diff options
76 files changed, 7782 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f833e91 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +work_dir/ diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..93d55f8 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,17 @@ +image: ubuntu:18.04 + +before_script: + - apt update + - apt install python python3 wget -y + +stages: + - Build + +Build LibreWolf: + stage: Build + script: + - cd librewolf_browser + - ./build.sh + artifacts: + paths: + - "librewolf_browser/librewolf*.tar.bz2" @@ -0,0 +1,373 @@ +Mozilla Public License Version 2.0 +================================== + +1. Definitions +-------------- + +1.1. "Contributor" + means each individual or legal entity that creates, contributes to + the creation of, or owns Covered Software. + +1.2. "Contributor Version" + means the combination of the Contributions of others (if any) used + by a Contributor and that particular Contributor's Contribution. + +1.3. "Contribution" + means Covered Software of a particular Contributor. + +1.4. "Covered Software" + means Source Code Form to which the initial Contributor has attached + the notice in Exhibit A, the Executable Form of such Source Code + Form, and Modifications of such Source Code Form, in each case + including portions thereof. + +1.5. "Incompatible With Secondary Licenses" + means + + (a) that the initial Contributor has attached the notice described + in Exhibit B to the Covered Software; or + + (b) that the Covered Software was made available under the terms of + version 1.1 or earlier of the License, but not also under the + terms of a Secondary License. + +1.6. "Executable Form" + means any form of the work other than Source Code Form. + +1.7. "Larger Work" + means a work that combines Covered Software with other material, in + a separate file or files, that is not Covered Software. + +1.8. "License" + means this document. + +1.9. "Licensable" + means having the right to grant, to the maximum extent possible, + whether at the time of the initial grant or subsequently, any and + all of the rights conveyed by this License. + +1.10. "Modifications" + means any of the following: + + (a) any file in Source Code Form that results from an addition to, + deletion from, or modification of the contents of Covered + Software; or + + (b) any new file in Source Code Form that contains any Covered + Software. + +1.11. "Patent Claims" of a Contributor + means any patent claim(s), including without limitation, method, + process, and apparatus claims, in any patent Licensable by such + Contributor that would be infringed, but for the grant of the + License, by the making, using, selling, offering for sale, having + made, import, or transfer of either its Contributions or its + Contributor Version. + +1.12. "Secondary License" + means either the GNU General Public License, Version 2.0, the GNU + Lesser General Public License, Version 2.1, the GNU Affero General + Public License, Version 3.0, or any later versions of those + licenses. + +1.13. "Source Code Form" + means the form of the work preferred for making modifications. + +1.14. "You" (or "Your") + means an individual or a legal entity exercising rights under this + License. For legal entities, "You" includes any entity that + controls, is controlled by, or is under common control with You. For + purposes of this definition, "control" means (a) the power, direct + or indirect, to cause the direction or management of such entity, + whether by contract or otherwise, or (b) ownership of more than + fifty percent (50%) of the outstanding shares or beneficial + ownership of such entity. + +2. License Grants and Conditions +-------------------------------- + +2.1. Grants + +Each Contributor hereby grants You a world-wide, royalty-free, +non-exclusive license: + +(a) under intellectual property rights (other than patent or trademark) + Licensable by such Contributor to use, reproduce, make available, + modify, display, perform, distribute, and otherwise exploit its + Contributions, either on an unmodified basis, with Modifications, or + as part of a Larger Work; and + +(b) under Patent Claims of such Contributor to make, use, sell, offer + for sale, have made, import, and otherwise transfer either its + Contributions or its Contributor Version. + +2.2. Effective Date + +The licenses granted in Section 2.1 with respect to any Contribution +become effective for each Contribution on the date the Contributor first +distributes such Contribution. + +2.3. Limitations on Grant Scope + +The licenses granted in this Section 2 are the only rights granted under +this License. No additional rights or licenses will be implied from the +distribution or licensing of Covered Software under this License. +Notwithstanding Section 2.1(b) above, no patent license is granted by a +Contributor: + +(a) for any code that a Contributor has removed from Covered Software; + or + +(b) for infringements caused by: (i) Your and any other third party's + modifications of Covered Software, or (ii) the combination of its + Contributions with other software (except as part of its Contributor + Version); or + +(c) under Patent Claims infringed by Covered Software in the absence of + its Contributions. + +This License does not grant any rights in the trademarks, service marks, +or logos of any Contributor (except as may be necessary to comply with +the notice requirements in Section 3.4). + +2.4. Subsequent Licenses + +No Contributor makes additional grants as a result of Your choice to +distribute the Covered Software under a subsequent version of this +License (see Section 10.2) or under the terms of a Secondary License (if +permitted under the terms of Section 3.3). + +2.5. Representation + +Each Contributor represents that the Contributor believes its +Contributions are its original creation(s) or it has sufficient rights +to grant the rights to its Contributions conveyed by this License. + +2.6. Fair Use + +This License is not intended to limit any rights You have under +applicable copyright doctrines of fair use, fair dealing, or other +equivalents. + +2.7. Conditions + +Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted +in Section 2.1. + +3. Responsibilities +------------------- + +3.1. Distribution of Source Form + +All distribution of Covered Software in Source Code Form, including any +Modifications that You create or to which You contribute, must be under +the terms of this License. You must inform recipients that the Source +Code Form of the Covered Software is governed by the terms of this +License, and how they can obtain a copy of this License. You may not +attempt to alter or restrict the recipients' rights in the Source Code +Form. + +3.2. Distribution of Executable Form + +If You distribute Covered Software in Executable Form then: + +(a) such Covered Software must also be made available in Source Code + Form, as described in Section 3.1, and You must inform recipients of + the Executable Form how they can obtain a copy of such Source Code + Form by reasonable means in a timely manner, at a charge no more + than the cost of distribution to the recipient; and + +(b) You may distribute such Executable Form under the terms of this + License, or sublicense it under different terms, provided that the + license for the Executable Form does not attempt to limit or alter + the recipients' rights in the Source Code Form under this License. + +3.3. Distribution of a Larger Work + +You may create and distribute a Larger Work under terms of Your choice, +provided that You also comply with the requirements of this License for +the Covered Software. If the Larger Work is a combination of