Last active
January 29, 2018 17:51
-
-
Save Atavic/f3b4bd9e207c2b0fac91937fef0df594 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/****************************************************************************** | |
user_pref("dom.workers.enabled", false); // TOR: true | |
// PREF: Disable web notifications | |
user_pref("dom.webnotifications.enabled", false); // TOR: true | |
// PREF: When geolocation is enabled, use Mozilla geolocation service instead of Google | |
user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); // TOR: "" | |
// PREF: When geolocation is enabled, don't log geolocation requests to the console | |
user_pref("geo.wifi.logging.enabled", false); // TOR: missing | |
// PREF: Don't reveal your internal IP when WebRTC is enabled (Firefox >= 42) | |
user_pref("media.peerconnection.ice.default_address_only", true); // Firefox 42-51 // TOR: missing | |
user_pref("media.peerconnection.ice.no_host", true); // Firefox >= 52 // TOR: missing | |
// PREF: Disable WebRTC getUserMedia, screen sharing, audio capture, video capture | |
user_pref("media.navigator.video.enabled", false); // TOR: missing | |
user_pref("media.getusermedia.screensharing.enabled", false); // TOR: true | |
// PREF: Disable battery API (Firefox < 52) | |
user_pref("dom.battery.enabled", false); // TOR: true | |
// PREF: Disable telephony API | |
user_pref("dom.telephony.enabled", false); // TOR: missing | |
// PREF: Disable "beacon" asynchronous HTTP transfers | |
user_pref("beacon.enabled", false); // TOR: true | |
// PREF: Disable clipboard event detection via Javascript | |
user_pref("dom.event.clipboardevents.enabled", false); // TOR: true | |
// PREF: Disable "copy to clipboard" functionality via Javascript (Firefox >= 41) | |
user_pref("dom.allow_cut_copy", false); // TOR: missing | |
// PREF: Disable speech synthesis | |
user_pref("media.webspeech.synth.enabled", false); // TOR: missing | |
// PREF: When browser pings are enabled, only allow pinging the same host as the origin page | |
user_pref("browser.send_pings.require_same_host", true); // TOR: false | |
// PREF: Disable vibrator API | |
user_pref("dom.vibrator.enabled", false); // TOR: true | |
// PREF: Disable webGL | |
user_pref("webgl.disabled", true); // TOR: false | |
// somewhat related... | |
//user_pref("pdfjs.enableWebGL", false); // TOR: false | |
// PREF: Spoof dual-core CPU | |
user_pref("dom.maxHardwareConcurrency", 2); // TOR: 1 | |
* SECTION: Misc * | |
// PREF: Disable face detection | |
user_pref("camera.control.face_detection.enabled", false); // TOR: true | |
// PREF: Set the default search engine to DuckDuckGo (disabled) | |
//user_pref("browser.search.defaultenginename", "DuckDuckGo"); // TOR: data:text/plain,browser.search.defaultenginename=DuckDuckGo | |
//user_pref("browser.search.order.1", "DuckDuckGo"); // TOR: Google | |
//user_pref("keyword.URL", "https://duckduckgo.com/html/?q=!+"); // TOR: missing | |
// PREF: Set Accept-Language HTTP header to en-US regardless of Firefox localization | |
user_pref("intl.accept_languages", "en-us, en"); // TOR: en-US, en | |
// PREF: Do not automatically send selection to clipboard on some Linux platforms | |
user_pref("clipboard.autocopy", false); // TOR: true | |
// PREF: Do not submit invalid URIs entered in the address bar to the default search engine | |
user_pref("keyword.enabled", false); // TOR: true | |
// PREF: Don't trim HTTP off of URLs in the address bar | |
user_pref("browser.urlbar.trimURLs", false); // TOR: true | |
// PREF: Enforce Mixed Passive Content blocking (a.k.a. Mixed Display Content) | |
user_pref("security.mixed_content.block_display_content", true); // TOR: false | |
// CIS 2.7.4 Disable Scripting of Plugins by JavaScript | |
user_pref("security.xpconnect.plugin.unrestricted", false); // TOR: true | |
// PREF: Disable in-content SVG rendering (Firefox >= 53) | |
user_pref("svg.disabled", true); // TOR: missing | |
// PREF: Don't reveal build ID | |
