66-beta

Update user.js (#676 )
- to avoid confusion with the setting tag, split the prefs into separate numbers, thus shove 2031->2031, reuse 2031 - remove the default value notation as Mozilla will roll out default change gradually to users
2025-09-01 17:38:30 +02:00 · 2019-03-27 04:35:42 +00:00 · 2019-03-26 19:05:55 +00:00 · 2019-03-19 19:58:15 +00:00 · 2019-03-19 09:00:39 +00:00 · 2019-03-17 22:43:27 +00:00
3 changed files with 167 additions and 105 deletions
--- a/scratchpad-scripts/ghacks-clear-[removed].js
+++ b/scratchpad-scripts/ghacks-clear-[removed].js
@ -1,7 +1,7 @@
 /***
 This will reset the preferences that have been removed completely from the ghacks user.js.
- Last updated: 12-Dec-2018
+ Last updated: 30-Jan-2019
 For instructions see:
 https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
@ -117,6 +117,9 @@
    'media.peerconnection.use_document_iceservers',
    'media.peerconnection.video.enabled',
    'media.navigator.video.enabled',
    /* 65-beta */
    'browser.contentblocking.enabled',
    'browser.urlbar.maxHistoricalSearchSuggestions',
    /* reset parrot: check your open about:config after running the script */
    '_user.js.parrot'
  ]
--- a/updater.sh
+++ b/updater.sh
@ -2,7 +2,7 @@
 ## ghacks-user.js updater for macOS and Linux
-## version: 2.4
+## version: 2.5
 ## Author: Pat Johnson (@overdodactyl)
 ## Additional contributors: @earthlng, @ema-pe, @claustromaniac
@ -227,7 +227,7 @@ update_updater () {
  fi
  mv "${tmpfile}" "${SCRIPT_DIR}/updater.sh"
  chmod u+x "${SCRIPT_DIR}/updater.sh"
-  "${SCRIPT_DIR}/updater.sh" "$@ -d"
+  "${SCRIPT_DIR}/updater.sh" "$@" -d
  exit 1
 }
@ -334,6 +334,9 @@ update_userjs () {
      echo -e "Status: ${GREEN}A diff file was created:${NC} ${PWD}/${diffname}"
    else
      echo -e "Warning: ${ORANGE}Your new user.js file appears to be identical.  No diff file was created.${NC}"
      if [ $BACKUP = 'multiple' ]; then
        rm $bakname &>/dev/null
      fi
    fi
    rm $past_nocomments $current_nocomments $pastuserjs &>/dev/null
  fi
@ -416,7 +419,7 @@ if [ $# != 0 ]; then
 fi
 show_banner
-update_updater
+update_updater $@
 getProfilePath # updates PROFILE_PATH or exits on error
 cd "$PROFILE_PATH" && update_userjs
--- a/user.js
+++ b/user.js
@ -1,8 +1,8 @@
 /******
 * name: ghacks user.js
-* date: 17 January 2019
+* date: 27 March 2019
-* version 64: Crocodile Pants
+* version 66-beta: The Power of Pants
-*   "I remember when Pants was young, me and Suzie had so much fun"
+*   "The power of pants is a curious thing. Make a one man weep, make another man sing"
 * authors: v52+ github | v51- www.ghacks.net
 * url: https://github.com/ghacksuserjs/ghacks-user.js
 * license: MIT: https://github.com/ghacksuserjs/ghacks-user.js/blob/master/LICENSE.txt
@ -117,6 +117,7 @@ user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
 user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
 user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
 user_pref("browser.newtabpage.activity-stream.showSponsored", false);
 user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); // [FF66+]
 /* 0105d: disable Activity Stream recent Highlights in the Library [FF57+] ***/
   // user_pref("browser.library.activity-stream.enabled", false);
 /* 0110: start Firefox in PB (Private Browsing) mode
@ -139,7 +140,7 @@ user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely decease
   // user_pref("geo.enabled", false);
 /* 0201b: set a default permission for Location [FF58+]
 * 0=always ask (default), 1=allow, 2=block
- * [NOTE] best left at default "always ask", fingerprintable via Permissions API
+ * [NOTE] Best left at default "always ask", fingerprintable via Permissions API
 * [SETTING] to add site exceptions: Page Info>Permissions>Access Your Location
 * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Location>Settings ***/
   // user_pref("permissions.default.geo", 2);
@ -168,6 +169,10 @@ user_pref("intl.regional_prefs.use_os_locales", false);
 * Optionally enable logging to the console (defaults to false) ***/
 user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
   // user_pref("geo.wifi.logging.enabled", true); // [HIDDEN PREF]
 /* 0211: disable using the OS's geolocation service ***/
 user_pref("geo.provider.ms-windows-location", false); // [WINDOWS]
 user_pref("geo.provider.use_corelocation", false); // [MAC]
 user_pref("geo.provider.use_gpsd", false); // [LINUX]
 /*** [SECTION 0300]: QUIET FOX
     We choose to not disable auto-CHECKs (0301's) but to disable auto-INSTALLs (0302's).
@ -175,13 +180,13 @@ user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?ke
     monetized extensions, time constraints, legacy issues, and fear of breakage/bugs.
