Git
/
thunderbird-user.js
mirror of https://github.com/HorlogeSkynet/thunderbird-user.js.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[WIP] Continues Arkenfox v78..v91 migration 

> **WORK IN PROGRESS : DO NOT USE IT AS IS**

Migration status :
    * updated sections 4000 --> 8000
    * some preferences from section 7000 **SHOULD** be enforced (not done yet)
This commit is contained in:
Samuel FORESTIER 2021-09-19 20:03:16 +02:00
parent 3b2afdd532
commit e639a79445
1 changed files with 330 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

551
user.js
View File

@ -910,263 +910,372 @@ user_pref("privacy.cpd.siteSettings", false); // Site Preferences
user_pref("privacy.sanitize.timeSpan", 0); user_pref("privacy.sanitize.timeSpan", 0);
/*** [SECTION 4000]: FPI (FIRST PARTY ISOLATION) /*** [SECTION 4000]: FPI (FIRST PARTY ISOLATION)
** 1278037 - isolate indexedDB (FF51+) 1278037 - indexedDB (FF51+)
** 1277803 - isolate favicons (FF52+) 1277803 - favicons (FF52+)
** 1264562 - isolate OCSP cache (FF52+) 1264562 - OCSP cache (FF52+)
** 1268726 - isolate Shared Workers (FF52+) 1268726 - Shared Workers (FF52+)
** 1316283 - isolate SSL session cache (FF52+) 1316283 - SSL session cache (FF52+)
** 1317927 - isolate media cache (FF53+) 1317927 - media cache (FF53+)
** 1323644 - isolate HSTS and HPKP (FF54+) 1323644 - HSTS and HPKP (FF54+)
** 1334690 - isolate HTTP Alternative Services (FF54+) 1334690 - HTTP Alternative Services (FF54+)
** 1334693 - isolate SPDY/HTTP2 (FF55+) 1334693 - SPDY/HTTP2 (FF55+)
** 1337893 - isolate DNS cache (FF55+) 1337893 - DNS cache (FF55+)
** 1344170 - isolate blob: URI (FF55+) 1344170 - blob: URI (FF55+)
** 1300671 - isolate data:, about: URLs (FF55+) 1300671 - data:, about: URLs (FF55+)
** 1473247 - isolate IP addresses (FF63+) 1473247 - IP addresses (FF63+)
** 1492607 - isolate postMessage with targetOrigin "*" (requires 4002) (FF65+) 1542309 - top-level domain URLs when host is in the public suffix list (FF68+)
** 1542309 - isolate top-level domain URLs when host is in the public suffix list (FF68+) 1506693 - pdfjs range-based requests (FF68+)
** 1506693 - isolate pdfjs range-based requests (FF68+) 1330467 - site permissions (FF69+)
** 1330467 - isolate site permissions (FF69+) 1534339 - IPv6 (FF73+)
** 1534339 - isolate IPv6 (FF73+) 1721858 - WebSocket (FF92+)
***/ ***/
user_pref("_user.js.parrot", "4000 syntax error: the parrot's pegged out"); user_pref("_user.js.parrot", "4000 syntax error: the parrot's pegged out");
/* 4001: enable First Party Isolation [FF51+] /* 4001: enable First Party Isolation [FF51+]
* [SETUP-WEB] May break cross-domain logins and site functionality until perfected * [SETUP-WEB] Breaks some cross-origin logins
* [1] https://bugzilla.mozilla.org/1260931 ***/ * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1260931,1299996 ***/
user_pref("privacy.firstparty.isolate", true); user_pref("privacy.firstparty.isolate", true);
/* 4002: enforce FPI restriction for window.opener [FF54+] /* 4002: enforce FPI restriction for window.opener [FF54+]
* [NOTE] Setting this to false may reduce the breakage in 4001 * [NOTE] Setting this to false may reduce the breakage in 4001
* [NOTE] Unlike arkenfox/user.js, we explicitly set them
* FF65+ blocks postMessage with targetOrigin "*" if originAttributes don't match. But * FF65+ blocks postMessage with targetOrigin "*" if originAttributes don't match. But
* to reduce breakage it ignores the 1st-party domain (FPD) originAttribute. (see [2],[3]) * to reduce breakage it ignores the 1st-party domain (FPD) originAttribute [2][3]
* The 2nd pref removes that limitation and will only allow communication if FPDs also match. * The 2nd pref removes that limitation and will only allow communication if FPDs also match
* [1] https://bugzilla.mozilla.org/1319773#c22 * [1] https://bugzilla.mozilla.org/1319773#c22
* [2] https://bugzilla.mozilla.org/1492607 * [2] https://bugzilla.mozilla.org/1492607
* [3] https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage ***/ * [3] https://developer.mozilla.org/docs/Web/API/Window/postMessage ***/
user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true] user_pref("privacy.firstparty.isolate.restrict_opener_access", true); // [DEFAULT: true]
user_pref("privacy.firstparty.isolate.block_post_message", true); // [HIDDEN PREF ESR] user_pref("privacy.firstparty.isolate.block_post_message", true);
/* 4003: enable scheme with FPI [FF78+]
* [NOTE] Experimental: existing data and site permissions are incompatible
* and some site exceptions may not work e.g. HTTPS-only mode (1244) ***/
user_pref("privacy.firstparty.isolate.use_site", true);
/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING) /*** [SECTION 4500]: RFP (RESIST FINGERPRINTING)
This master switch will be used for a wide range of items, many of which will RFP covers a wide range of ongoing fingerprinting solutions.