user_pref("browser.startup.homepage_override.buildID", "20100101"); // TOR: 20180202070101 | |
// PREF: Prevent font fingerprinting | |
user_pref("browser.display.use_document_fonts", 0); // TOR: 1 | |
// PREF: Enable only whitelisted URL protocol handlers | |
user_pref("network.protocol-handler.external.http", false); // TOR: missing, there is external.ttp | |
user_pref("network.protocol-handler.external.https", false); // TOR: missing, there is external.ttps | |
user_pref("network.protocol-handler.external.moz-extension", false); // TOR: missing | |
user_pref("network.protocol-handler.external.ftp", false); // TOR: missing, there is external.tp | |
user_pref("network.protocol-handler.external.file", false); // TOR: missing, there is external.ile | |
user_pref("network.protocol-handler.external.about", false); // TOR: missing | |
user_pref("network.protocol-handler.external.chrome", false); // TOR: missing | |
user_pref("network.protocol-handler.external.blob", false); // TOR: missing | |
user_pref("network.protocol-handler.expose-all", false); // TOR: true | |
user_pref("network.protocol-handler.expose.http", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.https", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.javascript", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.moz-extension", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.ftp", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.file", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.about", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.chrome", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.blob", true); // TOR: missing | |
user_pref("network.protocol-handler.expose.data", true); // TOR: missing | |
* SECTION: Extensions / plugins* | |
// PREF: Opt-out of themes (Persona) updates | |
user_pref("lightweightThemes.update.enabled", false); // TOR: true | |
// PREF: Disable Flash Player NPAPI plugin | |
user_pref("plugin.state.flash", 0); // TOR: 1 | |
// PREF: Disable Java NPAPI plugin | |
user_pref("plugin.state.java", 0); // TOR: 1 | |
// PREF: Disable sending Flash Player crash reports | |
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); // TOR: true | |
// PREF: When Flash crash reports are enabled, don't send the visited URL in the crash report | |
user_pref("dom.ipc.plugins.reportCrashURL", false); // TOR: true | |
// PREF: When Flash is enabled, download and use Mozilla SWF URIs blocklist | |
user_pref("browser.safebrowsing.blockedURIs.enabled", true); // TOR: false | |
// PREF: Disable Shumway (Mozilla Flash renderer) | |
user_pref("shumway.disabled", true); // TOR: missing | |
// PREF: Disable Gnome Shell Integration NPAPI plugin | |
user_pref("plugin.state.libgnome-shell-browser-plugin", 0); // TOR: missing | |
// PREF: Disable the bundled OpenH264 video codec (disabled) | |
//user_pref("media.gmp-provider.enabled", false); // TOR: false | |
// PREF: Enable add-on and certificate blocklists (OneCRL) from Mozilla | |
user_pref("services.blocklist.update_enabled", true); // TOR: false | |
// PREF: Decrease system information leakage to Mozilla blocklist update servers | |
user_pref("extensions.blocklist.url", "https://blocklist.addons.mozilla.org/blocklist/3/%APP_ID%/%APP_VERSION%/"); // TOR: https://blocklist.addons.mozilla.org/blocklist/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/ | |
* SECTION: Firefox (anti-)features / components* | |
// PREF: Disable Mozilla telemetry/experiments | |
user_pref("experiments.supported", false); // TOR: true | |
user_pref("experiments.manifest.uri", ""); // TOR: https://telemetry-experiment.cdn.mozilla.net/manifest/v1/firefox/%VERSION%/%CHANNEL% | |
// PREF: Disallow Necko to do A/B testing | |
user_pref("network.allow-experiments", false); // TOR: true | |
// PREF: Disable sending Firefox crash reports to Mozilla servers | |
user_pref("breakpad.reportURL", ""); // TOR: https://crash-stats.mozilla.com/report/index/ | |
