summaryrefslogtreecommitdiff
path: root/librewolf.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'librewolf.cfg')
-rwxr-xr-xlibrewolf.cfg713
1 files changed, 713 insertions, 0 deletions
diff --git a/librewolf.cfg b/librewolf.cfg
new file mode 100755
index 0000000..bd8bab6
--- /dev/null
+++ b/librewolf.cfg
@@ -0,0 +1,713 @@
+//---------------|
+// LibreWolf |
+//---------------|
+// Glossary: |
+// ================================================================================================================================|
+// |
+// "Section" : Description of the settings section separated by "----" |
+// "Pref" : Preference/Settings name and or description followed by links or documentations |
+// and some time explanation why the setting is commented and ignored. |
+// "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here |
+// lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. |
+// In many cases the GUI will change to reflect this, graying out or removing options. Appears |
+// in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. |
+// It will not work if it set with just pref. |
+// "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, |
+// but they will be erased on restart. If you set a particular preference this way, |
+// it shows up in about:config as "user set". |
+// "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will |
+// be saved between sessions. If preferences are reset to default through the GUI or some other method, |
+// this is what they will go back to. Appears in about:config as "default". |
+// "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions |
+// that rely on comparing version numbers. |
+// |
+// ================================================================================================================================|
+
+// -----------------------------------
+// # TRACKING PROTECTION
+// -----------------------------------
+
+defaultPref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI even more
+lockPref("privacy.trackingprotection.enabled", false);
+lockPref("privacy.trackingprotection.pbmode.enabled", false);
+lockPref("privacy.trackingprotection.socialtracking.enabled", false);
+lockPref("privacy.trackingprotection.cryptomining.enabled", false);
+lockPref("privacy.trackingprotection.fingerprinting.enabled", false);
+lockPref("privacy.trackingprotection.annotate_channels", false);
+lockPref("urlclassifier.trackingTable", "");
+lockPref("browser.contentblocking.database.enabled", false);
+
+// remove urls
+lockPref("browser.contentblocking.reportBreakage.url", "");
+
+// hide ui elements
+lockPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false);
+lockPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false);
+lockPref("browser.contentblocking.report.hide_vpn_banner", true);
+lockPref("browser.contentblocking.report.show_mobile_app", false);
+lockPref("browser.contentblocking.report.lockwise.enabled", false);
+lockPref("browser.contentblocking.report.monitor.enabled", false);
+lockPref("browser.contentblocking.report.proxy.enabled", false);
+lockPref("browser.contentblocking.report.vpn.enabled", false);
+
+// ----------------------------------
+// # AUTOPLAY
+// ----------------------------------
+
+defaultPref("media.autoplay.default", 5);
+defaultPref("media.autoplay.blocking_policy", 2);
+
+// -----------------------------------------
+// # PASSWORD MANAGER
+// -----------------------------------------
+
+lockPref("signon.rememberSignons", false);
+lockPref("signon.storeWhenAutocompleteOff", false);
+defaultPref("signon.management.page.breach-alerts.enabled", false);
+defaultPref("signon.management.page.breachAlertUrl", "");
+lockPref("signon.formlessCapture.enabled", false);
+
+// --------------------------------
+// # SEARCH AND URLBAR
+// --------------------------------
+
+defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0);
+lockPref("browser.urlbar.speculativeConnect.enabled", false);
+defaultPref("browser.urlbar.trimURLs", false);
+defaultPref("browser.search.suggest.enabled", false);
+defaultPref("browser.search.region", "US");
+lockPref("browser.fixup.alternate.enabled", false);
+defaultPref("browser.urlbar.suggest.searches", false);
+defaultPref("browser.search.update", false);
+
+// --------------------------------
+// # SANITIZING, COOKIES AND HISTORY
+// --------------------------------
+
+defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1
+defaultPref("network.cookie.lifetimePolicy", 2);
