aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBeatLink <beatlink@protonmail.com>2019-06-19 00:00:50 +0000
committerBeatLink <beatlink@protonmail.com>2019-06-19 00:00:50 +0000
commitfe593bdaf426846daf054f8d3b7a4418ef265c68 (patch)
tree58a79e16b5a836c121124429ea783a137abc0d05
parentRemove outdated/unnecessary comments (diff)
parentFix grammar errors in librewolf.cfg (diff)
downloadlibrewolf-linux-fe593bdaf426846daf054f8d3b7a4418ef265c68.tar.gz
librewolf-linux-fe593bdaf426846daf054f8d3b7a4418ef265c68.tar.bz2
librewolf-linux-fe593bdaf426846daf054f8d3b7a4418ef265c68.zip
Merge branch 'grammar' into 'master'
Fix grammar errors in librewolf.cfg See merge request librewolf-community/librewolf!1
-rw-r--r--settings/settings/librewolf.cfg293
1 files changed, 148 insertions, 145 deletions
diff --git a/settings/settings/librewolf.cfg b/settings/settings/librewolf.cfg
index bd1711d..befdb47 100644
--- a/settings/settings/librewolf.cfg
+++ b/settings/settings/librewolf.cfg
@@ -93,7 +93,7 @@ lockPref("general.config.filename", "librewolf.cfg");
// CIS 2.5.1
lockPref("network.cookie.cookieBehavior", 1);
-// Pref : Cookies expires at the end of the session (when the browser closes)
+// Pref : Cookies expire at the end of the session (when the browser closes)
// http://kb.mozillazine.org/Network.cookie.lifetimePolicy#2
// 0=until they expire (default)
// 2=until you close Firefox
@@ -101,7 +101,7 @@ lockPref("network.cookie.cookieBehavior", 1);
lockPref("network.cookie.lifetimePolicy", 2);
// Pref : Disable Cookie Exception Button
-// WARNING Bug !!! This lock the button whether its false or true
+// WARNING Bug !!! This locks the button regardless of its value
//lockPref("pref.privacy.disable_button.cookie_exceptions", false);
// Pref : 2706: enable support for same-site cookies (FF60+)
@@ -130,12 +130,12 @@ lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+) //
// ----------------------------------------------------------------------------------------------------
// Pref : Track Protection
-// Firefox now integrate a tracking protection feature (based on disconnect.me)
-// it's a light list content blocking, listing can not be edited, this feature
+// Firefox now integrates a tracking protection feature (based on disconnect.me).
+// It is a light-list content blocking; the list can not be edited. This feature
// is disabled in LibreWolf. it's recommended to use ublock instead.
// This feature is disabled :
-// - Until it evolve and integrate at least list editing
-// - Because double filtering (this + ublock) is not suitable for performance.
+// - Until it evolves and integrates at least list editing
+// - Because double filtering (this + ublock) is not good for performance.
// Pref : Track Protection
lockPref("privacy.trackingprotection.enabled", false);
@@ -144,7 +144,7 @@ lockPref("privacy.trackingprotection.enabled", false);
// Passive TP annotates channels to lower the priority of network loads for resources
// on the tracking protection list
// [NOTE] It has no effect if TP is enabled, but keep in mind that by default TP is
-// only enabled in Private Windows
+// enabled only in Private Windows
// This is included for people who want to completely disable Tracking Protection.
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1170190,1141814
lockPref("privacy.trackingprotection.annotate_channels", false);
@@ -163,8 +163,8 @@ lockPref("browser.contentblocking.reportBreakage.url", "");
lockPref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", false);
// Pref : Third-party cookie ui under preferences
-lockPref("browser.contentblocking.rejecttrackers.ui.enabled", false); //This hide third-party cookie ui
-// Needed to lock third-party cookie ui (third-party cookies are blocked tho)
+lockPref("browser.contentblocking.rejecttrackers.ui.enabled", false); //This hides third-party cookie ui
+// Should lock third-party cookie ui, but third-party cookies are blocked too
// Pref : Disable tracking protection ui list editing under url bar popup
lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false);
@@ -172,7 +172,7 @@ lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled",
// Pref : Disable tracking protection ui list editing under preferences
lockPref("browser.contentblocking.trackingprotection.ui.enabled", false);
-// Pref : Other CB/TP UI not needed
+// Pref : Other unnecessary CB/TP UI
//lockPref("browser.contentblocking.global-toggle.enabled", false);
//lockPref("browser.contentblocking.rejecttrackers.ui.recommended", false);
//lockPref("browser.contentblocking.fastblock.ui.enabled", false);
@@ -182,26 +182,26 @@ lockPref("browser.contentblocking.trackingprotection.ui.enabled", false);
//lockPref("browser.contentblocking.allowlist.annotations.enabled", false);
//lockPref("browser.contentblocking.allowlist.storage.enabled", false);
-// Pref : Disable exception button but does not work as expected.
+// Pref : Disable exception button (does not work as expected)
//lockPref("pref.privacy.disable_button.tracking_protection_exceptions", false);
-// This seems to only disable the button, not suitable
+// This seems to only disable the button; not suitable
// Pref : Third-party cookie ui under url bar
//lockPref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", false);
-// This disable third-party cookie ui under url bar
-// This is disabled to leave icon on url
+// This disables third-party cookie ui under url bar
+// This is disabled to leave icon in url bar
// Pref : Disable TP UI
//lockPref("browser.contentblocking.ui.enabled", false);
-// Fully disable CB/TP ui, this is disabled to leave icon on url
+// Fully disable CB/TP ui, this is disabled to leave icon in url bar
// Pref : 0426 : Enforce Content Blocking (required to block cookies) (FF63+)
// Master switch for all content blocking features (includes tracking protection,
// but excludes tracking annotations annotate_channels).
//lockPref("browser.contentblocking.enabled", false); // default: true
-// Other settings already regulate this section sub settings (this master switch
+// Other settings already regulate this section's sub-settings (this master switch
// is not suitable).
