mirror of
https://github.com/arkenfox/user.js.git
synced 2025-09-01 09:28:31 +02:00
Compare commits
11 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| fa78c53114 | |||
| 2f6b14ab6e | |||
| 2dd455ef83 | |||
| 306610da8e | |||
| 59ac1727f7 | |||
| c974b3252d | |||
| 480933484f | |||
| 0cbd8a13a3 | |||
| ae6c76fe54 | |||
| 1f098f2eaf | |||
| 11977e7017 |
@ -3,7 +3,7 @@ TITLE prefs.js cleaner
|
||||
|
||||
REM ### prefs.js cleaner for Windows
|
||||
REM ## author: @claustromaniac
|
||||
REM ## version: 2.3
|
||||
REM ## version: 2.4
|
||||
|
||||
CD /D "%~dp0"
|
||||
|
||||
@ -13,7 +13,7 @@ ECHO:
|
||||
ECHO ########################################
|
||||
ECHO #### prefs.js cleaner for Windows ####
|
||||
ECHO #### by claustromaniac ####
|
||||
ECHO #### v2.3 ####
|
||||
ECHO #### v2.4 ####
|
||||
ECHO ########################################
|
||||
ECHO:
|
||||
CALL :message "This script should be run from your Firefox profile directory."
|
||||
@ -28,6 +28,7 @@ IF ERRORLEVEL 3 (EXIT /B)
|
||||
IF ERRORLEVEL 2 (GOTO :showhelp)
|
||||
IF NOT EXIST "user.js" (CALL :abort "user.js not found in the current directory." 30)
|
||||
IF NOT EXIST "prefs.js" (CALL :abort "prefs.js not found in the current directory." 30)
|
||||
CALL :strlenCheck
|
||||
CALL :FFcheck
|
||||
CALL :message "Backing up prefs.js..."
|
||||
SET "_time=%time: =0%"
|
||||
@ -50,6 +51,21 @@ ECHO:
|
||||
ECHO: %~1
|
||||
ECHO:
|
||||
GOTO :EOF
|
||||
REM ### string length Check Function ####
|
||||
:strlenCheck
|
||||
SET /a cnt=0
|
||||
setlocal ENABLEDELAYEDEXPANSION
|
||||
FOR /F "tokens=1,* delims=:" %%G IN ('FINDSTR /N "^" prefs.js') DO (
|
||||
ECHO:%%H >nul
|
||||
SET /a cnt += 1
|
||||
IF /I "%%G" NEQ "!cnt!" (
|
||||
ECHO:
|
||||
CALL :message "ERROR: line !cnt! in prefs.js is too long."
|
||||
(CALL :abort "Aborting ..." 30)
|
||||
)
|
||||
)
|
||||
endlocal
|
||||
GOTO :EOF
|
||||
REM ####### Firefox Check Function ######
|
||||
:FFcheck
|
||||
TASKLIST /FI "IMAGENAME eq firefox.exe" 2>NUL | FIND /I /N "firefox.exe">NUL
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
/***
|
||||
This will reset the preferences that have been removed completely from the arkenfox user.js.
|
||||
|
||||
Last updated: 30-Dec-2020
|
||||
Last updated: 26-Jan-2021
|
||||
|
||||
For instructions see:
|
||||
https://github.com/arkenfox/user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
|
||||
@ -232,6 +232,8 @@
|
||||
/* 84-beta */
|
||||
'browser.newtabpage.activity-stream.asrouter.providers.snippets',
|
||||
'layout.css.visited_links_enabled',
|
||||
/* 85-beta */
|
||||
'network.http.redirection-limit',
|
||||
/* reset parrot: check your open about:config after running the script */
|
||||
'_user.js.parrot'
|
||||
]
|
||||
|
||||
28
updater.bat
28
updater.bat
@ -3,10 +3,10 @@ TITLE arkenfox user.js updater
|
||||
|
||||
REM ## arkenfox user.js updater for Windows
|
||||
REM ## author: @claustromaniac
|
||||
REM ## version: 4.12
|
||||
REM ## version: 4.14
|
||||
REM ## instructions: https://github.com/arkenfox/user.js/wiki/3.3-Updater-Scripts
|
||||
|
||||
SET v=4.12
|
||||
SET v=4.14
|
||||
|
||||
VERIFY ON
|
||||
CD /D "%~dp0"
|
||||
@ -28,6 +28,15 @@ SHIFT
|
||||
GOTO parse
|
||||
:endparse
|
||||
|
||||
FOR /F %%i IN ('PowerShell -Command "[Enum]::GetNames([Net.SecurityProtocolType]) -contains 'Tls12'"') DO (
|
||||
IF "%%i" == "False" (
|
||||
CALL :message "Your PowerShell version doesn't support TLS1.2 ^!"