**override** existing prefs from FF55+, often providing a **better** solution It is an all-or-nothing buy in: you cannot pick and choose what parts you want
IMPORTANT: As existing prefs become redundant, and some of them WILL interfere [WARNING] DO NOT USE extensions to alter RFP protected metrics
with how RFP works, they will be moved to section 4600 and made inactive
** 418986 - limit window.screen & CSS media queries leaking identifiable info (FF41+) 418986 - limit window.screen & CSS media queries (FF41)
[NOTE] Info only: To set a size, open a XUL (chrome) page (such as about:config) which is at
100% zoom, hit Shift+F4 to open the scratchpad, type window.resizeTo(1366,768), hit Ctrl+R to run.
Test your window size, do some math, resize to allow for all the non inner window elements
[TEST] https://arkenfox.github.io/TZP/tzp.html#screen [TEST] https://arkenfox.github.io/TZP/tzp.html#screen
** 1281949 - spoof screen orientation (FF50+) 1281949 - spoof screen orientation (FF50)
** 1281963 - hide the contents of navigator.plugins and navigator.mimeTypes (FF50+) 1281963 - hide contents of navigator.plugins and navigator.mimeTypes (FF50-88)
FF53: Fixes GetSupportedNames in nsMimeTypeArray and nsPluginArray (1324044) 1330890 - spoof timezone as UTC0 (FF55)
** 1330890 - spoof timezone as UTC 0 (FF55+) 1360039 - spoof navigator.hardwareConcurrency as 2 (FF55)
FF58: Date.toLocaleFormat deprecated (818634) 1217238 - reduce precision of time exposed by javascript (FF55)
FF60: Date.toLocaleDateString and Intl.DateTimeFormat fixed (1409973) FF56
** 1360039 - spoof navigator.hardwareConcurrency as 2 (see 4601) (FF55+) 1369303 - spoof/disable performance API
This spoof *shouldn't* affect core chrome/Firefox performance 1333651 - spoof User Agent & Navigator API
** 1217238 - reduce precision of time exposed by javascript (FF55+) JS: FF91+ the version is spoofed as ESR, and the OS as Windows 10, OS 10.15, Android 10, or Linux
** 1369303 - spoof/disable performance API (see 2410-deprecated, 4602, 4603) (FF56+) HTTP Headers: spoofed as Windows or Android
** 1333651 & 1383495 & 1396468 - spoof User Agent & Navigator API (see section 4700) (FF56+) 1369319 - disable device sensor API
FF56: Version: rounded down to the nearest multiple of 10 1369357 - disable site specific zoom
FF57: Version: match current ESR (1393283, 1418672, 1418162, 1511763) 1337161 - hide gamepads from content
FF59: OS: Windows, OSX, Android, or Linux (to reduce breakage) (1404608) 1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true
FF66: OS: HTTP Headers reduced to Windows or Android (1509829) 1333641 - reduce fingerprinting in WebSpeech API
FF68: OS: updated to Windows 10, OS 10.14, and Android 8.1 (1511434) FF57
FF78: OS: updated to OS 10.15 and Android 9.0 (1635011) 1369309 - spoof media statistics
** 1369319 - disable device sensor API (see 4604) (FF56+) 1382499 - reduce screen co-ordinate fingerprinting in Touch API
** 1369357 - disable site specific zoom (see 4605) (FF56+) 1217290 & 1409677 - enable some fingerprinting resistance for WebGL
** 1337161 - hide gamepads from content (see 4606) (FF56+) 1382545 - reduce fingerprinting in Animation API
** 1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true (see 4607) (FF56+) 1354633 - limit MediaError.message to a whitelist
** 1333641 - reduce fingerprinting in WebSpeech API (see 4608) (FF56+) 1382533 & 1697680 - enable fingerprinting resistance for Presentation API (FF57-87)
** 1372069 & 1403813 & 1441295 - block geolocation requests (same as denying a site permission) (see 0201 ** 1372069 & 1403813 & 1441295 - block geolocation requests (same as denying a site permission) (see 0201, 0202) (FF56-62) Blocks exposure of local IP Addresses via mDNS (Multicast DNS)
** 1369309 - spoof media statistics (see 4610) (FF57+) FF58-90
** 1382499 - reduce screen co-ordinate fingerprinting in Touch API (see 4611) (FF57+) 967895 - spoof canvas and enable site permission prompt (FF58)
** 1217290 & 1409677 - enable fingerprinting resistance for WebGL (see 2010-12) (FF57+) 1372073 - spoof/block fingerprinting in MediaDevices API (FF59)
** 1382545 - reduce fingerprinting in Animation API (FF57+) Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone"
** 1354633 - limit MediaError.message to a whitelist (FF57+) Block: suppresses the ondevicechange event
** 1382533 - enable fingerprinting resistance for Presentation API (FF57+) 1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59)
This blocks exposure of local IP Addresses via mDNS (Multicast DNS) 1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59)
