SECURITY ***/
/* 2680: enable CSP (Content Security Policy)
* [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/
user_pref("security.csp.enable", true); // default: true
/* 2674: enable CSP 1.1 experimental hash-source directive (FF29+)
/* 2681: disable CSP violation events (FF59+)
* [1] https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent ***/
user_pref("security.csp.enable_violation_events", false);
/* 2682: enable CSP 1.1 experimental hash-source directive (FF29+)
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=855326,883975 ***/
user_pref("security.csp.experimentalEnabled", true);
/* 2675: block top level window data: URIs (FF56+)
/* 2683: block top level window data: URIs (FF56+)
* [1] https://bugzilla.mozilla.org/1331351
* [2] https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/
* [3] https://www.fxsitecompat.com/en-CA/docs/2017/data-url-navigations-on-top-level-window-will-be-blocked/ ***/
user_pref("security.data_uri.block_toplevel_data_uri_navigations", true);
/* 2676: disable CSP violation events (FF59+)
* [1] https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent ***/
user_pref("security.csp.enable_violation_events", false);
/* 2684: enforce a security delay on some confirmation dialogs such as install, open/save
* [1] http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
* [2] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 700); // default: 1000 (milliseconds)
/*** 2700: PERSISTENT STORAGE
Data SET by websites including
@ -1386,7 +1371,8 @@ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin
* 0=allow all 1=allow same host 2=disallow all 3=allow 3rd party if it already set a cookie
* [SETTING] Privacy & Security>History>Custom Settings>Accept cookies from sites
* [SETTING-ESR52] Privacy>History>Custom Settings>Accept cookies from sites
* [NOTE] This also controls access to 3rd party Web Storage, IndexedDB, Cache API and Service Worker Cache
* [NOTE] Blocking 3rd party controls 3rd party access to localStorage, IndexedDB, Cache API and Service Worker Cache.
* Blocking 1st party controls access to localStorage and IndexedDB (note: Service Workers can still use IndexedDB).
* [1] https://www.fxsitecompat.com/en-CA/docs/2015/web-storage-indexeddb-cache-api-now-obey-third-party-cookies-preference/ ***/
user_pref("network.cookie.cookieBehavior", 2);
/* 2702: set third-party cookies (i.e ALL) (if enabled, see above pref) to session-only
@ -1407,6 +1393,11 @@ user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+)
/* 2705: disable HTTP sites setting cookies with the "secure" directive (FF52+)
* [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/
user_pref("network.cookie.leave-secure-alone", true); // default: true
/* 2706: enable support for same-site cookies (FF60+)
* [1] https://bugzilla.mozilla.org/795346
* [2] https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/
* [3] https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ ***/
// user_pref("network.cookie.same-site.enabled", true); // default: true
/* 2710: disable DOM (Document Object Model) Storage
* [WARNING] This will break a LOT of sites' functionality.
* You are better off using an extension for more granular control ***/
@ -1419,6 +1410,9 @@ user_pref("network.cookie.leave-secure-alone", true); // default: true
/* 2730: disable offline cache
* [NOTE] This is required 'true' for Storage API (2750) ***/
// user_pref("browser.cache.offline.enable", false);
/* 2730b: disable offline cache on insecure sites (FF60+)
* [1] https://blog.mozilla.org/security/2018/02/12/restricting-appcache-secure-contexts/ ***/
user_pref("browser.cache.offline.insecure.enable", false);
/* 2731: enforce websites to ask to store data for offline use
* [1] https://support.mozilla.org/questions/1098540
* [2] https://bugzilla.mozilla.org/959985 ***/
@ -1446,8 +1440,10 @@ user_pref("dom.caches.enabled", false);
/*** 2800: SHUTDOWN [SETUP]
You should set the values to what suits you best. Be aware that the settings below clear
browsing, download and form history, but not cookies (we expect you to use an extension).
[NOTE] In both 2803 + 2804, the 'download' and 'history' prefs are combined in the
browsing, download and form history, but not cookies (use exceptions or an extension).