|
||||
ECHO: Instructions to update PowerShell are on the arkenfox wiki
|
||||
PAUSE
|
||||
EXIT
|
||||
)
|
||||
)
|
||||
|
||||
IF DEFINED _updateb (
|
||||
REM The normal flow here goes from phase 1 to phase 2 and then phase 3.
|
||||
IF NOT "!_myname:~0,9!"=="[updated]" (
|
||||
@ -51,9 +60,7 @@ IF DEFINED _updateb (
|
||||
CALL :message "Updating script..."
|
||||
REM Uncomment the next line and comment out the PowerShell call for testing.
|
||||
REM COPY /B /Y "!_myname!.bat" "[updated]!_myname!.bat" >nul
|
||||
(
|
||||
PowerShell -Command "(New-Object Net.WebClient).DownloadFile('https://raw.githubusercontent.com/arkenfox/user.js/master/updater.bat', '[updated]!_myname!.bat')"
|
||||
) >nul 2>&1
|
||||
CALL :psdownload https://raw.githubusercontent.com/arkenfox/user.js/master/updater.bat "[updated]!_myname!.bat"
|
||||
IF EXIST "[updated]!_myname!.bat" (
|
||||
START /min CMD /C "[updated]!_myname!.bat" !_myparams!
|
||||
) ELSE (
|
||||
@ -132,9 +139,7 @@ IF DEFINED _log (
|
||||
)
|
||||
IF EXIST user.js.new (DEL /F "user.js.new")
|
||||
CALL :message "Retrieving latest user.js file from github repository..."
|
||||
(
|
||||
PowerShell -Command "(New-Object Net.WebClient).DownloadFile('https://raw.githubusercontent.com/arkenfox/user.js/master/user.js', 'user.js.new')"
|
||||
) >nul 2>&1
|
||||
CALL :psdownload https://raw.githubusercontent.com/arkenfox/user.js/master/user.js "user.js.new"
|
||||
IF EXIST user.js.new (
|
||||
IF DEFINED _rfpalts (
|
||||
CALL :message "Activating RFP Alternatives section..."
|
||||
@ -218,6 +223,13 @@ IF NOT "2"=="%_log%" (ECHO:)
|
||||
ENDLOCAL
|
||||
GOTO :EOF
|
||||
|
||||
::::::::::::::: Download :::::::::::::::
|
||||
:psdownload
|
||||
(
|
||||
PowerShell -Command "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; (New-Object Net.WebClient).DownloadFile('%~1', '%~2')"
|
||||
) >nul 2>&1
|
||||
GOTO :EOF
|
||||
|
||||
::::::::::::::: Activate Section :::::::::::::::
|
||||
:activate
|
||||
:: arg1 = file
|
||||
|
||||
29
user.js
29
user.js
@ -1,7 +1,7 @@
|
||||
/******
|
||||
* name: arkenfox user.js
|
||||
* date: 05 Jan 2021
|
||||
* version 84
|
||||
* date: 28 Jan 2021
|
||||
* version 85
|
||||
* url: https://github.com/arkenfox/user.js
|
||||
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
|
||||
|
||||
@ -624,14 +624,16 @@ user_pref("browser.shell.shortcutFavicons", false);
|
||||
user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!");
|
||||
/** SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/
|
||||
/* 1201: require safe negotiation
|
||||
* Blocks connections to servers that don't support RFC 5746 [2] as they're potentially
|
||||
* vulnerable to a MiTM attack [3]. A server *without* RFC 5746 can be safe from the attack
|
||||
* if it disables renegotiations but the problem is that the browser can't know that.
