deprecated FF140

In FF128 these were used to migrate to
- clearOnShutdown to clearOnShutdown_v2
- cpd to clearHistory

They are then no longer used.

The migration can be checked with
- privacy.sanitize.clearOnShutdown.hasMigratedToNewPrefs2
- privacy.sanitize.cpd.hasMigratedToNewPrefs2

Note: in FF136 there was another migration, where it changes the `ToNewPrefs2` to false
- privacy.sanitize.clearOnShutdown.hasMigratedToNewPrefs3
- privacy.sanitize.cpd.hasMigratedToNewPrefs3

AFAICT, cpd.hasMigrated* doesn't migrate until you open the clear history dialog.

.github/ISSUE_TEMPLATE/troubleshooting-help.md

@@ -1,7 +1,7 @@
 ---
 name: Troubleshooting help
 about: Ask for help to solve problems with user.js
-title: ''
+title: 'follow instructions or this will be closed as invalid'
 labels: ''
 assignees: ''
 
@@ -9,16 +9,18 @@ assignees: ''
 
 <!--
 
-Issues will be closed as invalid if you do not troubleshoot first, or if you ignore the steps in the template.
+Issues will be closed as invalid if you do not troubleshoot first, or if you ignore the required info in the template.
 
-We do not support forks.
+We do not support forks or no-longer supported releases.
 
 -->
 
+
 🟥 https://github.com/arkenfox/user.js/wiki/5.2-Troubleshooting
 - [ ] I have read the troubleshooting guide, done the checks and confirmed this is caused by arkenfox
+   - _unchecked issues ~~may~~ will be closed as invalid_
 
-🟪 INFO
+🟪 REQUIRED INFO
   - Browser version & OS:
   - Steps to Reproduce (STR):
   - Expected result:

README.md

@@ -7,7 +7,7 @@ A `user.js` is a configuration file that can control Firefox settings - for a mo
 
 The `arkenfox user.js` is a **template** which aims to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage (but it will happen).
 
-Everyone, experts included, should at least read the [wiki](https://github.com/arkenfox/user.js/wiki), as it contains important information regarding a few `user.js` settings.
+Everyone, experts included, should at least read the [wiki](https://github.com/arkenfox/user.js/wiki), as it contains important information regarding a few `user.js` settings. There is also an [interactive current release](https://arkenfox.github.io/gui/), thanks to [icpantsparti2](https://github.com/icpantsparti2).
 
 Note that we do *not* recommend connecting over Tor on Firefox. Use the [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en) if your [threat model](https://2019.www.torproject.org/about/torusers.html) calls for it, or for accessing hidden services.
 

prefsCleaner.bat

@@ -3,17 +3,19 @@ TITLE prefs.js cleaner
 
 REM ### prefs.js cleaner for Windows
 REM ## author: @claustromaniac
-REM ## version: 2.4
+REM ## version: 2.8
 
 CD /D "%~dp0"
 
+IF /I "%~1"=="-unattended" (SET _ua=1)
+
 :begin
 ECHO:
 ECHO:
 ECHO                 ########################################
 ECHO                 ####  prefs.js cleaner for Windows  ####
 ECHO                 ####        by claustromaniac       ####
-ECHO                 ####              v2.4              ####
+ECHO                 ####              v2.8              ####
 ECHO                 ########################################
 ECHO:
 CALL :message "This script should be run from your Firefox profile directory."
@@ -22,17 +24,22 @@ CALL :message "This will allow inactive preferences to be reset to their default
 ECHO   This Firefox profile shouldn't be in use during the process.
 CALL :message ""
 TIMEOUT 1 /nobreak >nul
+
+IF NOT DEFINED _ua (
 	CHOICE /C SHE /N /M "Start [S] Help [H] Exit [E]"
 	CLS
 	IF ERRORLEVEL 3 (EXIT /B)
 	IF ERRORLEVEL 2 (GOTO :showhelp)
+)
 IF NOT EXIST "user.js" (CALL :abort "user.js not found in the current directory." 30)
 IF NOT EXIST "prefs.js" (CALL :abort "prefs.js not found in the current directory." 30)
 CALL :strlenCheck
 CALL :FFcheck
+
 CALL :message "Backing up prefs.js..."
-SET "_time=%time: =0%"
-COPY /B /V /Y prefs.js "prefs-backup-%date:/=-%_%_time::=.%.js"
+FOR /F "delims=" %%# IN ('powershell -command get-date -format "{yyyyMMdd_HHmmss}"') DO @SET ldt=%%#
+COPY /B /V /Y prefs.js "prefs-backup-%ldt%.js"
+
 CALL :message "Cleaning prefs.js..."
 CALL :cleanup
 CALL :message "All done!"

prefsCleaner.sh

@@ -2,33 +2,54 @@
 
 ## prefs.js cleaner for Linux/Mac
 ## author: @claustromaniac
-## version: 1.4
+## version: 2.1
 
 ## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh
 
-currdir=$(pwd)
+## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in update_prefsCleaner() )
+
+readonly CURRDIR=$(pwd)
 