- "Offline Website Data" includes appCache (2730), localStorage (2710),
Service Worker cache (2740), and QuotaManager (IndexedDB (2720), asm-cache)
- In both 2803 + 2804, the 'download' and 'history' prefs are combined in the
Firefox interface as "Browsing & Download History" and their values will be synced
***/
user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
@ -1544,6 +1540,7 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true);
[TEST] http://browserspy.dk/screen.php
** 1281949 - spoof screen orientation (FF50+)
** 1281963 - hide the contents of navigator.plugins and navigator.mimeTypes (FF50+)
FF53: Fixes GetSupportedNames in nsMimeTypeArray and nsPluginArray (1324044)
** 1330890 - spoof timezone as UTC 0 (FF55+)
FF58: Date.toLocaleFormat deprecated (818634)
FF60: Date.toLocaleDateString and Intl.DateTimeFormat fixed (1409973)
@ -1553,7 +1550,7 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true);
** 1369303 - spoof/disable performance API (see 2410-deprecated, 4602, 4603) (FF56+)
** 1333651 & 1383495 & 1396468 - spoof Navigator API (see section 4700) (FF56+)
FF56: The version number will be rounded down to the nearest multiple of 10
FF57: The version number will match current ESR (1393283, 1418672)
FF57: The version number will match current ESR (1393283, 1418672, 1418162)
FF59: The OS will be reported as Windows, OSX, Android, or Linux (to reduce breakage) (1404608)
** 1369319 - disable device sensor API (see 4604) (FF56+)
** 1369357 - disable site specific zoom (see 4605) (FF56+)
@ -1576,6 +1573,7 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true);
Spoofing mimics the content language of the document. Currently it only supports en-US.
Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
FF60: Fix keydown/keyup events (1438795)
** 1337157 - disable WebGL debug renderer info (see 4613) (FF60+)
***/
user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
/* 4501: enable privacy.resistFingerprinting (FF41+)
@ -1589,8 +1587,10 @@ user_pref("privacy.resistFingerprinting", true); // (hidden pref) (not hidden FF
// user_pref("privacy.window.maxInnerWidth", 1600); // (hidden pref)
// user_pref("privacy.window.maxInnerHeight", 900); // (hidden pref)
/* 4503: disable mozAddonManager Web API (FF57+)
* [1] https://bugzilla.mozilla.org/1384330 ***/
// user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // (hidden pref)
* [NOTE] As a side-effect in FF57-59 this allowed extensions to work on AMO. In FF60+ you also need
* to sanitize or clear extensions.webextensions.restrictedDomains (see 2662) to keep that side-effect
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // (hidden pref)
/*** 4600: RFP (4500) ALTERNATIVES [SETUP]
* IF you DO use RFP (see 4500) then you DO NOT need these redundant prefs. In fact,
@ -1661,6 +1661,12 @@ user_pref("media.video_stats.enabled", false);
// [2] https://developer.mozilla.org/docs/Web/API/MediaDevices/ondevicechange
user_pref("media.ondevicechange.enabled", false);
// * * * /
// FF60+
// 4613: [2011] disable WebGL debug info being available to websites
// [1] https://bugzilla.mozilla.org/1171228
// [2] https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info
user_pref("webgl.enable-debug-renderer-info", false);
// * * * /
// ***/
/*** 4700: RFP (4500) ALTERNATIVES - NAVIGATOR / USER AGENT (UA) SPOOFING
@ -1718,7 +1724,7 @@ user_pref("_user.js.parrot", "5000 syntax error: this is an ex-parrot!");
// user_pref("browser.tabs.loadBookmarksInTabs", true); // open bookmarks in a new tab (FF57+)
// user_pref("browser.urlbar.decodeURLsOnCopy", true); // see Bugzilla 1320061 (FF53+)
// user_pref("general.autoScroll", false); // middle-click enabling auto-scrolling [WINDOWS] [MAC]
// user_pref("view_source.tab", false); // open "page/selection source" in a new window
// user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar [RESTART]
/* OTHER ***/
// user_pref("browser.bookmarks.max_backups", 2);