Covered +Software with a work governed by one or more Secondary Licenses, and the +Covered Software is not Incompatible With Secondary Licenses, this +License permits You to additionally distribute such Covered Software +under the terms of such Secondary License(s), so that the recipient of +the Larger Work may, at their option, further distribute the Covered +Software under the terms of either this License or such Secondary +License(s). + +3.4. Notices + +You may not remove or alter the substance of any license notices +(including copyright notices, patent notices, disclaimers of warranty, +or limitations of liability) contained within the Source Code Form of +the Covered Software, except that You may alter any license notices to +the extent required to remedy known factual inaccuracies. + +3.5. Application of Additional Terms + +You may choose to offer, and to charge a fee for, warranty, support, +indemnity or liability obligations to one or more recipients of Covered +Software. However, You may do so only on Your own behalf, and not on +behalf of any Contributor. You must make it absolutely clear that any +such warranty, support, indemnity, or liability obligation is offered by +You alone, and You hereby agree to indemnify every Contributor for any +liability incurred by such Contributor as a result of warranty, support, +indemnity or liability terms You offer. You may include additional +disclaimers of warranty and limitations of liability specific to any +jurisdiction. + +4. Inability to Comply Due to Statute or Regulation +--------------------------------------------------- + +If it is impossible for You to comply with any of the terms of this +License with respect to some or all of the Covered Software due to +statute, judicial order, or regulation then You must: (a) comply with +the terms of this License to the maximum extent possible; and (b) +describe the limitations and the code they affect. Such description must +be placed in a text file included with all distributions of the Covered +Software under this License. Except to the extent prohibited by statute +or regulation, such description must be sufficiently detailed for a +recipient of ordinary skill to be able to understand it. + +5. Termination +-------------- + +5.1. The rights granted under this License will terminate automatically +if You fail to comply with any of its terms. However, if You become +compliant, then the rights granted under this License from a particular +Contributor are reinstated (a) provisionally, unless and until such +Contributor explicitly and finally terminates Your grants, and (b) on an +ongoing basis, if such Contributor fails to notify You of the +non-compliance by some reasonable means prior to 60 days after You have +come back into compliance. Moreover, Your grants from a particular +Contributor are reinstated on an ongoing basis if such Contributor +notifies You of the non-compliance by some reasonable means, this is the +first time You have received notice of non-compliance with this License +from such Contributor, and You become compliant prior to 30 days after +Your receipt of the notice. + +5.2. If You initiate litigation against any entity by asserting a patent +infringement claim (excluding declaratory judgment actions, +counter-claims, and cross-claims) alleging that a Contributor Version +directly or indirectly infringes any patent, then the rights granted to +You by any and all Contributors for the Covered Software under Section +2.1 of this License shall terminate. + +5.3. In the event of termination under Sections 5.1 or 5.2 above, all +end user license agreements (excluding distributors and resellers) which +have been validly granted by You or Your distributors under this License +prior to termination shall survive termination. + +************************************************************************ +* * +* 6. Disclaimer of Warranty * +* ------------------------- * +* * +* Covered Software is provided under this License on an "as is" * +* basis, without warranty of any kind, either expressed, implied, or * +* statutory, including, without limitation, warranties that the * +* Covered Software is free of defects, merchantable, fit for a * +* particular purpose or non-infringing. The entire risk as to the * +* quality and performance of the Covered Software is with You. * +* Should any Covered Software prove defective in any respect, You * +* (not any Contributor) assume the cost of any necessary servicing, * +* repair, or correction. This disclaimer of warranty constitutes an * +* essential part of this License. No use of any Covered Software is * +* authorized under this License except under this disclaimer. * +* * +************************************************************************ + +************************************************************************ +* * +* 7. Limitation of Liability * +* -------------------------- * +* * +* Under no circumstances and under no legal theory, whether tort * +* (including negligence), contract, or otherwise, shall any * +* Contributor, or anyone who distributes Covered Software as * +* permitted above, be liable to You for any direct, indirect, * +* special, incidental, or consequential damages of any character * +* including, without limitation, damages for lost profits, loss of * +* goodwill, work stoppage, computer failure or malfunction, or any * +* and all other commercial damages or losses, even if such party * +* shall have been informed of the possibility of such damages. This * +* limitation of liability shall not apply to liability for death or * +* personal injury resulting from such party's negligence to the * +* extent applicable law prohibits such limitation. Some * +* jurisdictions do not allow the exclusion or limitation of * +* incidental or consequential damages, so this exclusion and * +* limitation may not apply to You. * +* * +************************************************************************ + +8. Litigation +------------- + +Any litigation relating to this License may be brought only in the +courts of a jurisdiction where the defendant maintains its principal +place of business and such litigation shall be governed by laws of that +jurisdiction, without reference to its conflict-of-law provisions. +Nothing in this Section shall prevent a party's ability to bring +cross-claims or counter-claims. + +9. Miscellaneous +---------------- + +This License represents the complete agreement concerning the subject +matter hereof. If any provision of this License is held to be +unenforceable, such provision shall be reformed only to the extent +necessary to make it enforceable. Any law or regulation which provides +that the language of a contract shall be construed against the drafter +shall not be used to construe this License against a Contributor. + +10. Versions of the License +--------------------------- + +10.1. New Versions + +Mozilla Foundation is the license steward. Except as provided in Section +10.3, no one other than the license steward has the right to modify or +publish new versions of this License. Each version will be given a +distinguishing version number. + +10.2. Effect of New Versions + +You may distribute the Covered Software under the terms of the version +of the License under which You originally received the Covered Software, +or under the terms of any subsequent version published by the license +steward. + +10.3. Modified Versions + +If you create software not governed by this License, and you want to +create a new license for such software, you may create and use a +modified version of this License if you rename the license and remove +any references to the name of the