+defaultPref("network.cookie.thirdparty.sessionOnly", true);
+defaultPref("network.cookie.thirdparty.nonsecureSessionOnly", true);
+
+// includes new cookie behavior that allows to stay logged with exceptions
+defaultPref("privacy.clearOnShutdown.cookies", false);
+defaultPref("privacy.clearOnShutdown.offlineApps", false);
+defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout
+defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout
+
+defaultPref("privacy.sanitize.timeSpan", 0);
+defaultPref("browser.formfill.enable", false);
+defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
+defaultPref("places.history.enabled", false);
+defaultPref("privacy.history.custom", true);
+
+// --------------------------------------------------------------------
+// # SESSIONS
+// --------------------------------------------------------------------
+
+defaultPref("browser.sessionstore.privacy_level", 2);
+defaultPref("browser.sessionstore.interval", 60000);
+
+// ---------------------------------
+// # AUTOFILL
+// ---------------------------------
+
+defaultPref("extensions.formautofill.section.enabled", false);
+defaultPref("extensions.formautofill.available", "off");
+defaultPref("extensions.formautofill.addresses.enabled", false);
+defaultPref("extensions.formautofill.creditCards.enabled", false);
+defaultPref("extensions.formautofill.creditCards.available", false);
+defaultPref("extensions.formautofill.heuristics.enabled", false);
+lockPref("signon.autofillForms", false);
+
+// -----------------------
+// # DRM
+// -----------------------
+
+// includes new DRM implementation for easily re-enabling it
+// following four prefs must be set to true to play DRM content
+// could be further reduced to 2 or 1 prefs
+defaultPref("media.eme.enabled", false);
+defaultPref("media.gmp-widevinecdm.visible", false);
+defaultPref("media.gmp-widevinecdm.enabled", false);
+defaultPref("media.gmp-provider.enabled", false);
+defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections
+
+defaultPref("media.gmp-gmpopenh264.enabled", false);
+
+// ----------------------
+// # WEBRTC
+// ----------------------
+
+defaultPref("media.navigator.enabled", false);
+defaultPref("media.peerconnection.enabled", false);
+defaultPref("media.peerconnection.ice.default_address_only", true);
+defaultPref("media.peerconnection.ice.no_host", true);
+defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true);
+
+// all covered by previous prefs
+// defaultPref("media.navigator.video.enabled", false);
+// defaultPref("media.peerconnection.use_document_iceservers", false);
+// defaultPref("media.peerconnection.identity.enabled", false);
+// defaultPref("media.peerconnection.identity.timeout", 1);
+// defaultPref("media.peerconnection.turn.disable", true);
+// defaultPref("media.peerconnection.ice.tcp", false);
+
+// ----------------------
+// # SHARING
+// ----------------------
+
+defaultPref("media.getusermedia.browser.enabled", false);
+defaultPref("media.getusermedia.screensharing.enabled", false);
+defaultPref("media.getusermedia.audiocapture.enabled", false);
+
+// ----------------------------
+// # DNS
+// ----------------------------
+
+lockPref("network.trr.mode", 5);
+lockPref("network.trr.bootstrapAddress", "");
+lockPref("network.trr.uri", "");
+lockPref("network.trr.send_empty_accept-encoding_headers", false);
+defaultPref("network.dns.disableIPv6", true);
+lockPref("network.dns.disablePrefetch", true);
+
+// ------------------------------------
+// # NEW TAB PAGE
+// ------------------------------------
+
+lockPref("browser.newtab.preload", false);
+lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false);
+lockPref("browser.newtabpage.activity-stream.feeds.asrouterfeed", false);
+lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false);
+lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false);
+lockPref("browser.newtabpage.activity-stream.feeds.places", false);
+lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false);
+lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
+lockPref("browser.newtabpage.activity-stream.feeds.topsites", false);
+lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false);
+lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false);
+lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false);
+lockPref("browser.newtabpage.activity-stream.feeds.snippets", false);
+lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "");
+lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false);
+lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false);
+lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false);
+lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
+lockPref("browser.newtabpage.activity-stream.showSponsored", false);
+lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
+lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
+lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
+lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", "");
+lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", "");
+lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", "");
+lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", "");
+lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}");
+lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true);
+lockPref("browser.newtabpage.activity-stream.telemetry", false);
+lockPref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", "");
+lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", "");
+lockPref("browser.newtabpage.activity-stream.default.sites", "");
+lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false);
+lockPref("browser.newtabpage.activity-stream.discoverystream.config", "{\"collapsible\":true,\"enabled\":false,\"personalized\":false,\"layout_endpoint\":\"\"}");
+lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", "");
+lockPref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false);
+lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);
+lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false);
+lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", "");
+lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", "");
+lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", "");
+
+// -------------------------------------------
+// # DO NOT TRACK
+// -------------------------------------------
+
+// Unlocked as some think it increases fingerprint, they can now disable it
+defaultPref("privacy.donottrackheader.enabled", true);
+
+// --------------------------------
+// # DOM
+// --------------------------------
+
+defaultPref("dom.disable_beforeunload", true);
+defaultPref("dom.disable_open_during_load", true);
+defaultPref("dom.push.enabled", false);
+defaultPref("dom.push.connection.enabled", false);
+defaultPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/"
+defaultPref("dom.push.userAgentID", "");
+defaultPref("dom.targetBlankNoOpener.enabled", true);
+defaultPref("dom.disable_window_move_resize", true);
+defaultPref("dom.serviceWorkers.enabled", false);
+defaultPref("dom.battery.enabled", false);
+defaultPref("dom.popup_maximum", 4);
+defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
+defaultPref("dom.webaudio.enabled", false);
+defaultPref("dom.vr.enabled", false);
+defaultPref("dom.vibrator.enabled", false);
+defaultPref("dom.storage.next_gen", true);
+
+// --------------------------------
+// # PERMISSIONS
+// --------------------------------
+
+lockPref("permissions.delegation.enabled", false);
+defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it
+lockPref("permissions.manager.defaultsUrl", "");
+
+// --------------------------------
+// # REFERERS
+// --------------------------------
+
+defaultPref("network.http.referer.XOriginTrimmingPolicy", 2);
+defaultPref("network.http.referer.XOriginPolicy", 0);
+
+// --------------------------------
+// # PROXY
+// --------------------------------
+
+defaultPref("network.proxy.autoconfig_url", "");
+defaultPref("network.proxy.socks_remote_dns", true);
+defaultPref("network.proxy.socks_version", 5);
+
+// --------------------------------------
+// # HTTP(S)
+// --------------------------------------
+
+lockPref("network.http.altsvc.enabled", false);
+lockPref("network.http.altsvc.oe", false);
+defaultPref("dom.security.https_only_mode", true);
+defaultPref("dom.security.https_only_mode_pbm", true);
+defaultPref("network.auth.subresource-http-auth-allow", 1);
+
+// --------------------------------------
+// # TLS
+// --------------------------------------
+
+defaultPref("security.ssl.require_safe_negotiation", true);
+lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true);
+lockPref("security.ssl.disable_session_identifiers", true);
+defaultPref("browser.ssl_override_behavior", 1);
+lockPref("security.tls.enable_0rtt_data", false);
+lockPref("security.tls.version.enable-deprecated", false);
+defaultPref("security.tls.version.fallback-limit", 3);
+defaultPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos
+
+// to check
+defaultPref("network.stricttransportsecurity.preloadlist", false);
+
+// --------------------------------------
+// # RFP
+// --------------------------------------
+
+defaultPref("privacy.resistFingerprinting", true);
+defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true);
+lockPref("browser.startup.blankWindow", false); // breaks RFP windows resizing
+
+// --------------------------------------
+// # LANGUAGE AND REGION
+// --------------------------------------
+
+defaultPref("javascript.use_us_english_locale", true);
+defaultPref("intl.locale.requested", "en-US");
+defaultPref("privacy.spoof_english", 2);
+// defaultPref("intl.regional_prefs.use_os_locales", false); // default
+
+// -------------------------------------------------------
+// # EXTENSIONS - check readme section "Extensions Firewall"
+// -------------------------------------------------------
+
+// handle default restricted domains
+defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log"
+lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org"
+
+// disable network for the extensions
+// Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>>
+defaultPref("extensions.webextensions.base-content-security-policy", "script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' https://* moz-extension: blob: filesystem:;");
+
+// set extensions scopes
+defaultPref("extensions.enabledScopes", 5);
+defaultPref("extensions.autoDisableScopes", 11);
+
+// Relevant for addons and lang packs search
+defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
+defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION%
+
+// other urls
+defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE%
+defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/
+defaultPref("extensions.update.url", "");
+// Default Value
+// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=
+// %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=
+// %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=
+// %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%&currentAppVersion=
+// %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE%
+
+// ui
+defaultPref("extensions.getAddons.showPane", false);
+lockPref("extensions.getAddons.discovery.api_url", "");
+lockPref("extensions.htmlaboutaddons.recommendations.enabled", false);
+lockPref("extensions.webcompat-reporter.enabled", false);
+lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// Default Value https://webcompat.com/issues/new
+
+// background checking and updating
+defaultPref("extensions.update.enabled", false);
+defaultPref("extensions.update.autoUpdateDefault", false);
+defaultPref("extensions.update.background.url", "");
+defaultPref("extensions.getAddons.cache.enabled", false);
+
+// blocklist
+defaultPref("extensions.blocklist.enabled", false);
+defaultPref("extensions.blocklist.detailsURL", "");
+defaultPref("extensions.blocklist.itemURL", "");
+
+// system addons
+lockPref("extensions.systemAddon.update.url", "");
+lockPref("extensions.systemAddon.update.enabled", false);
+
+defaultPref("xpinstall.signatures.devInfoURL", "");
+lockPref("extensions.webservice.discoverURL", "");
+lockPref("webextensions.storage.sync.serverURL", "");
+lockPref("extensions.screenshots.upload-disabled", true);
+lockPref("lightweightThemes.getMoreURL", "");
+defaultPref("extensions.postDownloadThirdPartyPrompt", false);
+
+// -------------------------------------------------------
+// # NORMANDY
+// -------------------------------------------------------
+
+lockPref("app.normandy.enabled", false);
+lockPref("app.normandy.api_url", "");
+lockPref("app.normandy.user_id", "");
+lockPref("app.normandy.shieldLearnMoreUrl", "");
+
+// --------------------------------
+// # SECURITY
+// --------------------------------
+
+// certificates
+defaultPref("security.cert_pinning.enforcement_level", 2);
+defaultPref("security.OCSP.enabled", 0);
+defaultPref("security.OCSP.require", false);
+defaultPref("security.ssl.enable_ocsp_stapling", true);
+defaultPref("security.pki.sha1_enforcement_level", 1);
+
+// mixed content
+lockPref("security.mixed_content.block_object_subrequest", true);
+lockPref("security.mixed_content.block_display_content", true);
+lockPref("security.mixed_content.block_active_content", true);
+
+// ui
+lockPref("security.insecure_connection_text.enabled", true);
+lockPref("security.insecure_connection_text.pbmode.enabled", true);
+
+lockPref("security.dialog_enable_delay", 700);