// PREF: Disable sending reports of tab crashes to Mozilla (about:tabcrashed), don't nag user about unsent crash reports | |
user_pref("browser.tabs.crashReporting.sendReport", false); // TOR: true | |
// PREF: Enable Firefox Tracking Protection | |
user_pref("privacy.trackingprotection.enabled", true); // TOR: false | |
user_pref("privacy.trackingprotection.pbmode.enabled", true); // TOR: false | |
// PREF: Enable contextual identity Containers feature (Firefox >= 52) | |
user_pref("privacy.userContext.enabled", true); // TOR: false | |
// PREF: Disable the built-in PDF viewer | |
user_pref("pdfjs.disabled", true); // TOR: false | |
// PREF: Disable Firefox Hello (disabled) (Firefox < 49) | |
// NOTICE-DISABLED: Firefox Hello requires setting `media.peerconnection.enabled` and `media.getusermedia.screensharing.enabled` to true, `security.OCSP.require` to false to work. // TOR: false, true, false | |
//user_pref("loop.enabled", false); // TOR: missing | |
// PREF: Disable Firefox Hello metrics collection | |
user_pref("loop.logDomains", false); // TOR: missing | |
// PREF: Enable Auto Update (disabled) | |
//user_pref("app.update.auto", true); // TOR: true | |
// PREF: Enable blocking reported web forgeries | |
user_pref("browser.safebrowsing.enabled", true); // Firefox < 50 // TOR: false | |
user_pref("browser.safebrowsing.phishing.enabled", true); // firefox >= 50 // TOR: false | |
// PREF: Enable blocking reported attack sites | |
user_pref("browser.safebrowsing.malware.enabled", true); //TOR: false | |
// PREF: Disable Pocket | |
user_pref("extensions.pocket.enabled", false); // TOR: true | |
// PREF: Disable SHIELD | |
user_pref("extensions.shield-recipe-client.enabled", false); // TOR: missing | |
user_pref("app.shield.optoutstudies.enabled", false); // TOR: missing | |
// PREF: Disable "Recommended by Pocket" in Firefox Quantum | |
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); // TOR: missing | |
* SECTION: Automatic connections* | |
// PREF: Disable prefetching of <link rel="next"> URLs | |
user_pref("network.prefetch-next", false); // TOR: true | |
// PREF: Disable DNS prefetching | |
user_pref("network.dns.disablePrefetchFromHTTPS", true); // TOR: missing | |
// PREF: Disable "Show search suggestions in location bar results" | |
user_pref("browser.urlbar.suggest.history", false); // TOR: true | |
// PREF: Disable automatic downloading of OpenH264 codec | |
user_pref("media.gmp-gmpopenh264.enabled", false); // TOR: missing | |
user_pref("media.gmp-manager.url", ""); // TOR: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/update.xml | |
// PREF: Disable speculative pre-connections | |
user_pref("network.http.speculative-parallel-limit", 0); // TOR: 6 | |
// PREF: Disable downloading homepage snippets/messages from Mozilla | |
user_pref("browser.aboutHomeSnippets.updateUrl", ""); // TOR: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/ | |
* SECTION: HTTP* | |
// PREF: Disallow NTLMv1 | |
user_pref("network.negotiate-auth.allow-insecure-ntlm-v1", false); // TOR: missing | |
//user_pref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false); // TOR: missing | |
// PREF: Enable CSP 1.1 script-nonce directive support | |
user_pref("security.csp.experimentalEnabled", true); // TOR: false | |
// PREF: DNT HTTP header (disabled) | |
//user_pref("privacy.donottrackheader.enabled", true); // TOR: false | |
// PREF: Send a referer header with the target URI as the source | |
user_pref("network.http.referer.spoofSource", true); // TOR: false | |
// PREF: Don't send referer headers when following links across different domains (disabled) | |
// user_pref("network.http.referer.XOriginPolicy", 2); // TOR: 0 | |
// PREF: Make sure that third-party cookies (if enabled) never persist beyond the session. | |
user_pref("network.cookie.thirdparty.sessionOnly", true); // TOR: false | |
// PREF: Spoof User-agent (disabled) | |