** 967895 - spoof canvas and enable site permission prompt before allowing canvas data extraction (FF58+)
FF59: Added to site permissions panel (1413780) Only prompt when triggered by user input (1376865)
** 1372073 - spoof/block fingerprinting in MediaDevices API (FF59+)
Spoof: enumerate devices reports one "Internal Camera" and one "Internal Microphone" if
media.navigator.enabled is true (see 2505 which we chose to keep disabled)
Block: suppresses the ondevicechange event (see 4612)
** 1039069 - warn when language prefs are set to non en-US (see 0210, 0211) (FF59+)
** 1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59+)
Spoofing mimics the content language of the document. Currently it only supports en-US. Spoofing mimics the content language of the document. Currently it only supports en-US.
Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected. Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected.
FF60: Fix keydown/keyup events (1438795) 1337157 - disable WebGL debug renderer info (FF60)
** 1337157 - disable WebGL debug renderer info (see 4613) (FF60+) 1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62)
** 1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62+) 1479239 - return "no-preference" with prefers-reduced-motion (FF63)
** 1479239 - return "no-preference" with prefers-reduced-motion (see 4617) (FF63+) 1363508 - spoof/suppress Pointer Events (FF64)
** 1363508 - spoof/suppress Pointer Events (see 4614) (FF64+) 1492766 - spoof pointerEvent.pointerid (FF65)
FF65: pointerEvent.pointerid (1492766) 1485266 - disable exposure of system colors to CSS or canvas (FF67)
** 1485266 - disable exposure of system colors to CSS or canvas (see 4615) (FF67+) 1494034 - return "light" with prefers-color-scheme (FF67)
** 1407366 - enable inner window letterboxing (see 4504) (FF67+) 1564422 - spoof audioContext outputLatency (FF70)
** 1494034 - return "light" with prefers-color-scheme (see 4616) (FF67+) 1595823 - return audioContext sampleRate as 44100 (FF72)
[1] https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme 1607316 - spoof pointer as coarse and hover as none (ANDROID) (FF74)
** 1564422 - spoof audioContext outputLatency (FF70+) 1621433 - randomize canvas (previously FF58+ returned an all-white canvas) (FF78)
** 1595823 - spoof audioContext sampleRate (FF72+) 1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80)
** 1607316 - spoof pointer as coarse and hover as none (ANDROID) (FF74+) 1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82)
** 1621433 - randomize canvas (previously FF58+ returned an all-white canvas) (FF78+) FF91+
531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1)
***/ ***/
user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs"); user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs");
/* 4501: enable privacy.resistFingerprinting [FF41+] /* 4501: enable privacy.resistFingerprinting [FF41+]
* This pref is the master switch for all other privacy.resist* prefs unless stated * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a site exception via the urlbar
* [SETUP-WEB] RFP can cause the odd website to break in strange ways, and has a few side affects, * RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme
* but is largely robust nowadays. Give it a try. Your choice. Also see 4504 (letterboxing). * [1] https://bugzilla.mozilla.org/418986 ***/
* [NOTE] This feature currently breaks Text & Background colors settings ("Fonts & Colors"), see [2].