+lockPref("security.csp.enable", true);
+
+// -------------------------------------------------------
+// # SAFE BROWSING
+// -------------------------------------------------------
+
+defaultPref("browser.safebrowsing.malware.enabled", false);
+defaultPref("browser.safebrowsing.passwords.enabled", false);
+defaultPref("browser.safebrowsing.phishing.enabled", false);
+
+// downloads and unwanted software
+lockPref("browser.safebrowsing.downloads.enabled", false);
+lockPref("browser.safebrowsing.downloads.remote.enabled", false);
+lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false);
+lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
+lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
+lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false);
+lockPref("browser.safebrowsing.downloads.remote.url", "");
+
+// could try re-enabling some of these urls to see if it causes connections
+defaultPref("browser.safebrowsing.id", "");
+defaultPref("browser.safebrowsing.blockedURIs.enabled", false);
+defaultPref("browser.safebrowsing.provider.google4.pver", "");
+defaultPref("browser.safebrowsing.provider.google4.advisoryName", "");
+defaultPref("browser.safebrowsing.provider.google4.advisoryURL", "");
+defaultPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
+defaultPref("browser.safebrowsing.provider.google4.dataSharingURL", "");
+defaultPref("browser.safebrowsing.provider.google4.gethashURL", "");
+defaultPref("browser.safebrowsing.provider.google4.lists", "");
+defaultPref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", "");
+defaultPref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", "");
+defaultPref("browser.safebrowsing.provider.google4.reportURL", "");
+defaultPref("browser.safebrowsing.provider.google4.updateURL", "");
+defaultPref("browser.safebrowsing.provider.google4.lastupdatetime", "");
+defaultPref("browser.safebrowsing.provider.google4.nextupdatetime", "");
+defaultPref("browser.safebrowsing.provider.google.advisoryName", "");
+defaultPref("browser.safebrowsing.provider.google.advisoryURL", "");
+defaultPref("browser.safebrowsing.provider.google.gethashURL", "");
+defaultPref("browser.safebrowsing.provider.google.lastupdatetime", "");
+defaultPref("browser.safebrowsing.provider.google.lists", "");
+defaultPref("browser.safebrowsing.provider.google.nextupdatetime", "");
+defaultPref("browser.safebrowsing.provider.google.pver", "");
+defaultPref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", "");
+defaultPref("browser.safebrowsing.provider.google.reportPhishMistakeURL", "");
+defaultPref("browser.safebrowsing.provider.google.reportURL", "");
+defaultPref("browser.safebrowsing.provider.google.updateURL", "");
+defaultPref("browser.safebrowsing.provider.mozilla.pver", "");
+defaultPref("browser.safebrowsing.provider.mozilla.lists", "");
+defaultPref("browser.safebrowsing.provider.mozilla.lists.base", "");
+defaultPref("browser.safebrowsing.provider.mozilla.lists.content", "");
+defaultPref("browser.safebrowsing.provider.mozilla.updateURL", "");
+defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", "");
+defaultPref("browser.safebrowsing.provider.mozilla.lastupdatetime", "");
+defaultPref("browser.safebrowsing.provider.mozilla.nextupdatetime", "");
+defaultPref("browser.safebrowsing.reportPhishURL", "");
+
+// --------------------------------
+// # FONTS
+// --------------------------------
+
+lockPref("gfx.font_rendering.graphite.enabled", false);
+lockPref("gfx.font_rendering.opentype_svg.enabled", false);
+
+// --------------------------------
+// # MISC
+// --------------------------------
+
+// keep track of, should be useless as mozilla removed flash from source code
+lockPref("dom.ipc.plugins.reportCrashURL", false);
+lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
+lockPref("plugin.state.flash", 0);
+
+// more important stuff
+lockPref("browser.shell.shortcutFavicons", false);
+defaultPref("alerts.showFavicons", false);
+defaultPref("browser.link.open_newwindow", 3);
+defaultPref("browser.link.open_newwindow.restriction", 0);
+defaultPref("network.file.disable_unc_paths", true); // (hidden pref)
+lockPref("network.gio.supported-protocols", ""); // (hidden pref)
+lockPref("plugin.default.state", 1);
+lockPref("network.IDN_show_punycode", true);
+defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP
+
+// pocket, to check if we can remove
+lockPref("extensions.pocket.enabled", false);
+lockPref("extensions.pocket.site", "");
