v93 deprecated

v92
Delete arkenfox-clear-RFP-alternatives.js
2025-09-01 01:18:30 +02:00 · 2021-10-12 08:23:46 +00:00 · 2021-10-11 13:56:38 +00:00 · 2021-10-10 23:55:39 +00:00 · 2021-10-09 07:14:20 +00:00 · 2021-10-05 11:14:16 +00:00
5 changed files with 59 additions and 123 deletions
--- a/README.md
+++ b/README.md
@ -9,7 +9,7 @@ The `arkenfox user.js` is a **template** which aims to provide as much privacy a

 Everyone, experts included, should at least read the [implementation](https://github.com/arkenfox/user.js/wiki/1.3-Implementation) wiki page, as it contains important information regarding a few `user.js` settings.

-Note that we do *not* recommend connecting over Tor on Firefox. Use the [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en) if your [threat model](https://www.torproject.org/about/torusers.html.en) calls for it, or for accessing hidden services. 
+Note that we do *not* recommend connecting over Tor on Firefox. Use the [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en) if your [threat model](https://www.torproject.org/about/torusers.html.en) calls for it, or for accessing hidden services.

 Also be aware that the `arkenfox user.js` is made specifically for desktop Firefox. Using it as-is in other Gecko-based browsers can be counterproductive, especially in the Tor Browser.

@ -23,5 +23,3 @@ Also be aware that the `arkenfox user.js` is made specifically for desktop Firef

 ### 🟥  acknowledgments
 Literally thousands of sources, references and suggestions. Many thanks, and much appreciated.
-
-
--- a/scratchpad-scripts/arkenfox-clear-RFP-alternatives.js
+++ b/scratchpad-scripts/arkenfox-clear-RFP-alternatives.js
@ -1,72 +0,0 @@
-/***
-  This will reset the preferences that are under sections 4600 & 4700 in the
-  arkenfox user.js. These are the prefs that are no longer necessary, or they
-  conflict with, privacy.resistFingerprinting if you have that enabled.
-
-  Final update: 10-August-2021
-
-  As of v91, section 4600 is no longer recommended, and is all inactive. This
-  now includes the old 4700 section. You can reset them using prefsCleaner.
-  
-  For instructions see:
-  https://github.com/arkenfox/user.js/wiki/3.1-Resetting-Inactive-Prefs-[Scripts]
-***/
-
-(() => {
-
-  if ('undefined' === typeof(Services)) return alert('about:config needs to be the active tab!');
-
-  const aPREFS = [
-    /* section 4600 */
-    'dom.maxHardwareConcurrency',
-    'dom.enable_resource_timing',
-    'dom.enable_performance',
-    'device.sensors.enabled',
-    'browser.zoom.siteSpecific',
-    'dom.gamepad.enabled',
-    'dom.netinfo.enabled',
-    'media.webspeech.synth.enabled',
-    'media.video_stats.enabled',
-    'dom.w3c_touch_events.enabled',
-    'media.navigator.enabled',
-    'media.ondevicechange.enabled',
-    'webgl.enable-debug-renderer-info',
-    'ui.prefersReducedMotion',
-    'dom.w3c_pointer_events.enabled', // deprecated FF87
-    'ui.use_standins_for_native_colors',
-    'ui.systemUsesDarkTheme',
-    'dom.webaudio.enabled',
-    'layout.css.font-visibility.level',
-    /* section 4700 */
-    'general.appname.override',
-    'general.appversion.override',
-    'general.buildID.override',
-    'general.oscpu.override',
-    'general.platform.override',
-    'general.useragent.override',
-    /* reset parrot: check your open about:config after running the script */
-    '_user.js.parrot'
-  ];
-
-  console.clear();
-
-  let c = 0;
-  for (const sPname of aPREFS) {
-    if (Services.prefs.prefHasUserValue(sPname)) {
-      Services.prefs.clearUserPref(sPname);
-      if (!Services.prefs.prefHasUserValue(sPname)) {
-        console.info('reset', sPname);
-        c++;
-      } else console.warn('failed to reset', sPname);
-    }
-  }
-
-  focus();
-
-  const d = (c==1) ? ' pref' : ' prefs';
-  alert(c ? 'successfully reset ' + c + d + "\n\nfor details check the console" : 'nothing to reset');
-
-  return 'all done';
-
-})();
-
--- a/scratchpad-scripts/troubleshooter.js
+++ b/scratchpad-scripts/troubleshooter.js
@ -1,4 +1,3 @@
-
 /*** arkenfox user.js troubleshooter.js v1.6.3 ***/