* [1] https://bugzilla.mozilla.org/418986
* [2] https://bugzilla.mozilla.org/1600074 ***/
user_pref("privacy.resistFingerprinting", true); user_pref("privacy.resistFingerprinting", true);
/* 4502: set new window sizes to round to hundreds [FF55+] [SETUP-CHROME] /* 4502: set new window sizes to round to hundreds [FF55+] [SETUP-CHROME]
* Width will round down to multiples of 200s and height to 100s, to fit your screen. * Width will round down to multiples of 200s and height to 100s, to fit your screen.
* The override values are a starting point to round from if you want some control * The max values are a starting point to round from if you want some control
* [1] https://bugzilla.mozilla.org/1330882 * [1] https://bugzilla.mozilla.org/1330882 ***/
* [2] https://hardware.metrics.mozilla.com/ ***/
// user_pref("privacy.window.maxInnerWidth", 1000); // user_pref("privacy.window.maxInnerWidth", 1000);
// user_pref("privacy.window.maxInnerHeight", 1000); // user_pref("privacy.window.maxInnerHeight", 1000);
/* 4503: disable mozAddonManager Web API [FF57+] /* 4503: disable mozAddonManager Web API [FF57+]
* [NOTE] As a side-effect in FF57-59 this allowed extensions to work on AMO. In FF60+ you also need * [NOTE] To allow extensions to work on AMO, you also need 2662
* to sanitize or clear extensions.webextensions.restrictedDomains (see 2662) to keep that side-effect
* [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/ * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF] user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF]
/* 4520: disable chrome animations [FF77+] [RESTART] /* 4504: enable RFP letterboxing [FF67+]
* [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/ * Dynamically resizes the inner window by applying margins in stepped ranges [2]
user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF] * If you use the dimension pref, then it will only apply those resolutions.
* The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000")
* [SETUP-WEB] This is independent of RFP (4501). If you're not using RFP, or you are but
* dislike the margins, then flip this pref, keeping in mind that it is effectively fingerprintable
* [WARNING] DO NOT USE: the dimension pref is only meant for testing
* [1] https://bugzilla.mozilla.org/1407366
* [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/
user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF]
// user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF]
/*** [SECTION 4600]: RFP ALTERNATIVES /*** [SECTION 5000]: OPTIONAL OPSEC
* non-RFP users: Disk avoidance, application data isolation, eyeballs...
Enable the whole section (see the SETUP tag below)
* RFP users:
Make sure these are reset in about:config. They are redundant. In fact, some
even cause RFP to not behave as you would expect and alter your fingerprint
* ESR RFP users:
Reset those *up to and including* your version. Add those *after* your version
as active prefs in your overrides. This is assuming that the patch wasn't also
backported to Firefox ESR. Backporting RFP patches to ESR is rare.
***/ ***/
user_pref("_user.js.parrot", "4600 syntax error: the parrot's crossed the Jordan"); user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow");
/* [SETUP-non-RFP] Non-RFP users replace the * with a slash on this line to enable these /* 5001: start Thunderbird in PB (Private Browsing) mode
// FF55+ * [NOTE] In this mode all windows are "private windows" and the PB mode icon is not displayed
// 4601: [2514] spoof (or limit?) number of CPU cores [FF48+] * [NOTE] The P in PB mode can be misleading: it means no "persistent" disk state such as history,
// [NOTE] *may* affect core chrome/Firefox performance, will affect content. * caches, searches, cookies, localStorage, IndexedDB etc (which you can achieve in normal mode).
// [1] https://bugzilla.mozilla.org/1008453 * In fact, PB mode limits or removes the ability to control some of these, and you need to quit
// [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21675 * Thunderbird to clear them. PB is best used as a one off window (Menu>New Private Window) to provide
// [3] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22127 * a temporary self-contained new session. Close all Private Windows to clear the PB mode session.