     It is still important to do updates for security reasons, please do so manually. ***/
 user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!");
-/* 0301b: disable auto-update checks for extensions
+/* 0301b: disable auto-CHECKING for extension and theme updates ***/
 * [SETTING] about:addons>Extensions>[cog-wheel-icon]>Update Add-ons Automatically (toggle) ***/
   // user_pref("extensions.update.enabled", false);
-/* 0302a: disable auto update installing for Firefox
+/* 0302a: disable auto-INSTALLING Firefox updates [NON-WINDOWS FF65+]
 * [NOTE] In FF65+ on Windows this SETTING (below) is now stored in a file and the pref was removed
 * [SETTING] General>Firefox Updates>Check for updates but let you choose... ***/
 user_pref("app.update.auto", false);
-/* 0302b: disable auto update installing for extensions (after the check in 0301b)
+/* 0302b: disable auto-INSTALLING extension and theme updates (after the check in 0301b)
 * [SETTING] about:addons>Extensions>[cog-wheel-icon]>Update Add-ons Automatically (toggle) ***/
 user_pref("extensions.update.autoUpdateDefault", false);
 /* 0303: disable background update service [WINDOWS]
@ -192,10 +197,14 @@ user_pref("app.update.staging.enabled", false);
 /* 0305: enforce update information is displayed
 * This is the update available, downloaded, error and success information ***/
 user_pref("app.update.silent", false);
-/* 0306: disable extension metadata updating
+/* 0306: disable extension metadata
- * sends daily pings to Mozilla about extensions and recent startups ***/
+ * used when installing/updating an extension, and in daily background update checks: if false, it
-user_pref("extensions.getAddons.cache.enabled", false);
+ * hides the expanded text description (if it exists) when you "show more details about an addon" ***/
-/* 0307: disable auto updating of personas (themes) ***/
+   // user_pref("extensions.getAddons.cache.enabled", false);
 /* 0307: disable auto updating of lightweight themes (LWT)
 * Not to be confused with themes in 0301* + 0302*, which use the FF55+ Theme API
 * Mozilla plan to convert existing LWTs and remove LWT support in the future, see [1]
 * [1] https://blog.mozilla.org/addons/2018/09/20/future-themes-here/ ***/
 user_pref("lightweightThemes.update.enabled", false);
 /* 0308: disable search update
 * [SETTING] General>Firefox Updates>Automatically update search engines ***/
@ -227,34 +236,48 @@ user_pref("toolkit.telemetry.updatePing.enabled", false); // [FF56+]
 user_pref("toolkit.telemetry.bhrPing.enabled", false); // [FF57+] Background Hang Reporter
 user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); // [FF57+]
 user_pref("toolkit.telemetry.hybridContent.enabled", false); // [FF59+]
-/* 0333: disable health report
+/* 0331: disable Telemetry Coverage
 * [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to send technical... data ***/
 user_pref("datareporting.healthreport.uploadEnabled", false);
 /* 0334: disable new data submission, master kill switch [FF41+]
 * If disabled, no policy is shown or upload takes place, ever
 * [1] https://bugzilla.mozilla.org/1195552 ***/
 user_pref("datareporting.policy.dataSubmissionEnabled", false);
 /* 0335: disable Telemetry Coverage
 * [1] https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ ***/
 user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
 user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF]
 user_pref("toolkit.coverage.endpoint.base", "");
-/* 0350: disable crash reports ***/
+/* 0340: disable Health Reports
 * [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to send technical... data ***/
 user_pref("datareporting.healthreport.uploadEnabled", false);
 /* 0341: disable new data submission, master kill switch [FF41+]
 * If disabled, no policy is shown or upload takes place, ever
 * [1] https://bugzilla.mozilla.org/1195552 ***/
 user_pref("datareporting.policy.dataSubmissionEnabled", false);
 /* 0342: disable Studies (see 0503)
 * [NOTE] This pref has no effect when Health Reports (0340) are disabled
 * [SETTING] Privacy & Security>Firefox Data Collection & Use>...>Allow Firefox to install and run studies ***/
 user_pref("app.shield.optoutstudies.enabled", false);
 /* 0343: disable personalized Extension Recommendations in about:addons and AMO [FF65+]
 * [NOTE] This pref has no effect when Health Reports (0340) are disabled
 * [SETTING] Privacy & Security>Firefox Data Collection & Use>...>Allow Firefox to make personalized extension rec.
 * [1] https://support.mozilla.org/kb/personalized-extension-recommendations ***/
 user_pref("browser.discovery.enabled", false);
 /* 0350: disable Crash Reports ***/
 user_pref("breakpad.reportURL", "");
 /* 0351: disable sending of crash reports ***/
 user_pref("browser.tabs.crashReporting.sendReport", false); // [FF44+]
 user_pref("browser.crashReports.unsubmittedCheck.enabled", false); // [FF51+]
 /* 0351: disable backlogged Crash Reports
 * [SETTING] Privacy & Security>Firefox Data Collection & Use>Allow Firefox to send backlogged crash reports  ***/
 user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // [FF58+]
 /* 0370: disable Pocket [FF46+]
 * Pocket is a third party (now owned by Mozilla) "save for later" cloud service
 * [1] https://en.wikipedia.org/wiki/Pocket_(application)
 * [2] https://www.gnu.gl/blog/Posts/multiple-vulnerabilities-in-pocket/ ***/
 user_pref("extensions.pocket.enabled", false);
-/* 0380: disable Browser Error Reporter [FF60+]
+/* 0390: disable Captive Portal detection
- * [1] https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection
+ * [1] https://en.wikipedia.org/wiki/Captive_portal
- * [2] https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html ***/
+ * [2] https://wiki.mozilla.org/Necko/CaptivePortal
-user_pref("browser.chrome.errorReporter.enabled", false);
+ * [3] https://trac.torproject.org/projects/tor/ticket/21790 ***/
-user_pref("browser.chrome.errorReporter.submitUrl", "");