 ## get the full path of this script (readlink for Linux, greadlink for Mac with coreutils installed)
-sfp=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null)
+SCRIPT_FILE=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null)
 
 ## fallback for Macs without coreutils
-if [ -z "$sfp" ]; then sfp=${BASH_SOURCE[0]}; fi
+[ -z "$SCRIPT_FILE" ] && SCRIPT_FILE=${BASH_SOURCE[0]}
 
-## change directory to the Firefox profile directory
-cd "$(dirname "${sfp}")"
+
+AUTOUPDATE=true
+QUICKSTART=false
+
+## download method priority: curl -> wget
+DOWNLOAD_METHOD=''
+if command -v curl >/dev/null; then
+	DOWNLOAD_METHOD='curl --max-redirs 3 -so'
+elif command -v wget >/dev/null; then
+	DOWNLOAD_METHOD='wget --max-redirect 3 --quiet -O'
+else
+	AUTOUPDATE=false
+	echo -e "No curl or wget detected.\nAutomatic self-update disabled!"
+fi
 
 fQuit() {
 	## change directory back to the original working directory
-	cd "${currdir}"
+	cd "${CURRDIR}"
 	[ "$1" -eq 0 ] && echo -e "\n$2" || echo -e "\n$2" >&2
 	exit $1
 }
 
 fUsage() {
-	echo -e "\nUsage: $0 [-s]"
+	echo -e "\nUsage: $0 [-ds]"
 	echo -e "
 Optional Arguments:
-    -s           Start immediately"
+    -s           Start immediately
+    -d           Don't auto-update prefsCleaner.sh"
+}
+
+download_file() { # expects URL as argument ($1)
+  declare -r tf=$(mktemp)
+
+  $DOWNLOAD_METHOD "${tf}" "$1" &>/dev/null && echo "$tf" || echo '' # return the temp-filename or empty string on error
 }
 
 fFF_check() {
@@ -40,6 +61,24 @@ fFF_check() {
 	done
 }
 
+## returns the version number of a prefsCleaner.sh file
+get_prefsCleaner_version() {
+	echo "$(sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p' "$1")"
+}
+
+## updates the prefsCleaner.sh file based on the latest public version
+update_prefsCleaner() {
+	declare -r tmpfile="$(download_file 'https://raw.githubusercontent.com/arkenfox/user.js/master/prefsCleaner.sh')"
+	[ -z "$tmpfile" ] && echo -e "Error! Could not download prefsCleaner.sh" && return 1 # check if download failed
+
+	[[ $(get_prefsCleaner_version "$SCRIPT_FILE") == $(get_prefsCleaner_version "$tmpfile") ]] && return 0
+
+	mv "$tmpfile" "$SCRIPT_FILE"
+	chmod u+x "$SCRIPT_FILE"
+	"$SCRIPT_FILE" "$@" -d
+	exit 0
+}
+
 fClean() {
 	# the magic happens here
 	prefs="@@"
@@ -69,7 +108,8 @@ fStart() {
 	fi
 
 	fFF_check
-	bakfile="prefs.js.backup.$(date +"%Y-%m-%d_%H%M")"
+	mkdir -p prefsjs_backups
+	bakfile="prefsjs_backups/prefs.js.backup.$(date +"%Y-%m-%d_%H%M")"
 	mv prefs.js "${bakfile}" || fQuit 1 "Operation aborted.\nReason: Could not create backup file $bakfile"
 	echo -e "\nprefs.js backed up: $bakfile"
 	echo "Cleaning prefs.js..."
@@ -77,18 +117,47 @@ fStart() {
 	fQuit 0 "All done!"
 }
 
+
+while getopts "sd" opt; do
+	case $opt in
+		s)
+			QUICKSTART=true
+			;;
+		d)
+			AUTOUPDATE=false
+			;;
+	esac
+done
+
+## change directory to the Firefox profile directory
+cd "$(dirname "${SCRIPT_FILE}")"
+
+# Check if running as root and if any files have the owner as root/wheel.
+if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
+	fQuit 1 "You shouldn't run this with elevated privileges (such as with doas/sudo)."
+elif [ -n "$(find ./ -user 0)" ]; then
+	printf 'It looks like this script was previously run with elevated privileges,
+you will need to change ownership of the following files to your user:\n'
+	find . -user 0
+	fQuit 1
+fi
+
+[ "$AUTOUPDATE" = true ] && update_prefsCleaner "$@"
+
 echo -e "\n\n"
 echo "                   ╔══════════════════════════╗"
 echo "                   ║     prefs.js cleaner     ║"
 echo "                   ║    by claustromaniac     ║"
-echo "                   ║           v1.4           ║"
+echo "                   ║           v2.1           ║"
 echo "                   ╚══════════════════════════╝"
 echo -e "\nThis script should be run from your Firefox profile directory.\n"
 echo "It will remove any entries from prefs.js that also exist in user.js."
 echo "This will allow inactive preferences to be reset to their default values."
 echo -e "\nThis Firefox profile shouldn't be in use during the process.\n"
 