-// Disabled this because it is needed for blocking third party cookies
+// Disabled because it is needed for blocking third party cookies
// ----------------------------------------------------------------------------------------------------
// User Settings : Auto play settings
@@ -240,7 +240,7 @@ lockPref("signon.storeWhenAutocompleteOff", false); // default: true
// User Settings : History settings
// ----------------------------------------------------------------------------------------------------
-// Pref : 0804 : limit history leaks via enumeration (PER TAB: back/forward) - PRIVACY
+// Pref : 0804 : limit history leak via enumeration (PER TAB: back/forward) - PRIVACY
// This is a PER TAB session history. You still have a full history stored under all history
// default=50, minimum=1=currentpage, 2 is the recommended minimum as some pages
// use it as a means of referral (e.g. hotlinking), 4 or 6 or 10 may be more practical
@@ -293,38 +293,37 @@ defaultPref("privacy.history.custom", true);
// Same as 2805, session storage is cleared anyway... check with storage inspector
// Pref : 2805: privacy.*.openWindows (clear session restore data) (FF34+)
-// [NOTE] There is a years-old bug that these cause two windows when Firefox restarts.
-// You do not need these anyway if session restore is disabled (see 1020)
+// [NOTE] There is a several-year old bug associated with these that causes two windows
+// when Firefox restarts.
+// These are not needed anyway if session restore is disabled (see 1020)
//defaultPref("privacy.clearOnShutdown.openWindows", true);
-// Break session restore on crash & some theming extensions
-// Also this have a bug causing two windows when Firefox restarts.
+// Breaks session restore on crash & some theming extensions
// The session is deleted anyway on restart so its not useful
// Mitigated with other settings
// Pref : Defaulting Settings : Clear history when closing - Pref : 2803 : Duplicate ?
// "sessions" removed from cleaning list as its an important data to keep...
// user may add it back in the gui
-// This settings work only as string not as bool (This seems to be a bug in Firefox)
-// Also this settings seems to kill following settings so it should be the last
+// This setting works only as string not as bool (This seems to be a bug in Firefox)
+// Also this setting seems to kill following settings so it should be the last
//defaultPref("privacy.sanitize.pending", '[{"id":"shutdown","itemsToClear":["cache","cookies","history","formdata","downloads"],"options":{}}]');
// Its erased if not enforced... and default does not differ a lot (session included in default...)
-// This erase the settings no matter what ! so careful here
+// [WARNING] This erases the settings no matter what.
// -------------------------------------
-// Pref : 1006: disable permissions manager from writing to disk [RESTART]
-// [NOTE] This means any permission changes are session only
+// Pref : 1006: prevent permissions manager from writing to disk [RESTART]
+// [NOTE] This means any permission changes are session-only
// [1] https://bugzilla.mozilla.org/967812
//lockPref("permissions.memory_only", true); // (hidden pref)
-// This does not keep sites permission and exceptions its then disabled
// This is managed by sanitize settings
// Pref : Delete Search and Form History
// Disabled - Deprecated Active - This is not deprecated
// Only used in a single test ? does not harm to have it
// CIS Version 1.2.0 October 21st, 2011 2.5.6
-// Default value is 180 day
-// Disabled because its managed by sanitize settings
+// Default value is 180 days
+// Disabled because it's managed by sanitize settings
//lockPref("browser.formfill.expire_days", 0);
// Also check "User Settings : Session"
@@ -337,7 +336,7 @@ defaultPref("privacy.history.custom", true);
// Pref : 1021 : disable storing extra session data
// extra session data contains contents of forms, scrollbar positions, cookies and POST data
-// define on which sites to save extra session data:
+// set sites on which extra session data should be saved
// Pref : 0=everywhere, 1=unencrypted sites, 2=nowhere
lockPref("browser.sessionstore.privacy_level", 2);
@@ -359,7 +358,7 @@ lockPref("extensions.formautofill.available", "off");
lockPref("extensions.formautofill.creditCards.enabled", false);
lockPref("extensions.formautofill.heuristics.enabled", false);
-// Pref : Require manual intervention to autofill known username/passwords sign-in forms
+// Pref : Require manual intervention to autofill known username/passwords in sign-in forms
// http://kb.mozillazine.org/Signon.autofillForms
// https://www.torproject.org/projects/torbrowser/design/#identifier-linkability
lockPref("signon.autofillForms", false);
@@ -372,7 +371,7 @@ lockPref("signon.autofillForms.http", false);
// http://kb.mozillazine.org/Inline_autocomplete
//lockPref("browser.urlbar.autoFill", false);
//lockPref("browser.urlbar.autoFill.typed", false);
-// This does not cause privacy/leaking issue
+// This does not cause privacy/leaking issues
// ----------------------------------------------------------------------------------------------------
// User Settings : Check default browser Settings
@@ -387,7 +386,7 @@ lockPref("browser.shell.checkDefaultBrowser", false);
// ----------------------------------------------------------------------------------------------------
// Pref : DRM/CDM
-// This is disabled because it's a closed source blob
+// DRM is disabled because it's a closed source blob
// Encrypted Media Extensions
lockPref("media.eme.enabled", false);
lockPref("media.gmp-provider.enabled", false);
@@ -480,7 +479,7 @@ lockPref("media.peerconnection.ice.no_host", true); // (FF51+)
// CVE-2017-5384 : Information disclosure via Proxy Auto-Config (PAC)
// [1] https://bugzilla.mozilla.org/1255474
// Does not need to be set as its false by default
-// BUG : This lock proxy settings from the panel
+// BUG : This locks proxy settings from the panel
// BUG-Fix : Fixed in defaulting section
// MIGRATED : To defaulting section
// WARNING : Do not change this settings here or proxy settings will be locked
@@ -505,7 +504,7 @@ lockPref("media.peerconnection.ice.no_host", true); // (FF51+)
// [WARNING] DoH bypasses hosts and gives info to yet another party (e.g. Cloudflare)
// [1] https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/
// [2] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/
-// BUG : This seem to disable socks_remote_dns ?! need to check with wireshark
+// BUG : This seems to disable socks_remote_dns ?! need to check with wireshark
// If true, just settings urls to null should be enough to disable
// Without impacting socks_remote_dns
// -------
@@ -521,7 +520,7 @@ lockPref("network.trr.uri", "");
// If your OS or ISP does not support IPv6, there is no reason to have this preference set to false.
lockPref("network.dns.disableIPv6", true);
-// Pref : Disable DNS prefetching
+// Pref : Disable DNS pre-fetching
// http://kb.mozillazine.org/Network.dns.disablePrefetch
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching
lockPref("network.dns.disablePrefetch", true);
@@ -543,7 +542,7 @@ lockPref("browser.newtabpage.activity-stream.prerender", false);
// Defaulting Settings : Do not track settings
// ----------------------------------------------------------------------------------------------------
-// Set to enforce, choice was left to the user in previous version
+// Set to enforce; choice was left to the user in a previous version
lockPref("privacy.donottrackheader.enabled", true);
// Pref : 1610: (36+) set DNT "value" to "not be tracked" (FF21+)
@@ -576,8 +575,8 @@ lockPref("privacy.donottrackheader.value", 1);
// https://support.mozilla.org/en-US/questions/1043508
// Does not prevent JS leaks of the page close event.
