Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
firefox-knigge/mariux_template.txt
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
213 lines (170 sloc)
9.59 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Any comment. You must start the file with a comment! | |
| pref("storage.nfs_filesystem", true); | |
| //disable Captive Portal detection https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy | |
| pref("network.captive-portal-service.enabled",false); | |
| pref("captivedetect.canonicalURL", ""); | |
| //disable Network Connectivity checks | |
| pref("network.connectivity-service.enabled", false); | |
| // Don't show WhatsNew on first run after every update | |
| pref("browser.startup.homepage_override.mstone","ignore"); | |
| //disable slowStartup Notification | |
| pref("browser.slowStartup.notificationDisabled", true); | |
| pref("browser.slowStartup.maxSamples", 0); | |
| pref("browser.slowStartup.samples", 0); | |
| pref("browser.rights.3.shown", true); | |
| pref("startup.homepage_welcome_url", ""); | |
| pref("startup.homepage_welcome_url.additional", ""); | |
| pref("startup.homepage_override_url", ""); | |
| pref("browser.laterrun.enabled", false); | |
| //disable default browser check | |
| pref("browser.shell.checkDefaultBrowser", false); | |
| //disable daily pings to Mozilla about extensions and recent startup | |
| lockPref("extensions.getAddons.cache.enabled", false); | |
| //disable sending the URL of the website where a plugin crashed | |
| pref("dom.ipc.plugins.reportCrashURL", false); | |
| //disable auto update for extensions | |
| lockPref("extensions.update.autoUpdateDefault", false); | |
| //disable about:addons' Get Add-ons panel (uses Google-Analytics) | |
| pref("extensions.getAddons.showPane", false); // hidden pref | |
| pref("extensions.webservice.discoverURL", ""); | |
| // Set default homepage - users can change | |
| // Requires a complex preference | |
| defaultPref("browser.startup.homepage","data:text/plain,browser.startup.homepage=https://intranet.molgen.mpg.de/"); | |
| // Don't ask to install the Flash plugin | |
| pref("plugins.notifyMissingFlash", false); | |
| // Disable upload of health reports | |
| lockPref("datareporting.healthreport.uploadEnabled", false); | |
| //disable about:healthreport page (which connects to Mozilla for locale/css+js+json) | |
| lockPref("datareporting.healthreport.about.reportUrl", "data:text/plain,"); | |
| // Disable all data upload (Telemetry and FHR) | |
| lockPref("toolkit.telemetry.unified", false); | |
| lockPref("toolkit.telemetry.enabled", false); | |
| lockPref("toolkit.telemetry.server", ""); | |
| lockPref("toolkit.telemetry.newProfilePing.enabled", false); | |
| lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
| lockPref("toolkit.telemetry.updatePing.enabled", false); | |
| lockPref("toolkit.telemetry.bhrPing.enabled", false); | |
| lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
| lockPref("toolkit.telemetry.cachedClientID", ""); | |
| lockPref("toolkit.telemetry.archive.enabled", false); | |
| lockPref("datareporting.policy.dataSubmissionEnabled", false); | |
| lockPref("browser.ping-centre.telemetry", false); | |
| //disable "Snippets" (Mozilla content shown on about:home screen) | |
| defaultPref("browser.aboutHomeSnippets.updateUrl", "https://127.0.0.1"); //test | |
| //disable experiments https://wiki.mozilla.org/Telemetry/Experiments | |
| defaultPref("experiments.enabled", false); | |
| defaultPref("experiments.manifest.uri", ""); | |
| defaultPref("experiments.supported", false); | |
| defaultPref("experiments.activeExperiment", false); | |
| // disable Mozilla permission to silently opt you into tests | |
| defaultPref("network.allow-experiments", false); | |
| /* 0206: disable geographically specific results/search engines e.g. "browser.search.*.US" | |
| * i.e. ignore all of Mozilla's various search engines in multiple locales ***/ | |
| defaultPref("browser.search.geoSpecificDefaults", false); | |
| defaultPref("browser.search.geoSpecificDefaults.url", ""); | |
| // 0202: disable using the OS's geolocation service | |
| pref("geo.provider.use_gpsd", false); // [LINUX] | |
| /* 0503: disable Normandy/Shield [FF60+] | |
| * Shield is an telemetry system (including Heartbeat) that can also push and test "recipes" | |
| * [1] https://wiki.mozilla.org/Firefox/Shield | |
| * [2] https://github.com/mozilla/normandy ***/ | |
| defaultPref("app.normandy.enabled", false); | |
| defaultPref("app.normandy.api_url", ""); | |
| defaultPref("app.shield.optoutstudies.enabled", false); | |
| /* 0601: disable link prefetching | |
| * [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/ | |
| defaultPref("network.prefetch-next", false); | |
| /* 0602: disable DNS prefetching | |
| * [1] https://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/ | |
| * [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/ | |
| defaultPref("network.dns.disablePrefetch", true); | |
| defaultPref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF ESR] [DEFAULT: true FF70+] | |
| /* 0603: disable predictor / prefetching ***/ | |
| defaultPref("network.predictor.enabled", false); | |
| defaultPref("network.predictor.enable-prefetch", false); // [FF48+] | |
| //https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6) | |