-[ "$1" == '-s' ] && fStart
+[ "$QUICKSTART" = true ] && fStart
+
+echo -e "\nIn order to proceed, select a command below by entering its corresponding number.\n"
 
 select option in Start Help Exit; do
 	case $option in
@@ -112,3 +181,5 @@ select option in Start Help Exit; do
 			;;
 	esac
 done
+
+fQuit 0

scratchpad-scripts/arkenfox-cleanup.js

@@ -1,9 +1,12 @@
 /***
-  This will reset the preferences that have been
+  This will reset the preferences that since FF91 have been
   - removed from the arkenfox user.js
   - deprecated by Mozilla but listed in the arkenfox user.js in the past
 
-  Last updated: 9-February-2022
+  There is an archived version at https://github.com/arkenfox/user.js/issues/123
+  if you want the full list since jesus
+
+  Last updated: 14-August-2025
 
   Instructions:
   - [optional] close Firefox and backup your profile
@@ -32,426 +35,110 @@
 
   const aPREFS = [
     /* DEPRECATED */
-    /* FF92+ */
+    /* 129-140 */
+    'browser.shopping.experience2023.enabled', // 140
+    'browser.urlbar.pocket.featureGate', // 140
+    'media.ondevicechange.enabled', // 137
+    'webchannel.allowObject.urlWhitelist', // 132
+    /* 116-128 */
+    'browser.contentanalysis.default_allow', // 127
+    'browser.messaging-system.whatsNewPanel.enabled', // 126
+    'browser.ping-centre.telemetry', // 123
+    'dom.webnotifications.serviceworker.enabled', // 117
+    'javascript.use_us_english_locale', // 119
+    'layout.css.font-visibility.private', // 118
+    'layout.css.font-visibility.resistFingerprinting', // 116
+    'layout.css.font-visibility.standard', // 118
+    'layout.css.font-visibility.trackingprotection', // 118
+    'network.dns.skipTRR-when-parental-control-enabled', // 119
+    'permissions.delegation.enabled', // 118
+    'security.family_safety.mode', // 117
+    'widget.non-native-theme.enabled', // 127
+    /* 103-115 */
+    'browser.cache.offline.enable', // 115
+    'extensions.formautofill.heuristics.enabled', // 114
+    'network.cookie.lifetimePolicy', // 103 [technically removed in 104]
+    'privacy.clearsitedata.cache.enabled', // 114
+    'privacy.resistFingerprinting.testGranularityMask', // 114
+    'security.pki.sha1_enforcement_level', // 103
+    /* 92-102 */
     'browser.urlbar.suggest.quicksuggest', // 95
     'dom.securecontext.whitelist_onions', // 97
+    'dom.storage.next_gen', // 102
+    'network.http.spdy.enabled', // 100
+    'network.http.spdy.enabled.deps',
+    'network.http.spdy.enabled.http2',
+    'network.http.spdy.websockets',
     'layout.css.font-visibility.level', // 94
+    'security.ask_for_password', // 102
+    'security.csp.enable', // 99
+    'security.password_lifetime', // 102
     'security.ssl3.rsa_des_ede3_sha', // 93
-    /* FF79-91 */
-    'browser.cache.offline.storage.enable',
-    'browser.download.hide_plugins_without_extensions',
-    'browser.library.activity-stream.enabled',
-    'browser.search.geoSpecificDefaults',
-    'browser.search.geoSpecificDefaults.url',
-    'dom.ipc.plugins.flash.subprocess.crashreporter.enabled',
-    'dom.ipc.plugins.reportCrashURL',
-    'dom.w3c_pointer_events.enabled',
-    'intl.charset.fallback.override',
-    'network.ftp.enabled',
-    'plugin.state.flash',
-    'security.mixed_content.block_object_subrequest',
-    'security.ssl.errorReporting.automatic',
-    'security.ssl.errorReporting.enabled',
-    'security.ssl.errorReporting.url',
-    /* 69-78 */
-    'browser.newtabpage.activity-stream.telemetry.ping.endpoint',
-    'browser.tabs.remote.allowLinkedWebInFileUriProcess',
-    'browser.urlbar.oneOffSearches',
-    'devtools.webide.autoinstallADBExtension',
-    'devtools.webide.enabled',
-    'dom.indexedDB.enabled',
-    'extensions.blocklist.url',
-    'geo.wifi.logging.enabled',
-    'geo.wifi.uri',
-    'gfx.downloadable_fonts.woff2.enabled',
-    'media.autoplay.allow-muted',
-    'media.autoplay.enabled.user-gestures-needed',
-    'offline-apps.allow_by_default',
-    'plugins.click_to_play',
-    'privacy.userContext.longPressBehavior',
-    'toolkit.cosmeticAnimations.enabled',
-    'toolkit.telemetry.hybridContent.enabled',
-    'webgl.disable-extensions',
-    /* 61-68 */
-    'app.update.enabled',
-    'browser.aboutHomeSnippets.updateUrl',
-    'browser.chrome.errorReporter.enabled',
-    'browser.chrome.errorReporter.submitUrl',
-    'browser.chrome.favicons',
-    'browser.ctrlTab.previews',
-    'browser.fixup.hide_user_pass',
-    'browser.newtabpage.activity-stream.asrouter.userprefs.cfr',
-    'browser.newtabpage.activity-stream.disableSnippets',
-    'browser.onboarding.enabled',
-    'browser.search.countryCode',
-    'browser.urlbar.autocomplete.enabled',
-    'devtools.webide.adbAddonURL',
-    'devtools.webide.autoinstallADBHelper',
-    'dom.event.highrestimestamp.enabled',
-    'experiments.activeExperiment',
-    'experiments.enabled',
-    'experiments.manifest.uri',
-    'experiments.supported',
-    'lightweightThemes.update.enabled',
-    'media.autoplay.enabled',
-    'network.allow-experiments',