+user_pref("captivedetect.canonicalURL", "");
 user_pref("network.captive-portal-service.enabled", false); // [FF52+]
 /* 0391: disable Network Connectivity checks [FF65+]
 * [1] https://bugzilla.mozilla.org/1460537 ***/
 user_pref("network.connectivity-service.enabled", false);
 /*** [SECTION 0400]: BLOCKLISTS / SAFE BROWSING / TRACKING PROTECTION
     This section has security & tracking protection implications vs privacy concerns vs effectiveness
@ -360,8 +383,6 @@ user_pref("browser.safebrowsing.provider.google4.dataSharingURL", "");
 * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1170190,1141814 ***/
   // user_pref("privacy.trackingprotection.annotate_channels", false);
   // user_pref("privacy.trackingprotection.lower_network_priority", false);
 /* 0426: enforce Content Blocking (required to block cookies) [FF63+] ***/
 user_pref("browser.contentblocking.enabled", true); // [DEFAULT: true]
 /*** [SECTION 0500]: SYSTEM ADD-ONS / EXPERIMENTS
     System Add-ons are a method for shipping extensions, considered to be
@ -380,20 +401,17 @@ user_pref("browser.contentblocking.enabled", true); // [DEFAULT: true]
     [2] https://dxr.mozilla.org/mozilla-central/source/browser/extensions
 ***/
 user_pref("_user.js.parrot", "0500 syntax error: the parrot's cashed in 'is chips!");
 /* 0502: disable Mozilla permission to silently opt you into tests ***/
 user_pref("network.allow-experiments", false);
 /* 0503: disable Normandy/Shield [FF60+]
 * Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
 * [1] https://wiki.mozilla.org/Firefox/Shield
 * [2] https://github.com/mozilla/normandy ***/
 user_pref("app.normandy.enabled", false);
 user_pref("app.normandy.api_url", "");
 user_pref("app.shield.optoutstudies.enabled", false);
 /* 0505: disable System Add-on updates ***/
 user_pref("extensions.systemAddon.update.enabled", false); // [FF62+]
 user_pref("extensions.systemAddon.update.url", ""); // [FF44+]
 /* 0506: disable PingCentre telemetry (used in several System Add-ons) [FF57+]
- * Currently blocked by 'datareporting.healthreport.uploadEnabled' (see 0333) ***/
+ * Currently blocked by 'datareporting.healthreport.uploadEnabled' (see 0340) ***/
 user_pref("browser.ping-centre.telemetry", false);
 /* 0515: disable Screenshots
 * alternatively in FF60+, disable uploading to the Screenshots server
@ -425,15 +443,9 @@ user_pref("network.prefetch-next", false);
 * [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
 user_pref("network.dns.disablePrefetch", true);
 user_pref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF]
-/* 0603a: disable Seer/Necko
+/* 0603: disable Seer/Necko
 * [1] https://developer.mozilla.org/docs/Mozilla/Projects/Necko ***/
 user_pref("network.predictor.enabled", false);
 /* 0603b: disable more Necko/Captive Portal
 * [1] https://en.wikipedia.org/wiki/Captive_portal
 * [2] https://wiki.mozilla.org/Necko/CaptivePortal
 * [3] https://trac.torproject.org/projects/tor/ticket/21790 ***/
 user_pref("captivedetect.canonicalURL", "");
 user_pref("network.captive-portal-service.enabled", false); // [FF52+]
 /* 0605: disable link-mouseover opening connection to linked server
 * [1] https://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests
 * [2] https://www.ghacks.net/2015/08/16/block-firefox-from-connecting-to-sites-when-you-hover-over-links/ ***/
@ -443,9 +455,6 @@ user_pref("network.http.speculative-parallel-limit", 0);
 * [2] http://kb.mozillazine.org/Browser.send_pings.require_same_host ***/
 user_pref("browser.send_pings", false);
 user_pref("browser.send_pings.require_same_host", true);
 /* 0607: disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS]
 * [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/ ***/
 user_pref("network.protocol-handler.external.ms-windows-store", false);
 /* 0608: disable predictor / prefetching [FF48+] ***/
 user_pref("network.predictor.enable-prefetch", false);
@ -473,6 +482,7 @@ user_pref("network.dns.disableIPv6", true);
 user_pref("network.http.spdy.enabled", false);
 user_pref("network.http.spdy.enabled.deps", false);
 user_pref("network.http.spdy.enabled.http2", false);
 user_pref("network.http.spdy.websockets", false); // [FF65+]
 /* 0703: disable HTTP Alternative Services [FF37+]
 * [SETUP-PERF] Relax this if you have FPI enabled (see 4000) *AND* you understand the
 * consequences. FPI isolates these, but it was designed with the Tor protocol in mind,
@ -504,6 +514,7 @@ user_pref("network.proxy.autoconfig_url.include_path", false); // [DEFAULT: fals
 * [1] https://www.ghacks.net/2018/02/20/firefox-60-with-new-preference-to-disable-ftp/ ***/
   // user_pref("network.ftp.enabled", false);
 /* 0709: disable using UNC (Uniform Naming Convention) paths [FF61+]
 * [SETUP-CHROME] Can break extensions for profiles on network shares
 * [1] https://trac.torproject.org/projects/tor/ticket/26424 ***/
 user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
 /* 0710: disable GIO as a potential proxy bypass vector
@ -516,10 +527,10 @@ user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
 user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
 /*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS [SETUP-CHROME]
-     If you are in a private environment (no unwanted eyeballs) and your device is private
+     Change items 0850 and above to suit for privacy vs convenience and functionality. Consider
-     (restricted access), and the device is secure when unattended (locked, encrypted, forensic
+     your environment (no unwanted eyeballs), your device (restricted access), your device's
-     hardened), then items 0850 and above can be relaxed in return for more convenience and
+     unattended state (locked, encrypted, forensic hardened). Likewise, you may want to check
-     functionality. Likewise, you may want to check the items cleared on shutdown in section 2800.
+     the items cleared on shutdown in section 2800.