|
||||
* Setting this pref to true is the only way for the browser to ensure there will be
|
||||
* Blocks connections (SSL_ERROR_UNSAFE_NEGOTIATION) to servers that don't support RFC 5746 [2]
|
||||
* as they're potentially vulnerable to a MiTM attack [3]. A server without RFC 5746 can be
|
||||
* safe from the attack if it disables renegotiations but the problem is that the browser can't
|
||||
* know that. Setting this pref to true is the only way for the browser to ensure there will be
|
||||
* no unsafe renegotiations on the channel between the browser and the server.
|
||||
* [STATS] SSL Labs (Dec 2020) reports 99.0% of sites have secure renegotiation [4]
|
||||
* [1] https://wiki.mozilla.org/Security:Renegotiation
|
||||
* [2] https://tools.ietf.org/html/rfc5746
|
||||
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 ***/
|
||||
* [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
|
||||
* [4] https://www.ssllabs.com/ssl-pulse/ ***/
|
||||
user_pref("security.ssl.require_safe_negotiation", true);
|
||||
/* 1202: control TLS versions with min and max
|
||||
* 1=TLS 1.0, 2=TLS 1.1, 3=TLS 1.2, 4=TLS 1.3
|
||||
@ -766,10 +768,8 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
|
||||
/** UI (User Interface) ***/
|
||||
/* 1270: display warning on the padlock for "broken security" (if 1201 is false)
|
||||
* Bug: warning padlock not indicated for subresources on a secure page! [2]
|
||||
* [STATS] SSL Labs (Dec 2020) reports 99.0% of sites have secure renegotiation [3]
|
||||
* [1] https://wiki.mozilla.org/Security:Renegotiation
|
||||
* [2] https://bugzilla.mozilla.org/1353705
|
||||
* [3] https://www.ssllabs.com/ssl-pulse/ ***/
|
||||
* [2] https://bugzilla.mozilla.org/1353705 ***/
|
||||
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
/* 1271: control "Add Security Exception" dialog on SSL warnings
|
||||
* 0=do neither 1=pre-populate url 2=pre-populate url + pre-fetch cert (default)
|
||||
@ -1143,10 +1143,6 @@ user_pref("devtools.debugger.remote-enabled", false); // [DEFAULT: false]
|
||||
/* 2611: disable middle mouse click opening links from clipboard
|
||||
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10089 ***/
|
||||
user_pref("middlemouse.contentLoadURL", false);
|
||||
/* 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
|
||||
* [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
|
||||
* To control HTML Meta tag and JS redirects, use an extension. Default is 20 ***/
|
||||
user_pref("network.http.redirection-limit", 10);
|
||||
/* 2615: disable websites overriding Firefox's keyboard shortcuts [FF58+]
|
||||
* 0 (default) or 1=allow, 2=block
|
||||
* [SETTING] to add site exceptions: Page Info>Permissions>Override Keyboard Shortcuts ***/
|
||||
@ -1190,7 +1186,10 @@ user_pref("permissions.delegation.enabled", false);
|
||||
/* 2624: enable "window.name" protection [FF82+]
|
||||
* If a new page from another domain is loaded into a tab, then window.name is set to an empty string. The original
|
||||
* string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks ***/
|
||||
user_pref("privacy.window.name.update.enabled", true);
|
||||
user_pref("privacy.window.name.update.enabled", true); // [DEFAULT: true FF86+]
|
||||
/* 2625: disable bypassing 3rd party extension install prompts [FF82+]
|
||||
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1659530,1681331 ***/
|
||||
user_pref("extensions.postDownloadThirdPartyPrompt", false);
|
||||
|
||||
/** DOWNLOADS ***/
|
||||
/* 2650: discourage downloading to desktop
|
||||
|
||||
Reference in New Issue
Block a user