firefox.be0

#!/bin/env beesh

#export BEE_TMP_TMPDIR=/dev/shm BEE_TMP_BUILDROOT=/dev/shm/bee-root BEE_MAKEFLAGS='-j80'

# BEE_VERSION firefox-132.0-0

#https://ftp.mozilla.org/pub/firefox/releases/$pkgversion/SOURCE to find the right download link
#SRCURL[0]="https://ftp.mozilla.org/pub/firefox/releases/${PKGVERSION}/source/firefox-${PKGVERSION}.source.tar.xz"
SRCURL[0]="https://beehive.molgen.mpg.de/94d7f80378764c467eebbf641947fafe/firefox-132.0.source.tar.xz"

#BEE_BUILDTYPE=autotools
#build_in_sourcedir

mee_configure() {

    p=/pkg/node-20.13.1-0/profile;  [ -e $p ] && . $p
    p=/pkg/rustc-1.80.0-0/profile;  [ -e $p ] && . $p

    if [[ ${BEE_MAKEFLAGS:: 2} == "-j" ]]; then
      BEE_MAKEFLAGS=${BEE_MAKEFLAGS: 2}
    fi


    cat > ${S}/mozconfig <<-EOF
	ac_add_options --prefix="${PREFIX}"
	ac_add_options --enable-application=browser
	ac_add_options --disable-necko-wifi
	ac_add_options --enable-official-branding
	ac_add_options --without-system-icu
	ac_add_options --without-system-nspr
	ac_add_options --disable-tests
	ac_add_options --enable-optimize
	ac_add_options --disable-crashreporter
	ac_add_options --disable-updater
	ac_add_options --enable-bootstrap
	ac_add_options --without-wasm-sandboxed-libraries
	mk_add_options MOZ_PARALLEL_BUILD="${BEE_MAKEFLAGS}"
	mk_add_options MOZ_OBJDIR=$B
	EOF
    export MOZBUILD_STATE_PATH=${B}/mozbuild

}

mee_build() {
    export CARGO_HOME=$B/.cargo
    ${S}/mach build
}

mee_build_post() {

    # create menu entry

    cat >${B}/firefox.desktop <<-EOF
	[Desktop Entry]
	Encoding=UTF-8
	Version=1.0
	Name=Firefox
	GenericName=Web Browser
	Comment=Surf the World Wide Web
	Exec=firefox %u
	Icon=firefox
	Terminal=false
	Type=Application
	MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
	StartupNotify=true
	Categories=Network;WebBrowser;
	EOF
}

mee_install() {
  DESTDIR=$D ${S}/mach install
}

mee_install_post() {
    start_cmd install -d ${D}${LIBDIR}/mariux64
    start_cmd rm ${D}${BINDIR}/${PKGNAME}

    cat >${D}${LIBDIR}/mariux64/firefox<<EOF
NSS_SDB_USE_CACHE=1 exec "${LIBDIR}/firefox/firefox" "\$@"
EOF

chmod 755 ${D}${LIBDIR}/mariux64/firefox
start_cmd mkdir -p ${D}${BINDIR}
start_cmd ln -s ${LIBDIR}/mariux64/mozilla-launcher ${D}${BINDIR}/${PKGNAME}

    # install official icon in all sizes

    for size in 16 22 24 32 48 256 ; do
        srcdir=${S}/browser/branding/official
        destdir=${D}${DATADIR}/icons/hicolor/${size}x${size}/apps

        start_cmd mkdir -p ${destdir}
        start_cmd install -m 644 ${srcdir}/default${size}.png ${destdir}/firefox.png
    done

    # install menu-entry

    start_cmd mkdir -p ${D}${DATADIR}/applications
    start_cmd desktop-file-install --dir ${D}${DATADIR}/applications ${B}/firefox.desktop

  cat <<-EOF >${D}${LIBDIR}/firefox/defaults/pref/autoconfig.js
  // Any comment. You must start the file with a comment!
pref("general.config.filename", "default_config_mariux.cfg");
pref("general.config.obscure_value", 0);
EOF

  cat <<-EOF >${D}${LIBDIR}/firefox/default_config_mariux.cfg
// Any comment. You must start the file with a comment!
pref("storage.nfs_filesystem", true);
// give me the search field!
defaultPref("browser.search.widget.inNavBar",true);

