2699: fixup 1333641 description

bug 1333641 does not disable the WebSpeech API

README.md

@@ -2,7 +2,7 @@
 A `user.js` is a configuration file that can control hundreds of Firefox settings. For a more technical breakdown and explanation, you can read more on the [overview](https://github.com/ghacksuserjs/ghacks-user.js/wiki/1.1-Overview) wiki page.
 
 ### ![](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/wikipiki/bullet01.png) ghacks user.js
-The [ghacks user.js](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/user.js) is a template, which, as provided, aims (![](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/wikipiki/exclamation.png) with [add-ons](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-B:-Firefox-Add-ons) <sup>1</sup> ) to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage (but it will happen).
+The [ghacks user.js](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/user.js) is a template, which, as provided, aims (![](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/wikipiki/exclamation.png) with [extensions](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-B:-Extensions) <sup>1</sup> ) to provide as much privacy and enhanced security as possible, and to reduce tracking and fingerprinting as much as possible - while minimizing any loss of functionality and breakage (but it will happen).
 
 We aim to INFORM and give you CHOICES. No one size fits all, so customize it! And not all sites have the same requirements, so use [profiles](https://github.com/ghacksuserjs/ghacks-user.js/wiki/2.3-Concurrent-Profiles) with custom versions. We won't set you wrong.
 
@@ -16,7 +16,7 @@ INFORMATION IS POWER. So you can make informed decisions to better protect yours
 * Current and up-to-date with stable (including [changelogs](https://github.com/ghacksuserjs/ghacks-user.js/search?q=label%3Achangelog&type=Issues&utf8=%E2%9C%93))
 * Detailed (preference versioning, hidden preference information, explanations, and more)
 * Easy to use and discuss (sections, sub-sections, numbering)
-* Helpful (including a [wiki](https://github.com/ghacksuserjs/ghacks-user.js/wiki) with features such as [add-ons](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-B:-Firefox-Add-ons), [user scripts](https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-User-Scripts), [references](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-D:-References) and more)
+* Helpful (including a [wiki](https://github.com/ghacksuserjs/ghacks-user.js/wiki) with features such as [extensions](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-B:-Extensions), [user scripts](https://github.com/ghacksuserjs/ghacks-user.js/wiki/3.1-User-Scripts), [references](https://github.com/ghacksuserjs/ghacks-user.js/wiki/Appendix-D:-References) and more)
 * Innovative (formatting, special tags, and future plans such as branches)
 
 ### ![](https://github.com/ghacksuserjs/ghacks-user.js/blob/master/wikipiki/bullet01.png) usage
@@ -26,7 +26,7 @@ Everyone, experts included, should at least read the [implementation](https://gi
 Literally thousands of sources, references and suggestions. That said...
 
 * Martin Brinkmann at [ghacks](https://www.ghacks.net/) <sup>2</sup>
-   * 100% genuine super-nice all-round good guy
+   * 100% genuine super-nice all-around good guy
 * The ghacks community and commentators
    * Special mentions to [earthlng](https://github.com/earthlng), Tom Hawack, Just me, Conker, Rockin’ Jerry, Ainatar, Parker Lewis
 * [12bytes](http://12bytes.org/articles/tech/firefoxgecko-configuration-guide-for-privacy-and-performance-buffs)

user.js

@@ -17,7 +17,7 @@
   2. READ this
      * https://github.com/ghacksuserjs/ghacks-user.js/wiki/1.3-Implementation
   3. If you skipped steps 1 and 2 above (shame on you), then here is the absolute minimum
-     * Auto-installing updates for Firefox and extensions/add-ons are disabled (section 0302's)
+     * Auto-installing updates for Firefox and extensions are disabled (section 0302's)
      * Some user data is erased on close (section 2800), namely history (browsing, form, download)
      * Cookies (and thus logins) are denied by default (2701). Use site exceptions or an extension
      * Site breakage WILL happen
@@ -104,16 +104,16 @@ user_pref("javascript.use_us_english_locale", true); // (hidden pref)
      It is still important to do updates for security reasons, please do so manually. ***/
 user_pref("ghacks_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!");
 /* 0301a: disable auto-update checks for Firefox
- * [NOTE} Firefox currently checks every 12 hrs and allows 8 day notification dismissal
+ * [NOTE] Firefox currently checks every 12 hrs and allows 8 day notification dismissal
  * [SETTING] Options>Advanced>Update>Never check for updates ***/
    // user_pref("app.update.enabled", false);
-/* 0301b: disable auto-update checks for add-ons ***/
+/* 0301b: disable auto-update checks for extensions ***/
    // user_pref("extensions.update.enabled", false);
 /* 0302a: disable auto update installing for Firefox (after the check in 0301a)
  * [SETTING] Options>Advanced>Update>Check for updates but let you choose whether to install them
  * [NOTE] The UI checkbox also controls the behavior for checking, the pref only controls auto installing ***/
 user_pref("app.update.auto", false);
-/* 0302b: disable auto update installing for add-ons (after the check in 0301b)
+/* 0302b: disable auto update installing for extensions (after the check in 0301b)
  * [SETTING] about:addons>Extensions>Settings[gear-icon]>Update Addons Automatically (toggle) ***/
 user_pref("extensions.update.autoUpdateDefault", false);
 /* 0303: disable background update service [WINDOWS]
@@ -124,7 +124,7 @@ user_pref("app.update.staging.enabled", false);
 /* 0305: enforce update information is displayed
  * This is the update available, downloaded, error and success information ***/
 user_pref("app.update.silent", false);
-/* 0306: disable add-on metadata updating
+/* 0306: disable extension metadata updating
  * sends daily pings to Mozilla about extensions and recent startups ***/
 user_pref("extensions.getAddons.cache.enabled", false);
 /* 0307: disable auto updating of personas (themes) ***/
@@ -144,7 +144,7 @@ user_pref("extensions.webservice.discoverURL", "http://127.0.0.1");
  * IF unified=false then .enabled controls the telemetry module
  * IF unified=true then .enabled ONLY controls whether to record extended data
  * so make sure to have both set as false
- * [1] https://gecko.readthedocs.org/en/latest/toolkit/components/telemetry/telemetry/preferences.html ***/
+ * [1] https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/internals/preferences.html ***/
 user_pref("toolkit.telemetry.unified", false);
 user_pref("toolkit.telemetry.enabled", false);
 user_pref("toolkit.telemetry.server", "");
@@ -152,6 +152,7 @@ user_pref("toolkit.telemetry.archive.enabled", false);
 user_pref("toolkit.telemetry.cachedClientID", "");
 user_pref("toolkit.telemetry.newProfilePing.enabled", false); // (FF55+)
 user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); // (FF55+)
+user_pref("toolkit.telemetry.updatePing.enabled", false); // (FF56+)
 /* 0333a: disable health report ***/
 user_pref("datareporting.healthreport.uploadEnabled", false);
 /* 0333b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
@@ -179,7 +180,7 @@ user_pref("browser.newtabpage.introShown", true);
  * [1] https://wiki.mozilla.org/Firefox/Projects/Firefox_Start/Snippet_Service ***/
 user_pref("browser.aboutHomeSnippets.updateUrl", "https://127.0.0.1");
 /* 0374: disable "social" integration
- * [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Social_API ***/
+ * [1] https://developer.mozilla.org/docs/Mozilla/Projects/Social_API ***/
 user_pref("social.whitelist", "");
 user_pref("social.toast-notifications.enabled", false);
 user_pref("social.shareDirectory", "");
@@ -202,14 +203,14 @@ user_pref("ghacks_user.js.parrot", "0400 syntax error: the parrot's passed on!")
 /** BLOCKLISTS ***/
 /* 0401: enable Firefox blocklist, but sanitize blocklist url
  * [NOTE] It includes updates for "revoked certificates"
- * [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl
+ * [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/
  * [2] https://trac.torproject.org/projects/tor/ticket/16931 ***/
 user_pref("extensions.blocklist.enabled", true);
 user_pref("extensions.blocklist.url", "https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%APP_ID%/%APP_VERSION%/");
 /* 0402: enable Kinto blocklist updates (FF50+)
  * What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications
  * As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be
- * revoked, add-ons and plugins to be disabled, and gfx environments that cause problems or crashes ***/
+ * revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes ***/
 user_pref("services.blocklist.update_enabled", true);
 user_pref("services.blocklist.signing.enforced", true);
 /* 0403: disable individual unwanted/unneeded parts of the Kinto blocklists ***/
@@ -266,7 +267,7 @@ user_pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); //
 /* 0420: enable Tracking Protection in all windows
  * [NOTE] TP sends DNT headers regardless of the DNT pref (see 1610)
  * [1] https://wiki.mozilla.org/Security/Tracking_protection
- * [2] https://support.mozilla.org/en-US/kb/tracking-protection-firefox ***/
+ * [2] https://support.mozilla.org/kb/tracking-protection-firefox ***/
    // user_pref("privacy.trackingprotection.pbmode.enabled", true); // default true
    // user_pref("privacy.trackingprotection.enabled", true); // default false
 /* 0421: enable more Tracking Protection choices under Options>Privacy>Use Tracking Protection
@@ -292,19 +293,19 @@ user_pref("privacy.trackingprotection.ui.enabled", true);
    // user_pref("privacy.trackingprotection.annotate_channels", false);
    // user_pref("privacy.trackingprotection.lower_network_priority", false);
 