// [4] https://html.spec.whatwg.org/multipage/workers.html#navigator.hardwareconcurrency * [SETTING] Privacy & Security>History>Custom Settings>Always use private browsing mode
// user_pref("dom.maxHardwareConcurrency", 2); * [1] https://wiki.mozilla.org/Private_Browsing
// * * * / * [2] https://support.mozilla.org/kb/common-myths-about-private-browsing ***/
// FF56+ // user_pref("browser.privatebrowsing.autostart", true);
// 4602: [2411] disable resource/navigation timing /* 5002: disable memory cache
user_pref("dom.enable_resource_timing", false); * capacity: -1=determine dynamically (default), 0=none, n=memory capacity in kibibytes ***/
// 4603: [2412] disable timing attacks user_pref("browser.cache.memory.enable", false);
// [1] https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI user_pref("browser.cache.memory.capacity", 0);
user_pref("dom.enable_performance", false); /* 5003: disable saving passwords
// 4604: [2512] disable device sensor API * [NOTE] This does not clear any passwords already saved
// Optional protection depending on your device * [SETTING] Privacy & Security>Logins and Passwords>Ask to save logins and passwords for websites ***/
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15758 user_pref("signon.rememberSignons", false);
// [2] https://blog.lukaszolejnik.com/stealing-sensitive-browser-data-with-the-w3c-ambient-light-sensor-api/ /* 5004: disable permissions manager from writing to disk [FF41+] [RESTART]
// [3] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1357733,1292751 * [NOTE] This means any permission changes are session only
* [1] https://bugzilla.mozilla.org/967812 ***/
user_pref("permissions.memory_only", true); // [HIDDEN PREF]
/* 5005: disable intermediate certificate caching [FF41+] [RESTART]
* [NOTE] This affects login/cert/key dbs. The effect is all credentials are session-only.
* Saved logins and passwords are not available. Reset the pref and restart to return them ***/
// user_pref("security.nocertdb", true); // [HIDDEN PREF]
/* 5006: disable favicons in history and bookmarks
* [NOTE] Stored as data blobs in favicons.sqlite, these don't reveal anything that your
* actual history (and bookmarks) already do. Your history is more detailed, so
* control that instead; e.g. disable history, clear history on close, use PB mode
* [NOTE] favicons.sqlite is sanitized on Thunderbird close ***/
user_pref("browser.chrome.site_icons", false);
/* 5007: exclude "Undo Closed Tabs" in Session Restore ***/
user_pref("browser.sessionstore.max_tabs_undo", 0);
/* 5008: disable resuming session from crash ***/
user_pref("browser.sessionstore.resume_from_crash", false);
/* 5009: disable "open with" in download dialog [FF50+]
* Application data isolation [1]
* [1] https://bugzilla.mozilla.org/1281959 ***/
// user_pref("browser.download.forbid_open_with", true);
/* 5013: disable browsing and download history
* [NOTE] We also clear history and downloads on exit (2803)
* [SETTING] Privacy & Security>History>Custom Settings>Remember browsing and download history ***/
user_pref("places.history.enabled", false);
/* 5016: discourage downloading to desktop
* 0=desktop, 1=downloads (default), 2=last used
* [SETTING] To set your default "downloads": General>Downloads>Save files to ***/
// user_pref("browser.download.folderList", 2);
/*** [SECTION 5500]: OPTIONAL HARDENING
Whereas not recommended by upstream arkenfox, we disable each one of those Web features
as we focus on keeping Thunderbird an email client and not a browser
***/
user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!");
/* 5501: disable MathML (Mathematical Markup Language) [FF51+]
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mathml ***/
user_pref("mathml.disabled", true); // 1173199
/* 5502: disable in-content SVG (Scalable Vector Graphics) [FF53+]
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+svg ***/
user_pref("svg.disabled", true); // 1216893
/* 5503: disable graphite
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+graphite
* [2] https://en.wikipedia.org/wiki/Graphite_(SIL) ***/
user_pref("gfx.font_rendering.graphite.enabled", false);
/* 5504: disable asm.js [FF22+]
* [1] http://asmjs.org/
* [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js
* [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ ***/
user_pref("javascript.options.asmjs", false);
/* 5505: disable Ion and baseline JIT to harden against JS exploits
* [NOTE] In FF75+, when **both** Ion and JIT are disabled, **and** the new
* hidden pref is enabled, then Ion can still be used by extensions (1599226)
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit ***/
user_pref("javascript.options.ion", false);
user_pref("javascript.options.baselinejit", false);
user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF]