+lockPref("extensions.pocket.oAuthConsumerKey", "");
+lockPref("extensions.pocket.api", "");
+
+// pdf reader
+defaultPref("pdfjs.disabled", false);
+defaultPref("pdfjs.enableScripting", false);
+defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
+defaultPref("pdfjs.enabledCache.state", false);
+
+// remote agent
+lockPref("remote.enabled", false);
+
+// settings and behavior
+lockPref("browser.shell.checkDefaultBrowser", false);
+lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true);
+defaultPref("startup.homepage_override_url", "about:blank");
+defaultPref("startup.homepage_welcome_url", "about:blank");
+defaultPref("startup.homepage_welcome_url.additional", "");
+lockPref("browser.startup.homepage_override.mstone", "ignore");
+defaultPref("privacy.userContext.enabled", true);
+defaultPref("general.autoScroll", false);
+defaultPref("clipboard.autocopy", false);
+defaultPref("browser.tabs.loadBookmarksInTabs", true);
+defaultPref("browser.download.manager.addToRecentDocs", false);
+defaultPref("accessibility.force_disabled", 1);
+lockPref("browser.uitour.enabled", false);
+lockPref("middlemouse.contentLoadURL", false);
+defaultPref("accessibility.typeaheadfind", false);
+defaultPref("network.manage-offline-status", false);
+defaultPref("browser.helperApps.deleteTempFileOnExit", true);
+lockPref("browser.pagethumbnails.capturing_disabled", true);
+lockPref("browser.bookmarks.max_backups", 2);
+defaultPref("reader.parse-on-load.enabled", false);
+
+// devtools
+defaultPref("devtools.debugger.remote-enabled", false);
+defaultPref("devtools.chrome.enabled", false);
+defaultPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com
+defaultPref("devtools.devices.url", "");
+defaultPref("devtools.remote.adb.extensionURL", ""); // [FF64+]
+defaultPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+]
+defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80
+
+// ui
+defaultPref("browser.tabs.drawInTitlebar", true);
+defaultPref("browser.aboutConfig.showWarning", false);
+defaultPref("general.warnOnAboutConfig", false);
+defaultPref("browser.download.autohideButton", false);
+defaultPref("privacy.userContext.ui.enabled", true);
+lockPref("browser.messaging-system.whatsNewPanel.enabled", false);
+
+// urls and handlers
+lockPref("media.decoder-doctor.new-issue-endpoint", "");
+lockPref("identity.sync.tokenserver.uri", "");
+lockPref("network.trr.confirmationNS", "");
+lockPref("browser.translation.engine", ""); // default Google
+lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", "");
+lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail
+lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", "");
+lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail
+lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", "");
+lockPref("gecko.handlerService.schemes.irc.0.name", "");
+lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", "");
+lockPref("gecko.handlerService.schemes.ircs.0.name", "");
+lockPref("services.settings.server", "");
+lockPref("accessibility.support.url", "");
+lockPref("app.support.baseURL", "");
+lockPref("browser.uitour.url", "");
+lockPref("webchannel.allowObject.urlWhitelist", "");
+lockPref("browser.dictionaries.download.url", "");
+lockPref("browser.geolocation.warning.infoURL", "");
+lockPref("browser.search.searchEnginesURL", "");
+lockPref("browser.uitour.themeOrigin", "");
+lockPref("toolkit.datacollection.infoURL", "");
+lockPref("identity.mobilepromo.android", "");
+lockPref("identity.mobilepromo.ios", "");
+defaultPref("identity.sendtabpromo.url", "");
+lockPref("datareporting.healthreport.infoURL", "");
+lockPref("app.feedback.baseURL", "");
+lockPref("app.releaseNotesURL", "");
+lockPref("app.releaseNotesURL.aboutDialog", "");
+lockPref("browser.chrome.errorReporter.infoURL", "");
+lockPref("datareporting.policy.firstRunURL", "");
+lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", "");
+
+// --------------------------------
+// # CACHE
+// --------------------------------
+
+lockPref("browser.cache.offline.storage.enable", false);
+lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+]
+defaultPref("media.memory_cache_max_size", 65536);
+
+// --------------------------------
+// # WEBGL AND PERFORMANCE
+// --------------------------------
+
+defaultPref("webgl.disabled", true);
+defaultPref("webgl.enable-webgl2", false);
+
+// --------------------------------
+// # JS
+// --------------------------------
+
+// should we consider disabling WebAssembly ?