// https://developer.mozilla.org/en-US/docs/Web/Events/beforeunload
-// Disabled by default could be useful on important site like banking
-//lockPref("dom.disable_beforeunload", true);
+// Disabled by default in Librefox; could be useful on some sites, e.g. banking sites
+lockPref("dom.disable_beforeunload", true);
// Pref : Disable geo localisation
lockPref("permissions.default.geo", 2);
@@ -593,7 +592,7 @@ lockPref("permissions.default.geo", 2);
// Defaulting Settings : Other Defaulting
// ----------------------------------------------------------------------------------------------------
-// Pref : Preferred language for displaying websites...
+// Pref : Preferred language for displaying websites.
// The first settings overflow the second one
defaultPref("privacy.spoof_english", 2);
//defaultPref("intl.accept_languages", "en-US, en"); //This make lang windows unusable
@@ -641,9 +640,9 @@ defaultPref("browser.tabs.closeWindowWithLastTab", false);
defaultPref("general.autoScroll", false);
// Pref : 1601: ALL: control when images/links send a referer
+// This breaks a lot of sites. This is mitigating by an extension.
// 0=never, 1=send only when links are clicked, 2=for links and images (default)
//defaultPref("network.http.sendRefererHeader", 1);
-// This break a lot of sites.. mitigating by extension
// Pref : 2620: enable Firefox's built-in PDF reader
// [SETTING] General>Applications>Portable Document Format (PDF)
@@ -689,7 +688,7 @@ defaultPref("general.useragent.site_specific_overrides", false);
// Pref : Display all sections by default
defaultPref("extensions.ui.experiment.hidden", false);
-// Those two are not needed (they are set to true automatically when their list is empty )
+// These two are not needed (they are set to true automatically when their list is empty)
//defaultPref("extensions.ui.dictionary.hidden", false);
//defaultPref("extensions.ui.locale.hidden", false);
@@ -716,8 +715,8 @@ defaultPref("browser.uidensity", 1);
// including files/blobs. This API uses indexes to enable high-performance searches of this data.
// While Web Storage is useful for storing smaller amounts of data, it is less useful for storing
// larger amounts of structured data. IndexedDB provides a solution. This is the main landing page
-// for MDN's IndexedDB coverage — here we provide links to the full API reference and usage guides,
-// browser support details, and some explanation of key concepts
+// for MDN's IndexedDB coverage — "here we provide links to the full API reference and usage guides,
+// browser support details, and some explanation of key concepts"
// Also this is cleaned by privacy.clearOnShutdown.offlineApps"
// https://blog.mozilla.org/addons/2018/08/03/new-backend-for-storage-local-api/
// https://developer.mozilla.org/en-US/docs/IndexedDB
@@ -736,7 +735,7 @@ lockPref("dom.indexedDB.enabled", true); //default true
lockPref("dom.w3c_pointer_events.enabled", false);
// Pref : 0702 : disable HTTP2 (which was based on SPDY which is now deprecated)
-// HTTP2 raises concerns with "multiplexing" and "server push", does nothing to enhance
+// HTTP2 adds "multiplexing" and "server push", but does nothing to enhance
// privacy, and in fact opens up a number of server-side fingerprinting opportunities
// [1] https://http2.github.io/faq/
// [2] https://blog.scottlogic.com/2014/11/07/http-2-a-quick-look.html
@@ -749,8 +748,8 @@ lockPref("dom.w3c_pointer_events.enabled", false);
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : Firefox Fingerprint
-// ResistFingerprinting : Overrided by 'privacy.resistFingerprinting'
-// This need to be kept disabled to make resistFingerprinting efficient
+// ResistFingerprinting : Overriden by 'privacy.resistFingerprinting'
+// This needs to be kept disabled to make resistFingerprinting efficient
// https://wiki.mozilla.org/Security/Fingerprinting
// Bench Diff : +0/5000
// >>>>>>>>>>>>>>>>>>>>
@@ -774,7 +773,7 @@ lockPref("privacy.resistFingerprinting.block_mozAddonManager", true);
// Pref : 0864 : disable date/time picker (FF57+ default true)
// This can leak your locale if not en-US
// [1] https://trac.torproject.org/projects/tor/ticket/21787
-// How does this work with resistFingerprinting efficient ??
+// Does this work efficiently with resistFingerprinting ??
lockPref("dom.forms.datetime", false);
// Pref : Prevent leaking application locale/date format using JavaScript
@@ -788,7 +787,7 @@ lockPref("javascript.use_us_english_locale", true);
// Already applied by resistFingerprinting ?
lockPref("intl.regional_prefs.use_os_locales", false);
-// Pref : Local and useragent...
+// Pref : Locale and useragent.
// Already applied by resistFingerprinting ?
lockPref("intl.locale.requested", "en-US");
@@ -796,7 +795,7 @@ lockPref("intl.locale.requested", "en-US");
// Disabled to make resistFingerprinting efficient
//lockPref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0, 45");
-// Pref : This does not work with resistFingerprinting... (Still needed for ESR)
+// Pref : This does not work with resistFingerprinting. Still needed for ESR.
lockPref("general.appname.override", "Netscape");
lockPref("general.appversion.override", "5.0 (Windows)");
lockPref("general.platform.override", "Win32");
@@ -814,12 +813,12 @@ lockPref("toolkit.coverage.opt-out", true); // [HIDDEN PREF]
// DOWNLOADS
// Pref : 2652: disable adding downloads to the system's "recent documents" list
-lockPref("browser.download.manager.addToRecentDocs", false); //do not disabled
+lockPref("browser.download.manager.addToRecentDocs", false); //do not disable
// Pref : 2653: disable hiding mime types (Options>General>Applications) not associated with a plugin
-lockPref("browser.download.hide_plugins_without_extensions", false); //do not disabled
+lockPref("browser.download.hide_plugins_without_extensions", false); //do not disable
// Pref : 2617: remove webchannel whitelist
-// Default value
+// Default value:
// "https://content.cdn.mozilla.net https://input.mozilla.org https://support.mozilla.org https://install.mozilla.org"
lockPref("webchannel.allowObject.urlWhitelist", "");
@@ -828,11 +827,12 @@ lockPref("webchannel.allowObject.urlWhitelist", "");
lockPref("browser.cache.offline.insecure.enable", false); // default: false in FF62+
// Pref : 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS)
-// [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins)
-// To control HTML Meta tag and JS redirects, use an extension. Default is 20
+// [NOTE] A low setting of 5 or less will probably break some sites (e.g. gmail logins)
+// To control HTML Meta tag and JS redirects, use an extension.