// user_pref("identity.fxaccounts.enabled", false); // disable and hide Firefox Accounts and Sync (FF60+) [RESTART]
@ -1736,13 +1742,13 @@ user_pref("_user.js.parrot", "5000 syntax error: this is an ex-parrot!");
***/
user_pref("_user.js.parrot", "9999 syntax error: the parrot's deprecated!");
/* FF42 and older
// 2607: (25+) disable page thumbnails - replaced by browser.pagethumbnails.capturing_disabled
// 2604: (25+) disable page thumbnails - replaced by browser.pagethumbnails.capturing_disabled
// [-] https://bugzilla.mozilla.org/897811
user_pref("pageThumbs.enabled", false);
// 2503: (31+) disable network API - replaced by dom.netinfo.enabled
// [-] https://bugzilla.mozilla.org/960426
user_pref("dom.network.enabled", false);
// 2620: (35+) disable WebSockets
// 2600s: (35+) disable WebSockets
// [-] https://bugzilla.mozilla.org/1091016
user_pref("network.websocket.enabled", false);
// 1610: (36+) set DNT "value" to "not be tracked" (FF21+)
@ -1800,7 +1806,7 @@ user_pref("browser.safebrowsing.provider.google.appRepURL", ""); // browser.safe
// 1200's: block rc4 whitelist
// [-] https://bugzilla.mozilla.org/1215796
user_pref("security.tls.insecure_fallback_hosts.use_static_list", false);
// 2301: disable SharedWorkers
// 2300s: disable SharedWorkers
// [1] https://trac.torproject.org/projects/tor/ticket/15562
// [-] https://bugzilla.mozilla.org/1207635
user_pref("dom.workers.sharedWorkers.enabled", false);
@ -1942,7 +1948,7 @@ user_pref("dom.battery.enabled", false);
// ***/
/* ESR52.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them if you're using ESR52.x.x
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF53
// 1265: block rc4 fallback
// [-] https://bugzilla.mozilla.org/1130670
@ -2033,11 +2039,11 @@ user_pref("social.enabled", false); // (hidden pref)
// 1830: disable DRM's EME WideVineAdapter
// [-] https://bugzilla.mozilla.org/1395468
user_pref("media.eme.chromium-api.enabled", false); // (FF55+)
// 2611: disable WebIDE extension downloads (Valence)
// 2608: disable WebIDE extension downloads (Valence)
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1393497
user_pref("devtools.webide.autoinstallFxdtAdapters", false);
// 2612: disable SimpleServiceDiscovery - which can bypass proxy settings - e.g. Roku
// 2600s: disable SimpleServiceDiscovery - which can bypass proxy settings - e.g. Roku
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1393582
user_pref("browser.casting.enabled", false);
@ -2092,6 +2098,30 @@ user_pref("dom.disable_window_status_change", true);
// [-] (part7) https://bugzilla.mozilla.org/1416703#c21
user_pref("dom.idle-observers-api.enabled", false);
// * * * /
// FF60
// 0360: disable new tab tile ads & preload & marketing junk
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1370930,1433133
user_pref("browser.newtabpage.directory.source", "data:text/plain,");
user_pref("browser.newtabpage.enhanced", false);
user_pref("browser.newtabpage.introShown", true);
// 0512: disable Shield (FF53-FF59) - replaced internally by Normandy (see 0503)
// Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
// [1] https://wiki.mozilla.org/Firefox/Shield
// [2] https://github.com/mozilla/normandy
// [-] https://bugzilla.mozilla.org/1436113
user_pref("extensions.shield-recipe-client.enabled", false);
user_pref("extensions.shield-recipe-client.api_url", "");
// 0514: disable Activity Stream (FF54+)
// [-] https://bugzilla.mozilla.org/1433324
user_pref("browser.newtabpage.activity-stream.enabled", false);
// 2301: disable workers
// [NOTE] CVE-2016-5259, CVE-2016-2812, CVE-2016-1949, CVE-2016-5287 (fixed)
// [-] https://bugzilla.mozilla.org/1434934
user_pref("dom.workers.enabled", false);
// 5000s: open "page/selection source" in a new window
// [-] https://bugzilla.mozilla.org/1418403
// user_pref("view_source.tab", false);
// * * * /
// ***/
/* END: internal custom pref to test for syntax errors ***/