-    'network.cookie.lifetime.days',
-    'network.jar.block-remote-files',
-    'network.jar.open-unsafe-types',
-    'plugin.state.java',
-    'security.csp.enable_violation_events',
-    'security.csp.experimentalEnabled',
-    'shield.savant.enabled',
-    /* 60 or earlier */
-    'browser.bookmarks.showRecentlyBookmarked',
-    'browser.casting.enabled',
-    'browser.crashReports.unsubmittedCheck.autoSubmit',
-    'browser.formautofill.enabled',
-    'browser.formfill.saveHttpsForms',
-    'browser.fullscreen.animate',
-    'browser.history.allowPopState',
-    'browser.history.allowPushState',
-    'browser.history.allowReplaceState',
-    'browser.newtabpage.activity-stream.enabled',
-    'browser.newtabpage.directory.ping',
-    'browser.newtabpage.directory.source',
-    'browser.newtabpage.enhanced',
-    'browser.newtabpage.introShown',
-    'browser.pocket.api',
-    'browser.pocket.enabled',
-    'browser.pocket.oAuthConsumerKey',
-    'browser.pocket.site',
-    'browser.polaris.enabled',
-    'browser.safebrowsing.appRepURL',
-    'browser.safebrowsing.enabled',
-    'browser.safebrowsing.gethashURL',
-    'browser.safebrowsing.malware.reportURL',
-    'browser.safebrowsing.provider.google.appRepURL',
-    'browser.safebrowsing.reportErrorURL',
-    'browser.safebrowsing.reportGenericURL',
-    'browser.safebrowsing.reportMalwareErrorURL',
-    'browser.safebrowsing.reportMalwareMistakeURL',
-    'browser.safebrowsing.reportMalwareURL',
-    'browser.safebrowsing.reportPhishMistakeURL',
-    'browser.safebrowsing.reportURL',
-    'browser.safebrowsing.updateURL',
-    'browser.search.showOneOffButtons',
-    'browser.selfsupport.enabled',
-    'browser.selfsupport.url',
-    'browser.sessionstore.privacy_level_deferred',
-    'browser.tabs.animate',
-    'browser.trackingprotection.gethashURL',
-    'browser.trackingprotection.updateURL',
-    'browser.urlbar.unifiedcomplete',
-    'browser.usedOnWindows10.introURL',
-    'camera.control.autofocus_moving_callback.enabled',
-    'camera.control.face_detection.enabled',
-    'datareporting.healthreport.about.reportUrl',
-    'datareporting.healthreport.about.reportUrlUnified',
-    'datareporting.healthreport.documentServerURI',
-    'datareporting.healthreport.service.enabled',
-    'datareporting.policy.dataSubmissionEnabled.v2',
-    'devtools.webide.autoinstallFxdtAdapters',
-    'dom.archivereader.enabled',
-    'dom.beforeAfterKeyboardEvent.enabled',
-    'dom.disable_image_src_set',
-    'dom.disable_window_open_feature.scrollbars',
-    'dom.disable_window_status_change',
-    'dom.enable_user_timing',
-    'dom.flyweb.enabled',
-    'dom.idle-observers-api.enabled',
-    'dom.keyboardevent.code.enabled',
-    'dom.network.enabled',
-    'dom.push.udp.wakeupEnabled',
-    'dom.telephony.enabled',
-    'dom.vr.oculus050.enabled',
-    'dom.workers.enabled',
-    'dom.workers.sharedWorkers.enabled',
-    'extensions.formautofill.experimental',
-    'extensions.screenshots.system-disabled',
-    'extensions.shield-recipe-client.api_url',
-    'extensions.shield-recipe-client.enabled',
-    'full-screen-api.approval-required',
-    'general.useragent.locale',
-    'geo.security.allowinsecure',
-    'intl.locale.matchOS',
-    'loop.enabled',
-    'loop.facebook.appId',
-    'loop.facebook.enabled',
-    'loop.facebook.fallbackUrl',
-    'loop.facebook.shareUrl',
-    'loop.feedback.formURL',
-    'loop.feedback.manualFormURL',
-    'loop.logDomains',
-    'loop.server',
-    'media.block-play-until-visible',
-    'media.eme.apiVisible',
-    'media.eme.chromium-api.enabled',
-    'media.getusermedia.screensharing.allow_on_old_platforms',
-    'media.getusermedia.screensharing.allowed_domains',
-    'media.gmp-eme-adobe.autoupdate',
-    'media.gmp-eme-adobe.enabled',
-    'media.gmp-eme-adobe.visible',
-    'network.http.referer.userControlPolicy',
-    'network.http.sendSecureXSiteReferrer',
-    'network.http.spdy.enabled.http2draft',
-    'network.http.spdy.enabled.v3-1',
-    'network.websocket.enabled',
-    'pageThumbs.enabled',
-    'pfs.datasource.url',
-    'plugin.scan.Acrobat',
-    'plugin.scan.Quicktime',
-    'plugin.scan.WindowsMediaPlayer',
-    'plugins.enumerable_names',
-    'plugins.update.notifyUser',
-    'plugins.update.url',
-    'privacy.clearOnShutdown.passwords',
-    'privacy.donottrackheader.value',
-    'security.mixed_content.send_hsts_priming',
-    'security.mixed_content.use_hsts',
-    'security.ssl3.ecdhe_ecdsa_rc4_128_sha',
-    'security.ssl3.ecdhe_rsa_rc4_128_sha',
-    'security.ssl3.rsa_rc4_128_md5',
-    'security.ssl3.rsa_rc4_128_sha',
-    'security.tls.insecure_fallback_hosts.use_static_list',
-    'security.tls.unrestricted_rc4_fallback',
-    'security.xpconnect.plugin.unrestricted',
-    'social.directories',
-    'social.enabled',
-    'social.remote-install.enabled',
-    'social.share.activationPanelEnabled',
-    'social.shareDirectory',
-    'social.toast-notifications.enabled',
-    'social.whitelist',
-    'toolkit.telemetry.unifiedIsOptIn',
 