+// Default: 20
lockPref("network.http.redirection-limit", 10);
-// Pref : 2731: enforce websites to ask to store data for offline use
+// Pref : 2731: enforce websites to ask whether to store data for offline use
// [1] https://support.mozilla.org/questions/1098540
// [2] https://bugzilla.mozilla.org/959985
lockPref("offline-apps.allow_by_default", false);
@@ -842,7 +842,9 @@ lockPref("offline-apps.allow_by_default", false);
// [SETUP-CHROME] This will break extensions that do not use the default XPI directories
// [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/
// [1] archived: https://archive.is/DYjAM
-lockPref("extensions.enabledScopes", 5); // (hidden pref) // Breaks all default themes (including dark) starting with FF68.0+
+lockPref("extensions.enabledScopes", 5); // (hidden pref)
+// Breaks all default themes (including dark) starting with FF68.0+
+
// Tor-compatibility-patch
lockPref("extensions.autoDisableScopes", 15); //Tor value must be 0
// Pref : 2663: enable warning when websites try to install add-ons
@@ -954,7 +956,7 @@ lockPref("security.ssl.require_safe_negotiation", true);
lockPref("security.tls.enable_0rtt_data", false); // (FF55+ default true)
// Pref : 1272 : display advanced information on Insecure Connection warning pages
-// only works when it's possible to add an exception
+// Only works when it's possible to add an exception
// i.e. it doesn't work for HSTS discrepancies (https://subdomain.preloaded-hsts.badssl.com/)
// [TEST] https://expired.badssl.com/
lockPref("browser.xul.error_pages.expert_bad_cert", true);
@@ -1007,12 +1009,12 @@ lockPref("dom.disable_window_open_feature.status", true); // status bar - defaul
lockPref("dom.disable_window_open_feature.titlebar", true);
lockPref("dom.disable_window_open_feature.toolbar", true);
-// Pref : 2202 : prevent scripts moving and resizing open windows
+// Pref : 2202 : prevent scripts from moving and resizing open windows
lockPref("dom.disable_window_move_resize", true);
// Pref : 2426 : disable Intersection Observer API (FF53+)
-// Almost a year to complete, three versions late to stable (as default false),
-// number #1 cause of crashes in nightly numerous times, and is (primarily) an
+// Took almost a year to complete, three versions late to 'stable' (as default false),
+// number 1 cause of crashes in nightly numerous times, and is (primarily) an
// ad network API for "ad viewability checks" down to a pixel level
// [1] https://developer.mozilla.org/docs/Web/API/Intersection_Observer_API
// [2] https://w3c.github.io/IntersectionObserver/
@@ -1086,8 +1088,8 @@ lockPref("extensions.webextensions.base-content-security-policy", "default-src '
// Please check readme section "Extensions Firewall"
// Pref : CSP Main Settings I/II :
-// Those are default value for CSP
-// Those are not intended to to be uncommented
+// Those are default values for CSP
+// Those are not meant to to be uncommented
//defaultPref("security.csp.enable", true); //This is its default value
//defaultPref("security.csp.enableStrictDynamic", true); //This is its default value
//defaultPref("security.csp.enable_violation_events", true); //This is its default value
@@ -1115,7 +1117,7 @@ lockPref("security.csp.enable_violation_events", false); //Deprecated Active
// Extensions Security :
// ---------------------
-// Pref : Enable tab hiding API by default.
+// Pref : Enable tab-hiding API by default.
defaultPref("extensions.webextensions.tabhide.enabled", false); //Default true
// ----------------------------------------------------------------------------------
@@ -1157,7 +1159,7 @@ defaultPref("extensions.webextensions.background-delayed-startup", true); //defa
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
// Section : IJWY To Shut Up
// I Just Want You To Shut Up : Closing all non necessary communication to mozilla.org etc.
-// Thoses settings are not used in gHacks for the moment.
+// These settings are not used in gHacks at the moment.
// Will be upstreamed once stable in final version.
// Bench Diff : +0/5000
// >>>>>>>>>>>>>>>>>>>>
@@ -1175,7 +1177,7 @@ lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); // Deprecated A
// Default Value
// https://www.mibbit.com/?url=%s
-// Pref : “coverage” ping [FF64+]
+// Pref : "coverage" ping [FF64+]
// This ping is not enabled by default. When enabled, a ping is generated a total of once
//per profile, as a diagnostic tool to determine whether Telemetry is working for users.
lockPref("toolkit.coverage.enabled", false); //default false
@@ -1608,7 +1610,7 @@ lockPref("prio.publicKeyB", "");
// Default Value
// 26E6674E65425B823F1F1D5F96E3BB3EF9E406EC7FBA7DEF8B08A35DD135AF50
-// Alpha Settings Not Needed For The Moment --------------------------------------------------------------
+// Alpha Settings Not Needed At The Moment --------------------------------------------------------------
// Pref :
//lockPref("urlclassifier.phishTable", "");
@@ -1816,9 +1818,9 @@ lockPref("security.ssl.errorReporting.automatic", false);
lockPref("security.ssl.errorReporting.url", "");
// Pref : Check disabled section
-// OCSP Leaks the visited sited exactly same issue as safebrowsing.
-// Stapling have the site itsefl proof that his certificate is good
-// through the CA so apparently nothing is leaked in this case.
+// OCSP leaks the visited sites. Exactly same issue as with safebrowsing.
+// Stapling forces the site to prove that its certificate is good
+// through the CA, so apparently nothing is leaked in this case.
// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
lockPref("security.OCSP.enabled", 0);
lockPref("security.OCSP.require", false);
@@ -1829,11 +1831,11 @@ lockPref("security.ssl.errorReporting.enabled", false);
// Pref : Manage certificates button
//lockPref("security.disable_button.openCertManager", false);
-// Disabled because of a bug that disable the button no matter what is the value
+// Disabled because of a bug that disables the button regardless of its value
// Pref : Manage security devices button
//lockPref("security.disable_button.openDeviceManager", false);
-// Disabled because of a bug that disable the button no matter what is the value
+// Disabled because of a bug that disables the button regardless of its value
// Pref :
lockPref("security.mixed_content.upgrade_display_content", true);
@@ -1888,10 +1890,10 @@ defaultPref("layers.acceleration.force-enabled", true);
// Pref : 2508: disable hardware acceleration to reduce graphics fingerprinting
// [SETTING] General>Performance>Custom>Use hardware acceleration when available
-// [SETUP-PERF] Affects text rendering (fonts will look different), impacts video performance,
-// and parts of Quantum that utilize the GPU will also be affected as they are rolled out
+// [SETUP-PERF] Affects text rendering (fonts will look different) and impacts video performance.
+// Parts of Quantum that utilize the GPU will also be affected as they are rolled out
// [1] https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration
-// Resolved with extension
+// Resolved by extension
defaultPref("gfx.direct2d.disabled", false); // [WINDOWS]
defaultPref("layers.acceleration.disabled", false);
@@ -1930,14 +1932,14 @@ defaultPref("browser.tabs.animate", false);
// https://webassembly.org/
// https://en.wikipedia.org/wiki/WebAssembly
// https://trac.torproject.org/projects/tor/ticket/21549
-// Solved with extension disabled here for performance
+// Solved by extension disabled here for performance
//lockPref("javascript.options.wasm", false);
// Bench Diff : -100/5000
// Pref : Prevent font fingerprinting
// https://browserleaks.com/fonts
// https://github.com/pyllyukko/user.js/issues/120
-// Solved with extension disabled here for performance
+// Solved by extension disabled here for performance
//lockPref("browser.display.use_document_fonts", 0);
// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
@@ -1947,7 +1949,7 @@ defaultPref("browser.tabs.animate", false);
// Bench Diff : -220/5000
// Pref : Disable webGL I/II
-// WebGL introduce high fingerprinting... (webgl is direct hardware js)
+// WebGL introduces high fingerprinting (WebGL is a js API for directly accessing hardware)
defaultPref("webgl.disabled", false); // Tor have it false but the rest is the same (webgl)
// This does not leak
lockPref("webgl.enable-webgl2", false);
@@ -1955,7 +1957,7 @@ lockPref("webgl.min_capability_mode", true);
// Bench Diff : 0/5000
// Pref : Disable webGL II/II
-// WebGL introduce high fingerprinting... (webgl is direct hardware js)
+// WebGL introduces high fingerprinting (WebGL is a js API for directly accessing hardware)
lockPref("pdfjs.enableWebGL", false);
lockPref("webgl.disable-extensions", true);
lockPref("webgl.disable-fail-if-major-performance-caveat", true);
@@ -1967,7 +1969,7 @@ lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active
// https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
// https://www.mozilla.org/en-US/security/advisories/mfsa2015-50/
// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712
-// Solved with extension disabled here for performance
+// Solved by extension disabled here for performance
// Tor enforce this
//lockPref("javascript.options.asmjs", false);
@@ -1989,10 +1991,10 @@ lockPref("javascript.options.shared_memory", false);
// Bench Diff : -50/5000
// Pref : 2302 : disable service workers
// Service workers essentially act as proxy servers that sit between web apps, and the browser
-// and network, are event driven, and can control the web page/site it is associated with,
+// and network. They are event-driven, and can control the web page/site it is associated with,
// intercepting and modifying navigation and resource requests, and caching resources.
-// SW may decrease performance depending on the script this ot that site is running in background
-// So overall disabling SW should enhance performance because it block SW Scripts
+// SW may decrease performance depending on the script that is running in background.
+// So overall, disabling SW should enhance performance because it blocks SW Scripts.
// [NOTE] Service worker APIs are hidden (in Firefox) and cannot be used when in PB mode.
// [NOTE] Service workers only run over HTTPS. Service Workers have no DOM access.
lockPref("dom.serviceWorkers.enabled", false);
@@ -2002,9 +2004,9 @@ lockPref("dom.serviceWorkers.enabled", false);
// Bench Diff : +100/5000
// >>>>>>>>>>>>>>>>>>>>>>
-// Pref : Onboarding tour disable because of included telemetry
-// This extension is already removed this setting is just in case it
-// comeback or for users using the script outside the bundle
+// Pref : Onboarding tour disabled because of included telemetry
+// This extension has already been removed. This setting is here to disable it just in case it
+// comes back or for users using the script outside the bundle.
lockPref("browser.onboarding.notification.finished", true);
lockPref("browser.onboarding.tour.onboarding-tour-customize.completed", true);
lockPref("browser.onboarding.tour.onboarding-tour-performance.completed", true);
@@ -2081,7 +2083,7 @@ lockPref("browser.chrome.errorReporter.enabled", false);
lockPref("browser.ping-centre.staging.endpoint", "");
lockPref("browser.ping-centre.telemetry", false);
-// Pref : Google Safe Browsing (Block dangerous and deceptive contents)
+// Pref : Google Safe Browsing (Blocks dangerous and deceptive contents)
// browser.safebrowsing.downloads.enabled true
// browser.safebrowsing.downloads.remote.block_potentially_unwanted true
@@ -2157,7 +2159,7 @@ lockPref("dom.battery.enabled", false);
// Pref :
lockPref("dom.permissions.enabled", false);
-// Pref : Maximum pop launch at the same time
+// Pref : Maximum popups that may be launched at the same time
lockPref("dom.popup_maximum", 4);
// Pref :
@@ -2168,7 +2170,7 @@ lockPref("extensions.blocklist.detailsURL", "");
lockPref("extensions.blocklist.itemURL", "");
// Pref : Block list url disabled
-// gHacks tune this to minimize privacy issue.. its complitely disabled here
+// gHacks tunes this to minimize privacy issues. its complitely disabled here
// Disabled complitely
lockPref("extensions.blocklist.url", "");
@@ -2207,8 +2209,8 @@ lockPref("mailnews.messageid_browser.url", "");
lockPref("mailnews.mx_service_url", "");
// Pref : 0608 : disable predictor / prefetching (FF48+)
-// Network predicator load pages before they are opened
-// with mose hover for example
+// Network predictor load pages before they are opened
+// with mouse hover for example
lockPref("network.predictor.enabled", false);
lockPref("network.predictor.cleaned-up", true);
lockPref("network.predictor.enable-prefetch", false);
@@ -2256,7 +2258,7 @@ lockPref("toolkit.telemetry.hybridContent.enabled", false);
lockPref("toolkit.telemetry.infoURL", "");
lockPref("toolkit.telemetry.newProfilePing.enabled", false);
lockPref("toolkit.telemetry.previousBuildID", "");
-lockPref("toolkit.telemetry.prompted", 2); //Setting seem to still exist
+lockPref("toolkit.telemetry.prompted", 2); //Setting seems to still exist
lockPref("toolkit.telemetry.rejected", true);
lockPref("toolkit.telemetry.reportingpolicy.firstRun", false);
lockPref("toolkit.telemetry.server", "data:,");
@@ -2294,7 +2296,7 @@ lockPref("dom.event.contextmenu.enabled", false);
// Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript
// Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in
-// JS-based web applications (Google Docs...)