     [NOTE] The urlbar is also commonly referred to as the location bar and address bar
     #Required reading [#] https://xkcd.com/538/
 ***/
@ -566,16 +577,12 @@ user_pref("browser.urlbar.usepreloadedtopurls.enabled", false);
 /* 0810: disable location bar making speculative connections [FF56+]
 * [1] https://bugzilla.mozilla.org/1348275 ***/
 user_pref("browser.urlbar.speculativeConnect.enabled", false);
-/* 0850a: disable location bar autocomplete and suggestion types
+/* 0850a: disable location bar suggestion types
 * If you enforce any of the suggestion types, you MUST enforce 'autocomplete'
 *   - If *ALL* of the suggestion types are false, 'autocomplete' must also be false
 *   - If *ANY* of the suggestion types are true, 'autocomplete' must also be true
 * [SETUP-CHROME] If all three suggestion types are false, search engine keywords are disabled
 * [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest ***/
-user_pref("browser.urlbar.autocomplete.enabled", false);
+   // user_pref("browser.urlbar.suggest.history", false);
-user_pref("browser.urlbar.suggest.history", false);
+   // user_pref("browser.urlbar.suggest.bookmark", false);
-user_pref("browser.urlbar.suggest.bookmark", false);
+   // user_pref("browser.urlbar.suggest.openpage", false);
 user_pref("browser.urlbar.suggest.openpage", false);
 /* 0850c: disable location bar dropdown
 * This value controls the total number of entries to appear in the location bar dropdown
 * [NOTE] Items (bookmarks/history/openpages) with a high "frecency"/"bonus" will always
@ -586,13 +593,10 @@ user_pref("browser.urlbar.suggest.openpage", false);
   // user_pref("browser.urlbar.maxRichResults", 0);
 /* 0850d: disable location bar autofill
 * [1] http://kb.mozillazine.org/Inline_autocomplete ***/
-user_pref("browser.urlbar.autoFill", false);
+   // user_pref("browser.urlbar.autoFill", false);
 /* 0850e: disable location bar one-off searches [FF51+]
 * [1] https://www.ghacks.net/2016/08/09/firefox-one-off-searches-address-bar/ ***/
-user_pref("browser.urlbar.oneOffSearches", false);
+   // user_pref("browser.urlbar.oneOffSearches", false);
 /* 0850f: disable location bar suggesting local search history [FF57+]
 * [1] https://bugzilla.mozilla.org/1181644 ***/
 user_pref("browser.urlbar.maxHistoricalSearchSuggestions", 0);
 /* 0860: disable search and form history
 * [NOTE] You can clear formdata on exiting Firefox (see 2803)
 * [SETTING] Privacy & Security>History>Custom Settings>Remember search and form history ***/
@ -642,9 +646,6 @@ user_pref("signon.storeWhenAutocompleteOff", true); // [DEFAULT: true]
 /* 0907: display warnings for logins on non-secure (non HTTPS) pages
 * [1] https://bugzilla.mozilla.org/1217156 ***/
 user_pref("security.insecure_password.ui.enabled", true);
 /* 0908: remove user & password info when attempting to fix an entered URL (i.e. 0802 is true)
 * e.g. //user:password@foo -> //user@(prefix)foo(suffix) NOT //user:password@(prefix)foo(suffix) ***/
 user_pref("browser.fixup.hide_user_pass", true);
 /* 0909: disable formless login capture for Password Manager [FF51+] ***/
 user_pref("signon.formlessCapture.enabled", false);
 /* 0910: disable autofilling saved passwords on HTTP pages and show warning [FF52+]
@ -1078,11 +1079,14 @@ user_pref("dom.imagecapture.enabled", false); // [DEFAULT: false]
 /* 2028: disable offscreen canvas [FF44+]
 * [1] https://developer.mozilla.org/docs/Web/API/OffscreenCanvas ***/
 user_pref("gfx.offscreencanvas.enabled", false); // [DEFAULT: false]
-/* 2030: disable auto-play of HTML5 media [FF63+]
+/* 2030: disable autoplay of HTML5 media [FF63+]
- * 0=Allowed (default), 1=Blocked, 2=Prompt
+ * 0=Allowed, 1=Blocked, 2=Prompt
- * [SETUP-WEB] This may break video playback on various sites ***/
+ * [NOTE] You can set exceptions under site permissions
 * [SETTING] Privacy & Security>Permissions>Block websites from automatically playing sound ***/
 user_pref("media.autoplay.default", 1);
-/* 2031: disable audio auto-play in non-active tabs [FF51+]
+/* 2031: disable autoplay of HTML5 media if you interacted with the site [FF66+] ***/
 user_pref("media.autoplay.enabled.user-gestures-needed", false);
 /* 2032: disable audio autoplay in non-active tabs [FF51+]
 * [1] https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/ ***/
 user_pref("media.block-autoplay-until-in-foreground", true);
@ -1154,7 +1158,7 @@ user_pref("dom.webnotifications.enabled", false); // [FF22+]
 user_pref("dom.webnotifications.serviceworker.enabled", false); // [FF44+]
 /* 2305: set a default permission for Notifications (see 2304) [FF58+]
 * 0=always ask (default), 1=allow, 2=block
- * [NOTE] best left at default "always ask", fingerprintable via Permissions API
+ * [NOTE] Best left at default "always ask", fingerprintable via Permissions API
 * [SETTING] to add site exceptions: Page Info>Permissions>Receive Notifications
 * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Notifications>Settings ***/
   // user_pref("permissions.default.desktop-notification", 2);
@ -1220,6 +1224,9 @@ user_pref("javascript.options.shared_memory", false);
 /* 2428: enforce DOMHighResTimeStamp API
 * [WARNING] Required for normalization of timestamps and any timer resolution mitigations ***/
 user_pref("dom.event.highrestimestamp.enabled", true); // [DEFAULT: true]
 /* 2429: enable (limited but sufficient) window.opener protection [FF65+]
 * Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
 user_pref("dom.targetBlankNoOpener.enabled", true);
 /*** [SECTION 2500]: HARDWARE FINGERPRINTING ***/
 user_pref("_user.js.parrot", "2500 syntax error: the parrot's shuffled off 'is mortal coil!");
@ -1249,9 +1256,6 @@ user_pref("layers.acceleration.disabled", true);
 /* 2510: disable Web Audio API [FF51+]
 * [1] https://bugzilla.mozilla.org/1288359 ***/
 user_pref("dom.webaudio.enabled", false);
 /* 2516: disable PointerEvents
 * [1] https://developer.mozilla.org/en-US/docs/Web/API/PointerEvent ***/
 user_pref("dom.w3c_pointer_events.enabled", false);
 /* 2517: disable Media Capabilities API [FF63+]
 * [SETUP-PERF] This *may* affect media performance if disabled, no one is sure
 * [1] https://github.com/WICG/media-capabilities
@ -1316,7 +1320,7 @@ user_pref("permissions.manager.defaultsUrl", "");
 /* 2617: remove webchannel whitelist ***/
 user_pref("webchannel.allowObject.urlWhitelist", "");
 /* 2618: disable exposure of system colors to CSS or canvas [FF44+]
- * [NOTE] see second listed bug: may cause black on black for elements with undefined colors
+ * [NOTE] See second listed bug: may cause black on black for elements with undefined colors
 * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 ***/
 user_pref("ui.use_standins_for_native_colors", true); // [HIDDEN PREF]
 /* 2619: enforce Punycode for Internationalized Domain Names to eliminate possible spoofing
@ -1339,6 +1343,9 @@ user_pref("network.IDN_show_punycode", true);
 * CAVEAT: JS can still force a pdf to open in-browser by bundling its own code (rare)
 * [SETTING] General>Applications>Portable Document Format (PDF) ***/
 user_pref("pdfjs.disabled", false);
 /* 2621: disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS]
 * [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/ ***/
 user_pref("network.protocol-handler.external.ms-windows-store", false);
 /** DOWNLOADS ***/
 /* 2650: discourage downloading to desktop (0=desktop 1=downloads 2=last used)
@ -1396,17 +1403,20 @@ user_pref("security.dialog_enable_delay", 700);
          indexedDB : profile\storage\default
           appCache : profile\OfflineCache
     serviceWorkers :
     [NOTE] indexedDB and serviceWorkers are not available in Private Browsing Mode
     [NOTE] Blocking cookies also blocks websites access to: localStorage (incl. sessionStorage),
     indexedDB, sharedWorker, and serviceWorker (and therefore service worker cache and notifications)
     If you set a site exception for cookies (either "Allow" or "Allow for Session") then they become
     accessible to websites except shared/service workers where the cookie setting *must* be "Allow"
 ***/
 user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!");
 /* 2701: disable 3rd-party cookies and site-data
- * You can set exceptions under site permissions or use an extension
+ * 0=Accept cookies and site data (default), 1=(Block) All third-party cookies, 2=(Block) All cookies,
- * 0=Accept cookies and site data, 1=Block third-party cookies, 2=Block all cookies,
+ * 3=(Block) Cookies from unvisited sites, 4=(Block) Third-party trackers (FF63+)
- * 3=Block cookies from unvisited sites, 4=Block third-party trackers (FF63+)
+ * [NOTE] Value 4 is tied to the Tracking Protection lists
- * [NOTE] value 4 is tied to the Tracking Protection lists so make sure you have 0424 + 0425 on default values!