-/*** 0500: SYSTEM ADD-ONS / EXPERIMENTS
-     System add-ons are a method for shipping extensions, considered to be
+/*** 0500: SYSTEM EXTENSIONS / EXPERIMENTS
+     System extensions are a method for shipping extensions, considered to be
      built-in features to Firefox, that are hidden from the about:addons UI.
-     To view your system add-ons go to about:support, they are listed under "Features"
+     To view your system extensions go to about:support, they are listed under "Firefox Features"
 
-     Some system add-ons have no on-off prefs. Instead you can manually remove them. Note that app
+     Some system extensions have no on-off prefs. Instead you can manually remove them. Note that app
      updates will restore them. They may also be updated and possibly restored automatically (see 0505)
      * Portable: "...\App\Firefox64\browser\features\" (or "App\Firefox\etc" for 32bit)
      * Windows: "...\Program Files\Mozilla\browser\features" (or "Program Files (X86)\etc" for 32bit)
      * Mac: "...\Applications\Firefox\Contents\Resources\browser\features\"
             [NOTE] On Mac you can right-click on the application and select "Show Package Contents"
 
-     [1] https://gecko.readthedocs.io/en/latest/toolkit/mozapps/extensions/addon-manager/SystemAddons.html
+     [1] https://firefox-source-docs.mozilla.org/toolkit/mozapps/extensions/addon-manager/SystemAddons.html
      [2] https://dxr.mozilla.org/mozilla-central/source/browser/extensions
 ***/
 user_pref("ghacks_user.js.parrot", "0500 syntax error: the parrot's cashed in 'is chips!");
@@ -316,8 +317,8 @@ user_pref("experiments.supported", false);
 user_pref("experiments.activeExperiment", false);
 /* 0502: disable Mozilla permission to silently opt you into tests ***/
 user_pref("network.allow-experiments", false);
-/* 0505: block URL used for system add-on updates (FF44+)
- * [NOTE] You will not get any system add-on updates except when you update Firefox ***/
+/* 0505: block URL used for system extension updates (FF44+)
+ * [NOTE] You will not get any system extension updates except when you update Firefox ***/
    // user_pref("extensions.systemAddon.update.url", "");
 /* 0510: disable Pocket (FF39+)
  * Pocket is a third party (now owned by Mozilla) "save for later" cloud service
@@ -337,7 +338,7 @@ user_pref("dom.flyweb.enabled", false);
 user_pref("extensions.shield-recipe-client.enabled", false);
 user_pref("extensions.shield-recipe-client.api_url", "");
 /* 0513: disable Follow On Search (FF53+)
- * Just DELETE the XPI file in your system add-ons directory
+ * Just DELETE the XPI file in your system extensions directory
  * [1] https://blog.mozilla.org/data/2017/06/05/measuring-search-in-firefox/ ***/
 /* 0514: disable Activity Stream (FF54+)
  * Activity Stream replaces "New Tab" with one based on metadata and browsing behavior,
@@ -365,6 +366,7 @@ user_pref("browser.onboarding.enabled", false);
  * [1] https://wiki.mozilla.org/Firefox/Features/Form_Autofill
  * [2] https://www.ghacks.net/2017/05/24/firefoxs-new-form-autofill-is-awesome/ ***/
 user_pref("extensions.formautofill.addresses.enabled", false);
+user_pref("extensions.formautofill.creditCards.enabled", false); // (FF56+)
 user_pref("extensions.formautofill.experimental", false);
 user_pref("extensions.formautofill.heuristics.enabled", false);
 /* 0518: disable Web Compatibility Reporter (FF56+)
@@ -374,15 +376,15 @@ user_pref("extensions.webcompat-reporter.enabled", false);
 /*** 0600: BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/
 user_pref("ghacks_user.js.parrot", "0600 syntax error: the parrot's no more!");
 /* 0601: disable link prefetching
- * [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ ***/
+ * [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/
 user_pref("network.prefetch-next", false);
 /* 0602: disable DNS prefetching
  * [1] https://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/
- * [2] https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching ***/
+ * [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
 user_pref("network.dns.disablePrefetch", true);
 user_pref("network.dns.disablePrefetchFromHTTPS", true); // (hidden pref)
 /* 0603a: disable Seer/Necko
- * [1] https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Necko ***/
+ * [1] https://developer.mozilla.org/docs/Mozilla/Projects/Necko ***/
 user_pref("network.predictor.enabled", false);
 /* 0603b: disable more Necko/Captive Portal
  * [1] https://en.wikipedia.org/wiki/Captive_portal
@@ -391,8 +393,8 @@ user_pref("network.predictor.enabled", false);
 user_pref("captivedetect.canonicalURL", "");
 user_pref("network.captive-portal-service.enabled", false); // (FF52+)
 /* 0605: disable link-mouseover opening connection to linked server
- * [1] http://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests
- * [2] https://www.ghacks.net/2015/08/16/block-firefox-from-connecting-to-sites-when-you-hover-over-links ***/
+ * [1] https://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests
+ * [2] https://www.ghacks.net/2015/08/16/block-firefox-from-connecting-to-sites-when-you-hover-over-links/ ***/
 user_pref("network.http.speculative-parallel-limit", 0);
 /* 0606: disable pings (but enforce same host in case)
  * [1] http://kb.mozillazine.org/Browser.send_pings
@@ -438,7 +440,7 @@ user_pref("browser.sessionhistory.max_entries", 10);
  * [TEST] http://lcamtuf.coredump.cx/yahh/ (see github wiki APPENDIX C on how to use)
  * [1] https://dbaron.org/mozilla/visited-privacy
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=147777
- * [3] https://developer.mozilla.org/en-US/docs/Web/CSS/Privacy_and_the_:visited_selector ***/
+ * [3] https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector ***/
 user_pref("layout.css.visited_links_enabled", false);
 /* 0806: disable displaying javascript in history URLs - SECURITY ***/
 user_pref("browser.urlbar.filter.javascript", true);
@@ -506,7 +508,7 @@ user_pref("ghacks_user.js.parrot", "0900 syntax error: the parrot's expired!");
 /* 0902: use a master password (recommended if you save passwords)
  * There are no preferences for this. It is all handled internally.
  * [SETTING] Options>Security>Logins>Use a master password
- * [1] https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins ***/
+ * [1] https://support.mozilla.org/kb/use-master-password-protect-stored-logins ***/
 /* 0903: set how often Firefox should ask for the master password
  * 0=the first time (default), 1=every time it's needed, 2=every n minutes (as per the next pref) ***/
 user_pref("security.ask_for_password", 2);
@@ -611,9 +613,9 @@ user_pref("alerts.showFavicons", false);
 