     /* REMOVED */
-    /* 92+ */
+    /* 129-140 */
+    'dom.securecontext.allowlist_onions',
+    'network.http.referer.hideOnionSource',
+    'privacy.clearOnShutdown.cache',
+    'privacy.clearOnShutdown.cookies',
+    'privacy.clearOnShutdown.downloads',
+    'privacy.clearOnShutdown.formdata',
+    'privacy.clearOnShutdown.history',
+    'privacy.clearOnShutdown.offlineApps',
+    'privacy.clearOnShutdown.sessions',
+    'privacy.cpd.cache',
+    'privacy.cpd.cookies',
+    'privacy.cpd.formdata',
+    'privacy.cpd.history',
+    'privacy.cpd.offlineApps',
+    'privacy.cpd.sessions',
+    /* 116-128 */
+    'browser.fixup.alternate.enabled',
+    'browser.taskbar.previews.enable',
+    'browser.urlbar.dnsResolveSingleWordsAfterSearch',
+    'geo.provider.network.url',
+    'geo.provider.network.logging.enabled',
+    'geo.provider.use_gpsd',
+    'media.gmp-widevinecdm.enabled',
+    'network.protocol-handler.external.ms-windows-store',
+    'privacy.partition.always_partition_third_party_non_cookie_storage',
+    'privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage',
+    'privacy.partition.serviceWorkers',
+    /* 103-115 */
+    'beacon.enabled',
+    'browser.startup.blankWindow',
+    'browser.newtab.preload',
+    'browser.newtabpage.activity-stream.feeds.discoverystreamfeed',
+    'browser.newtabpage.activity-stream.feeds.snippets',
+    'browser.region.network.url',
+    'browser.region.update.enabled',
+    'browser.search.region',
+    'browser.ssl_override_behavior',
+    'browser.tabs.warnOnClose',
+    'devtools.chrome.enabled',
+    'dom.disable_beforeunload',
+    'dom.disable_open_during_load',
+    'dom.netinfo.enabled',
+    'dom.vr.enabled',
+    'extensions.formautofill.addresses.supported',
+    'extensions.formautofill.available',
+    'extensions.formautofill.creditCards.available',
+    'extensions.formautofill.creditCards.supported',
+    'middlemouse.contentLoadURL',
+    'network.http.altsvc.oe',
+    /* 92-102 */
+    'browser.urlbar.trimURLs',
     'dom.caches.enabled',
     'dom.storageManager.enabled',
     'dom.storage_access.enabled',
+    'dom.targetBlankNoOpener.enabled',
+    'network.cookie.thirdparty.sessionOnly',
+    'network.cookie.thirdparty.nonsecureSessionOnly',
     'privacy.firstparty.isolate.block_post_message',
     'privacy.firstparty.isolate.restrict_opener_access',
     'privacy.firstparty.isolate.use_site',
+    'privacy.window.name.update.enabled',
     'security.insecure_connection_text.enabled',
-    /* 79-91 */
-    'alerts.showFavicons',
-    'browser.newtabpage.activity-stream.asrouter.providers.snippets',
-    'browser.send_pings.require_same_host',
-    'browser.urlbar.usepreloadedtopurls.enabled',
-    'dom.allow_cut_copy',
-    'dom.battery.enabled',
-    'dom.IntersectionObserver.enabled',
-    'dom.storage.enabled',
-    'dom.vibrator.enabled',
-    'extensions.screenshots.upload-disabled',
-    'general.warnOnAboutConfig',
-    'gfx.direct2d.disabled',
-    'layers.acceleration.disabled',
-    'media.getusermedia.audiocapture.enabled',
-    'media.getusermedia.browser.enabled',
-    'media.getusermedia.screensharing.enabled',
-    'media.gmp-widevinecdm.visible',
-    'media.media-capabilities.enabled',
-    'network.http.redirection-limit',
-    'privacy.partition.network_state',
-    'security.insecure_connection_icon.enabled',
-    'security.mixed_content.block_active_content',
-    'security.ssl.enable_ocsp_stapling',
-    'security.ssl3.dhe_rsa_aes_128_sha',
-    'security.ssl3.dhe_rsa_aes_256_sha',
-    'webgl.min_capability_mode',
-    /* 69-78 */
-    'browser.cache.disk_cache_ssl',
-    'browser.search.geoip.url',
-    'browser.search.region',
-    'browser.sessionhistory.max_entries',
-    'dom.push.connection.enabled',
-    'dom.push.serverURL',
-    'extensions.getAddons.discovery.api_url',