license steward (except to note that +such modified license differs from this License). + +10.4. Distributing Source Code Form that is Incompatible With Secondary +Licenses + +If You choose to distribute Source Code Form that is Incompatible With +Secondary Licenses under the terms of this version of the License, the +notice described in Exhibit B of this License must be attached. + +Exhibit A - Source Code Form License Notice +------------------------------------------- + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, You can obtain one at http://mozilla.org/MPL/2.0/. + +If it is not possible or desirable to put the notice in a particular +file, then You may include the notice in a location (such as a LICENSE +file in a relevant directory) where a recipient would be likely to look +for such a notice. + +You may add additional accurate notices of copyright ownership. + +Exhibit B - "Incompatible With Secondary Licenses" Notice +--------------------------------------------------------- + + This Source Code Form is "Incompatible With Secondary Licenses", as + defined by the Mozilla Public License, v. 2.0. diff --git a/README.md b/README.md new file mode 100644 index 0000000..babff7f --- /dev/null +++ b/README.md @@ -0,0 +1,431 @@ +<p align="center"> + <a href="https://github.com/LibreWolf-Browser/LibreWolf/"><img width="727" src="./branding/logo_2/Logo.svg.png"></a> +</p> +<p align="center"> +<a href="https://github.com/LibreWolf-Browser/LibreWolf/releases" target="_blank"><img src="https://img.shields.io/badge/Download-%20LibreWolf-green.svg"> </a> +<a href="https://github.com/LibreWolf-Browser/LibreWolf/releases"><img src="https://img.shields.io/badge/Version-0.0.1-green.svg"></a> +<a href="https://github.com/LibreWolf-Browser/LibreWolf/commits/master"><img src="https://img.shields.io/badge/Maintained-Yes-green.svg"></a> +<a href="https://github.com/LibreWolf-Browser/LibreWolf/pulls"><img src="https://img.shields.io/badge/PR-0-green.svg"></a> +<a href="https://github.com/LibreWolf-Browser/LibreWolf/issues?q=is%3Aissue+is%3Aclosed"><img src="https://img.shields.io/badge/Solved%20Issues-3-green.svg"></a> +<a href="https://www.mozilla.org/en-US/MPL/2.0/" target="_blank"><img src="https://img.shields.io/badge/License-Mozilla--MLP2-blue.svg"></a> +<a href="https://www.mozilla.org/en-US/MPL/" target="_blank"><img src="https://badges.frapsoft.com/os/v2/open-source.png?v=103"></a> +</p> + +--- + +LibreWolf: Browse With Freedom +------------------------------ + +This project is an independent fork of Firefox, with the primary goals of privacy security and user freedom. It is the community run successor to [LibreFox](https://github.com/intika/Librefox) + +LibreWolf uses more than 500 privacy/security/performance settings, patches, LibreWolf-Addons (optional) and is designed to minimize data collection and telemetry as much as possible (updater, crashreporter and Firefox's integrated addons that don't respect privacy are removed). + +**LibreWolf is NOT associated with Mozilla or its products.** + +Features +-------- +- Latest Version of Firefox: LibreWolf is compiled directly from the latest build of Firefox Nightly. As a result, you will have the most bleeding edge of features, technologies and security updates. Stable builds are also planned in the future. +- Completely Independent Build: LibreWolf uses a completely independent build from Firefox and has its own settings, profile folder and installation path. As a result, it can be installed alongside Firefox or any other browser. +- Extensions firewall: limit internet access for extensions ([firewall-test-feature](#extensions-firewall-)) +- IJWY (I Just Want You To Shut Up): embedded server links and other calling home functions are removed ([zero unauthorized connection](#ijwy-i-just-want-you-to-shut-up) by default). +- User settings updates: gHacks/pyllyukko base is kept up to date. +- Settings protection: important settings are enforced/locked within `mozilla.cfg` and `policies.json`, those settings cannot be changed by addons/updates/LibreWolf itself or unwanted/accidental manipulation; To change those settings you can easily do it by editing `mozilla.cfg` and `policies.json`. +- LibreWolf-addons: set of optional LibreWolf extensions +- Statistics disabled: telemetry and similar functions are disabled +- Tested settings: settings are performance aware +- ESR and Tor version (LibreWolf TBB Beta) +- Tor LibreWolf-addons: adapted LibreWolf extensions for TBB +- Multi-platform (Windows/Linux/Mac/and soon Android) +- Dark theme (classic and advanced) +- Recommended and *code reviewed* addons list +- Community-Driven +- And much more... +--- + +Index +----- +<pre> +<a href="#features" +>> LibreWolf: Features ............................................................... </a> +<a href="#download" +>> LibreWolf: Download ............................................................... </a> +<a href="#capture" +>> LibreWolf: Capture ................................................................ </a> +<a href="#LibreWolf-addons" +>> Addons: LibreWolf Addons .......................................................... </a> +<a href="#recommended-addons" +>> Addons: Recommended Addons ....................................................... </a> +<a href="#recommended-addons-settings" +>> Addons: Recommended Addons Settings .............................................. </a> +<a href="#reviewing-extensions-code" +>> Addons: Reviewing Addons Source Code ............................................. </a> +<a href="#other-addons" +>> Addons: Other Useful Addons Listing .............................................. </a> +<a href="#installation-instructions" +>> Wiki: Installation Instructions .................................................. </a> +<a href="#extensions-firewall" +>> Wiki: Extensions Network Firewall ................................................ </a> +<a href="#ijwy-i-just-want-you-to-shut-up" +>> Wiki: IJWY (I Just Want You To Shut Up) .......................................... </a> +<a href="#edit-locked-settings" +>> Wiki: Edit Locked Settings ....................................................... </a> +<a href="#settings-index" +>> Wiki: Settings Index ............................................................. </a> +<a href="#cookies-settings" +>> Wiki: Cookies Settings ........................................................... </a> +<a href="#tracking-protection" +>> Wiki: Tracking Protection ........................................................ </a> +<a href="#comparing-changes-and-updates" +>> Wiki: Comparing Changes And Updates .............................................. </a> +<a href="#documentation" +>> Wiki: Documentation .............................................................. </a> +<a href="#LibreWolf-dark-theme" +>> Wiki: LibreWolf Dark Theme ........................................................ </a> +<a href="#tuning-LibreWolf" +>> Wiki: Tuning LibreWolf ............................................................ </a> +<a href="#LibreWolf-esr" +>> Wiki: LibreWolf ESR ............................................................... </a> +<a href="#tor-compatibility" +>> Wiki: Tor Compatibility .......................................................... </a> +<a href="#drm-compatibility" +>> Wiki: DRM Compatibility .......................................................... </a> +<a href="#building-and-packaging" +>> Wiki: Building And Packaging ..................................................... </a> +<a href="#browser-tests---securityfingerprint" +>> Browser Tests: Security/Fingerprint .............................................. </a> +<a href="#browser-tests---performances" +>> Browser Tests: Performance ....................................................... </a> +<a href="#browser-tests---dnsvpnproxy-leak" +>> Browser Tests: DNS/VPN/Proxy Leak ................................................ </a> +<a href="#LibreWolf-roadmap" +>> Infos: LibreWolf Roadmap .......................................................... </a> +<a href="#changelog" +>> Infos: Changelog ................................................................. </a> +<a href="#about" +>> Infos: About ..................................................................... </a> +</pre> + +Recommended Addons +------------------ +Recommended addons are not bundled and need to be installed manually + +- [Cookie Master](https://addons.mozilla.org/en-US/firefox/addon/cookiemaster/): Block all cookies and only allow authorized sites +- [First Party Isolation](https://addons.mozilla.org/en-US/firefox/addon/first-party-isolation/): Enable/Disable FPI with the click of a button +- [User Agent Platform Spoofer](https://addons.mozilla.org/en-US/firefox/addon/user-agent-platform-spoofer/): Spoof a different UserAgent OS Linux/Windows/Mac +- [Browser Plugs Privacy Firewall](https://addons.mozilla.org/en-US/firefox/addon/browser-plugs-privacy-firewall/): Sets of settings to prevent fingerprinting and security issues +- [uBlock Origin](https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/) [+ IDCAC List](https://www.i-dont-care-about-cookies.eu/) [+ Nano-Defender List](https://jspenguin2017.github.io/uBlockProtector/#extra-installation-steps-for-ublock-origin): Block web advertisement and tracking + +Recommended Addons Settings +--------------------------- +`uBlock Origin`: Additional filters are availables here: https://filterlists.com/ (don't surcharge it to avoid performance loss) + +`Browser Plugs Privacy Firewall`: Keep settings light to make `privacy.resistFingerprinting` efficient because too much customization will lead to uniqueness and therefore easy fingerprinting. +``` + - Privacy / Fingerprint / Fake values for getClientRects + - Privacy / Fingerprint / Randomize Canvas Fingerprint + - Privacy / Fingerprint / 100% Randomize ALL Fingerprint Hash + - Firewall / Experimental / Block SVG getBBox and getComputedTextLength + - Privacy / Font / Randomize + - Privacy / Font / Enable protection for font and glyph fingerprinting +``` +Reviewing Extensions Code +------------------------- +Recommended extensions code have been reviewed for potential unwanted behaviour... reviewed version are available under [extensions](https://github.com/LibreWolf-Browser/LibreWolf/tree/master/extensions) directory. + +Extensions Firewall +------------------- +**Extensions Firewall - Description** + +*This is a test experiment feature and it is disabled by default !!!* A new section `Extensions Manager` is added to manage addons globally (and addons networking in the subsection `Extensions Firewalling`). Firewalling the network for addons is doable, but it requires a considerable amount of additional work in LibreWolf to make it usable through a button or in a per addon basis (this may or may not be added in a future version, it also could be abandoned as it is a test feature). Currently you can block a list of domains or block the whole network for all the extensions. + +**Extensions Firewall - The Settings** + +Available native network restriction settings for addons: + +- Restricted domains list: `extensions.webextensions.restrictedDomains` this is a list of restricted domains that will be used to block some hosts for all the extensions, Firefox uses this setting to block extensions from accessing mozilla's domains/sites, by default in LibreWolf this setting is set to allow extensions to access all the web (You can edit that list to match your needs or to block a specific domain, note that the domain name has to be 'exact' (for instance facebook.com will only block facebook.com not mobile.facebook.com) +- Content security policy: `extensions.webextensions.base-content-security-policy` and `extensions.webextensions.default-content-security-policy` the later settings can be redefined/changed within an extension so it's not efficient for a firewall purpose. CSP settings are used in Firefox as an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware; In short: CSP settings block and allow certain domains under certain circumstances and thus could be used to firewall the extensions ([CSP Documentations](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP), its [sources code](https://code.compassfoundation.io/general/mozilla-central/commit/623a4f866576815dfcbab26323d13b7144806bdf?view=inline&w=1) and [implementation](https://github.com/mozilla/gecko/blob/central/toolkit/components/extensions/ExtensionPolicyService.cpp)) + +**Extensions Firewall - Blocking A Domain** + +Edit the restricted domains setting as follow under the `about:config` page: + +- Restricted Domains Setting: `extensions.webextensions.restrictedDomains` Value: `ExactDomains1,ExactDomains2,ExactDomains3` etc. + +**Extensions Firewall - Blocking The Network** + +To enable the feature and block the network for all the extensions open `mozilla.cfg` search for `Enable-Firewall-Feature-In-The-Next-Line` and remove the `//` in the next line. + +Note that this will block the network access for all the extensions and a lot of extensions needs to be connected in order to work. In the current version of LibreWolf you can block the network for all the extensions or allow it for all of them, a future version may provide additional features like "per addon" setting (By default LibreWolf allows networking for extensions). + +**Extensions Firewall - More Infos** + +Check `debug-notes.log` for additional info about future version and researches about the subject. Also check [CSP Documentations](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP), its [sources code](https://code.compassfoundation.io/general/mozilla-central/commit/623a4f866576815dfcbab26323d13b7144806bdf?view=inline&w=1) and [implementation](https://github.com/mozilla/gecko/blob/central/toolkit/components/extensions/ExtensionPolicyService.cpp). + +IJWY (I Just Want You To Shut Up) +--------------------------------- +This is a set of settings that aim to remove all the server links embedded in Firefox and other calling home functions in the purpose of blocking un-needed connections. The objective is zero unauthorized connection (ping/telemetry/Mozilla/Google...). + +Changelog +--------- +Available in the [releases page](https://github.com/LibreWolf-Browser/LibreWolf/releases) + +Installation Instructions +-------------------------- +**Notice:** in the current state of the project LibreWolf is a set of configuration files for Firefox (awaiting a correct build of the project), therefore if you already have a Firefox profile, that profile will be used and temporary files will be removed (cookies and current session), make sure to backup your current Firefox's profile before using LibreWolf. +Using LibreWolf simultaneously with Firefox is possilbe through a different profile you can follow [this wiki](https://www.ghacks.net/2008/05/29/run-multiple-firefox-profiles-simultaneously/) to do so. **[Future](https://github.com/LibreWolf-Browser/LibreWolf/issues/55) LibreWolf version** will be independent from Firefox and therefore will solve this issue. + +**Windows** +- Download and install the last version of Firefox [x32 release](https://download-installer.cdn.mozilla.net/pub/firefox/releases/64.0/win32/en-US/Firefox%20Setup%2064.0.exe) or [x64 release](https://download-installer.cdn.mozilla.net/pub/firefox/releases/64.0/win64/en-US/Firefox%20Setup%2064.0.exe) +- Download [LibreWolf](https://github.com/LibreWolf-Browser/LibreWolf/releases/download/LibreWolf-v2.1-v64.0.0/LibreWolf-2.1-Firefox-Windows-64.0.0.zip) zip file and extract it +- Locate Firefox's installation directory (where the firefox.exe is located) `C:\Program Files\Mozilla Firefox\` or `C:\Program Files (x86)\Mozilla Firefox\` or `Tor-Install-Directory\Browser\` +- Copy the extracted LibreWolf files to the install directory + +**Linux** +- Download and extract the last version of Firefox [x32 release](https://download-installer.cdn.mozilla.net/pub/firefox/releases/64.0/linux-i686/en-US/firefox-64.0.tar.bz2) or [x64 release](https://download-installer.cdn.mozilla.net/pub/firefox/releases/64.0/linux-x86_64/en-US/firefox-64.0.tar.bz2) +- Download [LibreWolf](https://github.com/LibreWolf-Browser/LibreWolf/releases/download/LibreWolf-v2.1-v64.0.0/LibreWolf-2.1-Firefox-Linux-64.0.0.zip) zip file and extract it +- Copy the extracted LibreWolf files to the newly downloaded `firefox` directory +- You can use directly LibreWolf by running 'firefox/firefox' +- You can as well create a shortcut to 'firefox/firefox' to open LibreWolf easily. + +**Mac** +- Download and install the [last version of Firefox](https://download-installer.cdn.mozilla.net/pub/firefox/releases/64.0/mac/en-US/Firefox%2064.0.dmg) +- Download [LibreWolf](https://github.com/LibreWolf-Browser/LibreWolf/releases/download/LibreWolf-v2.1-v64.0.0/LibreWolf-2.1-Firefox-Mac-60.4.0.zip) zip file and extract it +- Locate Firefox's installation directory (`Applications/Firefox.app/Contents/Resources/` or `Applications/Tor Browser.app/Contents/Resources/`) +- Copy the extracted files to the install directory + +**Uninstall** +- To uninstall, just remove the files you added to your Firefox's install directory (to know what are the files to remove just check the downloaded LibreWolf zip file) then restart Firefox. + +Edit Locked Settings +-------------------- +Just edit `mozilla.cfg`, save and restart LibreWolf. + +Browser Tests - Security/Fingerprint +------------------------------------ +Firefox 60 and `privacy.resistFingerprinting` are relatively new, please give it some time to be more widely used and thus less finger-printable; If you are using a different site to analyze your browser make sure to read and understand what the test is about. + +- [SSLLabs](https://www.ssllabs.com/ssltest/viewMyClient.html) +- [AmiUnique](https://amiunique.org/fp) +- [BrowserLeaks](https://browserleaks.com/) +- [BrowserPlugs](https://www.browserplugs.com/fingerprint-test/index.html) +- [FingerPrintJS2](https://valve.github.io/fingerprintjs2/) +- [Third-Party-Cookies](https://alanhogan.github.io/web-experiments/3rd/third-party-cookies.html) +- [Testing-Notifications](https://www.bennish.net/web-notifications.html) +- [Browser-Storage-Abuser](https://demo.agektmr.com/storage/) +- [Service-Workers-Push-Test](https://gauntface.github.io/simple-push-demo/) + +Browser Tests - Performances +---------------------------- +Performance tests can be done here [LVP Octane](https://intika.github.io/lvp-octane/), it needs to be launched alone with other applications closed and with no other activity but the benchmark, also it's recommended to launch it many times and then calculate the average. + +Browser Tests - DNS/VPN/Proxy Leak +---------------------------------- +- [IPLeak](https://ipleak.net/) +- [Tenta-Test](https://tenta.com/test/) +- [IP-Browserleaks](https://browserleaks.com/ip) + +About +----- +**License:** [Mozilla Public License 2.0](https://github.com/LibreWolf-Browser/LibreWolf/blob/master/License.txt) + +**Inspired from:** [ungoogled-chromium](https://github.com/Eloston/ungoogled-chromium) + +**Based on:** [Librefox](https://github.com/Librefox/Librefox), whose development seems to have halted. + +**Acknowledgement**, special thanks to: +- @intika for putting Librefox together +- The Mozilla team for their amazing work on Firefox +- The gHacks-User team for allowing the usage of their work +- All the stargazers (users that are encouraging this project by starring it) +- Icon was created with images by [OpenClipart-Vectors](https://pixabay.com/users/OpenClipart-Vectors-30363/?utm_source=link-attribution&utm_medium=referral&utm_campaign=image&utm_content=157677) from [Pixabay](https://pixabay.com/?utm_source=link-attribution&utm_medium=referral&utm_campaign=image&utm_content=157677) + +LibreWolf Roadmap +---------------- +**Objectives for future versions of LibreWolf (this may change)** +- Develop an all-in-one LibreWolf addon to rule them all ? (Normal & Tor Version… this would simplify LibreWolf) +- Develop an easy to use firewall system for extensions (button/hosts/allow/deny/per-addon) +- Develop an advanced settings page +- Update checker extension (feature in the full extension ?) +- Advertisement for the project to reach more users ? + +**Todo for future versions of LibreWolf (this may change)** +- Listed under [issues](https://github.com/LibreWolf-Browser/LibreWolf/issues/) section + +Settings Index +-------------- +``` +// ============================== +// Index mozilla.cfg .......... : +// ============================== +// +// --------------------------------------------------------------------- +// Section: User settings // Bench Diff: +0 / 5000 +// Section: Defaulting Settings // Bench Diff: +0 / 5000 +// ------------------------------------------ +// Section: Controversial // Bench Diff: +0 / 5000 +// Section: Firefox Fingerprint // Bench Diff: +0 / 5000 +// Section: Locale/Time // Bench Diff: +0 / 5000 +// Section: Ghacks-user Selection // Bench Diff: +100 / 5000 +// Section: Extensions Manager // Bench Diff: +0 / 5000 +// Section: IJWY To Shut Up // Bench Diff: +0 / 5000 +// Section: Microsoft Windows // Bench Diff: +0 / 5000 +// Section: Firefox ESR60.x // Bench Diff: +0 / 5000 +// ------------------------------------------ +// Section: Security 1/3 // Bench Diff: +0 / 5000 +// Section: Security 2/3 // Bench Diff: +0 / 5000 +// Section: Security 3/3 (Cipher) // Bench Diff: +0 / 5000 +// ------------------------------------------ +// Section: Performance 1/5 // Bench Diff: +650 / 5000 +// Section: Performance 2/5 // Bench Diff: -800 / 5000 +// Section: Performance 3/5 // Bench Diff: -1720 / 5000 +// Section: Performance 4/5 // Bench Diff: -200 / 5000 +// Section: Performance 5/5 // Bench Diff: -50 / 5000 +// ------------------------------------------ +// Section: General Settings 1/3 // Bench Diff: +100 / 5000 +// Section: General Settings 2/3 // Bench Diff: +0 / 5000 +// Section: General Settings 3/3 // Bench Diff: -40 / 5000 +// ------------------------------------------ +// Section: Disabled - ON/OFF // Bench Diff: +0 / 5000 +// Section: Disabled - Deprecated Active // Bench Diff: +0 / 5000 +// Section: Disabled - Deprecated Inactive // Bench Diff: +0 / 5000 +// --------------------------------------------------------------------- + +// ============================== +// Index local-settings.js .... : +// ============================== +// +// --------------------------------------------------------------------- +// Section: General Settings // Bench Diff: ++ / 5000 +// --------------------------------------------------------------------- + +``` + +Cookies Settings +---------------- +Using different web services without cookies is impossible and cookie settings in a browser are very important when it come to privacy, in LibreWolf the settings are locked to avoid unwanted changes in such an important setting, but they can be easily changed in `mozilla.cfg` under `User Settings: Cookies settings`. + +Tracking Protection +------------------- +Firefox now integrates a tracking protection feature (based on disconnect.me) it's a small