| pref("network.dns.disableIPv6", true); | |
| /* 0320: disable about:addons' Recommendations pane (uses Google Analytics) ***/ | |
| defaultPref("extensions.getAddons.showPane", false); // [HIDDEN PREF] | |
| //disable personalized Extension Recommendations in about:addons | |
| pref("browser.discovery.enabled", false); | |
| //disable pocket | |
| defaultPref("extensions.pocket.enabled", false); | |
| //disable flyweb https://flyweb.github.io/ | |
| pref("dom.flyweb.enabled", false); | |
| //disable Shield https://wiki.mozilla.org/Firefox/Shield | |
| lockPref("extensions.shield-recipe-client.enabled", false); | |
| lockPref("extensions.shield-recipe-client.api_url", ""); | |
| //disable Follow on Search and Activity Stream | |
| defaultPref("browser.newtabpage.activity-stream.enabled", false); | |
| defaultPref("browser.library.activity-stream.enabled", false); | |
| //Activity Stream is the default homepage/newtab based on metadata and browsing behavior | |
| pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
| pref("browser.newtabpage.activity-stream.telemetry", false); | |
| pref("browser.newtabpage.activity-stream.feeds.snippets", false); | |
| pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); | |
| pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); | |
| pref("browser.newtabpage.activity-stream.showSponsored", false); | |
| pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); | |
| pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); | |
| //disable link-mouseover opening connection to linked server | |
| lockPref("network.http.speculative-parallel-limit", 0); | |
| //disable mousedown speculative connections on bookmarks and history | |
| lockPref("browser.places.speculativeConnect.enabled", false); | |
| //disable pings (but enforce same host in case) | |
| lockPref("browser.send_pings", false); | |
| lockPref("browser.send_pings.require_same_host", true); | |
| /* disable GIO as a potential proxy bypass vector | |
| * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, | |
| * dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+) | |
| * [1] https://bugzilla.mozilla.org/1433507 | |
| * [2] https://en.wikipedia.org/wiki/GVfs | |
| * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/ | |
| pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] | |
| //disable location bar using search - PRIVACY | |
| defaultPref("keyword.enabled", false); | |
| /* 0802: disable location bar domain guessing | |
| * domain guessing intercepts DNS "hostname not found errors" and resends a | |
| * request (e.g. by adding www or .com). This is inconsistent use (e.g. FQDNs), does not work | |
| * via Proxy Servers (different error), is a flawed use of DNS (TLDs: why treat .com | |
| * as the 411 for DNS errors?), privacy issues (why connect to sites you didn't | |
| * intend to), can leak sensitive data (e.g. query strings: e.g. Princeton attack), | |
| * and is a security risk (e.g. common typos & malicious sites set up to exploit this) ***/ | |
| pref("browser.fixup.alternate.enabled", false); | |
| /* 0806: disable location bar leaking single words to a DNS provider **after searching** [FF78+] | |
| * 0=never resolve single words, 1=heuristic (default), 2=always resolve | |
| * [1] https://bugzilla.mozilla.org/1642623 ***/ | |
| pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); | |
| /* 0807: disable location bar contextual suggestions [FF92+] | |
| * [SETTING] Privacy & Security>Address Bar>Suggestions from... | |
| * [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/ | |
| pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+] | |
| pref("browser.urlbar.suggest.quicksuggest.sponsored", false); | |
| //disable location bar domain guessing - PRIVACY/SECURITY | |
| defaultPref("browser.fixup.alternate.enabled", false); | |
| //display all parts of the url in the location bar - helps SECURITY | |
| lockPref("browser.urlbar.trimURLs", false); | |
| //disable location bar making speculative connections (FF56+) | |
| lockPref("browser.urlbar.speculativeConnect.enabled", false); | |
| //disable SSL session tracking test | |
| defaultPref("security.ssl.disable_session_identifiers", true); | |
| //disable SSL Error Reporting | |
| defaultPref("security.ssl.errorReporting.automatic", false); | |
| defaultPref("security.ssl.errorReporting.enabled", false); | |
| defaultPref("security.ssl.errorReporting.url", ""); | |
| //disable the DNT HTTP header, which is essentially USELESS | |
| defaultPref("privacy.donottrackheader.enabled", false); | |
| //set max popups from a single non-click event - default is 20! | |
| defaultPref("dom.popup_maximum", 3); | |
| //limit events that can cause a popup default is "change click dblclick mouseup pointerup notificationclick reset submit touchend" | |
| defaultPref("dom.popup_allowed_events", "click dblclick"); | |
| //enable Firefox's built-in PDF reader | |
| defaultPref("pdfjs.disabled", false); | |
| //session restore save time | |
| defaultPref("browser.sessionstore.interval",150000); | |
| //enable legacy extensions | |
| defaultPref("extensions.legacy.enabled",true); | |
| //disable firefox refresh request | |
| defaultPref("browser.disableResetPrompt",true); | |
| //disable translation popups | |
| defaultPref("browser.translations.automaticallyPopup",false); |