+ * [NOTE] You can set exceptions under site permissions or use an extension
- * [NOTE] Blocking 3rd party controls 3rd party access to localStorage, IndexedDB, Cache API and Service Worker Cache.
+ * [SETTING] Privacy & Security>Content Blocking>Custom>Choose what to block>Cookies ***/
 * Blocking 1st party controls access to localStorage and IndexedDB (note: Service Workers can still use IndexedDB).
 * [SETTING] Privacy & Security>Cookies and Site Data>Type blocked
 * [1] https://www.fxsitecompat.com/en-CA/docs/2015/web-storage-indexeddb-cache-api-now-obey-third-party-cookies-preference/ ***/
 user_pref("network.cookie.cookieBehavior", 1);
 /* 2702: set third-party cookies (i.e ALL) (if enabled, see 2701) to session-only
   and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only
@ -1416,11 +1426,11 @@ user_pref("network.cookie.cookieBehavior", 1);
 * [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly ***/
 user_pref("network.cookie.thirdparty.sessionOnly", true);
 user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // [FF58+]
-/* 2703: set cookie lifetime policy
+/* 2703: delete cookies and site data on close
- * 0=until they expire (default), 2=until you close Firefox
+ * 0=keep until they expire (default), 2=keep until you close Firefox
- * [NOTE] 3=for n days : no longer supported in FF63+ (see 2704-deprecated)
+ * [NOTE] The setting below is disabled (but not changed) if you block all cookies (2701 = 2)
- * [SETTING] Privacy & Security>Cookies and Site Data>Keep until... ***/
+ * [SETTING] Privacy & Security>Cookies and Site Data>Delete cookies and site data when Firefox is closed ***/
-   // user_pref("network.cookie.lifetimePolicy", 0);
+   // user_pref("network.cookie.lifetimePolicy", 2);
 /* 2705: disable HTTP sites setting cookies with the "secure" directive [FF52+]
 * [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/
 user_pref("network.cookie.leave-secure-alone", true); // [DEFAULT: true]
@ -1461,6 +1471,9 @@ user_pref("dom.caches.enabled", false);
 * [2] https://developer.mozilla.org/docs/Web/API/Storage_API
 * [3] https://blog.mozilla.org/l10n/2017/03/07/firefox-l10n-report-aurora-54/ ***/
   // user_pref("dom.storageManager.enabled", false);
 /* 2755: disable Storage Access API [FF65+]
 * [1] https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API ***/
   // user_pref("dom.storage_access.enabled", false);
 /*** [SECTION 2800]: SHUTDOWN [SETUP-CHROME]
     You should set the values to what suits you best.
@ -1470,10 +1483,10 @@ user_pref("dom.caches.enabled", false);
       Firefox interface as "Browsing & Download History" and their values will be synced
 ***/
 user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
-/* 2802: enable Firefox to clear history items on shutdown
+/* 2802: enable Firefox to clear items on shutdown (see 2803)
 * [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes ***/
 user_pref("privacy.sanitize.sanitizeOnShutdown", true);
-/* 2803: set what history items to clear on shutdown
+/* 2803: set what items to clear on shutdown (if 2802 is true)
 * [NOTE] If 'history' is true, downloads will also be cleared regardless of the value
 * but if 'history' is false, downloads can still be cleared independently
 * However, this may not always be the case. The interface combines and syncs these
@ -1487,7 +1500,7 @@ user_pref("privacy.clearOnShutdown.history", true); // Browsing & Download Histo
 user_pref("privacy.clearOnShutdown.offlineApps", true); // Offline Website Data
 user_pref("privacy.clearOnShutdown.sessions", true); // Active Logins
 user_pref("privacy.clearOnShutdown.siteSettings", false); // Site Preferences
-/* 2804: reset default history items to clear with Ctrl-Shift-Del (to match 2803)
+/* 2804: reset default items to clear with Ctrl-Shift-Del (to match 2803)
 * This dialog can also be accessed from the menu History>Clear Recent History
 * Firefox remembers your last choices. This will reset them when you start Firefox.