content blocking list, the listing can not be edited, this feature is disabled in LibreWolf. It's recommended to use uBlock Origin instead. This feature is disabled: + +- Until it evolves and integrates at least list editing. +- Because double filtering (this + ublock) is not suitable for performance. + +You can however easily enable this feature in `mozilla.cfg` under `User Settings: Track Protection` (just comment active lines with `//` or remove the entire section). + +Comparing Changes And Updates +----------------------------- +If you want to compare changes over updates or if you already have a `user.js`/`mozilla.cfg`/`policies.json`. consider using [Compare-UserJS](https://github.com/claustromaniac/Compare-UserJS), it's an amazing tool to compare user.js files and output the diffs in detailed breakdown, developed by gHack's very own resident cat, [claustromaniac](https://github.com/claustromaniac) :cat: + +Usage: If not on windows install [PowerShell](https://github.com/PowerShell/PowerShell) then (for example) `pwsh Compare-UserJS.ps1 mozilla.cfg user.js` (Warning that PowerShell connects to Microsoft sometimes). + +Documentation +------------- + +**Mozilla.cfg**: Locking and defaulting LibreWolf settings for security, privacy and performance. + +**Policies.json**: Policies for enterprise environments (the settings available with `policies.json` are limited right now because this is a new feature of Firefox). + +**Bench diff**: Impact on the performance of LibreWolf, it can be a gain or a loss of performance +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss. + +**lockPref**: Locked preference can not be changed by extensions or updates, they can only be changed in `mozilla.cfg`. + +**Section**: Description of the settings section separated by ">>>". + +**Defaulting VS Enforcing**: Defaulted settings can be changed by the user or an extension if permitted within the browser while enforced settings are locked and can not be changed within the browser, enforced settings can be changed in `mozilla.cfg`. + +**About:config**: http://kb.mozillazine.org/About:config_entries. + +LibreWolf Dark Theme +------------------- +LibreWolf provides a classic dark theme extension ([LibreWolf Dark Theme](https://addons.mozilla.org/en-US/firefox/addon/LibreWolf-dark-theme/)) but also a purified version of ShadowFox available under [dark-theme directory](https://github.com/LibreWolf-Browser/LibreWolf/tree/master/dark-theme) to install it just copy the directory chrome to your LibreWolf profile directory and then restart LibreWolf, this will expand the dark theme to internal pages like settings pages. + +Tuning LibreWolf +--------------- + +**Restart Button** + +One simple solution is to bookmark `about:restartrequired` or `about:profiles` ... when restart is needed open that page and click "normal restart". You can even go further and add the bookmarks links to your icons bar and rename the link to an empty text (you will then have a direct icon to `about:profiles` and a 2 clicks restart). + + +... + +**Alternative Dark Theme** + +<a href="https://github.com/overdodactyl/ShadowFox" target="_blank"><img height=80px src="https://raw.githubusercontent.com/overdodactyl/ShadowFox/master/.github/Screenshots/header.png"></a> + +**Linux Fix Text Colors** + +On Linux when using a dark desktop theme LibreWolf could display white text over white background or black text on black input on some sites or addons, this is fixed in LibreWolf with `lockPref("ui.use_standins_for_native_colors", true);`. + +If `ui.use_standins_for_native_colors` is not enough to fix everything you can fix this issue with an other additional solution by using the following values in `about:config` (you need to have Adwaita theme installed) [more details](https://github.com/DmitriK/darkContrast#text-contrast-for-dark-themes) (Note that this is not needed with the default LibreWolf settings as it is already fixed) +``` +widget.content.allow-gtk-dark-theme;false +widget.chrome.allow-gtk-dark-theme;false +widget.content.gtk-theme-override;Adwaita:light +``` + +Other Addons +------------ + +**Other privacy addons** +- [NoHTTP](https://addons.mozilla.org/en-US/firefox/addon/nohttp): Block http traffic and/or redirect it to https (Excellent replacement for the unrecommended https-everywhere) +- [Google-Container](https://addons.mozilla.org/en-US/firefox/addon/google-container/): Open all Google sites in a container +- [Facebook-Container](https://addons.mozilla.org/en-US/firefox/addon/facebook-container/): Open all Facebook sites in a container +- [Request-Blocker](https://addons.mozilla.org/en-US/firefox/addon/request-blocker-we/): Hosts style blocking sites +- [Decentraleyes](https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/): Makes a lot of web resources available locally to improve privacy +- [Dont-Track-Me-Google](https://addons.mozilla.org/en-US/firefox/addon/dont-track-me-google1/): Cleaning Google search result links +- [Canvas-Blocker](https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/): Prevent some fingerprinting techniques (This should not be used with browser plugins addon as it provide similar features) +- [Cookie-Quick-Manager](https://addons.mozilla.org/en-US/firefox/addon/cookie-quick-manager/): View and edit cookies +- [Mozilla-Multi-Account-Containers](https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/): Manage containers and assign sites to specific container +- [Switch-Containers](https://addons.mozilla.org/en-US/firefox/addon/switch-container/): Switching container for the current tab easily +- [Temporary-Containers](https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/): Maximizing and automating container potential +- [Smart-Referer](https://addons.mozilla.org/en-US/firefox/addon/smart-referer/): Manage referer with a button (Send referers only when staying on the same domain.) + +**Other useful addons** +- [Dormancy](https://addons.mozilla.org/en-US/firefox/addon/dormancy/): Unload tab after a certain time, useful for performance when opening a lot of tabs +- [Add Custom Search Engine](https://addons.mozilla.org/en-US/firefox/addon/add-custom-search-engine/): Customize your search engine +- [ProxySwitcheroo](https://addons.mozilla.org/en-US/firefox/addon/proxyswitcheroo/): Apply proxy settings in a click +- [UndoCloseTabButton](https://addons.mozilla.org/en-US/firefox/addon/undoclosetabbutton/): Reopen last closed tab +- [Advanced Github Notifier](https://addons.mozilla.org/en-US/firefox/addon/advanced-github-notifier/): Github notifications +- [Shortkeys](https://addons.mozilla.org/en-US/firefox/addon/shortkeys/): Add custom shortkeys +- [Tabboo](https://addons.mozilla.org/en-US/firefox/addon/tabboo-session-manager/): Session manager + +**LibreWolf Addons For ESR And Tor** +- [LibreWolf HTTP Watcher ESR - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/LibreWolf-http-watcher-tor-mod/): Change the url bar color on http and onion sites (to green/red) +- [LibreWolf NoHTTP - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/nohttp-LibreWolf-mod-for-tor/): Block http traffic and/or redirect it to https (Excellent replacement for the unrecommended https-everywhere) + +Tor Compatibility +----------------- +We do not recommend connecting over Tor on LibreWolf classic version (because of the missing LibreWolf-Tor-Addons, they are only included in the tor version for obvious reasons), use instead LibreWolf-Tor version if your threat model calls for it, or for accessing hidden services (Thus said tor settings have been enabled since v2 on all LibreWolf versions for user toriffying/proxifying their entire connection). + +Currently LibreWolf-TBB is in beta test, Tor compatibility may change. + +DRM Compatibility +----------------- +Digital rights management (DRM) is enforced off by default (this is needed for Netflix and similar); you can enable it with the following instructions: +- Open `mozilla.cfg` +- Under the section `Section: User Settings` +- Comment the active lines with `// ` under the subsection `User Settings: DRM/CDM - Main` +- Comment the active lines with `// ` under the subsection `User Settings: DRM/CDM - Widevine` +- Restart Firefox then open `about:preferences` and enable `Play DRM...