 (function() {
@ -194,7 +193,7 @@

  const aBAK = getMyList(aPREFS);
  //console.log(aBAK.length, "user-set prefs from our list detected and their values stored.");
-  
+
  const sMsg = "all detected prefs reset.\n\n" +
        "!! KEEP THIS PROMPT OPEN AND TEST THE SITE IN ANOTHER TAB !!\n\n" +
        "IF the problem still exists, this script can't help you - click Cancel to re-apply your values and exit.\n\n" +
--- a/updater.sh
+++ b/updater.sh
@ -41,9 +41,9 @@ ESR=false

 # Download method priority: curl -> wget
 DOWNLOAD_METHOD=''
-if [[ $(command -v 'curl') ]]; then
+if command -v curl >/dev/null; then
  DOWNLOAD_METHOD='curl --max-redirs 3 -so'
-elif [[ $(command -v 'wget') ]]; then
+elif command -v wget >/dev/null; then
  DOWNLOAD_METHOD='wget --max-redirect 3 --quiet -O'
 else
  echo -e "${RED}This script requires curl or wget.\nProcess aborted${NC}"
@ -51,7 +51,7 @@ else
 fi


-show_banner () {
+show_banner() {
  echo -e "${BBLUE}
                ############################################################################
                ####                                                                    ####
@ -103,13 +103,13 @@ Optional Arguments:
 #     File Handling     #
 #########################

-download_file () { # expects URL as argument ($1)
+download_file() { # expects URL as argument ($1)
  declare -r tf=$(mktemp)

  $DOWNLOAD_METHOD "${tf}" "$1" && echo "$tf" || echo '' # return the temp-filename or empty string on error
 }

-open_file () { # expects one argument: file_path
+open_file() { # expects one argument: file_path
  if [ "$(uname)" == 'Darwin' ]; then
    open "$1"
  elif [ "$(uname -s | cut -c -5)" == "Linux" ]; then
@ -119,11 +119,11 @@ open_file () { # expects one argument: file_path
  fi
 }

-readIniFile () { # expects one argument: absolute path of profiles.ini
+readIniFile() { # expects one argument: absolute path of profiles.ini
  declare -r inifile="$1"

  # tempIni will contain: [ProfileX], Name=, IsRelative= and Path= (and Default= if present) of the only (if) or the selected (else) profile
-  if [ $(grep -c '^\[Profile' "${inifile}") -eq "1" ]; then ### only 1 profile found
+  if [ "$(grep -c '^\[Profile' "${inifile}")" -eq "1" ]; then ### only 1 profile found
    tempIni="$(grep '^\[Profile' -A 4 "${inifile}")"
  else
    echo -e "Profiles found:\n––––––––––––––––––––––––––––––"
@ -150,7 +150,7 @@ readIniFile () { # expects one argument: absolute path of profiles.ini
  [[ ${pathisrel} == "1" ]] && PROFILE_PATH="$(dirname "${inifile}")/${PROFILE_PATH}"
 }

-getProfilePath () {
+getProfilePath() {
  declare -r f1=~/Library/Application\ Support/Firefox/profiles.ini
  declare -r f2=~/.mozilla/firefox/profiles.ini

@ -175,8 +175,8 @@ getProfilePath () {
 #########################

 # Returns the version number of a updater.sh file
-get_updater_version () {
-  echo $(sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p' "$1")
+get_updater_version() {
+  echo "$(sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p' "$1")"
 }

 # Update updater.sh
@ -184,14 +184,14 @@ get_updater_version () {
 # Args:
 #   -d: New version will not be looked for and update will not occur
 #   -u: Check for update, if available, execute without asking
-update_updater () {
-  [ $UPDATE = 'no' ] && return 0 # User signified not to check for updates
+update_updater() {
+  [ "$UPDATE" = 'no' ] && return 0 # User signified not to check for updates

  declare -r tmpfile="$(download_file 'https://raw.githubusercontent.com/arkenfox/user.js/master/updater.sh')"
  [ -z "${tmpfile}" ] && echo -e "${RED}Error! Could not download updater.sh${NC}" && return 1 # check if download failed

  if [[ $(get_updater_version "$SCRIPT_FILE") < $(get_updater_version "${tmpfile}") ]]; then
-    if [ $UPDATE = 'check' ]; then
+    if [ "$UPDATE" = 'check' ]; then
      echo -e "There is a newer version of updater.sh available. ${RED}Update and execute Y/N?${NC}"
      read -p "" -n 1 -r
      echo -e "\n\n"
@ -211,11 +211,11 @@ update_updater () {
 #########################