//disable Captive Portal detection https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
pref("network.captive-portal-service.enabled",false);
pref("captivedetect.canonicalURL", "");
//disable Network Connectivity checks
pref("network.connectivity-service.enabled", false);

// Don't show WhatsNew on first run after every update
pref("browser.startup.homepage_override.mstone","ignore");

//disable slowStartup Notification
pref("browser.slowStartup.notificationDisabled", true);
pref("browser.slowStartup.maxSamples", 0);
pref("browser.slowStartup.samples", 0);
pref("browser.rights.3.shown", true);
pref("startup.homepage_welcome_url", "");
pref("startup.homepage_welcome_url.additional", "");
pref("startup.homepage_override_url", "");
pref("browser.laterrun.enabled", false);
//disable default browser check
pref("browser.shell.checkDefaultBrowser", false);

//disable daily pings to Mozilla about extensions and recent startup
lockPref("extensions.getAddons.cache.enabled", false);

//disable sending the URL of the website where a plugin crashed
pref("dom.ipc.plugins.reportCrashURL", false);

//disable auto update for extensions
lockPref("extensions.update.autoUpdateDefault", false);

//disable about:addons' Get Add-ons panel (uses Google-Analytics)
pref("extensions.getAddons.showPane", false); // hidden pref
pref("extensions.webservice.discoverURL", "");

// Set default homepage - users can change
// Requires a complex preference
defaultPref("browser.startup.homepage","data:text/plain,browser.startup.homepage=https://intranet.molgen.mpg.de/");

// Don't ask to install the Flash plugin
pref("plugins.notifyMissingFlash", false);

// Disable upload of health reports
lockPref("datareporting.healthreport.uploadEnabled", false);
//disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
lockPref("datareporting.healthreport.about.reportUrl", "data:text/plain,");

// Disable all data upload (Telemetry and FHR)
lockPref("toolkit.telemetry.unified", false);
lockPref("toolkit.telemetry.enabled", false);
lockPref("toolkit.telemetry.server", "");
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
lockPref("toolkit.telemetry.updatePing.enabled", false);
lockPref("toolkit.telemetry.bhrPing.enabled", false);
lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
lockPref("toolkit.telemetry.cachedClientID", "");
lockPref("toolkit.telemetry.archive.enabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled", false);
lockPref("browser.ping-centre.telemetry", false);

//disable "Snippets" (Mozilla content shown on about:home screen)
defaultPref("browser.aboutHomeSnippets.updateUrl", "https://127.0.0.1"); //test

//disable experiments https://wiki.mozilla.org/Telemetry/Experiments
defaultPref("experiments.enabled", false);
defaultPref("experiments.manifest.uri", "");
defaultPref("experiments.supported", false);
defaultPref("experiments.activeExperiment", false);
// disable Mozilla permission to silently opt you into tests
defaultPref("network.allow-experiments", false);

/* 0206: disable geographically specific results/search engines e.g. "browser.search.*.US"
 * i.e. ignore all of Mozilla's various search engines in multiple locales ***/
defaultPref("browser.search.geoSpecificDefaults", false);
defaultPref("browser.search.geoSpecificDefaults.url", "");

// 0202: disable using the OS's geolocation service
pref("geo.provider.use_gpsd", false); // [LINUX]


/* 0503: disable Normandy/Shield [FF60+]
 * Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
 * [1] https://wiki.mozilla.org/Firefox/Shield
 * [2] https://github.com/mozilla/normandy ***/
defaultPref("app.normandy.enabled", false);
defaultPref("app.normandy.api_url", "");
defaultPref("app.shield.optoutstudies.enabled", false);

/* 0601: disable link prefetching
 * [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/
defaultPref("network.prefetch-next", false);
/* 0602: disable DNS prefetching
 * [1] https://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/
 * [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
defaultPref("network.dns.disablePrefetch", true);
defaultPref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF ESR] [DEFAULT: true FF70+]
/* 0603: disable predictor / prefetching ***/
defaultPref("network.predictor.enabled", false);
defaultPref("network.predictor.enable-prefetch", false); // [FF48+]

//https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6)
pref("network.dns.disableIPv6", true);