` under general section +- Firefox will download Widevine and enable it (under `about:addons` plugins section) you can force the download by clicking `Check for updates` under the tools button + +LibreWolf ESR +------------ +For ESR users if you opt for `LibreWolf HTTP Watcher` you need to use this version [LibreWolf HTTP Watcher ESR - Tor MoD](https://addons.mozilla.org/en-US/firefox/addon/LibreWolf-http-watcher-tor-mod/) + +Building And Packaging +---------------------- + +**Linux** + +- `Build instruction will be updated soon` + +**Windows** + +- `Build instruction will be updated soon` + +**Mac** + +- `Build instruction will be updated soon` diff --git a/archive/README.md b/archive/README.md new file mode 100644 index 0000000..2587d4c --- /dev/null +++ b/archive/README.md @@ -0,0 +1,8 @@ +## Archive + +These are parts of the original LibreFox and have not been reviewed yet. The files in this folder will be reviewed for: + +* Integration into the browser itself +* Integration into the configuration scripts +* Moving to an external repository +* Deletion diff --git a/archive/debugging/debug-notes.log b/archive/debugging/debug-notes.log new file mode 100644 index 0000000..b6999af --- /dev/null +++ b/archive/debugging/debug-notes.log @@ -0,0 +1,216 @@ +======================================================================================================================== +Build Notes v2 : +======================================================================================================================== + +- Compress tar.xz + + tar cfJ <archive.tar.xz> <files> + +- Files to remove : + + crash-reporter... + crash-reporter... + removed-files + update... + update... + update... + browser/feature/webcomp... + browser/feature/webcomp... + browser/feature/... + +- Tor files to remove : + + Classic removal plus + https-everywhere addon + profile.meek-http-helper... + +- Patching release : + + >browser.omni.ja.chrome.browser.content.browser.preferences.in-content.privacy.origin (patch with winrar) + Tor : patch mozilla.cfg + +- Tor windows : + + Install it to desktop then get the files + (Only the lnk file is a new file compared to compressed version) + remove lnk file + add link.vbs + add bat file + +- Tor mac : + + Under mac, mount and extract all content to a folder + Copy by command .DS_Store (from dmg to folder) + run "codesign --remove-signature Tor\ Browser.app". + With disk utils, create a dmg from a folder (nocompression rw) + We are converting iso-dmg to dmg... + +======================================================================================================================== +JS Note & Debugging : +======================================================================================================================== + +// ---------- +// CSP Note : +// ---------- +// +// Syntax : +// One or more sources can be allowed for the default-src policy: +// Content-Security-Policy: default-src <source> <source>; +// Content-Security-Policy: default-src <source>; +// +// default-src is a fallback for : +// - child-src +// - connect-src +// - font-src +// - frame-src +// - img-src +// - manifest-src +// - media-src +// - object-src +// - prefetch-src +// - script-src +// - style-src +// - worker-src +// +// <source> can be one of the following: +// +// 'none' +// Refers to the empty set; that is, no URLs match. The single quotes are required. +// +// 'self' +// Refers to the origin from which the protected document is being served, +// including the same URL scheme and port number. You must include the single quotes. +// Some browsers specifically exclude blob and filesystem from source directives. +// Sites needing to allow these content types can specify them using the Data attribute. +// +// 'unsafe-inline' +// Allows the use of inline resources, such as inline <script> elements, javascript: +// URLs, inline event handlers, and inline <style> elements. You must include the single quotes. +// +// 'unsafe-eval' +// Allows the use of eval() and similar methods for creating code from strings. +// You must include the single quotes. +// +// <scheme-source> +// A schema such as 'http:' or 'https:'. The colon is required, single quotes +// shouldn't be used. You can also specify data schemas (not recommended). +// - data: Allows data: URIs to be used as a content source. This is insecure; +// An attacker can also inject arbitrary data: URIs. +// Use this sparingly and definitely not for scripts. +// - mediastream: Allows mediastream: URIs to be used as a content source. +// - blob: Allows blob: URIs to be used as a content source. +// - filesystem: Allows filesystem: URIs to be used as a content source. +// +// <host-source> +// Internet hosts by name or IP address, as well as an optional URL scheme and/or port number. +// The site's address may include an optional leading wildcard (the asterisk character, '*'), +// and you may use a wildcard (again, '*') as the port number, indicating that all +// legal ports are valid for the source. +// Examples: +// - http://*.example.com: Matches all attempts to load from any subdomain of example.com using the http: URL scheme. +// - mail.example.com:443: Matches all attempts to access port 443 on mail.example.com. +// - https://store.example.com: Matches all attempts to access store.example.com using https:. +// +// Sources : +// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src + +// ----------------- +// Process Isolation +// ----------------- +// +// Pref : Separate process for protocol +// defaultPref("extensions.webextensions.protocol.remote", true); //default true +// +// Pref : Separate process for protocol extension +// defaultPref("extensions.webextensions.remote", false); //default true +// +// Process remote (separating process) can partially firewall extension by +// denying access to some moz-extension (extension internal url like settings page) +// but this is not reliable not usable for a purpose of firewalling +// Setting this to false will break moz-extension URI loading +// unless other process sandboxing and extension remoting prefs are changed. +// Note, extensions.webextensions.protocol.remote=false is for +// debugging purposes only. With process-level sandboxing, child +// processes (specifically content and extension processes), will +// not be able to load most moz-extension URI's when the pref is +// set to false. + +// ------------------ +// Restricted Domains +// ------------------ +// +// "extensions.webextensions.restrictedDomains" +// +// gHacks set this to empty ""... this is list of blocked domain for ext. +// Default value : +// "accounts-static.cdn.mozilla.net,accounts.firefox.com,addons.cdn.mozilla.net,addons.mozilla.org, +// api.accounts.firefox.com,content.cdn.mozilla.net,content.cdn.mozilla.net,discovery. +// addons.mozilla.org,input.mozilla.org,install.mozilla.org,oauth.accounts.firefox. +// com,profile.accounts.firefox.com,support.mozilla.org,sync.services. +// mozilla.com,testpilot.firefox.com" +// +// Managed in +// AddonManagerWebAPI.cpp +// WebExtensionPolicy.cpp +// +// Check function (When fail directly return