 # Returns version number of a user.js file
-get_userjs_version () {
-  [ -e $1 ] && echo "$(sed -n '4p' "$1")" || echo "Not detected."
+get_userjs_version() {
+  [ -e "$1" ] && echo "$(sed -n '4p' "$1")" || echo "Not detected."
 }

-add_override () {
+add_override() {
  input=$1
  if [ -f "$input" ]; then
    echo "" >> user.js
@ -235,27 +235,27 @@ add_override () {
  fi
 }

-remove_comments () { # expects 2 arguments: from-file and to-file
+remove_comments() { # expects 2 arguments: from-file and to-file
  sed -e '/^\/\*.*\*\/[[:space:]]*$/d' -e '/^\/\*/,/\*\//d' -e 's|^[[:space:]]*//.*$||' -e '/^[[:space:]]*$/d' -e 's|);[[:space:]]*//.*|);|' "$1" > "$2"
 }

 # Applies latest version of user.js and any custom overrides
-update_userjs () {
+update_userjs() {
  declare -r newfile="$(download_file 'https://raw.githubusercontent.com/arkenfox/user.js/master/user.js')"
  [ -z "${newfile}" ] && echo -e "${RED}Error! Could not download user.js${NC}" && return 1 # check if download failed

  echo -e "Please observe the following information:
    Firefox profile:  ${ORANGE}$(pwd)${NC}
-    Available online: ${ORANGE}$(get_userjs_version $newfile)${NC}
+    Available online: ${ORANGE}$(get_userjs_version "$newfile")${NC}
    Currently using:  ${ORANGE}$(get_userjs_version user.js)${NC}\n\n"

-  if [ $CONFIRM = 'yes' ]; then
+  if [ "$CONFIRM" = 'yes' ]; then
    echo -e "This script will update to the latest user.js file and append any custom configurations from user-overrides.js. ${RED}Continue Y/N? ${NC}"
    read -p "" -n 1 -r
    echo -e "\n"
    if [[ $REPLY =~ ^[Nn]$ ]]; then
      echo -e "${RED}Process aborted${NC}"
-      rm $newfile
+      rm "$newfile"
      return 1
    fi
  fi
@ -269,7 +269,7 @@ update_userjs () {
  # backup user.js
  mkdir -p userjs_backups
  local bakname="userjs_backups/user.js.backup.$(date +"%Y-%m-%d_%H%M")"
-  [ $BACKUP = 'single' ] && bakname='userjs_backups/user.js.backup'
+  [ "$BACKUP" = 'single' ] && bakname='userjs_backups/user.js.backup'
  cp user.js "$bakname" &>/dev/null

  mv "${newfile}" user.js
@ -295,19 +295,19 @@ update_userjs () {
    past_nocomments='userjs_diffs/past_userjs.txt'
    current_nocomments='userjs_diffs/current_userjs.txt'

-    remove_comments $pastuserjs $past_nocomments
-    remove_comments user.js $current_nocomments
+    remove_comments "$pastuserjs" "$past_nocomments"
+    remove_comments user.js "$current_nocomments"

    diffname="userjs_diffs/diff_$(date +"%Y-%m-%d_%H%M").txt"
-    diff=$(diff -w -B -U 0 $past_nocomments $current_nocomments)
-    if [ ! -z "$diff" ]; then
+    diff=$(diff -w -B -U 0 "$past_nocomments" "$current_nocomments")
+    if [ -n "$diff" ]; then
      echo "$diff" > "$diffname"
      echo -e "Status: ${GREEN}A diff file was created:${NC} ${PWD}/${diffname}"
    else
      echo -e "Warning: ${ORANGE}Your new user.js file appears to be identical.  No diff file was created.${NC}"
-      [ $BACKUP = 'multiple' ] && rm $bakname &>/dev/null
+      [ "$BACKUP" = 'multiple' ] && rm "$bakname" &>/dev/null
    fi
-    rm $past_nocomments $current_nocomments $pastuserjs &>/dev/null
+    rm "$past_nocomments" "$current_nocomments" "$pastuserjs" &>/dev/null
  fi