/* 5506: disable WebAssembly [FF52+]
* Vulnerabilities [1] have increasingly been found, including those known and fixed
* in native programs years ago [2]. WASM has powerful low-level access, making
* certain attacks (brute-force) and vulnerabilities more possible
* [STATS] ~0.2% of websites, about half of which are for crytopmining / malvertising [2][3]
* [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm
* [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly
* [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/
user_pref("javascript.options.wasm", false);
/*** [SECTION 6000]: DON'T TOUCH ***/
user_pref("_user.js.parrot", "6000 syntax error: the parrot's 'istory!");
/* 6001: enforce Mozilla's blocklist
* [WHY] It includes updates for "revoked certificates"
* [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/
user_pref("extensions.blocklist.enabled", true); // [DEFAULT: true]
/* 6002: enforce no referer spoofing
* [WHY] Spoofing can affect CSRF (Cross-Site Request Forgery) protections ***/
user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false]
/* 6003: enforce CSP (Content Security Policy)
* [1] https://developer.mozilla.org/docs/Web/HTTP/CSP ***/
user_pref("security.csp.enable", true); // [DEFAULT: true]
/* 6004: enforce a security delay on some confirmation dialogs such as install, open/save
* [1] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/
user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000]
/* 6005: enforce window.opener protection [FF65+]
* Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+]
/* 6006: enforce "window.name" protection [FF82+]
* If a new page from another domain is loaded into a tab, then window.name is set to an empty string. The original
* string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks
* [TEST] https://arkenfox.github.io/TZP/tests/windownamea.html ***/
user_pref("privacy.window.name.update.enabled", true); // [DEFAULT: true FF86+]
/* 6050: prefsCleaner: reset previously active items removed from arkenfox in 79-91 ***/
// user_pref("browser.newtabpage.activity-stream.asrouter.providers.snippets", "");
// user_pref("browser.send_pings.require_same_host", "");
// user_pref("dom.allow_cut_copy", "");
// user_pref("dom.vibrator.enabled", "");
// user_pref("media.getusermedia.audiocapture.enabled", "");
// user_pref("media.getusermedia.browser.enabled", "");
// user_pref("media.getusermedia.screensharing.enabled", "");
// user_pref("media.gmp-widevinecdm.visible", "");
// user_pref("network.http.redirection-limit", "");
// user_pref("privacy.partition.network_state", "");
// user_pref("security.insecure_connection_icon.enabled", ""); // [DEFAULT: true FF70+]
// user_pref("security.mixed_content.block_active_content", ""); // [DEFAULT: true since at least FF60]
// user_pref("security.ssl.enable_ocsp_stapling", ""); // [DEFAULT: true FF26+]
// user_pref("webgl.disable-fail-if-major-performance-caveat", ""); // [DEFAULT: true FF86+]
// user_pref("webgl.enable-webgl2", "");
// user_pref("webgl.min_capability_mode", "");
/*** [SECTION 7000]: DON'T BOTHER ***/
user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!");
/* 7001: disable APIs
* Location-Aware Browsing, Full Screen, offline cache (appCache), Virtual Reality
* [WHY] The API state is easily fingerprintable. Geo and VR are behind prompts (7002).
* appCache storage capability was removed in FF90. Full screen requires user interaction ***/
// user_pref("geo.enabled", false);
// user_pref("full-screen-api.enabled", false);
// user_pref("browser.cache.offline.enable", false);
// user_pref("dom.vr.enabled", false);
/* 7002: set default permissions
* Location, Camera, Microphone, Notifications [FF58+] Virtual Reality [FF73+]
* 0=always ask (default), 1=allow, 2=block
* [WHY] These are fingerprintable via Permissions API, except VR. Just add site
* exceptions as allow/block for frequently visited/annoying sites: i.e. not global
* [SETTING] to add site exceptions: Ctrl+I>Permissions>
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
// user_pref("permissions.default.geo", 0);
// user_pref("permissions.default.camera", 0);
// user_pref("permissions.default.microphone", 0);
// user_pref("permissions.default.desktop-notification", 0);
// user_pref("permissions.default.xr", 0); // Virtual Reality
/* 7003: disable non-modern cipher suites [1]
* [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks
* [1] https://browserleaks.com/ssl ***/
// user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
// user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false);
// user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false);
// user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS
// user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS
// user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS
// user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES
/* 7004: control TLS versions
* [WHY] Passive fingerprinting. Downgrades are still possible: behind user interaction ***/
// user_pref("security.tls.version.min", 3); // [DEFAULT: 3]
// user_pref("security.tls.version.max", 4);
/* 7005: disable SSL session IDs [FF36+]
* [WHY] Passive fingerprinting and perf costs. These are session-only and isolated
* with network partitioning (FF85+) or when using FPI and/or containers ***/
// user_pref("security.ssl.disable_session_identifiers", true); // [HIDDEN PREF]
/* 7006: onions
* [WHY] Firefox doesn't support hidden services. Use Tor Browser ***/
// user_pref("dom.securecontext.whitelist_onions", true); // 1382359
// user_pref("network.http.referer.hideOnionSource", true); // 1305144
/* 7007: referers
* [WHY] Only cross-origin referers (1600s) need control ***/
// user_pref("network.http.sendRefererHeader", 2);
// user_pref("network.http.referer.trimmingPolicy", 0);
/* 7008: set the default Referrer Policy [FF59+]
* 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade
* [WHY] Defaults are fine. They can be overridden by a site-controlled Referrer Policy ***/
// user_pref("network.http.referer.defaultPolicy", 2); // [DEFAULT: 2 FF87+]
// user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2]
/* 7009: disable HTTP2
* [WHY] Passive fingerprinting. ~50% of sites use HTTP2 [1]
* [1] https://w3techs.com/technologies/details/ce-http2/all/all ***/
// user_pref("network.http.spdy.enabled", false);
// user_pref("network.http.spdy.enabled.deps", false);
// user_pref("network.http.spdy.enabled.http2", false);
// user_pref("network.http.spdy.websockets", false); // [FF65+]
/* 7010: disable HTTP Alternative Services [FF37+]
* [WHY] Already isolated by network partitioning (FF85+) or FPI ***/
// user_pref("network.http.altsvc.enabled", false);
// user_pref("network.http.altsvc.oe", false);
/* 7011: disable website control over browser right-click context menu
* [WHY] Just use Shift-Right-Click ***/
// user_pref("dom.event.contextmenu.enabled", false);
/* 7012: disable icon fonts (glyphs) and local fallback rendering
* [WHY] Breakage, font fallback is equivalency, also RFP
* [1] https://bugzilla.mozilla.org/789788
* [2] https://gitlab.torproject.org/legacy/trac/-/issues/8455 ***/
// user_pref("gfx.downloadable_fonts.enabled", false); // [FF41+]
// user_pref("gfx.downloadable_fonts.fallback_delay", -1);
/* 7013: disable Clipboard API
* [WHY] Fingerprintable. Breakage. Cut/copy/paste require user
* interaction, and paste is limited to focused editable fields ***/
// user_pref("dom.event.clipboardevents.enabled", false);
/*** [SECTION 8000]: DON'T BOTHER: NON-RFP
[WHY] They are insufficient to help anti-fingerprinting and do more harm than good
[WARNING] DO NOT USE with RFP. RFP already covers these and they can interfere
***/
user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan");
/* 8001: disable APIs ***/
// user_pref("device.sensors.enabled", false); // user_pref("device.sensors.enabled", false);
// 4606: [2501] disable gamepad API - USB device ID enumeration // user_pref("dom.enable_performance", false);
// Optional protection depending on your connected devices // user_pref("dom.enable_resource_timing", false);
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/13023
// user_pref("dom.gamepad.enabled", false); // user_pref("dom.gamepad.enabled", false);
// 4607: [2503] disable giving away network info [FF31+] // user_pref("dom.netinfo.enabled", false);
// e.g. bluetooth, cellular, ethernet, wifi, wimax, other, mixed, unknown, none // user_pref("dom.webaudio.enabled", false);
// [1] https://developer.mozilla.org/docs/Web/API/Network_Information_API /* 8002: disable other ***/
// [2] https://wicg.github.io/netinfo/ // user_pref("browser.display.use_document_fonts", 0);
// [3] https://bugzilla.mozilla.org/960426 // user_pref("browser.zoom.siteSpecific", false);
user_pref("dom.netinfo.enabled", false); // [DEFAULT: true on Android]
// 4608: [2021] disable the SpeechSynthesis (Text-to-Speech) part of the Web Speech API
// [1] https://developer.mozilla.org/docs/Web/API/Web_Speech_API
// [2] https://developer.mozilla.org/docs/Web/API/SpeechSynthesis
// [3] https://wiki.mozilla.org/HTML5_Speech_API
user_pref("media.webspeech.synth.enabled", false);
// * * * /
// FF57+
// 4610: [2506] disable video statistics - JS performance fingerprinting [FF25+]
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/15757
// [2] https://bugzilla.mozilla.org/654550
user_pref("media.video_stats.enabled", false);
// 4611: [2509] disable touch events
// fingerprinting attack vector - leaks screen res & actual screen coordinates
// 0=disabled, 1=enabled, 2=autodetect