/* 0320: disable about:addons' Recommendations pane (uses Google Analytics) ***/
defaultPref("extensions.getAddons.showPane", false); // [HIDDEN PREF]
//disable personalized Extension Recommendations in about:addons
pref("browser.discovery.enabled", false);

//disable pocket
defaultPref("extensions.pocket.enabled", false);

//disable flyweb https://flyweb.github.io/
pref("dom.flyweb.enabled", false);

//disable Shield https://wiki.mozilla.org/Firefox/Shield
lockPref("extensions.shield-recipe-client.enabled", false);
lockPref("extensions.shield-recipe-client.api_url", "");

//disable Follow on Search and Activity Stream
defaultPref("browser.newtabpage.activity-stream.enabled", false);
defaultPref("browser.library.activity-stream.enabled", false);
//Activity Stream is the default homepage/newtab based on metadata and browsing behavior
defaultPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
defaultPref("browser.newtabpage.activity-stream.telemetry", false);
defaultPref("browser.newtabpage.activity-stream.feeds.snippets", false);
defaultPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
lockPref("browser.newtabpage.activity-stream.showSponsored", false);
defaultPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);

//disable link-mouseover opening connection to linked server
lockPref("network.http.speculative-parallel-limit", 0);
//disable mousedown speculative connections on bookmarks and history
lockPref("browser.places.speculativeConnect.enabled", false);

//disable pings (but enforce same host in case)
lockPref("browser.send_pings", false);
lockPref("browser.send_pings.require_same_host", true);

/* disable GIO as a potential proxy bypass vector
 * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer,
 * dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+)
 * [1] https://bugzilla.mozilla.org/1433507
 * [2] https://en.wikipedia.org/wiki/GVfs
 * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/
pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]

/* 0806: disable location bar leaking single words to a DNS provider **after searching** [FF78+]
 * 0=never resolve single words, 1=heuristic (default), 2=always resolve
 * [1] https://bugzilla.mozilla.org/1642623 ***/
pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);

/* 0807: disable location bar contextual suggestions [FF92+]
 * [SETTING] Privacy & Security>Address Bar>Suggestions from...
 * [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
pref("browser.urlbar.suggest.quicksuggest.sponsored", false);

//disable location bar using search - PRIVACY
defaultPref("keyword.enabled", false);

//disable location bar domain guessing - PRIVACY/SECURITY
defaultPref("browser.fixup.alternate.enabled", false);

//display all parts of the url in the location bar - helps SECURITY
lockPref("browser.urlbar.trimURLs", false);

//disable location bar making speculative connections (FF56+)
lockPref("browser.urlbar.speculativeConnect.enabled", false);

//disable SSL session tracking test
defaultPref("security.ssl.disable_session_identifiers", true);

//disable SSL Error Reporting
defaultPref("security.ssl.errorReporting.automatic", false);
defaultPref("security.ssl.errorReporting.enabled", false);
defaultPref("security.ssl.errorReporting.url", "");

//disable the DNT HTTP header, which is essentially USELESS
defaultPref("privacy.donottrackheader.enabled", false);

//set max popups from a single non-click event - default is 20!
defaultPref("dom.popup_maximum", 3);

//limit events that can cause a popup default is "change click dblclick mouseup pointerup notificationclick reset submit touchend"
defaultPref("dom.popup_allowed_events", "click dblclick");

//enable Firefox's built-in PDF reader
defaultPref("pdfjs.disabled", false);

//session restore save time
defaultPref("browser.sessionstore.interval",150000);

//enable legacy extensions
defaultPref("extensions.legacy.enabled",true);

//disable firefox refresh request
defaultPref("browser.disableResetPrompt",true);

//disable translation popups
defaultPref("browser.translations.automaticallyPopup",false);
EOF
#Inspired from https://github.com/prirai/firefox-config
}
	#!/bin/env beesh

	#export BEE_TMP_TMPDIR=/dev/shm BEE_TMP_BUILDROOT=/dev/shm/bee-root BEE_MAKEFLAGS='-j80'

	# BEE_VERSION firefox-132.0-0

	#https://ftp.mozilla.org/pub/firefox/releases/$pkgversion/SOURCE to find the right download link
	#SRCURL[0]="https://ftp.mozilla.org/pub/firefox/releases/${PKGVERSION}/source/firefox-${PKGVERSION}.source.tar.xz"
	SRCURL[0]="https://beehive.molgen.mpg.de/94d7f80378764c467eebbf641947fafe/firefox-132.0.source.tar.xz"