-    'extensions.htmlaboutaddons.discover.enabled',
-    'extensions.webservice.discoverURL',
-    'intl.locale.requested',
-    'intl.regional_prefs.use_os_locales',
-    'media.block-autoplay-until-in-foreground',
-    'middlemouse.paste',
-    'plugin.sessionPermissionNow.intervalInMinutes',
-    'privacy.usercontext.about_newtab_segregation.enabled',
-    'security.insecure_connection_icon.pbmode.enabled',
-    'security.insecure_connection_text.pbmode.enabled',
-    'webgl.dxgl.enabled',
-    /* 61-68 */
-    'app.update.service.enabled',
-    'app.update.silent',
-    'app.update.staging.enabled',
-    'browser.cache.disk.capacity',
-    'browser.cache.disk.smart_size.enabled',
-    'browser.cache.disk.smart_size.first_run',
-    'browser.cache.offline.insecure.enable',
-    'browser.contentblocking.enabled',
-    'browser.laterrun.enabled',
-    'browser.offline-apps.notify',
-    'browser.rights.3.shown',
-    'browser.safebrowsing.blockedURIs.enabled',
-    'browser.safebrowsing.downloads.remote.block_dangerous',
-    'browser.safebrowsing.downloads.remote.block_dangerous_host',
-    'browser.safebrowsing.provider.google.gethashURL',
-    'browser.safebrowsing.provider.google.reportMalwareMistakeURL',
-    'browser.safebrowsing.provider.google.reportPhishMistakeURL',
-    'browser.safebrowsing.provider.google.reportURL',
-    'browser.safebrowsing.provider.google.updateURL',
-    'browser.safebrowsing.provider.google4.dataSharing.enabled',
-    'browser.safebrowsing.provider.google4.dataSharingURL',
-    'browser.safebrowsing.provider.google4.gethashURL',
-    'browser.safebrowsing.provider.google4.reportMalwareMistakeURL',
-    'browser.safebrowsing.provider.google4.reportPhishMistakeURL',
-    'browser.safebrowsing.provider.google4.reportURL',
-    'browser.safebrowsing.provider.google4.updateURL',
-    'browser.safebrowsing.provider.mozilla.gethashURL',
-    'browser.safebrowsing.provider.mozilla.updateURL',
-    'browser.safebrowsing.reportPhishURL',
-    'browser.sessionhistory.max_total_viewers',
-    'browser.sessionstore.max_windows_undo',
-    'browser.slowStartup.maxSamples',
-    'browser.slowStartup.notificationDisabled',
-    'browser.slowStartup.samples',
-    'browser.storageManager.enabled',
-    'browser.urlbar.autoFill.typed',
-    'browser.urlbar.filter.javascript',
-    'browser.urlbar.maxHistoricalSearchSuggestions',
-    'browser.urlbar.userMadeSearchSuggestionsChoice',
-    'canvas.capturestream.enabled',
-    'dom.allow_scripts_to_close_windows',
-    'dom.disable_window_flip',
-    'dom.forms.datetime',
-    'dom.imagecapture.enabled',
-    'dom.popup_maximum',
-    'extensions.webextensions.keepStorageOnUninstall',
-    'extensions.webextensions.keepUuidOnUninstall',
-    'font.blacklist.underline_offset',
-    'font.name.monospace.x-unicode',
-    'font.name.monospace.x-western',
-    'font.name.sans-serif.x-unicode',
-    'font.name.sans-serif.x-western',
-    'font.name.serif.x-unicode',
-    'font.name.serif.x-western',
-    'gfx.offscreencanvas.enabled',
-    'javascript.options.shared_memory',
-    'layout.css.font-loading-api.enabled',
-    'media.gmp-gmpopenh264.autoupdate',
-    'media.gmp-gmpopenh264.enabled',
-    'media.gmp-manager.updateEnabled',
-    'media.gmp-manager.url',
-    'media.gmp-manager.url.override',
-    'media.gmp-widevinecdm.autoupdate',
-    'media.gmp.trial-create.enabled',
-    'media.navigator.video.enabled',
-    'media.peerconnection.ice.tcp',
-    'media.peerconnection.identity.enabled',
-    'media.peerconnection.identity.timeout',
-    'media.peerconnection.turn.disable',
-    'media.peerconnection.use_document_iceservers',
-    'media.peerconnection.video.enabled',
-    'network.auth.subresource-img-cross-origin-http-auth-allow',
-    'network.cookie.leave-secure-alone',
-    'network.cookie.same-site.enabled',
