diff --git a/3.2-Overrides-[Common].md b/3.2-Overrides-[Common].md new file mode 100644 index 0000000..a61681a --- /dev/null +++ b/3.2-Overrides-[Common].md @@ -0,0 +1,64 @@ +🟩 Previous: [Overrides](https://github.com/arkenfox/user.js/wiki/3.1-Overrides) + +🟥 Summary: **These few items, out of 140+ pref changes, will solve 99% of usability issues and you only need to do it once**. You can always undo things (except deleted items like cookies and history and session restore: read the entire page!), and tweak over time + +--- + +🟪 SECURITY: IMPORTANT: Pay attention! + +- `0403`: We disable binary checks not in Safe Browsing local lists + - :warning: If you do not understand the consequences of this, override these prefs + +🟪 KEEP SOME COOKIES & LOGINS: Nothing to change + +- We delete all cookies and site data on close + - There is no need to change any prefs - just add site exceptions + - Ctrl+I > Permissions > Cookies > Allow + - Options > Privacy & Security > Permissions > Settings + - For cross-domain logins you will need to add exceptions for both sites + +🟪 COMMON: Change to suit + +- `0102`: We disable session restore + - If you rely on session restore you had better change this, see our [override recipe](https://github.com/arkenfox/user.js/issues/1080) +- `0801`: We disable automatic search from the urlbar + - You can still use search buttons and keyword shortcuts. If you change to a privacy respecting search engine and trust them, override this +- `0811`: We disable search & form history + - Form data can easily be stolen by third parties + - see this 2017 [article](https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/) and these [bugzillas](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1443083,1427543) + - see this 2011 [article](https://blog.mindedsecurity.com/2011/10/autocompleteagain.html) and this [bugzilla](https://bugzilla.mozilla.org/381681) +- `1223`: We enforce strict pinning + - If you have issues with antivirus +- `1601`: We hardened cross origin referers 🥇 `#1 ISSUE` + - This may cause breakage where third party images and videos may not load + - If `1601` is too strict for you, override it to default `0` and consider using Smart Referer in Strict mode +- `2022`: We disable DRM + - If you use Netflix, Hulu, Amazon Prime etc ... or consider watching those in a secondary browser +- `2811`: We delete history (download, form and browsing histories) on close + - Override `2811` (and `2812` for manual sanitizing) if you want +- `4520` We disable WebGL + - If you want it, override it + +🟪 FINGERPRINTING + +- `4501`: We enable RFP and `4504`: letterboxing + - letterboxing is independent of `4501` and is the pref that creates borders around your webpages + +Read the next wiki page to decide if you want to keep using these or instead perhaps use Canvas Blocker + +🟪 OTHER + +Other preferences may cause site breakage, but nothing that can't be fixed. You won't "lose" anything...- it's not the end of the world. + +- Check our [override recipes](https://github.com/arkenfox/user.js/issues/1080) +- Check already [answered](https://github.com/arkenfox/user.js/issues?q=is%3Aissue+label%3Aanswered) issues +- While not 100% definitive, search for `[SETUP` in the user.js; e.g. + * `[SETUP-WEB]` can cause some websites to break + * `[SETUP-CHROME]` changes how Firefox itself behaves (i.e. NOT directly website related) +- You may also want to add items e.g. + - `5000s` optional + - `9000s` personal + +--- + +🟩 Next: [Overrides [To RFP or Not]](https://github.com/arkenfox/user.js/wiki/3.3-Overrides-[To-RFP-or-Not])