+// JS-based web applications (Google Docs etc.)
// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled
lockPref("dom.event.clipboardevents.enabled", false);
@@ -2331,7 +2333,7 @@ lockPref("browser.startup.homepage_override.buildID", "20100101");
// http://kb.mozillazine.org/Browser.send_pings
lockPref("browser.send_pings", false);
-// Pref : When browser pings are enabled, only allow pinging the same host as the origin page
+// Pref : When browser pings are enabled, only allow pinging the origin page's host
// http://kb.mozillazine.org/Browser.send_pings.require_same_host
lockPref("browser.send_pings.require_same_host", true);
@@ -2374,7 +2376,7 @@ lockPref("dom.enable_user_timing", false);
// Pref : Disable Web Audio API
// https://bugzilla.mozilla.org/show_bug.cgi?id=1288359
-// Avoid fingerprinting...
+// Avoid fingerprinting
lockPref("dom.webaudio.enabled", false);
// Pref : When geolocation is enabled, don't log geolocation requests to the console
@@ -2408,7 +2410,7 @@ lockPref("browser.search.geoSpecificDefaults.url", "");
// Pref : Don't use Mozilla-provided location-specific search engines
lockPref("browser.search.geoSpecificDefaults", false);
-// Pref : Don't trim HTTP off of URLs in the address bar.
+// Pref : Don't trim HTTP from URLs in the address bar.
// https://bugzilla.mozilla.org/show_bug.cgi?id=665580
lockPref("browser.urlbar.trimURLs", false);
@@ -2435,7 +2437,7 @@ lockPref("security.fileuri.strict_origin_policy", true);
lockPref("gfx.font_rendering.opentype_svg.enabled", false);
// Pref : Enable only whitelisted URL protocol handlers
-// Disabling nonessential protocols breaks all interaction with custom protocols such
+// Disabling non-essential protocols breaks all interaction with custom protocols such
// as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/...
// clients when clicking on links with these protocols
lockPref("network.protocol-handler.warn-external-default",true);
@@ -2461,7 +2463,7 @@ lockPref("network.protocol-handler.expose.chrome",true);
lockPref("network.protocol-handler.expose.blob",true);
lockPref("network.protocol-handler.expose.data",true);
-// Pref : Ensure you have a security delay when installing add-ons (milliseconds)
+// Pref : Ensure there is a security delay when installing add-ons (milliseconds)
// http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox
// http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/
lockPref("security.dialog_enable_delay", 700);
@@ -2470,7 +2472,7 @@ lockPref("security.dialog_enable_delay", 700);
// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
lockPref("extensions.getAddons.cache.enabled", false);
-// Pref : Opt-out of themes (Persona) updates
+// Pref : Opt-out of theme (Persona) updates
// https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287
lockPref("lightweightThemes.update.enabled", false);
lockPref("lightweightThemes.persisted.headerURL", false);
@@ -2483,7 +2485,7 @@ lockPref("plugin.state.flash", 0);
// Pref : Disable sending Flash Player crash reports
lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
-// Pref : When Flash crash reports are enabled, don't send the visited URL in the crash report
+// Pref : When Flash Player crash reports are enabled, don't send the visited URL in the crash report
lockPref("dom.ipc.plugins.reportCrashURL", false);
// Pref : Disable Shumway (Mozilla Flash renderer)
@@ -2493,13 +2495,13 @@ lockPref("shumway.disabled", true);
// Pref : Disable Gnome Shell Integration NPAPI plugin
lockPref("plugin.state.libgnome-shell-browser-plugin", 0);
-// Pref : Enable plugins click-to-play
+// Pref : Enable click-to-play plugin
// https://wiki.mozilla.org/Firefox/Click_To_Play
// https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/
lockPref("plugins.click_to_play", true);
lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0);
-// Pref : Updates addons automatically
+// Pref : Update addons automatically
// https://blog.mozilla.org/addons/how-to-turn-off-add-on-updates/
lockPref("extensions.update.enabled", false);
@@ -2539,7 +2541,7 @@ lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801
lockPref("app.shield.optoutstudies.enabled", false);
-// Pref : Disable new tab tile ads & preload & Activity Stream
+// Pref : Disable new tab tile ads, preload, and Activity Stream
// http://www.thewindowsclub.com/disable-remove-ad-tiles-from-firefox
// http://forums.mozillazine.org/viewtopic.php?p=13876331#p13876331
// https://wiki.mozilla.org/Firefox/Activity_Stream
@@ -2562,7 +2564,7 @@ lockPref("browser.newtab.preload", false);
lockPref("browser.urlbar.suggest.searches", false);
lockPref("browser.urlbar.userMadeSearchSuggestionsChoice", true);
-// Pref : Never check updates for search engines
+// Pref : Never check for updates to search engines
// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking
lockPref("browser.search.update", false);
@@ -2597,19 +2599,19 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// - Disabled - Section OFF -----------------------------------------------------------------
// Pref : Don't remember browsing history
-// MIGRATED : To defaulting section, this settings does not need to be enforced
+// MIGRATED to defaulting section, this setting does not need to be enforced
//lockPref("places.history.enabled", false);
// Pref : Clear all history on shutdown
-// MIGRATED : To defaulting section, this settings does not need to be enforced
-// This setting can be enforced here
+// MIGRATED to defaulting section, this setting does not need to be enforced
+// This setting may be enforced here if preferred
//lockPref("privacy.sanitize.sanitizeOnShutdown", true);
// Pref : 2804: reset default history items to clear with Ctrl-Shift-Del (to match above)
// This dialog can also be accessed from the menu History>Clear Recent History
// Firefox remembers your last choices. This will reset them when you start Firefox.