-    'network.dnsCacheEntries',
-    'network.dnsCacheExpiration',
-    'network.http.fast-fallback-to-IPv4',
-    'network.proxy.autoconfig_url.include_path',
-    'offline-apps.quota.warn',
-    'pdfjs.enableWebGL',
-    'plugin.default.state',
-    'plugin.defaultXpi.state',
-    'plugin.scan.plid.all',
-    'privacy.trackingprotection.annotate_channels',
-    'privacy.trackingprotection.lower_network_priority',
-    'privacy.trackingprotection.pbmode.enabled',
-    'privacy.trackingprotection.ui.enabled',
-    'security.data_uri.block_toplevel_data_uri_navigations',
-    'security.insecure_field_warning.contextual.enabled',
-    'security.insecure_password.ui.enabled',
-    'security.tls.version.fallback-limit',
-    'services.blocklist.addons.collection',
-    'services.blocklist.gfx.collection',
-    'services.blocklist.onecrl.collection',
-    'services.blocklist.plugins.collection',
-    'services.blocklist.signing.enforced',
-    'services.blocklist.update_enabled',
-    'signon.autofillForms.http',
-    'signon.storeWhenAutocompleteOff',
-    'toolkit.telemetry.cachedClientID',
-    'urlclassifier.trackingTable',
-    'xpinstall.whitelist.required',
-    /* 60 or lower */
-    'browser.migrate.automigrate.enabled',
-    'browser.search.geoip.timeout',
-    'browser.search.reset.enabled',
-    'browser.search.reset.whitelist',
-    'browser.stopReloadAnimation.enabled',
-    'browser.tabs.insertRelatedAfterCurrent',
-    'browser.tabs.loadDivertedInBackground',
-    'browser.tabs.loadInBackground',
-    'browser.tabs.selectOwnerOnClose',
-    'browser.urlbar.clickSelectsAll',
-    'browser.urlbar.doubleClickSelectsAll',
-    'device.storage.enabled',
-    'dom.keyboardevent.dispatch_during_composition',
-    'dom.presentation.controller.enabled',
-    'dom.presentation.discoverable',
-    'dom.presentation.discovery.enabled',
-    'dom.presentation.enabled',
-    'dom.presentation.receiver.enabled',
-    'dom.presentation.session_transport.data_channel.enable',
-    'dom.vr.oculus.enabled',
-    'dom.vr.openvr.enabled',
-    'dom.vr.osvr.enabled',
-    'extensions.pocket.api',
-    'extensions.pocket.oAuthConsumerKey',
-    'extensions.pocket.site',
-    'general.useragent.compatMode.firefox',
-    'geo.wifi.xhr.timeout',
-    'gfx.layerscope.enabled',
-    'media.flac.enabled',
-    'media.mediasource.enabled',
-    'media.mediasource.mp4.enabled',
-    'media.mediasource.webm.audio.enabled',
-    'media.mediasource.webm.enabled',
-    'media.mp4.enabled',
-    'media.ogg.enabled',
-    'media.ogg.flac.enabled',
-    'media.opus.enabled',
-    'media.raw.enabled',
-    'media.wave.enabled',
-    'media.webm.enabled',
-    'media.webspeech.recognition.enable',
-    'media.wmf.amd.vp9.enabled',
-    'media.wmf.enabled',
-    'media.wmf.vp9.enabled',
-    'network.dns.blockDotOnion',
-    'network.stricttransportsecurity.preloadlist',
-    'security.block_script_with_wrong_mime',
-    'security.fileuri.strict_origin_policy',
-    'security.sri.enable',
-    'services.sync.enabled',
-    'ui.submenuDelay',
-    'webextensions.storage.sync.enabled',
-    'webextensions.storage.sync.serverURL',
-    //  excluding these e10 settings
-       // 'browser.tabs.remote.autostart',
-       // 'browser.tabs.remote.autostart.2',
-       // 'browser.tabs.remote.force-enable',
-       // 'browser.tabs.remote.separateFileUriProcess',
-       // 'extensions.e10sBlocksEnabling',
-       // 'extensions.webextensions.remote',
-       // 'dom.ipc.processCount',
-       // 'dom.ipc.shims.enabledWarnings',
-       // 'dom.ipc.processCount.extension',
-       // 'dom.ipc.processCount.file',
-       // 'security.sandbox.content.level',
-       // 'dom.ipc.plugins.sandbox-level.default',
-       // 'dom.ipc.plugins.sandbox-level.flash',
-       // 'security.sandbox.logging.enabled',
 