//user_pref("general.appversion.override", "5.0 (Windows)"); // TOR: 5.0 (Windows) | |
* SECTION: Caching* | |
// PREF: Clear history when Firefox closes | |
user_pref("privacy.sanitize.sanitizeOnShutdown", true); // TOR: false | |
user_pref("privacy.clearOnShutdown.offlineApps", true); // TOR: false | |
user_pref("privacy.clearOnShutdown.openWindows", true); // TOR: false | |
// PREF: Set time range to "Everything" as default in "Clear Recent History" | |
user_pref("privacy.sanitize.timeSpan", 0); // TOR: 1 | |
// PREF: Clear everything but "Site Preferences" in "Clear Recent History" | |
user_pref("privacy.cpd.offlineApps", true); // TOR: false | |
// PREF: Don't remember browsing history | |
user_pref("places.history.enabled", false); // TOR: true | |
// PREF: Disable memory cache (disabled) | |
//user_pref("browser.cache.memory.enable", false); // TOR: true | |
// PREF: Disable Caching of SSL Pages | |
user_pref("browser.cache.disk_cache_ssl", false); // TOR: true | |
// PREF: Disable download history | |
user_pref("browser.download.manager.retention", 0); // TOR: 1 | |
// PREF: Disable formless login capture | |
user_pref("signon.formlessCapture.enabled", false); // TOR: true | |
// PREF: Disable the password manager for pages with autocomplete=off (disabled) | |
//user_pref("signon.storeWhenAutocompleteOff", false); // TOR: true | |
// PREF: Delete Search and Form History | |
user_pref("browser.formfill.expire_days", 0); // TOR: 180 | |
// PREF: Do not create screenshots of visited pages (relates to the "new tab page" feature) | |
user_pref("browser.pagethumbnails.capturing_disabled", true); // TOR: missing | |
// PREF: Don't fetch and permanently store favicons for Windows .URL shortcuts created by drag and drop | |
user_pref("browser.shell.shortcutFavicons", false); // TOR: true | |
// PREF: Disable bookmarks backups (default: 15) | |
user_pref("browser.bookmarks.max_backups", 0); // TOR: 15 | |
* SECTION: UI related* | |
// PREF: Disable right-click menu manipulation via JavaScript (disabled) | |
//user_pref("dom.event.contextmenu.enabled", false); // TOR: true | |
// PREF: Disable "Are you sure you want to leave this page?" popups on page close | |
//user_pref("dom.disable_beforeunload", true); // TOR: false | |
// PREF: Disable Downloading on Desktop | |
user_pref("browser.download.folderList", 2); // TOR: 1 | |
// PREF: Disable the "new tab page" feature and show a blank tab instead | |
user_pref("browser.newtabpage.enabled", false); // TOR: true | |
user_pref("browser.newtab.url", "about:blank"); // TOR: missing | |
// PREF: Disable Activity Stream | |
user_pref("browser.newtabpage.activity-stream.enabled", false); // TOR: missing | |
// PREF: Disable new tab tile ads & preload | |
user_pref("browser.newtab.preload", false); // TOR: true | |
user_pref("browser.newtabpage.directory.ping", ""); //TOR: data:text/plain, | |
// PREF: Enable Auto Notification of Outdated Plugins (Firefox < 50) | |
user_pref("plugins.update.notifyUser", true); // TOR: missing | |
// PREF: Force Punycode for Internationalized Domain Names | |
user_pref("network.IDN_show_punycode", true); // TOR: false | |
// PREF: Disable inline autocomplete in URL bar | |
user_pref("browser.urlbar.autoFill", false); // TOR: true | |
user_pref("browser.urlbar.autoFill.typed", false); // TOR: true | |
// PREF: Disable CSS :visited selectors | |
user_pref("layout.css.visited_links_enabled", false); // TOR: true | |
// PREF: Disable URL bar autocomplete and history/bookmarks suggestions dropdown | |
user_pref("browser.urlbar.autocomplete.enabled", false); // TOR: true | |
// PREF: When password manager is enabled, lock the password storage periodically | |
user_pref("security.ask_for_password", 2); // TOR: 0 | |
// PREF: Lock the password storage every 1 minutes (default: 30) | |
user_pref("security.password_lifetime", 1); // TOR: 30 | |
* SECTION: Cryptography* | |
// PREF: Require a valid OCSP response for OCSP enabled certificates | |