  [ "$VIEW" = true ] && open_file "${PWD}/user.js"
@ -319,7 +319,7 @@ update_userjs () {

 if [ $# != 0 ]; then
  # Display usage if first argument is -help or --help
-  if [ $1 = '--help' ] || [ $1 = '-help' ]; then
+  if [ "$1" = '--help' ] || [ "$1" = '-help' ]; then
    usage
  else
    while getopts ":hp:ludsno:bcvre" opt; do
@ -363,7 +363,7 @@ if [ $# != 0 ]; then
        r)
          tfile="$(download_file 'https://raw.githubusercontent.com/arkenfox/user.js/master/user.js')"
          [ -z "${tfile}" ] && echo -e "${RED}Error! Could not download user.js${NC}" && exit 1 # check if download failed
-          mv $tfile "${tfile}.js"
+          mv "$tfile" "${tfile}.js"
          echo -e "${ORANGE}Warning: user.js was saved to temporary file ${tfile}.js${NC}"
          open_file "${tfile}.js"
          exit 0
@ -382,7 +382,7 @@ if [ $# != 0 ]; then
 fi

 show_banner
-update_updater $@
+update_updater "$@"

 getProfilePath # updates PROFILE_PATH or exits on error
 cd "$PROFILE_PATH" && update_userjs
--- a/user.js
+++ b/user.js
@ -1,7 +1,7 @@
 /******
 * name: arkenfox user.js
-* date: 27 October 2021
-* version 91.1
+* date: 12 October 2021
+* version 93
 * url: https://github.com/arkenfox/user.js
 * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt

@ -127,7 +127,7 @@ user_pref("geo.provider.use_gpsd", false); // [LINUX]
 /* 0203: disable region updates
 * [1] https://firefox-source-docs.mozilla.org/toolkit/modules/toolkit_modules/Region.html ***/
 user_pref("browser.region.network.url", ""); // [FF78+]
-user_pref("browser.region.update.enabled", false); // [FF79+]
+user_pref("browser.region.update.enabled", false); // [[FF79+]
 /* 0204: set search region
 * [NOTE] May not be hidden if Firefox has changed your settings due to your region (0203) ***/
   // user_pref("browser.search.region", "US"); // [HIDDEN PREF]
@ -163,6 +163,9 @@ user_pref("app.update.background.scheduling.enabled", false);
 /* 0306: disable search engine updates (e.g. OpenSearch)
 * [NOTE] This does not affect Mozilla's built-in or Web Extension search engines ***/
 user_pref("browser.search.update", false);
+/* 0307: disable System Add-on updates ***/
+user_pref("extensions.systemAddon.update.enabled", false); // [FF62+]
+user_pref("extensions.systemAddon.update.url", ""); // [FF44+]

 /** RECOMMENDATIONS ***/
 /* 0320: disable recommendation pane in about:addons (uses Google Analytics) ***/
@ -318,12 +321,13 @@ user_pref("network.proxy.socks_remote_dns", true);
 * [SETUP-CHROME] Can break extensions for profiles on network shares
 * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/26424 ***/
 user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF]
-/* 0704: disable GIO as a potential proxy bypass vector [FF60+]
+/* 0704: disable GIO as a potential proxy bypass vector
 * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda,
 * gphoto2, trash, etc. By default only smb and sftp protocols are accepted so far (as of FF64)
 * [1] https://bugzilla.mozilla.org/1433507
- * [2] https://en.wikipedia.org/wiki/GVfs
- * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/
+ * [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/23044
+ * [3] https://en.wikipedia.org/wiki/GVfs
+ * [4] https://en.wikipedia.org/wiki/GIO_(software) ***/
 user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
 /* 0705: disable DNS-over-HTTPS (DoH) rollout [FF60+]
 * 0=off by default, 2=TRR (Trusted Recursive Resolver) first, 3=TRR only, 5=explicitly off
@ -334,9 +338,8 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]
 * [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/
   // user_pref("network.trr.mode", 5);
 /* 0706: disable proxy direct failover for system requests [FF91+]
- * [WARNING] Default true is a security feature against malicious extensions [1]
- * [SETUP-CHROME] If you use a proxy and you trust your extensions
- * [1] https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/ ***/
+ * [WARNING] Default true is a security feature against malicious extensions
+ * [SETUP-CHROME] If you use a proxy and you trust your extensions ***/
   // user_pref("network.proxy.failover_direct", false);

