From ba2131eb4efb9dc42122b5f567dda703adb558dc Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 30 Jan 2022 09:15:15 +0000 Subject: [PATCH] Updated 3.2 Overrides [Common] (markdown) --- 3.2-Overrides-[Common].md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/3.2-Overrides-[Common].md b/3.2-Overrides-[Common].md index f832578..44b8d91 100644 --- a/3.2-Overrides-[Common].md +++ b/3.2-Overrides-[Common].md @@ -7,44 +7,44 @@ 🟪 SECURITY: IMPORTANT: Pay attention! - `0403`: We disable binary checks not in Safe Browsing local lists - - :warning: If you do not understand the consequences of this, override this + - :warning: If you do not understand the consequences, override this -🟪 KEEP SOME COOKIES & LOGINS: Nothing to change +🟪 KEEP SOME COOKIES & LOGINS: Nothing to override - We delete all cookies and site data on close - There is no need to change any prefs - just add site exceptions: either - `Ctrl+I` > Permissions > Cookies > Allow - `☰ Settings` > Privacy & Security > Cookies & Site Data > Manage Exceptions - - For cross-domain logins you will need to add exceptions for both sites + - For cross-domain logins, add exceptions for both sites -🟪 COMMON: Change to suit +🟪 COMMON: Override to suit - `0102`: We disable session restore - - If you rely on session restore you had better change this, see our [override recipe](https://github.com/arkenfox/user.js/issues/1080) + - If you rely on session restore, see our [override recipe](https://github.com/arkenfox/user.js/issues/1080) - `0801`: We disable automatic search from the urlbar - - You can still use search buttons and keyword shortcuts. If you change to a privacy respecting search engine and trust them, override this + - You can still use search buttons and keyword shortcuts + - Override if you change to a privacy respecting search engine and trust them - `0811`: We disable search & form history - Form data can easily be stolen by third parties - see this 2017 [article](https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/) and these [bugzillas](https://bugzilla.mozilla.org/buglist.cgi?bug_id=1443083,1427543) - see this 2011 [article](https://blog.mindedsecurity.com/2011/10/autocompleteagain.html) and this [bugzilla](https://bugzilla.mozilla.org/381681) - `1223`: We enforce strict pinning - - If you have issues with antivirus + - Override if you have issues with antivirus - `1601`: We hardened cross origin referers 🥇 `#1 ISSUE` - This may cause breakage where third party images and videos may not load, and with authentication on sites such as banks - If `1601` is too strict for you, override it to default `0` and consider using Smart Referer in Strict mode - `2022`: We disable DRM - - If you use Netflix, Hulu, Amazon Prime etc ... or consider watching those in a secondary browser + - Override if you use Netflix, Hulu, Amazon Prime, etc ... or consider watching those in a secondary browser - `2811`: We delete history (download, form and browsing histories) on close - - Override `2811` (and `2812` for manual sanitizing) if you want -- `4520` We disable WebGL - - If you want it, override it + - And `2812` for manual sanitizing +- `4520`: We disable WebGL 🟪 FINGERPRINTING - `4501`: We enable RFP and `4504`: letterboxing - letterboxing is independent of `4501` and is the pref that creates borders around your webpages -Read the next wiki page to decide if you want to keep using these or instead perhaps use Canvas Blocker +Read the next wiki page to decide if you want to keep using these or perhaps use Canvas Blocker instead 🟪 OTHER