// Optional protection depending on your device
// [1] https://developer.mozilla.org/docs/Web/API/Touch_events
// [2] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/10286
// user_pref("dom.w3c_touch_events.enabled", 0); // user_pref("dom.w3c_touch_events.enabled", 0);
// * * * / // user_pref("media.navigator.enabled", false);
// FF59+ // user_pref("media.ondevicechange.enabled", false);
// 4612: [2511] disable MediaDevices change detection [FF51+] // user_pref("media.video_stats.enabled", false);
// [1] https://developer.mozilla.org/docs/Web/Events/devicechange // user_pref("media.webspeech.synth.enabled", false);
// [2] https://developer.mozilla.org/docs/Web/API/MediaDevices/ondevicechange // user_pref("webgl.enable-debug-renderer-info", false);
user_pref("media.ondevicechange.enabled", false); /* 8003: spoof ***/
// * * * / // user_pref("dom.maxHardwareConcurrency", 2);
// FF60+ // user_pref("font.system.whitelist", ""); // [HIDDEN PREF]
// 4613: [2011] disable WebGL debug info being available to websites
// [1] https://bugzilla.mozilla.org/1171228
// [2] https://developer.mozilla.org/docs/Web/API/WEBGL_debug_renderer_info
user_pref("webgl.enable-debug-renderer-info", false);
// * * * /
// FF65+
// 4614: [2516] disable PointerEvents
// [1] https://developer.mozilla.org/en-US/docs/Web/API/PointerEvent
user_pref("dom.w3c_pointer_events.enabled", false);
// * * * /
// FF67+
// 4615: [2618] disable exposure of system colors to CSS or canvas [FF44+]
// [NOTE] See second listed bug: may cause black on black for elements with undefined colors
// [SETUP-CHROME] Might affect CSS in themes and extensions
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,133087
user_pref("ui.use_standins_for_native_colors", true);
// 4616: enforce prefers-color-scheme as light [FF67+]
// 0=light, 1=dark : This overrides your OS value
user_pref("ui.systemUsesDarkTheme", 0); // [HIDDEN PREF]
// 4617: enforce prefers-reduced-motion as no-preference [FF63+] [RESTART]
// 0=no-preference, 1=reduce
user_pref("ui.prefersReducedMotion", 0); // [HIDDEN PREF]
// * * * /
// FF41+
// 4620: mitigate fingerprinting via canvas
// [NOTE] This setting has been removed from gHacks v67 (see [1]) but is still enabled by default.
// [1] https://github.com/arkenfox/user.js/commit/8b07fd57d0f8a31dab25661d51235fe1b0c6360c
user_pref("canvas.capturestream.enabled", false);
// * * * /
// ***/
/*** [SECTION 4700]: RFP ALTERNATIVES (NAVIGATOR / USER AGENT (UA) SPOOFING)
This is FYI ONLY. These prefs are INSUFFICIENT(a) on their own, you need
to use RFP (4500) or an extension, in which case they become POINTLESS.
(a) Many of the components that make up your UA can be derived by other means.
And when those values differ, you provide more bits and raise entropy.
Examples of leaks include workers, navigator objects, date locale/formats,
iframes, headers, tcp/ip attributes, feature detection, and **many** more.
ALL values below intentionally left blank - use RFP, or get a vetted, tested
extension and mimic RFP values to *lower* entropy, or randomize to *raise* it
***/
user_pref("_user.js.parrot", "4700 syntax error: the parrot's taken 'is last bow");
/* 4701: navigator.userAgent ***/
// user_pref("general.useragent.override", ""); // [HIDDEN PREF]
/* 4702: navigator.buildID
* Revealed build time down to the second. In FF64+ it now returns a fixed timestamp
* [1] https://bugzilla.mozilla.org/583181
* [2] https://www.fxsitecompat.com/en-CA/docs/2018/navigator-buildid-now-returns-a-fixed-timestamp/ ***/
// user_pref("general.buildID.override", ""); // [HIDDEN PREF]
/* 4703: navigator.appName ***/
// user_pref("general.appname.override", ""); // [HIDDEN PREF] // user_pref("general.appname.override", ""); // [HIDDEN PREF]
/* 4704: navigator.appVersion ***/
// user_pref("general.appversion.override", ""); // [HIDDEN PREF] // user_pref("general.appversion.override", ""); // [HIDDEN PREF]
/* 4705: navigator.platform ***/ // user_pref("general.buildID.override", ""); // [HIDDEN PREF]
// user_pref("general.platform.override", ""); // [HIDDEN PREF]
/* 4706: navigator.oscpu ***/
// user_pref("general.oscpu.override", ""); // [HIDDEN PREF] // user_pref("general.oscpu.override", ""); // [HIDDEN PREF]
/* 4707: Limit user-agent data by imitating Firefox's user-agent */ // user_pref("general.platform.override", ""); // [HIDDEN PREF]
// user_pref("general.useragent.compatMode.firefox", true); // user_pref("general.useragent.override", ""); // [HIDDEN PREF]
// user_pref("ui.use_standins_for_native_colors", true);
/*** [SECTION 9000]: PERSONAL /*** [SECTION 9000]: PERSONAL
Non-project related but useful. If any of these interest you, add them to your overrides ***/ Non-project related but useful. If any of these interest you, add them to your overrides ***/