 /*** 1100: MULTI-PROCESS (e10s)
      We recommend you let Firefox handle this. Until e10s is enforced, if
-     - all your add-ons have the 'multiprocessCompatible' flag as true, then FF = e10s
-     - any add-ons have 'multiprocessCompatible' flag as false, then FF != e10s
-     - any add-ons are missing the 'multiprocessCompatible' flag, then they *might* be disabled (FF53+)
+     - all your legacy extensions have the 'multiprocessCompatible' flag as true, then FF = e10s
+     - any legacy extensions have 'multiprocessCompatible' flag as false, then FF != e10s
+     - any legacy extensions are missing the 'multiprocessCompatible' flag, then they *might* be disabled
      [1] https://blog.mozilla.org/addons/2017/02/16/the-road-to-firefox-57-compatibility-milestones/
 ***/
 user_pref("ghacks_user.js.parrot", "1100 syntax error: the parrot's bought the farm!");
@@ -624,19 +626,20 @@ user_pref("ghacks_user.js.parrot", "1100 syntax error: the parrot's bought the f
    // user_pref("browser.tabs.remote.force-enable", true); // (hidden pref)
    // user_pref("extensions.e10sBlocksEnabling", false);
 /* 1102: control number of content rendering processes
+ * [SETTING] Options>General>Performance>Custom>Content process limit
  * [1] https://www.ghacks.net/2016/02/15/change-how-many-processes-multi-process-firefox-uses/
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1207306 ***/
    // user_pref("dom.ipc.processCount", 4);
-/* 1103: enable WebExtension add-on code to run in a separate process (webext-oop) (FF53+)
+/* 1103: enable extension code to run in a separate process (webext-oop) (FF53+)
  * [1] https://wiki.mozilla.org/WebExtensions/Implementing_APIs_out-of-process ***/
    // user_pref("extensions.webextensions.remote", true);
 /* 1104: enforce separate content process for file://URLs (FF53+)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1147911
  * [2] https://www.ghacks.net/2016/11/27/firefox-53-exclusive-content-process-for-local-files/ ***/
 user_pref("browser.tabs.remote.separateFileUriProcess", true);
-/* 1105: enable console shim warnings for add-ons with the 'multiprocessCompatible' flag as false ***/
+/* 1105: enable console shim warnings for legacy extensions with the 'multiprocessCompatible' flag as false ***/
 user_pref("dom.ipc.shims.enabledWarnings", true);
-/* 1106: control number of WebExtension processes ***/
+/* 1106: control number of extension processes ***/
    // user_pref("dom.ipc.processCount.extension", 1);
 /* 1107: control number of file processes ***/
    // user_pref("dom.ipc.processCount.file", 1);
@@ -694,7 +697,7 @@ user_pref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=967977 ***/
 user_pref("security.ssl.disable_session_identifiers", true); // (hidden pref)
 /* 1204: disable SSL Error Reporting
- * [1] https://gecko.readthedocs.org/en/latest/browser/base/sslerrorreport/preferences.html ***/
+ * [1] https://firefox-source-docs.mozilla.org/browser/base/sslerrorreport/preferences.html ***/
 user_pref("security.ssl.errorReporting.automatic", false);
 user_pref("security.ssl.errorReporting.enabled", false);
 user_pref("security.ssl.errorReporting.url", "");
@@ -730,7 +733,7 @@ user_pref("security.family_safety.mode", 0);
  * [NOTE] This may be better handled under FPI (ticket 1323644, part of Tor Uplift)
  * [WARNING] This affects login/cert/key dbs. The effect is all credentials are session-only.
  * Saved logins and passwords are not available. Reset the pref and restart to return them.
- * [TEST] https://fiprinca.0x90.eu/poc/
+ * [TEST] https://fiprinca.0x90.eu/poc/ [NOTE: 2017-08: expired cert]
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1334485 - related bug
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1216882 - related bug (see comment 9) ***/
    // user_pref("security.nocertdb", true); // (hidden pref)
@@ -774,7 +777,7 @@ user_pref("security.pki.sha1_enforcement_level", 1);
 /* 1261: disable 3DES (effective key size < 128)
  * [1] https://en.wikipedia.org/wiki/3des#Security
  * [2] http://en.citizendium.org/wiki/Meet-in-the-middle_attack
- * [3] http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/
+ * [3] https://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html ***/
 user_pref("security.ssl3.rsa_des_ede3_sha", false);
 /* 1262: disable 128 bits ***/
 user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
@@ -837,7 +840,7 @@ user_pref("layout.css.font-loading-api.enabled", false);
 user_pref("font.blacklist.underline_offset", "");
 /* 1408: disable graphite which FF49 turned back on by default
  * In the past it had security issues. Update: This continues to be the case, see [1]
- * [1] https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/#CVE-2017-7778 ***/
+ * [1] https://www.mozilla.org/security/advisories/mfsa2017-15/#CVE-2017-7778 ***/
 user_pref("gfx.font_rendering.graphite.enabled", false);
 /* 1409: limit system font exposure to a whitelist (FF52+) [SETUP]
  * If the whitelist is empty, then whitelisting is considered disabled and all fonts are allowed.
@@ -970,7 +973,7 @@ user_pref("media.gmp-gmpopenh264.autoupdate", false);
 /*** 2000: MEDIA / CAMERA / MIC ***/
 user_pref("ghacks_user.js.parrot", "2000 syntax error: the parrot's snuffed it!");
 /* 2001: disable WebRTC (Web Real-Time Communication)
- * [1] https://privacytoolsio.github.io/privacytools.io/#webrtc ***/
+ * [1] https://www.privacytools.io/#webrtc ***/
 user_pref("media.peerconnection.enabled", false);
 user_pref("media.peerconnection.use_document_iceservers", false);
 user_pref("media.peerconnection.video.enabled", false);
@@ -986,7 +989,7 @@ user_pref("media.navigator.video.enabled", false); // video capability for WebRT
 user_pref("media.peerconnection.ice.default_address_only", true); // (FF42-FF50)
 user_pref("media.peerconnection.ice.no_host", true); // (FF51+)
 /* 2010: disable WebGL (Web Graphics Library), force bare minimum feature set if used & disable WebGL extensions
- * [1] http://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/
+ * [1] https://www.contextis.com/resources/blog/webgl-new-dimension-browser-exploitation/
  * [2] https://security.stackexchange.com/questions/13799/is-webgl-a-security-concern ***/
 user_pref("webgl.disabled", true);
 user_pref("pdfjs.enableWebGL", false);
@@ -995,14 +998,14 @@ user_pref("webgl.disable-extensions", true);
 user_pref("webgl.disable-fail-if-major-performance-caveat", true);
 /* 2011: disable WebGL debug info being available to websites
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1171228
- * [2] https://developer.mozilla.org/en-US/docs/Web/API/WEBGL_debug_renderer_info ***/
+ * [2] https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info ***/
 user_pref("webgl.enable-debug-renderer-info", false);
 /* 2012: disable two more webgl preferences (FF51+) ***/
 user_pref("webgl.dxgl.enabled", false); // [WINDOWS]
 user_pref("webgl.enable-webgl2", false);
 /* 2021: disable speech recognition
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/SpeechRecognition
- * [2] https://developer.mozilla.org/en-US/docs/Web/API/SpeechSynthesis
+ * [1] https://developer.mozilla.org/docs/Web/API/SpeechRecognition
+ * [2] https://developer.mozilla.org/docs/Web/API/SpeechSynthesis
  * [3] https://wiki.mozilla.org/HTML5_Speech_API ***/
 user_pref("media.webspeech.recognition.enable", false);
 user_pref("media.webspeech.synth.enabled", false);
@@ -1020,13 +1023,13 @@ user_pref("media.mediasource.mp4.enabled", true);
 user_pref("media.mediasource.webm.audio.enabled", true);
 user_pref("media.mediasource.webm.enabled", true);
 /* 2026: disable canvas capture stream
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/HTMLCanvasElement/captureStream ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/HTMLCanvasElement/captureStream ***/
 user_pref("canvas.capturestream.enabled", false);
 /* 2027: disable camera image capture
  * [1] https://trac.torproject.org/projects/tor/ticket/16339 ***/
 user_pref("dom.imagecapture.enabled", false);
 /* 2028: disable offscreen canvas
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/OffscreenCanvas ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/OffscreenCanvas ***/
 user_pref("gfx.offscreencanvas.enabled", false);
 /* 2030: disable auto-play of HTML5 media
  * [WARNING] This may break video playback on various sites ***/
@@ -1065,8 +1068,8 @@ user_pref("dom.allow_scripts_to_close_windows", false);
 user_pref("browser.link.open_newwindow.restriction", 0);
 /* 2205: disable "Confirm you want to leave" dialog on page close
  * Does not prevent JS leaks of the page close event.
- * [1] https://developer.mozilla.org/en-US/docs/Web/Events/beforeunload
- * [2] https://support.mozilla.org/en-US/questions/1043508 ***/
+ * [1] https://developer.mozilla.org/docs/Web/Events/beforeunload
+ * [2] https://support.mozilla.org/questions/1043508 ***/
 user_pref("dom.disable_beforeunload", true);
 
 /*** 2300: WEB WORKERS [SETUP]
@@ -1079,12 +1082,12 @@ user_pref("dom.disable_beforeunload", true);
      [WARNING] Disabling workers *will* break sites (e.g. Google Street View, Twitter).
      It is recommended that you use a separate profile for these sorts of sites.
 