// [NOTE] Regardless of what you set privacy.cpd.downloads to, as soon as the dialog
-// for "Clear Recent History" is opened, it is synced to the same as 'history'
+// for "Clear Recent History" is opened, it is synced with 'privacy.cpd.history'
//defaultPref("privacy.cpd.siteSettings", false); // Site Preferences
//defaultPref("privacy.cpd.downloads", true); // not used, see note above
//defaultPref("privacy.cpd.cache", true);
@@ -2619,10 +2621,10 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
//defaultPref("privacy.cpd.offlineApps", true); // Offline Website Data
//defaultPref("privacy.cpd.passwords", false); // this is not listed
//defaultPref("privacy.cpd.sessions", true); // Active Logins
-// Not needed // remplaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
+// Not needed // replaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
// Also default value are already good
-// Pref : 2803: set what history items to clear on shutdown
+// Pref : 2803: set which history items are to be cleared on shutdown
// [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes>Settings
// [NOTE] If 'history' is true, downloads will also be cleared regardless of the value
// but if 'history' is false, downloads can still be cleared independently
@@ -2637,13 +2639,13 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
//defaultPref("privacy.clearOnShutdown.offlineApps", true); // Offline Website Data
//defaultPref("privacy.clearOnShutdown.sessions", true); // Active Logins
// Make panel locked (bug)
-// remplaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
+// replaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true);
// Pref : 0801: disable location bar using search - PRIVACY
-// don't leak typos to a search engine, give an error message instead
+// don't leak typos to a search engine; give an error message instead
//lockPref("keyword.enabled", false);
// Beak search from url bar
-// After other settings this does not send data to search....
+// After other settings, this does not send any data to search.
// Pref : Disable Firefox Account
//lockPref("identity.fxaccounts.enabled", false); //Deprecated Active
@@ -2659,7 +2661,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// [1] https://developer.mozilla.org/docs/Web/API/Notifications_API
//lockPref("dom.webnotifications.enabled", false); // (FF22+)
//lockPref("dom.webnotifications.serviceworker.enabled", false); // (FF44+)
-// After tuning this is no loger a privacy issue but a feature
+// After tuning, this is no longer a privacy issue but a feature
// Pref : History sessionhistory
//lockPref("browser.sessionhistory.max_total_viewers", 0);
@@ -2674,14 +2676,14 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// It does not affect "Recently Closed Windows" or any history.
//lockPref("browser.sessionstore.max_tabs_undo", 0);
//lockPref("browser.sessionstore.max_windows_undo", 0);
-// Not really a privacy issue, it's usefull to have this feature
+// Not really a privacy issue, but it's useful to have this feature
-// Pref : Disable URL bar autocomplete and history/bookmarks suggestions dropdown
+// Pref : Disable URL bar autocomplete and history/bookmark suggestion dropdown
//lockPref("browser.urlbar.autocomplete.enabled", false);
//lockPref("browser.urlbar.suggest.history", false);
//lockPref("browser.urlbar.suggest.bookmark", false);
//lockPref("browser.urlbar.suggest.openpage", false);
-// This does not cause privacy/leaking issue
+// This does not cause privacy/leaking issues
// Pref : 2605: block web content in file processes (FF55+)
// [SETUP-WEB] You may want to disable this for corporate or developer environments
@@ -2691,7 +2693,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// DOWNLOADS
// Pref : 2650: discourage downloading to desktop (0=desktop 1=downloads 2=last used)
-// [SETTING] To set your default "downloads": General>Downloads>Save files to
+// [SETTING] To set your default "downloads", set General>Downloads>Save files to
//lockPref("browser.download.folderList", 2);
// Pref : 2651: enforce user interaction for security by always asking the user where to download
// [SETTING] General>Downloads>Always ask you where to save files
@@ -2705,9 +2707,9 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// Not an issue
// OCSP (Online Certificate Status Protocol)
-// OCSP Leaks the visited sited exactly same issue as safebrowsing.
-// Stapling have the site itsefl proof that his certificate is good
-// through the CA so apparently nothing is leaked in this case.
+// OCSP leaks the visited sites. Exactly same issue as with safebrowsing.
+// Stapling forces the site to prove that its certificate is good
+// through the CA, so apparently nothing is leaked in this case.
// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
// Pref : 1211: control when to use OCSP fetching (to confirm current validity of certificates)
// 0=disabled, 1=enabled (default), 2=enabled for EV certificates only
@@ -2716,10 +2718,11 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// [NOTE] This pref only controls OCSP fetching and does not affect OCSP stapling
// [1] https://en.wikipedia.org/wiki/Ocsp
//lockPref("security.OCSP.enabled", 1);
+
// Pref : 1212: set OCSP fetch failures (non-stapled, see 1211) to hard-fail [SETUP-WEB]
-// When a CA cannot be reached to validate a cert, Firefox just continues the connection (=soft-fail)
-// Setting this pref to true tells Firefox to instead terminate the connection (=hard-fail)
-// It is pointless to soft-fail when an OCSP fetch fails: you cannot confirm a cert is still valid (it
+// When a CA cannot be reached to validate a cert, Firefox just continues with the connection (=soft-fail)
+// Setting this pref to true tells Firefox to terminate the connection instead (=hard-fail)
+// It is pointless to soft-fail when an OCSP fetch fails: you cannot confirm that the cert is still valid (it
// could have been revoked) and/or you could be under attack (e.g. malicious blocking of OCSP servers)
// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
// [2] https://www.imperialviolet.org/2014/04/19/revchecking.html
@@ -2727,19 +2730,19 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// Pref : 1022: disable resuming session from crash [SETUP-CHROME]
//lockPref("browser.sessionstore.resume_from_crash", false);
-// Not really a privacy issue, it's usefull to have this feature
+// Not really a privacy issue, but it's useful to have this feature
// Pref : 0103: set HOME+NEWWINDOW page
// about:home=Activity Stream (default, see 0105), custom URL, about:blank
// [SETTING] Home>New Windows and Tabs>Homepage and new windows
//lockPref("browser.startup.homepage", "about:blank");
-// Let the user have the choice, could be easily changed
+// Let the user have the choice, and easily change it
// Pref : 2740: disable service workers cache and cache storage
// [1] https://w3c.github.io/ServiceWorker/#privacy
//lockPref("dom.caches.enabled", false);
-// Not really a privacy issue, it's usefull to have this feature
-// Other settings solve privacy issue related to this
+// Not really a privacy issue, but it's useful to have this feature
+// Other settings solve privacy issues related to this
// Pref : First-party isolation
// https://bugzilla.mozilla.org/show_bug.cgi?id=1299996
@@ -2747,7 +2750,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// https://wiki.mozilla.org/Security/FirstPartyIsolation
// First-party isolation breaks Microsoft Teams
// First-party isolation causes HTTP basic auth to ask for credentials for every new tab (see #425)
-// Solved with extension
+// Solved by extension
// Pref : 4001: enable First Party Isolation (FF51+)
// [SETUP-WEB] May break cross-domain logins and site functionality until perfected
// [1] https://bugzilla.mozilla.org/1260931
@@ -2779,18 +2782,18 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// [NOTE] Not recommended due to performance issues
// lockPref("browser.cache.memory.enable", false);
// lockPref("browser.cache.memory.capacity", 0); // (hidden pref)
-// This is going too far... disabled for performance
-// Firefox should be run in a container... sandbox or...