 /*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/
@ -372,6 +375,11 @@ user_pref("browser.urlbar.speculativeConnect.enabled", false);
 * 0=never resolve single words, 1=heuristic (default), 2=always resolve
 * [1] https://bugzilla.mozilla.org/1642623 ***/
 user_pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
+/* 0807: disable location bar contextual suggestions [FF92+]
+ * [SETTING] Privacy & Security>Address Bar>Contextual Suggestions
+ * [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
+user_pref("browser.urlbar.suggest.quicksuggest", false);
+user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false);
 /* 0808: disable tab-to-search [FF85+]
 * Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search
 * [SETTING] Privacy & Security>Address Bar>When using the address bar, suggest>Search engines ***/
@ -1064,7 +1072,7 @@ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false]
 * Fingerprinting: provides a uniform look and feel across platforms [2]
 * [1] https://bugzilla.mozilla.org/1381938
 * [2] https://bugzilla.mozilla.org/1411425 ***/
-user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true]
+user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true FF89+]
 /* 4512: enforce links targeting new windows to open in a new tab instead
 * 1=most recent window or tab, 2=new window, 3=new tab
 * Stops malicious window sizes and some screen resolution leaks.
@ -1264,7 +1272,6 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
   // user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
   // user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
   // user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
-   // user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES
 /* 7004: control TLS versions
 * [WHY] Passive fingerprinting. Downgrades are still possible: behind user interaction ***/
   // user_pref("security.tls.version.min", 3); // [DEFAULT: 3]
@ -1310,10 +1317,6 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies
 * [WHY] Fingerprintable. Breakage. Cut/copy/paste require user
 * interaction, and paste is limited to focused editable fields ***/
   // user_pref("dom.event.clipboardevents.enabled", false);
-/* 7014: disable System Add-on updates
- * [WHY] It can compromise security. System addons ship with prefs, use those ***/
-   // user_pref("extensions.systemAddon.update.enabled", false); // [FF62+]
-   // user_pref("extensions.systemAddon.update.url", ""); // [FF44+]

 /*** [SECTION 8000]: DON'T BOTHER: NON-RFP
   [WHY] They are insufficient to help anti-fingerprinting and do more harm than good
@ -1402,6 +1405,14 @@ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features",
   [1] https://github.com/arkenfox/user.js/issues/123
 ***/
 user_pref("_user.js.parrot", "9999 syntax error: the parrot's shuffled off 'is mortal coil!");
+/* ESR91.x still uses all the following prefs
+// [NOTE] replace the * with a slash in the line above to re-enable them
+// FF93
+// 7003: disable non-modern cipher suites
+   // [-] https://bugzilla.mozilla.org/1724072
+   // user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES
+// ***/
+
 /* ESR78.x still uses all the following prefs
 // [NOTE] replace the * with a slash in the line above to re-enable them
 // FF79
Author	SHA1	Message	Date
Thorin-Oakenpants	85438d00e4	v93 deprecated	2021-10-12 08:23:46 +00:00
Thorin-Oakenpants	a764149520	v92	2021-10-11 13:56:38 +00:00
Thorin-Oakenpants	535346df87	Delete arkenfox-clear-RFP-alternatives.js	2021-10-10 23:55:39 +00:00
Thorin-Oakenpants	412c8f9f94	0807 urlbar contextual suggestions, #1257	2021-10-09 07:14:20 +00:00
Thorin-Oakenpants	380a88ee57	oophs	2021-10-05 11:14:16 +00:00
Thorin-Oakenpants	8404e8a59c	tidy, closes #1260	2021-10-05 03:04:14 +00:00
a1346054	6381b1aeb9	prefsCleaner.sh: Fix invalid regular expression (#1258 )	2021-09-28 19:24:54 +00:00
a1346054	5cdea955e7	Simple maintenance improvements (#1255 ) * Use direct check for existence of file * Fix shellcheck warnings * Unify codestyle in scripts * Trim excess whitespace	2021-09-27 15:23:12 +00:00
Thorin-Oakenpants	b37df0bcfe	embiggen 4500, #1218	2021-09-25 02:32:48 +00:00
Thorin-Oakenpants	044e3e76e8	make 0706 more cromulent	2021-09-25 01:47:54 +00:00
Thorin-Oakenpants	1c6d633144	more nits	2021-09-11 05:35:39 +00:00
Thorin-Oakenpants	278336196c	nit	2021-09-11 05:31:21 +00:00
Thorin-Oakenpants	76c1aad4be	grammar	2021-09-10 13:07:04 +00:00
Thorin-Oakenpants	e5c128804c	remove locale in link	2021-09-10 05:09:05 +00:00
Thorin-Oakenpants	c9956d85b1	92-alpha	2021-09-10 04:32:09 +00:00