-     [1]    Web Workers: https://developer.mozilla.org/en-US/docs/Web/API/Web_Workers_API
-     [2]         Worker: https://developer.mozilla.org/en-US/docs/Web/API/Worker
-     [3] Service Worker: https://developer.mozilla.org/en-US/docs/Web/API/ServiceWorker_API
-     [4]   SharedWorker: https://developer.mozilla.org/en-US/docs/Web/API/SharedWorker
-     [5]   ChromeWorker: https://developer.mozilla.org/en-US/docs/Web/API/ChromeWorker
-     [6]  Notifications: https://support.mozilla.org/en-US/questions/1165867#answer-981820
+     [1]    Web Workers: https://developer.mozilla.org/docs/Web/API/Web_Workers_API
+     [2]         Worker: https://developer.mozilla.org/docs/Web/API/Worker
+     [3] Service Worker: https://developer.mozilla.org/docs/Web/API/Service_Worker_API
+     [4]   SharedWorker: https://developer.mozilla.org/docs/Web/API/SharedWorker
+     [5]   ChromeWorker: https://developer.mozilla.org/docs/Web/API/ChromeWorker
+     [6]  Notifications: https://support.mozilla.org/questions/1165867#answer-981820
  ***/
 user_pref("ghacks_user.js.parrot", "2300 syntax error: the parrot's off the twig!");
 /* 2301: disable workers
@@ -1101,13 +1104,13 @@ user_pref("dom.serviceWorkers.enabled", false);
 user_pref("dom.caches.enabled", false);
 /* 2304: disable web notifications
  * [NOTE] You can still override individual domains under site permissions (FF44+)
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/Notifications_API ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/Notifications_API ***/
 user_pref("dom.webnotifications.enabled", false);
 user_pref("dom.webnotifications.serviceworker.enabled", false);
 /* 2305: disable push notifications (FF44+)
  * web apps can receive messages pushed to them from a server, whether or
  * not the web app is in the foreground, or even currently loaded
- * [1] https://developer.mozilla.org/en/docs/Web/API/Push_API ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/Push_API ***/
 user_pref("dom.push.enabled", false);
 user_pref("dom.push.connection.enabled", false);
 user_pref("dom.push.serverURL", "");
@@ -1126,8 +1129,10 @@ user_pref("dom.event.clipboardevents.enabled", false);
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1170911 ***/
 user_pref("dom.allow_cut_copy", false); // (hidden pref)
 /* 2404: disable JS storing data permanently [SETUP]
- * [WARNING] This *may* break some add-ons and *will* break some sites ***/
-user_pref("dom.indexedDB.enabled", false);
+ * [WARNING] This BREAKS uBlock Origin [1.14.0+] and uMatrix extensions
+ * [1] https://github.com/gorhill/uBlock/releases/tag/1.14.0 
+ * [WARNING] This *will* break other extensions including legacy, and *will* break some sites ***/
+   // user_pref("dom.indexedDB.enabled", false);
 /* 2411: disable resource/navigation timing ***/
 user_pref("dom.enable_resource_timing", false);
 /* 2412: disable timing attacks - javascript performance fingerprinting
@@ -1150,8 +1155,8 @@ user_pref("dom.idle-observers-api.enabled", false);
  * set to false=block, set to true=ask ***/
 user_pref("full-screen-api.enabled", false);
 /* 2420: disable support for asm.js ( http://asmjs.org/ )
- * [1] https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
- * [2] https://www.mozilla.org/en-US/security/advisories/mfsa2015-50/
+ * [1] https://www.mozilla.org/security/advisories/mfsa2015-29/
+ * [2] https://www.mozilla.org/security/advisories/mfsa2015-50/
  * [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712 ***/
 user_pref("javascript.options.asmjs", false);
 /* 2421: disable Ion and baseline JIT to help harden JS against exploits such as CVE-2015-0817
@@ -1160,18 +1165,18 @@ user_pref("javascript.options.asmjs", false);
    // user_pref("javascript.options.ion", false);
    // user_pref("javascript.options.baselinejit", false);
 /* 2422: disable WebAssembly for now (FF52+)
- * [1] https://developer.mozilla.org/en-US/docs/WebAssembly ***/
+ * [1] https://developer.mozilla.org/docs/WebAssembly ***/
 user_pref("javascript.options.wasm", false);
 /* 2426: disable Intersection Observer API (FF53+)
  * Almost a year to complete, three versions late to stable (as default false),
  * number #1 cause of crashes in nightly numerous times, and is (primarily) an
  * ad network API for "ad viewability checks" down to a pixel level
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/Intersection_Observer_API
- * [2] https://wicg.github.io/IntersectionObserver/
+ * [1] https://developer.mozilla.org/docs/Web/API/Intersection_Observer_API
+ * [2] https://w3c.github.io/IntersectionObserver/
  * [3] https://bugzilla.mozilla.org/show_bug.cgi?id=1243846 ***/
 user_pref("dom.IntersectionObserver.enabled", false);
 /* 2450a: enforce websites to ask to store data for offline use
- * [1] https://support.mozilla.org/en-US/questions/1098540
+ * [1] https://support.mozilla.org/questions/1098540
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=959985 ***/
 user_pref("offline-apps.allow_by_default", false);
 /* 2450b: display a notification when websites ask to store data for offline use
@@ -1189,24 +1194,24 @@ user_pref("ghacks_user.js.parrot", "2500 syntax error: the parrot's shuffled off
 user_pref("dom.gamepad.enabled", false);
 /* 2503: disable giving away network info (FF31+)
  * e.g. bluetooth, cellular, ethernet, wifi, wimax, other, mixed, unknown, none
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/Network_Information_API
+ * [1] https://developer.mozilla.org/docs/Web/API/Network_Information_API
  * [2] https://wicg.github.io/netinfo/
  * [3] https://bugzilla.mozilla.org/show_bug.cgi?id=960426 ***/
 user_pref("dom.netinfo.enabled", false);
 /* 2504: disable virtual reality devices
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/WebVR_API ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/WebVR_API ***/
 user_pref("dom.vr.enabled", false);