+// This is overkill. Disabled for performance.
+// Firefox should be run in a container: sandbox or otherwise
-// Pref : Newtabpage
+// Pref : New tab page
//lockPref("browser.newtabpage.enabled", false);
-// New page site shortcuts does not spy after tunning can be enabled
+// New page site shortcuts does not spy after tunning. May be enabled if preferred.
// Pref : Disable in-content SVG rendering (Firefox >= 53) (disabled)
// Disabling SVG support breaks many UI elements on many sites
// https://bugzilla.mozilla.org/show_bug.cgi?id=1216893
//lockPref("svg.disabled", true);
-// Solved with extension
+// Solved by extension
// Pref : Disable Caching of SSL Pages
// CIS Version 1.2.0 October 21st, 2011 2.5.8
@@ -2801,7 +2804,7 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// default is "change click dblclick mouseup pointerup notificationclick reset submit touchend"
// [1] http://kb.mozillazine.org/Dom.popup_allowed_events
//lockPref("dom.popup_allowed_events", "click dblclick");
-// This does not cause privacy/leaking issue
+// This does not cause privacy/leaking issues
// Also already set in "dom.popup_maximum"
// Pref : 2031 : disable audio auto-play in non-active tabs (FF51+)
@@ -2817,12 +2820,12 @@ lockPref("browser.pagethumbnails.capturing_disabled", true);
// Pref : 1405 : disable WOFF2 (Web Open Font Format) (FF35+)
//lockPref("gfx.downloadable_fonts.woff2.enabled", false);
-// Solved with extension
+// Solved by extension
// Pref : 1406 : disable CSS Font Loading API
// Disabling fonts can uglify the web a fair bit.
//lockPref("layout.css.font-loading-api.enabled", false);
-// Solved with extension
+// Solved by extension
// - Disabled - Dumped Disabled From (gHacks, Check user.js for description) ----------------
@@ -2888,7 +2891,7 @@ lockPref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.
// Pref : 0516 : disable Onboarding (FF55+)
// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time
-// about:home or about:newtab is opened, the onboarding overlay is injected into that page
+// about:home or about:newtab is opened, the onboarding overlay is injected into it
// [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3]
// [1] https://wiki.mozilla.org/Firefox/Onboarding
// [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf
@@ -2899,7 +2902,7 @@ lockPref("browser.onboarding.enabled", false); // Removed in v64 //Deprecated Ac
// https://trac.torproject.org/projects/tor/ticket/16222
// https://developer.mozilla.org/docs/Tools/WebIDE
lockPref("devtools.webide.autoinstallADBHelper", false);
-// Remplaced by "devtools.webide.autoinstallADBExtension" in 64
+// Replaced by "devtools.webide.autoinstallADBExtension" in 64
// Pref : Disable raw TCP socket support (mozTCPSocket)
// https://trac.torproject.org/projects/tor/ticket/18863
@@ -2912,7 +2915,7 @@ lockPref("dom.mozTCPSocket.enabled", false);
// Pref : Enforce checking for Firefox updates
lockPref("app.update.enabled", false);
-// Pref : Disable bookmarks backups (default: 15)
+// Pref : Disable bookmark backups (default: 15)
// http://kb.mozillazine.org/Browser.bookmarks.max_backups
lockPref("browser.bookmarks.max_backups", 2);
@@ -3007,7 +3010,7 @@ lockPref("media.video_stats.enabled", false);
lockPref("network.websocket.enabled", false);
// Pref : Disable Reader
-// Not deprecated but usefull to be located here
+// Not deprecated but useful to be located here
lockPref("reader.parse-on-load.enabled", false);
// CIS 2.7.4 Disable Scripting of Plugins by JavaScript
@@ -3056,7 +3059,7 @@ lockPref("security.tls.unrestricted_rc4_fallback", false);
//lockPref("browser.safebrowsing.reportURL", "");
//lockPref("browser.safebrowsing.updateURL", "");
-// Pref : 1031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons
+// Pref : 1031: disable favicons in tabs and new bookmarks - merged with browser.chrome.site_icons
// [-] https://bugzilla.mozilla.org/1453751
// lockPref("browser.chrome.favicons", false);
@@ -3065,7 +3068,7 @@ lockPref("security.tls.unrestricted_rc4_fallback", false);
// Disabled to make resistFingerprinting efficient
//lockPref("intl.locale.matchOS", false);
-// Pref : 1601: disable referer from an SSL Website
+// Pref : 1601: disable referer from SSL Websites
// [-] https://bugzilla.mozilla.org/1308725
//lockPref("network.http.sendSecureXSiteReferrer", false);
@@ -3094,7 +3097,7 @@ lockPref("security.tls.unrestricted_rc4_fallback", false);
// - Disabled - Default is same -------------------------------------------------------------------
// This is generally a bad idea: if FF disables something due to a security concern, the
-// end user who doesn't keep up to date with changes (IF you do them) is now fucked over
+// end user who doesn't keep up to date with changes (IF they do update) would be screwed over
// Thanks to @Thorin-Oakenpants
// Pref : Display a notification bar when websites offer data for offline use
bgstack15