 * [NOTE] Regardless of what you set privacy.cpd.downloads to, as soon as the dialog
@ -1561,7 +1574,7 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAUL
      To set a size, open a XUL (chrome) page (such as about:config) which is at 100% zoom, hit
      Shift+F4 to open the scratchpad, type window.resizeTo(1366,768), hit Ctrl+R to run. Test
      your window size, do some math, resize to allow for all the non inner window elements
-      [TEST] http://browserspy.dk/screen.php
+      [TEST] https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html#screen
 ** 1281949 - spoof screen orientation (FF50+)
 ** 1281963 - hide the contents of navigator.plugins and navigator.mimeTypes (FF50+)
      FF53: Fixes GetSupportedNames in nsMimeTypeArray and nsPluginArray (1324044)
@ -1574,13 +1587,13 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAUL
 ** 1369303 - spoof/disable performance API (see 2410-deprecated, 4602, 4603) (FF56+)
 ** 1333651 & 1383495 & 1396468 - spoof Navigator API (see section 4700) (FF56+)
      FF56: The version number will be rounded down to the nearest multiple of 10
-      FF57: The version number will match current ESR (1393283, 1418672, 1418162)
+      FF57: The version number will match current ESR (1393283, 1418672, 1418162, 1511763)
      FF59: The OS will be reported as Windows, OSX, Android, or Linux (to reduce breakage) (1404608)
      FF66: The OS in HTTP Headers will be reduced to Windows or Android (1509829)
 ** 1369319 - disable device sensor API (see 4604) (FF56+)
 ** 1369357 - disable site specific zoom (see 4605) (FF56+)
 ** 1337161 - hide gamepads from content (see 4606) (FF56+)
- ** 1372072 - spoof network information API as "unknown" (see 4607) (FF56+)
+ ** 1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true (see 4607) (FF56+)
 ** 1333641 - reduce fingerprinting in WebSpeech API (see 4608) (FF56+)
 ** 1372069 & 1403813 & 1441295 - block geolocation requests (same as denying a site permission) (see 0201, 0201b) (FF56-62)
 ** 1369309 - spoof media statistics (see 4610) (FF57+)
@ -1592,7 +1605,10 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAUL
      This blocks exposure of local IP Addresses via mDNS (Multicast DNS)
 **  967895 - enable site permission prompt before allowing canvas data extraction (FF58+)
      FF59: Added to site permissions panel (1413780) Only prompt when triggered by user input (1376865)
- ** 1372073 - spoof/block fingerprinting in MediaDevices API (see 4612) (FF59+)
+ ** 1372073 - spoof/block fingerprinting in MediaDevices API (FF59+)
      Spoof: enumerate devices reports one "Internal Camera" and one "Internal Microphone" if
             media.navigator.enabled is true (see 2505 which we chose to keep disabled)
      Block: suppresses the ondevicechange event (see 4612)
 ** 1039069 - warn when language prefs are set to non en-US (see 0207, 0208) (FF59+)
 ** 1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59+)
      Spoofing mimics the content language of the document. Currently it only supports en-US.
@ -1600,11 +1616,14 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAUL
      FF60: Fix keydown/keyup events (1438795)
 ** 1337157 - disable WebGL debug renderer info (see 4613) (FF60+)
 ** 1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62+)
- ** 1363508 - spoof/suppress Pointer Events (see 2516) (FF64+)
+ ** 1363508 - spoof/suppress Pointer Events (see 4614) (FF64+)
      FF65: pointerEvent.pointerid (1492766)
 ** 1485266 - disable exposure of system colors to CSS or canvas (see 2618) (FF67+)
 ** 1407366 - enable inner window letterboxing (see 4504) (FF67+)
 ***/
 user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
 /* 4501: enable privacy.resistFingerprinting [FF41+]
 * This pref is the master switch for all other privacy.resist* prefs unless stated
 * [SETUP-WEB] RFP is not ready for the masses, so expect some website breakage
 * [1] https://bugzilla.mozilla.org/418986 ***/
 user_pref("privacy.resistFingerprinting", true);
@ -1620,8 +1639,17 @@ user_pref("privacy.resistFingerprinting", true);
 * to sanitize or clear extensions.webextensions.restrictedDomains (see 2662) to keep that side-effect
 * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
 user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF]
-/* 4504: disable showing about:blank as soon as possible during startup [FF60+]
+/* 4504: enable RFP letterboxing [FF67+]
- * When default true (FF62+) this no longer masks the RFP resizing activity
+ * Dynamically resizes the inner window in 200w x100h steps by applying letterboxing, using dimensions
 * which waste the least content area, If you use the dimension pref, then it will only apply those
 * resolutions. The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000, 1600x900")
 * [NOTE] This does NOT require RFP (see 4501) **for now**
 * [WARNING] The dimension pref is only meant for testing, and we recommend you DO NOT USE it
 * [1] https://bugzilla.mozilla.org/1407366 ***/
 user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
   // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
 /* 4510: disable showing about:blank as soon as possible during startup [FF60+]
 * When default true (FF62+) this no longer masks the RFP chrome resizing activity
 * [1] https://bugzilla.mozilla.org/1448423 ***/
 user_pref("browser.startup.blankWindow", false);
@ -1668,7 +1696,7 @@ user_pref("browser.zoom.siteSpecific", false);
   // [1] https://developer.mozilla.org/docs/Web/API/Network_Information_API
   // [2] https://wicg.github.io/netinfo/
   // [3] https://bugzilla.mozilla.org/960426
-user_pref("dom.netinfo.enabled", false);
+user_pref("dom.netinfo.enabled", false); // [DEFAULT: true on Android]
 // 4608: [2021] disable the SpeechSynthesis (Text-to-Speech) part of the Web Speech API
   // [1] https://developer.mozilla.org/docs/Web/API/Web_Speech_API
   // [2] https://developer.mozilla.org/docs/Web/API/SpeechSynthesis
@ -1700,6 +1728,11 @@ user_pref("media.ondevicechange.enabled", false);