 /* 2505: disable media device enumeration (FF29+)
  * [NOTE] media.peerconnection.enabled should also be set to false (see 2001)
  * [1] https://wiki.mozilla.org/Media/getUserMedia
- * [2] https://developer.mozilla.org/en-US/docs/Web/API/MediaDevices/enumerateDevices ***/
+ * [2] https://developer.mozilla.org/docs/Web/API/MediaDevices/enumerateDevices ***/
 user_pref("media.navigator.enabled", false);
 /* 2506: disable video statistics - JS performance fingerprinting (FF25+)
  * [1] https://trac.torproject.org/projects/tor/ticket/15757
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=654550 ***/
 user_pref("media.video_stats.enabled", false);
 /* 2508: disable hardware acceleration to reduce graphics fingerprinting
- * [SETTING] Options>Advanced>General>Use hardware acceleration when available
+ * [SETTING] Options>General>Performance>Custom>Use hardware acceleration when available
  * [NOTE] Changing this option changes BOTH these preferences
  * [WARNING] [SETUP] Affects text rendering (fonts will look different) and impacts video performance
  * [1] https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration ***/
@@ -1214,15 +1219,15 @@ user_pref("gfx.direct2d.disabled", true); // [WINDOWS]
 user_pref("layers.acceleration.disabled", true);
 /* 2509: disable touch events [SETUP]
  * fingerprinting attack vector - leaks screen res & actual screen coordinates
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/Touch_events
+ * [1] https://developer.mozilla.org/docs/Web/API/Touch_events
  * [2] https://trac.torproject.org/projects/tor/ticket/10286 ***/
 user_pref("dom.w3c_touch_events.enabled", 0);
 /* 2510: disable Web Audio API (FF51+)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1288359 ***/
 user_pref("dom.webaudio.enabled", false);
 /* 2511: disable MediaDevices change detection (FF51+) (enabled by default starting FF52+)
- * [1] https://developer.mozilla.org/en-US/docs/Web/Events/devicechange
- * [2] https://developer.mozilla.org/en-US/docs/Web/API/MediaDevices/ondevicechange ***/
+ * [1] https://developer.mozilla.org/docs/Web/Events/devicechange
+ * [2] https://developer.mozilla.org/docs/Web/API/MediaDevices/ondevicechange ***/
 user_pref("media.ondevicechange.enabled", false);
 /* 2512: disable device sensor API
  * [1] https://trac.torproject.org/projects/tor/ticket/15758
@@ -1256,7 +1261,7 @@ user_pref("browser.zoom.siteSpecific", false);
 /*** 2600: MISC - LEAKS / FINGERPRINTING / PRIVACY / SECURITY ***/
 user_pref("ghacks_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!");
 /* 2601: disable sending additional analytics to web servers
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/navigator.sendBeacon ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/
 user_pref("beacon.enabled", false);
 /* 2602: discourage downloading to desktop (0=desktop 1=downloads 2=last used)
  * [NOTE] To set your default "downloads": Options>General>Downloads>Save files to ***/
@@ -1280,7 +1285,7 @@ user_pref("network.jar.open-unsafe-types", false);
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=232227
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1330876 ***/
 user_pref("ui.use_standins_for_native_colors", true); // (hidden pref)
-/* 2611: disable WebIDE to prevent remote debugging and add-on downloads
+/* 2611: disable WebIDE to prevent remote debugging and extension downloads
  * [1] https://trac.torproject.org/projects/tor/ticket/16222 ***/
 user_pref("devtools.webide.autoinstallADBHelper", false);
 user_pref("devtools.webide.autoinstallFxdtAdapters", false);
@@ -1322,7 +1327,7 @@ user_pref("pdfjs.disabled", false);
 user_pref("network.proxy.socks_remote_dns", true);
 /* 2619: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
  * [WARNING] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
- * To control HTML Meta tag and JS redirects, use an add-on. Default is 20 ***/
+ * To control HTML Meta tag and JS redirects, use an extension. Default is 20 ***/
 user_pref("network.http.redirection-limit", 10);
 /* 2620: disable middle mouse click opening links from clipboard
  * [1] https://trac.torproject.org/projects/tor/ticket/10089
@@ -1332,30 +1337,30 @@ user_pref("middlemouse.contentLoadURL", false);
  * This is all about covert channels such as MAC addresses being included/abused in the
  * IPv6 protocol for tracking. If you want to mask your IP address, this is not the way
  * to do it. It's 2016, IPv6 is here. Here are some old links
- * 2010: https://www.christopher-parsons.com/ipv6-and-the-future-of-privacy/
- * 2011: https://iapp.org/news/a/2011-09-09-facing-the-privacy-implications-of-ipv6
+ * 2010: https://christopher-parsons.com/ipv6-and-the-future-of-privacy/
+ * 2011: https://iapp.org/news/a/2011-09-09-facing-the-privacy-implications-of-ipv6/
  * 2012: http://www.zdnet.com/article/security-versus-privacy-with-ipv6-deployment/
  * [NOTE] It is a myth that disabling IPv6 will speed up your internet connection
- * [1] http://www.howtogeek.com/195062/no-disabling-ipv6-probably-wont-speed-up-your-internet-connection ***/
+ * [1] https://www.howtogeek.com/195062/no-disabling-ipv6-probably-wont-speed-up-your-internet-connection/ ***/
    // user_pref("network.dns.disableIPv6", true);
    // user_pref("network.http.fast-fallback-to-IPv4", true);
-/* 2622: enforce a security delay when installing add-ons (milliseconds)
+/* 2622: enforce a security delay when installing extensions (milliseconds)
  * default=1000, This also covers the delay in "Save" on downloading files.
  * [1] http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
- * [2] http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
+ * [2] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
 user_pref("security.dialog_enable_delay", 700);
 /* 2623: enable Strict File Origin Policy on local files
  * [1] http://kb.mozillazine.org/Security.fileuri.strict_origin_policy ***/
 user_pref("security.fileuri.strict_origin_policy", true);
 /* 2624: enable Subresource Integrity (SRI) (FF43+)
- * [1] https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
+ * [1] https://developer.mozilla.org/docs/Web/Security/Subresource_Integrity
  * [2] https://wiki.mozilla.org/Security/Subresource_Integrity ***/
 user_pref("security.sri.enable", true);
 /* 2625: disable DNS requests for hostnames with a .onion TLD (FF45+)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1228457 ***/
 user_pref("network.dns.blockDotOnion", true);
 /* 2626: disable optional user agent token, default is false, included for completeness
- * [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Gecko_user_agent_string_reference ***/
+ * [1] https://developer.mozilla.org/docs/Web/HTTP/Headers/User-Agent/Firefox ***/
 user_pref("general.useragent.compatMode.firefox", false);
 /* 2628: disable UITour backend so there is no chance that a remote page can use it ***/
 user_pref("browser.uitour.enabled", false);
@@ -1384,12 +1389,12 @@ user_pref("network.http.altsvc.enabled", false);
 user_pref("network.http.altsvc.oe", false);
 /* 2667: disable various developer tools in browser context
  * [SETTING] Devtools>Advanced Settings>Enable browser chrome and add-on debugging toolboxes
- * [1] http://github.com/pyllyukko/user.js/issues/179#issuecomment-246468676 ***/
+ * [1] https://github.com/pyllyukko/user.js/issues/179#issuecomment-246468676 ***/
 user_pref("devtools.chrome.enabled", false);
 /* 2668: lock down allowed extension directories
- * [WARNING] This will break add-ons that do not use the default XPI directories
+ * [WARNING] This will break extensions that do not use the default XPI directories
  * [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
- * [1] archived: http://archive.is/DYjAM ***/
+ * [1] archived: https://archive.is/DYjAM ***/
 user_pref("extensions.enabledScopes", 1); // (hidden pref)
 user_pref("extensions.autoDisableScopes", 15);
 /* 2669: remove paths when sending URLs to PAC scripts (FF51+)
@@ -1412,11 +1417,11 @@ user_pref("security.block_script_with_wrong_mime", true);
  * [1] http://kb.mozillazine.org/Network.IDN_show_punycode
  * [2] https://wiki.mozilla.org/IDN_Display_Algorithm
  * [3] https://en.wikipedia.org/wiki/IDN_homograph_attack
- * [4] CVE-2017-5383: https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/
+ * [4] CVE-2017-5383: https://www.mozilla.org/security/advisories/mfsa2017-02/
  * [5] https://www.xudongz.com/blog/2017/idn-phishing/ ***/
 user_pref("network.IDN_show_punycode", true);
 /* 2673: enable CSP (Content Security Policy) (default is true)
- * [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP ***/
+ * [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/
 user_pref("security.csp.enable", true);
 /* 2674: enable CSP 1.1 experimental hash-source directive (FF29+)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=855326
@@ -1436,7 +1441,7 @@ user_pref("security.csp.experimentalEnabled", true);
      * Values below are for example only based on the current ESR/TBB at the time of writing
 ***/
 /* 2697a: navigator.userAgent leaks in JS
- * [NOTE] Setting this will break any UA spoofing add-on whitelisting ***/
+ * [NOTE] Setting this will break any UA spoofing extension whitelisting ***/
    // user_pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0"); // (hidden pref)
 /* 2697b: navigator.buildID (see gecko.buildID in about:config) reveals build time
  * down to the second which defeats user agent spoofing and can compromise OS etc
@@ -1493,16 +1498,20 @@ user_pref("privacy.firstparty.isolate.restrict_opener_access", true);
       This spoof *shouldn't* affect core chrome/Firefox performance
  ** 1217238 - reduce precision of time exposed by javascript (FF55+)
  ** 1369303 - spoof/disable performance API (see 2410-deprecated, 2411, 2412) (FF56+)
- ** 1333651 & 1383495 - spoof Navigator API (see section 2697) (FF56+)
-      The version number will be rounded down to the nearest multiple of 10
+ ** 1333651 & 1383495 & 1396468 & 1393283 - spoof Navigator API (see section 2697) (FF56+)
+      FF56: The version number will be rounded down to the nearest multiple of 10
+      FF57+: The version number will match current ESR
  ** 1369319 - disable device sensor API (see 2512) (FF56+)
  ** 1369357 - disable site specific zoom (see 2515) (FF56+)
- ** 1337161 - disable gamepad API (see 2501) (FF56+)
+ ** 1337161 - hide gamepads from content (see 2501) (FF56+)
  ** 1372072 - spoof network information API as "unknown" (see 2503) (FF56+)
  ** 1372069 - disable geolocation API (see 0201) (FF56+)
- ** 1333641 - disable WebSpeech API (see 2021) (FF56+)
- ** 1369309 - spoof media statistics to 0 (see 2506) (FF57+)
+ ** 1333641 - reduce fingerprinting in WebSpeech API (see 2021) (FF56+)
+ ** 1369309 - spoof media statistics (see 2506) (FF57+)
  ** 1382499 - reduce screen co-ordinate fingerprinting in Touch API (see 2509) (FF57+)
+ ** 1217290 - enable fingerprinting resistance for WebGL (see 2010-12) (FF57+)
+ ** 1382545 - reduce fingerprinting in Animation API (FF57+)
+ ** 1354633 - limit MediaError.message to a whitelist (FF57+)
 ***/
 /* 2699a: enable privacy.resistFingerprinting (FF41+)
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=418986 ***/
@@ -1511,7 +1520,7 @@ user_pref("privacy.resistFingerprinting", true); // (hidden pref) (not hidden FF
  * [NOTE] Width will round to multiples of 200s and height to 100s, to fit your screen.
  * The override values are a starting point to round from if you want some control
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1330882
- * [2] https://metrics.mozilla.com/firefox-hardware-report/ ***/
+ * [2] https://hardware.metrics.mozilla.com/ ***/
    // user_pref("privacy.window.maxInnerWidth", 1600); // (hidden pref)
    // user_pref("privacy.window.maxInnerHeight", 900); // (hidden pref)
 