	#BEE_BUILDTYPE=autotools
	#build_in_sourcedir

	mee_configure() {

	p=/pkg/node-20.13.1-0/profile; [ -e $p ] && . $p
	p=/pkg/rustc-1.80.0-0/profile; [ -e $p ] && . $p

	if [[ ${BEE_MAKEFLAGS:: 2} == "-j" ]]; then
	BEE_MAKEFLAGS=${BEE_MAKEFLAGS: 2}
	fi


	cat > ${S}/mozconfig <<-EOF
	ac_add_options --prefix="${PREFIX}"
	ac_add_options --enable-application=browser
	ac_add_options --disable-necko-wifi
	ac_add_options --enable-official-branding
	ac_add_options --without-system-icu
	ac_add_options --without-system-nspr
	ac_add_options --disable-tests
	ac_add_options --enable-optimize
	ac_add_options --disable-crashreporter
	ac_add_options --disable-updater
	ac_add_options --enable-bootstrap
	ac_add_options --without-wasm-sandboxed-libraries
	mk_add_options MOZ_PARALLEL_BUILD="${BEE_MAKEFLAGS}"
	mk_add_options MOZ_OBJDIR=$B
	EOF
	export MOZBUILD_STATE_PATH=${B}/mozbuild

	}

	mee_build() {
	export CARGO_HOME=$B/.cargo
	${S}/mach build
	}

	mee_build_post() {

	# create menu entry

	cat >${B}/firefox.desktop <<-EOF
	[Desktop Entry]
	Encoding=UTF-8
	Version=1.0
	Name=Firefox
	GenericName=Web Browser
	Comment=Surf the World Wide Web
	Exec=firefox %u
	Icon=firefox
	Terminal=false
	Type=Application
	MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;x-scheme-handler/http;x-scheme-handler/https;
	StartupNotify=true
	Categories=Network;WebBrowser;
	EOF
	}

	mee_install() {
	DESTDIR=$D ${S}/mach install
	}

	mee_install_post() {
	start_cmd install -d ${D}${LIBDIR}/mariux64
	start_cmd rm ${D}${BINDIR}/${PKGNAME}

	cat >${D}${LIBDIR}/mariux64/firefox<<EOF
	NSS_SDB_USE_CACHE=1 exec "${LIBDIR}/firefox/firefox" "\$@"
	EOF

	chmod 755 ${D}${LIBDIR}/mariux64/firefox
	start_cmd mkdir -p ${D}${BINDIR}
	start_cmd ln -s ${LIBDIR}/mariux64/mozilla-launcher ${D}${BINDIR}/${PKGNAME}

	# install official icon in all sizes

	for size in 16 22 24 32 48 256 ; do
	srcdir=${S}/browser/branding/official
	destdir=${D}${DATADIR}/icons/hicolor/${size}x${size}/apps

	start_cmd mkdir -p ${destdir}
	start_cmd install -m 644 ${srcdir}/default${size}.png ${destdir}/firefox.png
	done

	# install menu-entry

	start_cmd mkdir -p ${D}${DATADIR}/applications
	start_cmd desktop-file-install --dir ${D}${DATADIR}/applications ${B}/firefox.desktop

	cat <<-EOF >${D}${LIBDIR}/firefox/defaults/pref/autoconfig.js
	// Any comment. You must start the file with a comment!
	pref("general.config.filename", "default_config_mariux.cfg");
	pref("general.config.obscure_value", 0);
	EOF

	cat <<-EOF >${D}${LIBDIR}/firefox/default_config_mariux.cfg
	// Any comment. You must start the file with a comment!
	pref("storage.nfs_filesystem", true);
	// give me the search field!
	defaultPref("browser.search.widget.inNavBar",true);

	//disable Captive Portal detection https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy
	pref("network.captive-portal-service.enabled",false);
	pref("captivedetect.canonicalURL", "");
	//disable Network Connectivity checks
	pref("network.connectivity-service.enabled", false);

	// Don't show WhatsNew on first run after every update
	pref("browser.startup.homepage_override.mstone","ignore");