   // [2] https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info
 user_pref("webgl.enable-debug-renderer-info", false);
 // * * * /
 // FF65+
 // 4614: [2516] disable PointerEvents
   // [1] https://developer.mozilla.org/en-US/docs/Web/API/PointerEvent
 user_pref("dom.w3c_pointer_events.enabled", false);
 // * * * /
 // ***/
 /*** [SECTION 4700]: RFP ALTERNATIVES (NAVIGATOR / USER AGENT (UA) SPOOFING)
@ -1858,11 +1891,11 @@ user_pref("dom.workers.sharedWorkers.enabled", false);
 user_pref("browser.sessionstore.privacy_level_deferred", 2);
 // ***/
 /* FF46
-// 0333: disable health report
+// 0340: disable health report
   // [-] https://bugzilla.mozilla.org/1234526
 user_pref("datareporting.healthreport.service.enabled", false); // [HIDDEN PREF]
 user_pref("datareporting.healthreport.documentServerURI", ""); // [HIDDEN PREF]
-// 0334b: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers
+// 0341: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers
   // [-] https://bugzilla.mozilla.org/1234522
 user_pref("datareporting.policy.dataSubmissionEnabled.v2", false);
 // 0414: disable safebrowsing pref - replaced by browser.safebrowsing.downloads.remote.url
@ -1883,7 +1916,7 @@ user_pref("browser.pocket.oAuthConsumerKey", "");
   // is enabled ONLY for people that opted into it, even if unified Telemetry is enabled
   // [-] https://bugzilla.mozilla.org/1236580
 user_pref("toolkit.telemetry.unifiedIsOptIn", true); // [HIDDEN PREF]
-// 0333b: disable about:healthreport page UNIFIED
+// 0340b: disable about:healthreport page UNIFIED
   // [-] https://bugzilla.mozilla.org/1236580
 user_pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,");
 // 0807: disable history manipulation
@ -2085,7 +2118,7 @@ user_pref("intl.locale.matchOS", false);
 // 0204: set APP locale - replaced by intl.locale.requested
   // [-] https://bugzilla.mozilla.org/1414390
 user_pref("general.useragent.locale", "en-US");
-// 0333b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
+// 0340b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
   // If you have disabled health reports, then this about page is useless - disable it
   // If you want to see what health data is present, then this must be set at default
   // [-] https://bugzilla.mozilla.org/1352497
@ -2200,7 +2233,7 @@ user_pref("shield.savant.enabled", false);
 // 1031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons
   // [-] https://bugzilla.mozilla.org/1453751
   // user_pref("browser.chrome.favicons", false);
-// 2030: disable auto-play of HTML5 media - replaced by media.autoplay.default
+// 2030: disable autoplay of HTML5 media - replaced by media.autoplay.default
   // [SETUP-WEB] This may break video playback on various sites
   // [-] https://bugzilla.mozilla.org/1470082
 user_pref("media.autoplay.enabled", false);
@ -2231,6 +2264,29 @@ user_pref("devtools.webide.adbAddonURL", "");
   // [-] https://bugzilla.mozilla.org/1488165
 user_pref("security.csp.enable_violation_events", false);
 // * * * /
 // FF65
 // 0850a: disable location bar autocomplete and suggestion types
   // If you enforce any of the suggestion types (see the other 0850a), you MUST enforce 'autocomplete'
   //   - If *ALL* of the suggestion types are false, 'autocomplete' must also be false
   //   - If *ANY* of the suggestion types are true, 'autocomplete' must also be true
   // [-] https://bugzilla.mozilla.org/1502392
 user_pref("browser.urlbar.autocomplete.enabled", false);
 // 0908: remove user & password info when attempting to fix an entered URL (i.e. 0802 is true)
   // e.g. //user:password@foo -> //user@(prefix)foo(suffix) NOT //user:password@(prefix)foo(suffix)
   // [-] https://bugzilla.mozilla.org/1510580
 user_pref("browser.fixup.hide_user_pass", true); // [DEFAULT: true]
 // * * * /
 // FF66
 // 0380: disable Browser Error Reporter [FF60+]
   // [1] https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection
   // [2] https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html
   // [-] https://bugzilla.mozilla.org/1509888
 user_pref("browser.chrome.errorReporter.enabled", false);
 user_pref("browser.chrome.errorReporter.submitUrl", "");
 // 0502: disable Mozilla permission to silently opt you into tests
   // [-] https://bugzilla.mozilla.org/1415625
 user_pref("network.allow-experiments", false);
 // * * * /
 // ***/
 /* END: internal custom pref to test for syntax errors ***/
Author	SHA1	Message	Date
Thorin-Oakenpants	bee47f33cd	66-beta	2019-03-27 04:35:42 +00:00
earthlng	2fcec590b4	Update user.js (#676 ) - to avoid confusion with the setting tag, split the prefs into separate numbers, thus shove 2031->2031, reuse 2031 - remove the default value notation as Mozilla will roll out default change gradually to users	2019-03-26 19:05:55 +00:00
Thorin-Oakenpants	3c4b312cc7	2030: default didn't change not putting the setup-web tag back in, as users now have site exceptions	2019-03-19 19:58:15 +00:00
Thorin-Oakenpants	0354895a2e	2030: add [setting] for autoplay	2019-03-19 09:00:39 +00:00
Thorin-Oakenpants	462db2062c	2030: remove setup tag If Firefox see fit to set this as 1 by now, then breakage is probably rare, and I'm not encouraging users to reduce security/privacy etc from default	2019-03-17 22:43:27 +00:00
earthlng	d9e24e5095	Update user.js (#667 )	2019-03-18 07:07:15 +13:00
Thorin-Oakenpants	b1aa1f5619	2030: default change	2019-03-16 22:51:58 +00:00
Thorin-Oakenpants	a349662f69	66 deprecated prefs	2019-03-16 22:44:24 +00:00
Thorin-Oakenpants	28a7226235	4510: clarify this is the chrome	2019-03-16 22:36:31 +00:00
Thorin-Oakenpants	97f08ad3cd	4504: RFP letterboxing, closes #659	2019-03-16 22:34:45 +00:00
Thorin-Oakenpants	68584a3397	some 2505+RFP clarity, closes #661	2019-03-13 15:15:23 +00:00
Thorin-Oakenpants	8b4f45774a	4607+RFP clarity, closes #656	2019-03-13 14:46:33 +00:00
Thorin-Oakenpants	f8428dcc0a	a better test - more metrics covered/displayed - test page site is https	2019-03-07 14:55:03 +00:00