+// lockPref("javascript.options.wasm", false);
+
+// left as it is worth considering
+// lockPref("javascript.options.asmjs", false);
+
+lockPref("javascript.options.shared_memory", false);
+
+// --------------------------------
+// # GEO
+// --------------------------------
+
+defaultPref("geo.enabled", false);
+lockPref("geo.provider.ms-windows-location", false); // [WINDOWS]
+lockPref("geo.provider.use_corelocation", false); // [MAC]
+lockPref("geo.provider.use_gpsd", false); // [LINUX]
+defaultPref("geo.provider.network.url", "");
+defaultPref("geo.provider.network.logging.enabled", false);
+lockPref("browser.region.network.url", "");
+lockPref("browser.region.update.enabled", false);
+
+// --------------------------------
+// # PREFETCHING
+// --------------------------------
+
+lockPref("network.predictor.enabled", false);
+lockPref("network.prefetch-next", false);
+lockPref("network.http.speculative-parallel-limit", 0);
+
+// --------------------------------
+// # OUTGOING CONNECTIONS
+// --------------------------------
+
+// updates
+lockPref("app.update.auto", false);
+lockPref("app.update.staging.enabled", false);
+lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0);
+lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser");
+lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser");
+
+// connectivity service
+lockPref("network.connectivity-service.enabled", false);
+lockPref("network.connectivity-service.IPv6.url", "http://0.0.0.0");
+lockPref("network.connectivity-service.IPv4.url", "http://0.0.0.0");
+lockPref("network.connectivity-service.DNSv6.domain", "");
+lockPref("network.connectivity-service.DNSv4.domain", "");
+
+// telemetry
+lockPref("toolkit.crashreporter.infoURL", "");
+lockPref("toolkit.telemetry.archive.enabled", false);
+lockPref("toolkit.telemetry.updatePing.enabled", false);
+lockPref("toolkit.telemetry.bhrPing.enabled", false);
+lockPref("toolkit.telemetry.cachedClientID", "");
+lockPref("toolkit.telemetry.enabled", false);
+lockPref("toolkit.telemetry.firstShutdownPing.enabled", false);
+lockPref("toolkit.telemetry.newProfilePing.enabled", false);
+lockPref("toolkit.telemetry.previousBuildID", "");
+lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
+lockPref("toolkit.telemetry.server", "data:,");
+lockPref("toolkit.telemetry.server_owner", "");
+lockPref("toolkit.telemetry.shutdownPingSender.enabled", false);
+lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false);
+lockPref("toolkit.telemetry.unified", false);
+lockPref("toolkit.telemetry.ecosystemtelemetry.enabled", false);
+lockPref("security.protectionspopup.recordEventTelemetry", false);
+lockPref("datareporting.healthreport.uploadEnabled", false);
+lockPref("datareporting.policy.dataSubmissionEnabled", false);
+lockPref("toolkit.coverage.endpoint.base", "");
+lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF]
+lockPref("toolkit.coverage.opt-out", true);
+lockPref("toolkit.coverage.enabled", false);
+lockPref("app.shield.optoutstudies.enabled", false);
+lockPref("beacon.enabled", false);
+lockPref("browser.ping-centre.telemetry", false);
+
+// discovery
+lockPref("browser.discovery.enabled", false);
+lockPref("browser.discovery.containers.enabled", false);
+lockPref("browser.discovery.sites", "");
+
+// crash report
+lockPref("breakpad.reportURL", "");
+lockPref("browser.tabs.crashReporting.sendReport", false);
+lockPref("browser.crashReports.unsubmittedCheck.enabled", false);
+lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
+
+// captive portal
+lockPref("network.captive-portal-service.enabled", false);
+lockPref("captivedetect.canonicalURL", "");
+
+// --------------------------------
+// # WINDOWS
+// --------------------------------
+
+// disable links launching Windows Store [WINDOWS]
+lockPref("network.protocol-handler.external.ms-windows-store", false);
+
+// disable background update service [WINDOWS]
+lockPref("app.update.service.enabled", false);
+
+// disable automatic Firefox start and session restore after reboot [WINDOWS]
+lockPref("toolkit.winRegisterApplicationRestart", false);
+
+// disable Windows 8.1 Family Safety cert [WINDOWS]
+lockPref("security.family_safety.mode", 0);
+
+// Windows only?
+lockPref("default-browser-agent.enabled", false);
+
+// -----------------------------------
+// # OVERRIDES
+// -----------------------------------
+
+// allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg`
+// or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak).
+let profile_directory;
+if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) {
+ pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`);
+}
bgstack15