@@ -1542,19 +1551,19 @@ user_pref("network.cookie.thirdparty.sessionOnly", true);
  * The API gives sites the ability to find out how much space they can use, how much
  * they are already using, and even control whether or not they need to be alerted
  * before the user agent disposes of site data in order to make room for other things.
- * [1] https://developer.mozilla.org/en-US/docs/Web/API/StorageManager
- * [2] https://developer.mozilla.org/en-US/docs/Web/API/Storage_API
+ * [1] https://developer.mozilla.org/docs/Web/API/StorageManager
+ * [2] https://developer.mozilla.org/docs/Web/API/Storage_API
  * [3] https://blog.mozilla.org/l10n/2017/03/07/firefox-l10n-report-aurora-54/ ***/
 user_pref("dom.storageManager.enabled", false); // (FF51+)
 user_pref("browser.storageManager.enabled", false); // (FF53+)
-/* 2707: clear localStorage and UUID when a WebExtension is uninstalled
+/* 2707: clear localStorage and UUID when an extension is uninstalled
  * [NOTE] Both preferences must be the same
- * [1] https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/storage/local
+ * [1] https://developer.mozilla.org/Add-ons/WebExtensions/API/storage/local
  * [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1213990 ***/
 user_pref("extensions.webextensions.keepStorageOnUninstall", false);
 user_pref("extensions.webextensions.keepUuidOnUninstall", false);
 /* 2708: disable HTTP sites setting cookies with the "secure" directive (default: true) (FF52+)
- * [1] https://developer.mozilla.org/en-US/Firefox/Releases/52#HTTP ***/
+ * [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/
 user_pref("network.cookie.leave-secure-alone", true);
 