	//disable slowStartup Notification
	pref("browser.slowStartup.notificationDisabled", true);
	pref("browser.slowStartup.maxSamples", 0);
	pref("browser.slowStartup.samples", 0);
	pref("browser.rights.3.shown", true);
	pref("startup.homepage_welcome_url", "");
	pref("startup.homepage_welcome_url.additional", "");
	pref("startup.homepage_override_url", "");
	pref("browser.laterrun.enabled", false);
	//disable default browser check
	pref("browser.shell.checkDefaultBrowser", false);

	//disable daily pings to Mozilla about extensions and recent startup
	lockPref("extensions.getAddons.cache.enabled", false);

	//disable sending the URL of the website where a plugin crashed
	pref("dom.ipc.plugins.reportCrashURL", false);

	//disable auto update for extensions
	lockPref("extensions.update.autoUpdateDefault", false);

	//disable about:addons' Get Add-ons panel (uses Google-Analytics)
	pref("extensions.getAddons.showPane", false); // hidden pref
	pref("extensions.webservice.discoverURL", "");

	// Set default homepage - users can change
	// Requires a complex preference
	defaultPref("browser.startup.homepage","data:text/plain,browser.startup.homepage=https://intranet.molgen.mpg.de/");

	// Don't ask to install the Flash plugin
	pref("plugins.notifyMissingFlash", false);

	// Disable upload of health reports
	lockPref("datareporting.healthreport.uploadEnabled", false);
	//disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
	lockPref("datareporting.healthreport.about.reportUrl", "data:text/plain,");

	// Disable all data upload (Telemetry and FHR)
	lockPref("toolkit.telemetry.unified", false);
	lockPref("toolkit.telemetry.enabled", false);
	lockPref("toolkit.telemetry.server", "");
	lockPref("toolkit.telemetry.newProfilePing.enabled", false);
	lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
	lockPref("toolkit.telemetry.updatePing.enabled", false);
	lockPref("toolkit.telemetry.bhrPing.enabled", false);
	lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
	lockPref("toolkit.telemetry.cachedClientID", "");
	lockPref("toolkit.telemetry.archive.enabled", false);
	lockPref("datareporting.policy.dataSubmissionEnabled", false);
	lockPref("browser.ping-centre.telemetry", false);

	//disable "Snippets" (Mozilla content shown on about:home screen)
	defaultPref("browser.aboutHomeSnippets.updateUrl", "https://127.0.0.1"); //test

	//disable experiments https://wiki.mozilla.org/Telemetry/Experiments
	defaultPref("experiments.enabled", false);
	defaultPref("experiments.manifest.uri", "");
	defaultPref("experiments.supported", false);
	defaultPref("experiments.activeExperiment", false);
	// disable Mozilla permission to silently opt you into tests
	defaultPref("network.allow-experiments", false);

	/* 0206: disable geographically specific results/search engines e.g. "browser.search.*.US"
	* i.e. ignore all of Mozilla's various search engines in multiple locales ***/
	defaultPref("browser.search.geoSpecificDefaults", false);
	defaultPref("browser.search.geoSpecificDefaults.url", "");

	// 0202: disable using the OS's geolocation service
	pref("geo.provider.use_gpsd", false); // [LINUX]



	/* 0503: disable Normandy/Shield [FF60+]
	* Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
	* [1] https://wiki.mozilla.org/Firefox/Shield
	* [2] https://github.com/mozilla/normandy ***/
	defaultPref("app.normandy.enabled", false);
	defaultPref("app.normandy.api_url", "");
	defaultPref("app.shield.optoutstudies.enabled", false);

	/* 0601: disable link prefetching
	* [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/
	defaultPref("network.prefetch-next", false);
	/* 0602: disable DNS prefetching
	* [1] https://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/
	* [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/
	defaultPref("network.dns.disablePrefetch", true);
	defaultPref("network.dns.disablePrefetchFromHTTPS", true); // [HIDDEN PREF ESR] [DEFAULT: true FF70+]
	/* 0603: disable predictor / prefetching ***/
	defaultPref("network.predictor.enabled", false);
	defaultPref("network.predictor.enable-prefetch", false); // [FF48+]

	//https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6)
	pref("network.dns.disableIPv6", true);