     /* IMPORTANT: last active pref must not have a trailing comma */ 
     /* reset parrot: check your open about:config after running the script */

updater.bat

@@ -3,10 +3,10 @@ TITLE arkenfox user.js updater
 
 REM ## arkenfox user.js updater for Windows
 REM ## author: @claustromaniac
-REM ## version: 4.16
+REM ## version: 4.20
 REM ## instructions: https://github.com/arkenfox/user.js/wiki/5.1-Updater-[Options]#-windows
 
-SET v=4.15
+SET v=4.19
 
 VERIFY ON
 CD /D "%~dp0"
@@ -177,8 +177,8 @@ IF EXIST user.js.new (
 		IF DEFINED _singlebackup (
 			MOVE /Y user.js user.js.bak >nul
 		) ELSE (
-			SET "_time=!time: =0!"
-			MOVE /Y user.js "user-backup-!date:/=-!_!_time::=.!.js" >nul
+			FOR /F "delims=" %%# IN ('powershell -command get-date -format "{yyyyMMdd_HHmmss}"') DO @SET ldt=%%#
+			MOVE /Y user.js "user-backup-!ldt!.js" >nul
 		)
 		REN user.js.new user.js
 		CALL :message "Update complete."

updater.sh

@@ -2,12 +2,18 @@
 
 ## arkenfox user.js updater for macOS and Linux
 
-## version: 3.3
+## version: 4.0
 ## Author: Pat Johnson (@overdodactyl)
-## Additional contributors: @earthlng, @ema-pe, @claustromaniac
+## Additional contributors: @earthlng, @ema-pe, @claustromaniac, @infinitewarp
 
 ## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in update_updater() )
 
+# Check if running as root
+if [ "${EUID:-"$(id -u)"}" -eq 0 ]; then
+	printf "You shouldn't run this with elevated privileges (such as with doas/sudo).\n"
+	exit 1
+fi
+
 readonly CURRDIR=$(pwd)
 
 SCRIPT_FILE=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null)
@@ -106,7 +112,7 @@ Optional Arguments:
 download_file() { # expects URL as argument ($1)
   declare -r tf=$(mktemp)
 
-  $DOWNLOAD_METHOD "${tf}" "$1" && echo "$tf" || echo '' # return the temp-filename or empty string on error
+  $DOWNLOAD_METHOD "${tf}" "$1" &>/dev/null && echo "$tf" || echo '' # return the temp-filename or empty string on error
 }
 
 open_file() { # expects one argument: file_path
@@ -195,7 +201,7 @@ update_updater() {
       echo -e "There is a newer version of updater.sh available. ${RED}Update and execute Y/N?${NC}"
       read -p "" -n 1 -r
       echo -e "\n\n"
-      [[ $REPLY =~ ^[Nn]$ ]] && return 0 # Update available, but user chooses not to update
+      [[ $REPLY =~ ^[Yy]$ ]] || return 0   # Update available, but user chooses not to update
     fi
   else
     return 0   # No update available
@@ -253,7 +259,7 @@ update_userjs() {
     echo -e "This script will update to the latest user.js file and append any custom configurations from user-overrides.js. ${RED}Continue Y/N? ${NC}"
     read -p "" -n 1 -r
     echo -e "\n"
-    if [[ $REPLY =~ ^[Nn]$ ]]; then
+    if ! [[ $REPLY =~ ^[Yy]$ ]]; then
       echo -e "${RED}Process aborted${NC}"
       rm "$newfile"
       return 1
@@ -385,6 +391,17 @@ show_banner
 update_updater "$@"
 
 getProfilePath # updates PROFILE_PATH or exits on error
-cd "$PROFILE_PATH" && update_userjs
+cd "$PROFILE_PATH" || exit 1
+
+# Check if any files have the owner as root/wheel.
+if [ -n "$(find ./ -user 0)" ]; then
+	printf 'It looks like this script was previously run with elevated privileges,
+you will need to change ownership of the following files to your user:\n'
+	find . -user 0
+	cd "$CURRDIR"
+	exit 1
+fi
+
+update_userjs
 
 cd "$CURRDIR"