 /*** 2800: SHUTDOWN [SETUP]
@@ -1617,7 +1626,7 @@ user_pref("browser.tabs.warnOnClose", false);
 user_pref("browser.tabs.warnOnCloseOtherTabs", false);
 user_pref("browser.tabs.warnOnOpen", false);
 /* 3001a: disable warning when a domain requests full screen
- * [1] https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Using_full_screen_mode ***/
+ * [1] https://developer.mozilla.org/docs/Web/API/Fullscreen_API ***/
    // user_pref("full-screen-api.warning.delay", 0);
    // user_pref("full-screen-api.warning.timeout", 0);
 /* 3002: disable closing browser with last tab ***/
@@ -1626,7 +1635,7 @@ user_pref("browser.tabs.closeWindowWithLastTab", false);
 user_pref("browser.backspace_action", 2);
 /* 3005: disable autocopy default (linux) ***/
    // user_pref("clipboard.autocopy", false);
-/* 3006: disable enforced add-on signing (FF43+)
+/* 3006: disable enforced extension signing (FF43+)
  * [NOTE] Only applicable to Nightly and ESR (FF48+)
  * [1] https://wiki.mozilla.org/Add-ons/Extension_Signing#Documentation ***/
    // user_pref("xpinstall.signatures.required", false);
@@ -1643,7 +1652,7 @@ user_pref("view_source.tab", false);
 user_pref("layout.spellcheckDefault", 1);
 /* 3013: disable automatic "Work Offline" status
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=620472
- * [2] https://developer.mozilla.org/en-US/docs/Online_and_offline_events ***/
+ * [2] https://developer.mozilla.org/docs/Online_and_offline_events ***/
 user_pref("network.manage-offline-status", false);
 /* 3015: disable animations
  * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1352069 ***/
@@ -1722,7 +1731,7 @@ user_pref("network.websocket.enabled", false);
    // user_pref("privacy.donottrackheader.value", 1);
 // 2023: (37+) disable camera autofocus callback
    // The API will be superceded by the WebRTC Capture and Stream API
-   // [1] https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/API/CameraControl/
+   // [1] https://developer.mozilla.org/docs/Archive/B2G_OS/API/CameraControl
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1107683
 user_pref("camera.control.autofocus_moving_callback.enabled", false);
 // 0415: (41+) disable reporting URLs (safe browsing) - removed or replaced by various
@@ -1772,11 +1781,11 @@ user_pref("browser.safebrowsing.provider.google.appRepURL", ""); // browser.safe
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1215796
 user_pref("security.tls.insecure_fallback_hosts.use_static_list", false);
 // 2301: disable SharedWorkers
-   // [1] https://bugs.torproject.org/15562
+   // [1] https://trac.torproject.org/projects/tor/ticket/15562
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1207635
 user_pref("dom.workers.sharedWorkers.enabled", false);
 // 2403: disable scripts changing images
-   // [TEST] http://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_img_src2
+   // [TEST] https://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_img_src2
    // [WARNING] Will break some sites such as Google Maps and a lot of web apps
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=773429
    // user_pref("dom.disable_image_src_set", true);
@@ -1817,7 +1826,7 @@ user_pref("toolkit.telemetry.unifiedIsOptIn", true); // (hidden pref)
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1236580
 user_pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,");
 // 0807: disable history manipulation
-   // [1] https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Manipulating_the_browser_history
+   // [1] https://developer.mozilla.org/docs/Web/API/History_API
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1249542
 user_pref("browser.history.allowPopState", false);
 user_pref("browser.history.allowPushState", false);
@@ -1831,7 +1840,7 @@ user_pref("browser.urlbar.unifiedcomplete", false);
 // ***/
 /* FF49
 // 0372: disable "Hello"
-   // [1] https://www.mozilla.org/en-US/privacy/firefox-hello/
+   // [1] https://www.mozilla.org/privacy/archive/hello/2016-03/
    // [2] https://security.stackexchange.com/questions/94284/how-secure-is-firefox-hello
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1287827
 user_pref("loop.enabled", false);
@@ -1900,10 +1909,11 @@ user_pref("media.gmp-eme-adobe.autoupdate", false);
    // [1] https://wiki.mozilla.org/WebAPI/Security/WebTelephony
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1309719
 user_pref("dom.telephony.enabled", false);
-// 2502: disable Battery Status API. Initially a Linux issue (high precision readout) that
-   // was fixed. However, it is still another metric for fingerprinting, used to raise entropy.
+// 2502: disable Battery Status API
+   // Initially a Linux issue (high precision readout) that was fixed.
+   // However, it is still another metric for fingerprinting, used to raise entropy.
    // e.g. do you have a battery or not, current charging status, charge level, times remaining etc
-   // [1] http://techcrunch.com/2015/08/04/battery-attributes-can-be-used-to-track-web-users/
+   // [1] https://techcrunch.com/2015/08/04/battery-attributes-can-be-used-to-track-web-users/
    // [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1124127
    // [3] https://www.w3.org/TR/battery-status/
    // [4] https://www.theguardian.com/technology/2016/aug/02/battery-status-indicators-tracking-online
@@ -1973,7 +1983,7 @@ user_pref("dom.enable_user_timing", false);
    // web pages. These parameters vary between types of keyboard layouts such as QWERTY,
    // AZERTY, Dvorak, and between various languages, e.g. German vs English.
    // [WARNING] Don't use if Android + physical keyboard
-   // [1] https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/code
+   // [1] https://developer.mozilla.org/docs/Web/API/KeyboardEvent/code
    // [2] https://www.privacy-handbuch.de/handbuch_21v.htm
    // [-] https://bugzilla.mozilla.org/show_bug.cgi?id=1352949
 user_pref("dom.keyboardevent.code.enabled", false);