	/* 0320: disable about:addons' Recommendations pane (uses Google Analytics) ***/
	defaultPref("extensions.getAddons.showPane", false); // [HIDDEN PREF]
	//disable personalized Extension Recommendations in about:addons
	pref("browser.discovery.enabled", false);

	//disable pocket
	defaultPref("extensions.pocket.enabled", false);

	//disable flyweb https://flyweb.github.io/
	pref("dom.flyweb.enabled", false);

	//disable Shield https://wiki.mozilla.org/Firefox/Shield
	lockPref("extensions.shield-recipe-client.enabled", false);
	lockPref("extensions.shield-recipe-client.api_url", "");

	//disable Follow on Search and Activity Stream
	defaultPref("browser.newtabpage.activity-stream.enabled", false);
	defaultPref("browser.library.activity-stream.enabled", false);
	//Activity Stream is the default homepage/newtab based on metadata and browsing behavior
	defaultPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
	defaultPref("browser.newtabpage.activity-stream.telemetry", false);
	defaultPref("browser.newtabpage.activity-stream.feeds.snippets", false);
	defaultPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
	lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
	lockPref("browser.newtabpage.activity-stream.showSponsored", false);
	defaultPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
	lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);

	//disable link-mouseover opening connection to linked server
	lockPref("network.http.speculative-parallel-limit", 0);
	//disable mousedown speculative connections on bookmarks and history
	lockPref("browser.places.speculativeConnect.enabled", false);

	//disable pings (but enforce same host in case)
	lockPref("browser.send_pings", false);
	lockPref("browser.send_pings.require_same_host", true);

	/* disable GIO as a potential proxy bypass vector
	* Gvfs/GIO has a set of supported protocols like obex, network, archive, computer,
	* dav, cdda, gphoto2, trash, etc. By default only sftp is accepted (FF87+)
	* [1] https://bugzilla.mozilla.org/1433507
	* [2] https://en.wikipedia.org/wiki/GVfs
	* [3] https://en.wikipedia.org/wiki/GIO_(software) ***/
	pref("network.gio.supported-protocols", ""); // [HIDDEN PREF]

	/* 0806: disable location bar leaking single words to a DNS provider after searching [FF78+]
	* 0=never resolve single words, 1=heuristic (default), 2=always resolve
	* [1] https://bugzilla.mozilla.org/1642623 ***/
	pref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);

	/* 0807: disable location bar contextual suggestions [FF92+]
	* [SETTING] Privacy & Security>Address Bar>Suggestions from...
	* [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/
	pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+]
	pref("browser.urlbar.suggest.quicksuggest.sponsored", false);

	//disable location bar using search - PRIVACY
	defaultPref("keyword.enabled", false);

	//disable location bar domain guessing - PRIVACY/SECURITY
	defaultPref("browser.fixup.alternate.enabled", false);

	//display all parts of the url in the location bar - helps SECURITY
	lockPref("browser.urlbar.trimURLs", false);

	//disable location bar making speculative connections (FF56+)
	lockPref("browser.urlbar.speculativeConnect.enabled", false);

	//disable SSL session tracking test
	defaultPref("security.ssl.disable_session_identifiers", true);

	//disable SSL Error Reporting
	defaultPref("security.ssl.errorReporting.automatic", false);
	defaultPref("security.ssl.errorReporting.enabled", false);
	defaultPref("security.ssl.errorReporting.url", "");

	//disable the DNT HTTP header, which is essentially USELESS
	defaultPref("privacy.donottrackheader.enabled", false);

	//set max popups from a single non-click event - default is 20!
	defaultPref("dom.popup_maximum", 3);

	//limit events that can cause a popup default is "change click dblclick mouseup pointerup notificationclick reset submit touchend"
	defaultPref("dom.popup_allowed_events", "click dblclick");

	//enable Firefox's built-in PDF reader
	defaultPref("pdfjs.disabled", false);

	//session restore save time
	defaultPref("browser.sessionstore.interval",150000);

	//enable legacy extensions
	defaultPref("extensions.legacy.enabled",true);

	//disable firefox refresh request
	defaultPref("browser.disableResetPrompt",true);

	//disable translation popups
	defaultPref("browser.translations.automaticallyPopup",false);
	EOF
	#Inspired from https://github.com/prirai/firefox-config
	}