user_pref("security.OCSP.require", true); // TOR: false | |
// PREF: Only allow TLS 1.[0-3] | |
user_pref("security.tls.version.max", 4); // TOR: 3 | |
// PREF: Disallow SHA-1 | |
user_pref("security.pki.sha1_enforcement_level", 1); // TOR: 2 | |
// PREF: Warn the user when server doesn't support RFC 5746 ("safe" renegotiation) | |
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); // TOR: false | |
// PREF: Disallow connection to servers not supporting safe renegotiation | |
//user_pref("security.ssl.require_safe_negotiation", true); // TOR: false | |
// PREF: Pre-populate the current URL but do not pre-fetch the certificate in the "Add Security Exception" dialog | |
user_pref("browser.ssl_override_behavior", 1); // TOR: 2 | |
* SECTION: Cipher suites * | |
// PREF: Disable null ciphers | |
user_pref("security.ssl3.rsa_null_sha", false); // TOR: missing | |
user_pref("security.ssl3.rsa_null_md5", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_rsa_null_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_ecdsa_null_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_rsa_null_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_ecdsa_null_sha", false); // TOR: missing | |
// PREF: Disable SEED cipher | |
user_pref("security.ssl3.rsa_seed_sha", false); // TOR: missing | |
// PREF: Disable 40/56/128-bit ciphers | |
// 40-bit ciphers | |
user_pref("security.ssl3.rsa_rc4_40_md5", false); // TOR: missing | |
user_pref("security.ssl3.rsa_rc2_40_md5", false); // TOR: missing | |
// 56-bit ciphers | |
user_pref("security.ssl3.rsa_1024_rc4_56_sha", false); // TOR: missing | |
// 128-bit ciphers | |
user_pref("security.ssl3.rsa_camellia_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false); // TOR: true | |
user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // TOR: true | |
user_pref("security.ssl3.ecdh_rsa_aes_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_ecdsa_aes_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_rsa_camellia_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_rsa_aes_128_sha", false); // TOR: true | |
// PREF: Disable RC4 | |
user_pref("security.ssl3.ecdh_ecdsa_rc4_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_rsa_rc4_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.rsa_rc4_128_md5", false); // TOR: missing | |
user_pref("security.ssl3.rsa_rc4_128_sha", false); // TOR: missing | |
user_pref("security.tls.unrestricted_rc4_fallback", false); | |
// PREF: Disable 3DES (effective key size is < 128) | |
user_pref("security.ssl3.dhe_dss_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_rsa_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_ecdsa_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_rsa_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_ecdsa_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdhe_rsa_des_ede3_sha", false); // TOR: missing | |
user_pref("security.ssl3.rsa_des_ede3_sha", false); // TOR: true | |
user_pref("security.ssl3.rsa_fips_des_ede3_sha", false); // TOR: missing | |
// PREF: Disable ciphers with ECDH (non-ephemeral) | |
user_pref("security.ssl3.ecdh_rsa_aes_256_sha", false); // TOR: missing | |
user_pref("security.ssl3.ecdh_ecdsa_aes_256_sha", false); // TOR: missing | |
// PREF: Disable 256 bits ciphers without PFS | |
user_pref("security.ssl3.rsa_camellia_256_sha", false); // TOR: missing | |
// PREF: Disable ciphers susceptible to the logjam attack | |
user_pref("security.ssl3.dhe_rsa_aes_256_sha", false); // TOR: true | |
// PREF: Disable ciphers with DSA (max 1024 bits) | |
user_pref("security.ssl3.dhe_dss_aes_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_dss_aes_256_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_dss_camellia_128_sha", false); // TOR: missing | |
user_pref("security.ssl3.dhe_dss_camellia_256_sha", false); // TOR: missing | |
******************************************************************************/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment