From 00b4f076d3a4e64059cc2198a471333a5a6420a2 Mon Sep 17 00:00:00 2001 From: "B. Stack" Date: Wed, 13 Oct 2021 13:35:01 -0400 Subject: attempt 1 for v93.0 --- librewolf.cfg | 666 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 666 insertions(+) create mode 100755 librewolf.cfg (limited to 'librewolf.cfg') diff --git a/librewolf.cfg b/librewolf.cfg new file mode 100755 index 0000000..616da4a --- /dev/null +++ b/librewolf.cfg @@ -0,0 +1,666 @@ +//---------------| +// LibreWolf | +//---------------| +// Glossary: | +// ================================================================================================================================| +// | +// "Section" : Description of the settings section separated by "----" | +// "Pref" : Preference/Settings name and or description followed by links or documentations | +// and some time explanation why the setting is commented and ignored. | +// "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here | +// lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. | +// In many cases the GUI will change to reflect this, graying out or removing options. Appears | +// in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. | +// It will not work if it set with just pref. | +// "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, | +// but they will be erased on restart. If you set a particular preference this way, | +// it shows up in about:config as "user set". | +// "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will | +// be saved between sessions. If preferences are reset to default through the GUI or some other method, | +// this is what they will go back to. Appears in about:config as "default". | +// "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions | +// that rely on comparing version numbers. | +// | +// ================================================================================================================================| + +// ----------------------------------- +// # SETTINGS VERSION +// ----------------------------------- + +defaultPref("librewolf.cfg.version", "1.0"); + +// ----------------------------------- +// # TRACKING PROTECTION +// ----------------------------------- + +defaultPref("browser.contentblocking.category", "custom"); // do not lock as it breaks UI even more +lockPref("privacy.trackingprotection.enabled", false); +lockPref("privacy.trackingprotection.pbmode.enabled", false); +defaultPref("privacy.trackingprotection.cryptomining.enabled", false); +defaultPref("privacy.trackingprotection.fingerprinting.enabled", false); +lockPref("privacy.trackingprotection.annotate_channels", false); + +// remove urls +defaultPref("browser.safebrowsing.provider.mozilla.updateURL", ""); +defaultPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); + +// hide ui elements +defaultPref("browser.contentblocking.cryptomining.preferences.ui.enabled", false); +defaultPref("browser.contentblocking.fingerprinting.preferences.ui.enabled", false); +lockPref("browser.contentblocking.report.hide_vpn_banner", true); +lockPref("browser.contentblocking.report.show_mobile_app", false); +lockPref("browser.contentblocking.report.lockwise.enabled", false); +lockPref("browser.contentblocking.report.monitor.enabled", false); +lockPref("browser.contentblocking.report.vpn.enabled", false); + +// ---------------------------------- +// # AUTOPLAY +// ---------------------------------- + +defaultPref("media.autoplay.default", 5); +defaultPref("media.autoplay.blocking_policy", 2); + +// ----------------------------------------- +// # PASSWORD MANAGER +// ----------------------------------------- + +lockPref("signon.rememberSignons", false); +lockPref("signon.storeWhenAutocompleteOff", false); +lockPref("signon.formlessCapture.enabled", false); +lockPref("signon.autofillForms", false); +defaultPref("signon.management.page.breach-alerts.enabled", false); +defaultPref("signon.management.page.breachAlertUrl", ""); + +// -------------------------------- +// # SEARCH AND URLBAR +// -------------------------------- + +defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); +lockPref("browser.urlbar.speculativeConnect.enabled", false); +defaultPref("browser.urlbar.trimURLs", false); +defaultPref("browser.search.suggest.enabled", false); +defaultPref("browser.search.region", "US"); +lockPref("browser.fixup.alternate.enabled", false); +defaultPref("browser.urlbar.suggest.searches", false); +defaultPref("browser.search.update", false); + +// -------------------------------- +// # SANITIZING, COOKIES AND HISTORY +// -------------------------------- + +defaultPref("network.cookie.cookieBehavior", 5); // dFPI, previously set to 1 +defaultPref("network.cookie.lifetimePolicy", 2); +defaultPref("network.cookie.thirdparty.sessionOnly", true); +defaultPref("network.cookie.thirdparty.nonsecureSessionOnly", true); + +// includes new cookie behavior that allows to stay logged with exceptions +defaultPref("privacy.clearOnShutdown.cookies", false); +defaultPref("privacy.clearOnShutdown.offlineApps", false); +defaultPref("privacy.cpd.cookies", false); // just for consistency to avoid accidental logout +defaultPref("privacy.cpd.offlineApps", false); // just for consistency to avoid accidental logout + +defaultPref("privacy.sanitize.timeSpan", 0); +defaultPref("browser.formfill.enable", false); +defaultPref("privacy.sanitize.sanitizeOnShutdown", true); +defaultPref("places.history.enabled", false); +defaultPref("privacy.history.custom", true); + +// -------------------------------------------------------------------- +// # SESSIONS +// -------------------------------------------------------------------- + +defaultPref("browser.sessionstore.privacy_level", 2); +defaultPref("browser.sessionstore.interval", 60000); + +// --------------------------------- +// # AUTOFILL +// --------------------------------- + +defaultPref("extensions.formautofill.available", "off"); +defaultPref("extensions.formautofill.addresses.enabled", false); +defaultPref("extensions.formautofill.creditCards.enabled", false); +defaultPref("extensions.formautofill.creditCards.available", false); +defaultPref("extensions.formautofill.heuristics.enabled", false); + +// ----------------------- +// # DRM +// ----------------------- + +defaultPref("media.eme.enabled", false); +defaultPref("media.gmp-widevinecdm.visible", false); +defaultPref("media.gmp-widevinecdm.enabled", false); +defaultPref("media.gmp-provider.enabled", false); +defaultPref("media.gmp-manager.url", "data:text/plain,"); // had to re-add to prevent connections + +defaultPref("media.gmp-gmpopenh264.enabled", false); + +// ---------------------- +// # WEBRTC +// ---------------------- + +defaultPref("media.navigator.enabled", false); +defaultPref("media.peerconnection.enabled", false); +defaultPref("media.peerconnection.ice.default_address_only", true); +defaultPref("media.peerconnection.ice.no_host", true); +defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); + +// ---------------------- +// # SHARING +// ---------------------- + +defaultPref("media.getusermedia.browser.enabled", false); +defaultPref("media.getusermedia.screensharing.enabled", false); +defaultPref("media.getusermedia.audiocapture.enabled", false); + +// ---------------------------- +// # DNS +// ---------------------------- + +defaultPref("network.trr.mode", 5); +defaultPref("network.trr.uri", ""); +defaultPref("network.dns.disableIPv6", true); +lockPref("network.dns.disablePrefetch", true); + +// ------------------------------------ +// # NEW TAB PAGE +// ------------------------------------ + +lockPref("browser.newtab.preload", false); +lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); // default +lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); +lockPref("browser.newtabpage.activity-stream.feeds.newtabinit", false); +lockPref("browser.newtabpage.activity-stream.feeds.places", false); +lockPref("browser.newtabpage.activity-stream.feeds.systemtick", false); +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); +lockPref("browser.newtabpage.activity-stream.feeds.topsites", false); +lockPref("browser.newtabpage.activity-stream.feeds.system.topsites", false); +lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false); +lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); +lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // default +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", ""); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); +lockPref("browser.newtabpage.activity-stream.showSponsored", false); +lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.messaging-experiments", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.message-groups", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr-fxa", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", ""); +lockPref("browser.newtabpage.activity-stream.asrouter.providers.whats-new-panel", "{\"id\":\"whats-new-panel\",\"enabled\":false}"); +lockPref("browser.newtabpage.activity-stream.asrouter.devtoolsEnableds", true); +lockPref("browser.newtabpage.activity-stream.telemetry", false); +lockPref("browser.newtabpage.activity-stream.telemetry.structuredIngestion.endpoint", ""); +lockPref("browser.newtabpage.activity-stream.default.sites", ""); +lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false); +lockPref("browser.newtabpage.activity-stream.discoverystream.config", "{\"collapsible\":true,\"enabled\":false,\"personalized\":false,\"layout_endpoint\":\"\"}"); +lockPref("browser.newtabpage.activity-stream.discoverystream.endpoints", ""); +lockPref("browser.newtabpage.activity-stream.discoverystream.engagementLabelEnabled", false); // default +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false); +lockPref("browser.newtabpage.activity-stream.improvesearch.handoffToAwesomebar", false); +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned", ""); +lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); + +// ------------------------------------------- +// # DO NOT TRACK +// ------------------------------------------- + +// Unlocked as some think it increases fingerprint, they can now disable it +defaultPref("privacy.donottrackheader.enabled", true); + +// -------------------------------- +// # DOM +// -------------------------------- + +defaultPref("dom.disable_beforeunload", true); +defaultPref("dom.disable_open_during_load", true); +defaultPref("dom.push.enabled", false); +defaultPref("dom.push.connection.enabled", false); +defaultPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/" +defaultPref("dom.push.userAgentID", ""); +defaultPref("dom.targetBlankNoOpener.enabled", true); +defaultPref("dom.disable_window_move_resize", true); +defaultPref("dom.serviceWorkers.enabled", false); +defaultPref("dom.battery.enabled", false); +defaultPref("dom.popup_maximum", 4); +defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); +defaultPref("dom.webaudio.enabled", false); +defaultPref("dom.vr.enabled", false); +defaultPref("dom.vibrator.enabled", false); +defaultPref("dom.storage.next_gen", true); + +// -------------------------------- +// # PERMISSIONS +// -------------------------------- + +lockPref("permissions.delegation.enabled", false); +defaultPref("permissions.default.geo", 2); // unlocked as some think it increases fingerprint, they can now disable it +lockPref("permissions.manager.defaultsUrl", ""); + +// -------------------------------- +// # REFERERS +// -------------------------------- + +defaultPref("network.http.referer.XOriginTrimmingPolicy", 2); +defaultPref("network.http.referer.XOriginPolicy", 0); + +// -------------------------------- +// # PROXY +// -------------------------------- + +defaultPref("network.proxy.socks_remote_dns", true); + +// -------------------------------------- +// # HTTP(S) +// -------------------------------------- + +lockPref("network.http.altsvc.enabled", false); +lockPref("network.http.altsvc.oe", false); +defaultPref("dom.security.https_only_mode", true); +defaultPref("dom.security.https_only_mode_pbm", true); +defaultPref("network.auth.subresource-http-auth-allow", 1); + +// -------------------------------------- +// # TLS +// -------------------------------------- + +defaultPref("security.ssl.require_safe_negotiation", true); +lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true); +defaultPref("browser.ssl_override_behavior", 1); +lockPref("security.tls.enable_0rtt_data", false); +lockPref("security.tls.version.enable-deprecated", false); +defaultPref("security.tls.version.fallback-limit", 3); +defaultPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos + +// -------------------------------------- +// # RFP +// -------------------------------------- + +defaultPref("privacy.resistFingerprinting", true); +defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); +lockPref("browser.startup.blankWindow", false); // breaks RFP windows resizing + +// -------------------------------------- +// # FISSION +// -------------------------------------- + +// commented out for now, keep an eye on +// defaultPref("fission.autostart", true); + +// -------------------------------------- +// # LANGUAGE AND REGION +// -------------------------------------- + +defaultPref("javascript.use_us_english_locale", true); +defaultPref("intl.locale.requested", "en-US"); +defaultPref("privacy.spoof_english", 2); + +// ------------------------------------------------------- +// # EXTENSIONS - check readme section "Extensions Firewall" +// ------------------------------------------------------- + +// handle default restricted domains +defaultPref("extensions.webextensions.restrictedDomains", ""); // This will allow extensions to work everywhere, default "debug-notes.log" +lockPref("extensions.webextensions.identity.redirectDomain", ""); // Redirect basedomain used by identity api, default "extensions.allizom.org" + +// disable network for the extensions +// Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>> +defaultPref("extensions.webextensions.base-content-security-policy", "script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' https://* moz-extension: blob: filesystem:;"); + +// set extensions scopes +defaultPref("extensions.enabledScopes", 5); +defaultPref("extensions.autoDisableScopes", 11); + +// Relevant for addons and lang packs search +defaultPref("extensions.getAddons.search.browseURL", ""); // https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION% +defaultPref("extensions.getAddons.langpacks.url", ""); // https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% + +// other urls +defaultPref("extensions.getAddons.get.url", ""); // https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE% +defaultPref("extensions.getAddons.link.url", ""); // https://addons.mozilla.org/%LOCALE%/firefox/ + +// probably better to have it, it still must be manually triggered +defaultPref("extensions.update.url", ""); // https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion=%ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS=%APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion=%CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE% + +// ui +defaultPref("extensions.getAddons.showPane", false); +lockPref("extensions.getAddons.discovery.api_url", ""); +lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); +lockPref("extensions.webcompat-reporter.enabled", false); +lockPref("extensions.webcompat-reporter.newIssueEndpoint", "");// https://webcompat.com/issues/new + +// background checking and updating +defaultPref("extensions.update.enabled", false); +defaultPref("extensions.update.autoUpdateDefault", false); +defaultPref("extensions.update.background.url", ""); +defaultPref("extensions.getAddons.cache.enabled", false); + +// blocklist is a security feature, best left at default +// defaultPref("extensions.blocklist.enabled", false); +// defaultPref("extensions.blocklist.detailsURL", ""); +// defaultPref("extensions.blocklist.itemURL", ""); + +// system addons +lockPref("extensions.systemAddon.update.url", ""); +lockPref("extensions.systemAddon.update.enabled", false); + +defaultPref("xpinstall.signatures.devInfoURL", ""); +lockPref("extensions.webservice.discoverURL", ""); +lockPref("webextensions.storage.sync.serverURL", ""); +lockPref("lightweightThemes.getMoreURL", ""); +defaultPref("extensions.postDownloadThirdPartyPrompt", false); + +// ------------------------------------------------------- +// # NORMANDY +// ------------------------------------------------------- + +lockPref("app.normandy.enabled", false); +lockPref("app.normandy.api_url", ""); +lockPref("app.normandy.user_id", ""); +lockPref("app.normandy.shieldLearnMoreUrl", ""); + +// -------------------------------- +// # SECURITY +// -------------------------------- + +// certificates +defaultPref("security.cert_pinning.enforcement_level", 2); +defaultPref("security.OCSP.enabled", 0); +defaultPref("security.OCSP.require", false); +defaultPref("security.pki.sha1_enforcement_level", 1); + +// mixed content +lockPref("security.mixed_content.block_display_content", true); +lockPref("security.mixed_content.block_active_content", true); + +// ui +lockPref("security.insecure_connection_text.enabled", true); +lockPref("security.insecure_connection_text.pbmode.enabled", true); + +lockPref("security.dialog_enable_delay", 700); +lockPref("security.csp.enable", true); + +// ------------------------------------------------------- +// # SAFE BROWSING +// ------------------------------------------------------- + +// re-enabling +defaultPref("browser.safebrowsing.malware.enabled", false); +defaultPref("browser.safebrowsing.phishing.enabled", false); +defaultPref("browser.safebrowsing.blockedURIs.enabled", false); +defaultPref("browser.safebrowsing.provider.google4.gethashURL", ""); +defaultPref("browser.safebrowsing.provider.google4.updateURL", ""); +defaultPref("browser.safebrowsing.provider.google.gethashURL", ""); +defaultPref("browser.safebrowsing.provider.google.updateURL", ""); + +// downloads +lockPref("browser.safebrowsing.downloads.enabled", false); + +// remote downloads, unwanted software, data sharing +lockPref("browser.safebrowsing.passwords.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false); +lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); +lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); +lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false); +lockPref("browser.safebrowsing.downloads.remote.url", ""); +lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); +lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); + +// commented all below as they do no harm and make enabling SB painful +// could potentially at some point +// defaultPref("browser.safebrowsing.id", ""); +// defaultPref("browser.safebrowsing.provider.google4.pver", ""); +// defaultPref("browser.safebrowsing.provider.google4.advisoryName", ""); +// defaultPref("browser.safebrowsing.provider.google4.advisoryURL", ""); +// defaultPref("browser.safebrowsing.provider.google4.lists", ""); +// defaultPref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", ""); +// defaultPref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); +// defaultPref("browser.safebrowsing.provider.google4.reportURL", ""); +// defaultPref("browser.safebrowsing.provider.google4.lastupdatetime", ""); +// defaultPref("browser.safebrowsing.provider.google4.nextupdatetime", ""); +// defaultPref("browser.safebrowsing.provider.google.advisoryName", ""); +// defaultPref("browser.safebrowsing.provider.google.advisoryURL", ""); +// defaultPref("browser.safebrowsing.provider.google.lastupdatetime", ""); +// defaultPref("browser.safebrowsing.provider.google.lists", ""); +// defaultPref("browser.safebrowsing.provider.google.nextupdatetime", ""); +// defaultPref("browser.safebrowsing.provider.google.pver", ""); +// defaultPref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", ""); +// defaultPref("browser.safebrowsing.provider.google.reportPhishMistakeURL", ""); +// defaultPref("browser.safebrowsing.provider.google.reportURL", ""); +// defaultPref("browser.safebrowsing.reportPhishURL", ""); + +// -------------------------------- +// # FONTS +// -------------------------------- + +lockPref("gfx.font_rendering.graphite.enabled", false); +lockPref("gfx.font_rendering.opentype_svg.enabled", false); + +// -------------------------------- +// # MISC +// -------------------------------- + +// more important stuff +lockPref("browser.shell.shortcutFavicons", false); +defaultPref("browser.link.open_newwindow", 3); +defaultPref("browser.link.open_newwindow.restriction", 0); +defaultPref("network.file.disable_unc_paths", true); // (hidden pref) +lockPref("network.gio.supported-protocols", ""); // (hidden pref) +lockPref("network.IDN_show_punycode", true); +defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP + +// pdf reader +defaultPref("pdfjs.disabled", false); +defaultPref("pdfjs.enableScripting", false); +defaultPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); +defaultPref("pdfjs.enabledCache.state", false); + +// remote agent +lockPref("remote.enabled", false); + +// settings and behavior +lockPref("browser.shell.checkDefaultBrowser", false); +lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); +defaultPref("startup.homepage_override_url", "about:blank"); +defaultPref("startup.homepage_welcome_url", "about:blank"); +defaultPref("startup.homepage_welcome_url.additional", ""); +lockPref("browser.startup.homepage_override.mstone", "ignore"); +defaultPref("privacy.userContext.enabled", true); +defaultPref("general.autoScroll", false); // OS specific +defaultPref("clipboard.autocopy", false); // OS specific +defaultPref("browser.tabs.loadBookmarksInTabs", true); // OS specific +defaultPref("browser.download.manager.addToRecentDocs", false); +defaultPref("accessibility.force_disabled", 1); +lockPref("browser.uitour.enabled", false); +lockPref("middlemouse.contentLoadURL", false); +defaultPref("network.manage-offline-status", false); +defaultPref("browser.helperApps.deleteTempFileOnExit", true); +lockPref("browser.pagethumbnails.capturing_disabled", true); +lockPref("browser.bookmarks.max_backups", 2); + +// devtools +defaultPref("devtools.debugger.remote-enabled", false); +defaultPref("devtools.chrome.enabled", false); +defaultPref("devtools.performance.recording.ui-base-url", "http://localhost:55555"); // Default Value : https://profiler.firefox.com +defaultPref("devtools.devices.url", ""); +defaultPref("devtools.remote.adb.extensionURL", ""); // [FF64+] +defaultPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] +defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 + +// ui +defaultPref("browser.tabs.drawInTitlebar", true); // OS specific +defaultPref("browser.aboutConfig.showWarning", false); +defaultPref("general.warnOnAboutConfig", false); +defaultPref("browser.download.autohideButton", false); +defaultPref("privacy.userContext.ui.enabled", true); +lockPref("browser.messaging-system.whatsNewPanel.enabled", false); + +// urls and handlers +lockPref("media.decoder-doctor.new-issue-endpoint", ""); +lockPref("identity.sync.tokenserver.uri", ""); +lockPref("network.trr.confirmationNS", ""); +lockPref("browser.translation.engine", ""); // default Google +lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.mailto.0.name", ""); // default Yahoo! Mail +lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.mailto.1.name", ""); // default Gmail +lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.irc.0.name", ""); +lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.ircs.0.name", ""); +lockPref("services.settings.server", ""); +lockPref("accessibility.support.url", ""); +lockPref("app.support.baseURL", ""); +lockPref("browser.uitour.url", ""); +lockPref("webchannel.allowObject.urlWhitelist", ""); +lockPref("browser.dictionaries.download.url", ""); +lockPref("browser.geolocation.warning.infoURL", ""); +lockPref("browser.search.searchEnginesURL", ""); +lockPref("browser.uitour.themeOrigin", ""); +lockPref("toolkit.datacollection.infoURL", ""); +lockPref("identity.mobilepromo.android", ""); +lockPref("identity.mobilepromo.ios", ""); +defaultPref("identity.sendtabpromo.url", ""); +lockPref("datareporting.healthreport.infoURL", ""); +lockPref("app.feedback.baseURL", ""); +lockPref("app.releaseNotesURL", ""); +lockPref("app.releaseNotesURL.aboutDialog", ""); +lockPref("browser.chrome.errorReporter.infoURL", ""); +lockPref("datareporting.policy.firstRunURL", ""); + +// -------------------------------- +// # CACHE +// -------------------------------- + +lockPref("browser.cache.offline.storage.enable", false); +lockPref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] +defaultPref("media.memory_cache_max_size", 65536); +defaultPref("browser.cache.disk.enable", false); + +// -------------------------------- +// # WEBGL AND PERFORMANCE +// -------------------------------- + +defaultPref("webgl.disabled", true); +defaultPref("webgl.enable-webgl2", false); + +// -------------------------------- +// # JS +// -------------------------------- + +lockPref("javascript.options.shared_memory", false); + +// -------------------------------- +// # GEO +// -------------------------------- + +defaultPref("geo.enabled", false); +lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] +lockPref("geo.provider.use_corelocation", false); // [MAC] +lockPref("geo.provider.use_gpsd", false); // [LINUX] +defaultPref("geo.provider.network.url", ""); // consider adding url, it doesn't do any harm +lockPref("browser.region.network.url", ""); +lockPref("browser.region.update.enabled", false); + +// -------------------------------- +// # PREFETCHING +// -------------------------------- + +lockPref("network.predictor.enabled", false); +lockPref("network.prefetch-next", false); +lockPref("network.http.speculative-parallel-limit", 0); + +// -------------------------------- +// # OUTGOING CONNECTIONS +// -------------------------------- + +// updates +lockPref("app.update.auto", false); +lockPref("app.update.staging.enabled", false); +lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0); +lockPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); +lockPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); + +// connectivity service +lockPref("network.connectivity-service.enabled", false); +lockPref("network.connectivity-service.IPv6.url", "http://0.0.0.0"); +lockPref("network.connectivity-service.IPv4.url", "http://0.0.0.0"); +lockPref("network.connectivity-service.DNSv6.domain", ""); +lockPref("network.connectivity-service.DNSv4.domain", ""); + +// telemetry +lockPref("toolkit.crashreporter.infoURL", ""); +lockPref("toolkit.telemetry.archive.enabled", false); +lockPref("toolkit.telemetry.updatePing.enabled", false); +lockPref("toolkit.telemetry.bhrPing.enabled", false); +lockPref("toolkit.telemetry.cachedClientID", ""); +lockPref("toolkit.telemetry.enabled", false); +lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); +lockPref("toolkit.telemetry.newProfilePing.enabled", false); +lockPref("toolkit.telemetry.previousBuildID", ""); +lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); // default +lockPref("toolkit.telemetry.server", "data:,"); +lockPref("toolkit.telemetry.server_owner", ""); +lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); +lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); // default +lockPref("toolkit.telemetry.unified", false); +lockPref("security.protectionspopup.recordEventTelemetry", false); +lockPref("datareporting.healthreport.uploadEnabled", false); +lockPref("datareporting.policy.dataSubmissionEnabled", false); +lockPref("toolkit.coverage.endpoint.base", ""); +lockPref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF] +lockPref("toolkit.coverage.opt-out", true); // [HIDDEN PREF] +lockPref("toolkit.coverage.enabled", false); +lockPref("app.shield.optoutstudies.enabled", false); +lockPref("beacon.enabled", false); +lockPref("browser.ping-centre.telemetry", false); + +// discovery +lockPref("browser.discovery.enabled", false); +lockPref("browser.discovery.containers.enabled", false); +lockPref("browser.discovery.sites", ""); + +// crash report +lockPref("breakpad.reportURL", ""); +lockPref("browser.tabs.crashReporting.sendReport", false); +lockPref("browser.crashReports.unsubmittedCheck.enabled", false); +lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); + +// captive portal +lockPref("network.captive-portal-service.enabled", false); +lockPref("captivedetect.canonicalURL", ""); + +// -------------------------------- +// # WINDOWS +// -------------------------------- + +// disable links launching Windows Store [WINDOWS] +lockPref("network.protocol-handler.external.ms-windows-store", false); + +// disable background update service [WINDOWS] +lockPref("app.update.service.enabled", false); + +// disable automatic Firefox start and session restore after reboot [WINDOWS] +lockPref("toolkit.winRegisterApplicationRestart", false); + +// disable Windows 8.1 Family Safety cert [WINDOWS] +lockPref("security.family_safety.mode", 0); + +// Windows only? +lockPref("default-browser-agent.enabled", false); + +// ----------------------------------- +// # OVERRIDES +// ----------------------------------- + +// allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg` +// or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak). +let profile_directory; +if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) { + pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); +} -- cgit