Thorin-Oakenpants	6d6cd5f410	2802 applies to 2803, closes #658	2019-03-05 03:26:39 +00:00
Thorin-Oakenpants	eae8434853	start 66 commits	2019-02-26 07:53:21 +00:00
Thorin-Oakenpants	2cff24f12e	65 final	2019-02-26 05:42:32 +00:00
Thorin-Oakenpants	60be8be5ec	UNC and extensions, closes #651	2019-02-17 03:51:44 +00:00
Thorin-Oakenpants	981dd83c15	clarify themes info, closes #648	2019-02-17 16:34:34 +13:00
Thorin-Oakenpants	5c703f0262	65-beta	2019-02-09 10:05:45 +00:00
Thorin-Oakenpants	de0ebbed21	0343: even MOAR clarification	2019-02-08 11:38:17 +00:00
Thorin-Oakenpants	e448015704	0343: clarify where TAAR is extension recommendations in the "Add-ons Manager" (not sure how it's displayed) CFR is extension recommendations as you browse the web, via a drop down panel	2019-02-07 16:55:04 +00:00
Thorin-Oakenpants	d3b1ed45ad	RFP: UA spoof is now 60+8's	2019-02-07 15:14:08 +00:00
earthlng	ed140425ea	move shit around	2019-02-08 03:41:23 +13:00
Thorin-Oakenpants	3847f97f41	some more 65+ diffs, #610	2019-02-07 13:41:15 +00:00
Thorin-Oakenpants	d81e8ae583	i need a break	2019-02-07 11:11:16 +00:00
Thorin-Oakenpants	7a8381d894	typo	2019-02-07 11:01:31 +00:00
Thorin-Oakenpants	649699ad22	0609: disable connectivity service #610	2019-02-07 11:00:07 +00:00
Thorin-Oakenpants	1d5289dd94	RFP 67+	2019-02-06 16:59:28 +00:00
Thorin-Oakenpants	74c8f294d6	0306: extension metadata, closes #615	2019-02-05 04:51:07 +00:00
Thorin-Oakenpants	a0508eccf6	capital letter after [note]	2019-02-04 13:41:56 +00:00
Thorin-Oakenpants	25acd9f63e	2703 again - description needs to stay changed from just cookies since it also clears site data - keep the info about n days out of it, it's just messy (ESR users should be on version 60) - get the values correct (I mixed them up earlier) - fixup [setting] path - leave in one (of two) extra [notes] I previously added	2019-02-04 13:40:45 +00:00
Thorin-Oakenpants	74a08114a8	2701: refix setting	2019-02-04 13:28:29 +00:00
Thorin-Oakenpants	71ffc661b2	2701 again	2019-02-04 13:26:19 +00:00
Thorin-Oakenpants	e432a22693	0306: moar info #615 see https://github.com/ghacksuserjs/ghacks-user.js/issues/615#issuecomment-460243162 - checking for updates is not a trigger, having an update and applying it is	2019-02-04 13:08:41 +00:00
Thorin-Oakenpants	f06c78f897	update cookie settings info	2019-02-05 02:00:19 +13:00
Thorin-Oakenpants	847eb80877	0306 => inactive, closes #615 whatever we thought it may have done in the past, it doesn't do that now as far as we know. And it's not an issue since we allow extension update-CHECKs anyway.	2019-02-04 06:39:29 +00:00
Thorin-Oakenpants	ec0e58099f	pointer events -> RFP ALTS	2019-02-01 13:53:04 +00:00
Thorin-Oakenpants	e6eb473071	dom.storage_access.enabled regardless of this pref setting: the permissions.sqlite file will still be abused to store a flag for this for every single site you connect to (as third party?) - fun.	2019-02-01 13:41:00 +00:00
Thorin-Oakenpants	f1b892bc1c	clean up "Firefox Data Collection & Use" (#627 ) * clean up "Firefox Data Collection & Use" - telemetry prefs to 330's - Firefox Data Collection & Use prefs to 340's (but leave crash reports in 350s) - move `app.shield.optoutstudies.enabled` to 330's - this is an internal pref which controls if you get the system addon - make notes that `datareporting.healthreport.uploadEnabled` controls studies and ext recommendations - split crash reports better to reflex the UI setting	2019-02-02 00:57:22 +13:00
Thorin-Oakenpants	524b5f79dc	setting changes re cookies	2019-01-31 18:42:59 +00:00
Thorin-Oakenpants	24f2e1d982	disable storage access api see: https://old.reddit.com/r/firefox/comments/alnn3f/storageaccessapi_permissions/effg5tp/	2019-01-31 16:16:59 +00:00
Thorin-Oakenpants	c6060e5645	storage access api	2019-01-31 16:03:39 +00:00
Thorin-Oakenpants	d0b8a08a4b	browser.urlbar.maxHistoricalSearchSuggestions default 0 in ESR60 and FF60+	2019-01-30 16:16:12 +00:00
Thorin-Oakenpants	f047fe93c0	remove 0850f `browser.urlbar.maxHistoricalSearchSuggestions` is default 0 is FF60 thru to FF66. It is also default 0 in ESR60.1 thru 60.5. (at least on Windows) IDK if this has ever been used, maybe android, in which case it's probably useful?	2019-01-30 16:14:39 +00:00
Thorin-Oakenpants	6147fed61c	and the rest of the 0850's The location bar dropdown cannot be disabled via prefs except with css, in which case the whole thing is hidden regardless of he above prefs. So there is no point in making any of them active. This is also in line with what we can achieve with relaxed and hardened tags / sticky issues - that is we can find a better balance, Shoulder surfers is a low risk, not even Tor Browser disables this stuff. People need to take responsibility and/or use common sense. Sure, we can leave em in for users to know about and enable if they want. End of story. userChrome.css code is ```css /* locationbar dropdown FF65+ */ #PopupAutoCompleteRichResult {display: none!important;} ```	2019-01-30 15:44:08 +00:00
Thorin-Oakenpants	54f79604da	Make Firefox Great Again (#626 ) * location bar changes * if the dropdown is going to be used, then no point hiding search engines on the bottom line	2019-01-30 15:06:32 +00:00
Thorin-Oakenpants	2f351fa5ce	0702: http2 websockets might as well add it: needs t be taken into consideration when looking at the whole http2 thing. Will be interesting to see what Tor Browser does with it in ESR68	2019-01-30 14:09:39 +00:00
Thorin-Oakenpants	5dc3ea66cd	browser.contentblocking.enabled only existed for FF63+64, default true anyway	2019-01-30 12:38:07 +00:00
earthlng	d9a87b3ac4	FF65 removals (#624 )	2019-01-30 12:27:53 +00:00
Thorin-Oakenpants	95b75a065d	up date info on what cookies control #622	2019-01-30 10:23:42 +00:00
claustromaniac	8c96432eb8	Update updater.sh (#618 ) Closes #616 + #617	2019-01-25 14:28:00 +00:00
Thorin-Oakenpants	1c09ec36e3	0306: extra info, closes #615	2019-01-18 04:24:13 +00:00
Thorin-Oakenpants	f1e6d164f7	start 65 commits	2019-01-17 05:19:11 +00:00