deny) : +// +// WebExtensionPolicy::IsRestrictedURI +// - Check againt restrictedDomains (false-allow) domains->Contains +// - Check if IsValidSite (deny access) (false-allow) +// --- Check if empty string --(false-allow) +// --- Check https/http --(false-allow) +// --- Check SSL --(false-allow) +// --- Allow those domain directly --(true---deny) +// "addons.mozilla.org" +// "discovery.addons.mozilla.org" +// "testpilot.firefox.com" +// --- If pref "extensions.webapi.testing" --(true---deny) +// is true, it allow access to other +// sites list +// --- Return false --(false-allow) +// - Return false (false-allow) + +// ----------------- +// Other Possibility +// ----------------- +// +// Other possibility (securefox extension) compare requests to url... filter etc... +// +// Other possibility... recompile and make it a native feature... (may be for futur version) +// Just invert the code to be !domains->Contains and thus allow only listed domain +// +// Other hidden setting +// int dom.ipc.keepProcessesAlive.extension //hidden settings +// +// Conclusion : patching binary "IsRestrictedURI" function OR build own version +// Durable solution is to rebuild... this feature is paused until futur versions +// + +// --------------------------------------- +// Pref : CSP Settings For Extensions I/II +// --------------------------------------- +// +// Default Value : " +// script-src 'self' https://* moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; +// object-src 'self' https://* moz-extension: blob: filesystem:; +// " +// +// Default Deny Value : " +// default-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; +// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; +// object-src 'self' moz-extension: blob: filesystem:; +// " +// +// Strict Deny Value : " +// default-src 'self' moz-extension: blob: filesystem:; +// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; +// object-src 'self' moz-extension: blob: filesystem:; +// " +// +// Super Strict Deny Value : " +// default-src 'none'; +// script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; +// object-src 'self' moz-extension: blob: filesystem:; +// " diff --git a/archive/debugging/policies.examples.json b/archive/debugging/policies.examples.json new file mode 100644 index 0000000..244ee24 --- /dev/null +++ b/archive/debugging/policies.examples.json @@ -0,0 +1,47 @@ +// https://github.com/mozilla/policy-templates/blob/master/README.md + +// Extensions + +// This policy controls the installation, uninstallation and locking of extensions. +// Locked extensions cannot be disabled or uninstalled. For Install, you specify a +// list of URLs or paths. For Uninstall and Locked, you specify extension IDs. + + +"policies": { + "Extensions": { + "Install": ["https://addons.mozilla.org/firefox/downloads/somefile.xpi", "//path/to/xpi"], + "Uninstall": ["addon_id@mozilla.org"], + "Locked": ["addon_id@mozilla.org"] + } +} + +"policies": { + "WebsiteFilter": { + "Block": ["<all_urls>"], + "Exceptions": ["http://example.org/*"] + } +} + +"policies": { + "SanitizeOnShutdown": [true|false] +} + +// Does not seems to work to remove engines +"policies": { + "SearchEngines": { + "Add": [ + { + "Name": "", + "URLTemplate": "URL including {searchTerms} to substitute for the terms", + "Method": ["GET", "POST"], + "IconURL": "URL to icon", + "Alias": "Alias that can be used to access the engine", + "Description": "Description", + "SuggestURLTemplate": "URL for suggestions using {searchTerms}" + } + ], + "Default": "Name of engine", + "PreventInstalls": [true|false], + "Remove": ["Twitter", "Wikipedia (en)"] + } +} diff --git a/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js b/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js new file mode 100644 index 0000000..24cfc62 --- /dev/null +++ b/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js @@ -0,0 +1,2022 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* import-globals-from extensionControlled.js */ +/* import-globals-from preferences.js */ + +/* FIXME: ESlint globals workaround should be removed once bug 1395426 gets fixed */ +/* globals DownloadUtils, LoadContextInfo */ + +ChromeUtils.import("resource://gre/modules/AppConstants.jsm"); +ChromeUtils.import("resource://gre/modules/PluralForm.jsm"); + +ChromeUtils.defineModuleGetter(this, "PluralForm", + "resource://gre/modules/PluralForm.jsm"); +ChromeUtils.defineModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +ChromeUtils.defineModuleGetter(this, "SiteDataManager", + "resource:///modules/SiteDataManager.jsm"); + +ChromeUtils.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingUiEnabled", + "browser.contentblocking.ui.enabled"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingCookiesAndSiteDataRejectTrackersRecommended", + "browser.contentblocking.cookies-site-data.ui.reject-trackers.recommended"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingCookiesAndSiteDataRejectTrackersEnabled", + "browser.contentblocking.cookies-site-data.ui.reject-trackers.enabled"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingFastBlockUiEnabled", + "browser.contentblocking.fastblock.ui.enabled"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingTrackingProtectionUiEnabled", + "browser.contentblocking.trackingprotection.ui.enabled"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingRejectTrackersUiEnabled", + "browser.contentblocking.rejecttrackers.ui.enabled"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingRejectTrackersRecommended", + "browser.contentblocking.rejecttrackers.ui.recommended"); + +XPCOMUtils.defineLazyPreferenceGetter(this, "contentBlockingEnabled", + "browser.contentblocking.enabled"); + +const PREF_UPLOAD_ENABLED = "datareporting.healthreport.uploadEnabled"; + +const TRACKING_PROTECTION_KEY = "websites.trackingProtectionMode"; +const TRACKING_PROTECTION_PREFS = ["privacy.trackingprotection.enabled", + "privacy.trackingprotection.pbmode.enabled"]; + +const PREF_OPT_OUT_STUDIES_ENABLED = "app.shield.optoutstudies.enabled"; +const PREF_NORMANDY_ENABLED = "app.normandy.enabled"; + +XPCOMUtils.defineLazyGetter(this, "AlertsServiceDND", function() { + try { + let alertsService = Cc["@mozilla.org/alerts-service;1"] + .getService(Ci.nsIAlertsService) + .QueryInterface(Ci.nsIAlertsDoNotDisturb); + // This will throw if manualDoNotDisturb isn't implemented. + alertsService.manualDoNotDisturb; + return alertsService; + } catch (ex) { + return undefined; + } +}); + +Preferences.addAll([ + // Content Blocking + { id: "browser.contentblocking.enabled", type: "bool" }, + + // FastBlock + { id: "browser.fastblock.enabled", type: "bool" }, + + // Tracking Protection + { id: "privacy.trackingprotection.enabled", type: "bool" }, + { id: "privacy.trackingprotection.pbmode.enabled", type: "bool" }, + // This isn't a configuration pref, rather it's for saving the previous state + // of the UI when we turn off the TP controls when the user checks off the + // All Detected Trackers under Content Blocking. This pref isn't listed in + // all.js/firefox.js to make sure it doesn't appear in about:config by default. + { id: "browser.privacy.trackingprotection.menu", type: "string" }, + + // Button prefs + { id: "pref.privacy.disable_button.cookie_exceptions", type: "bool" }, + { id: "pref.privacy.disable_button.view_cookies", type: "bool" }, + { id: "pref.privacy.disable_button.change_blocklist", type: "bool" }, + { id: "pref.privacy.disable_button.tracking_protection_exceptions", type: "bool" }, + + // Location Bar + { id: "browser.urlbar.autocomplete.enabled", type: "bool" }, + { id: "browser.urlbar.suggest.bookmark", type: "bool" }, + { id: "browser.urlbar.suggest.history", type: "bool" }, + { id: "browser.urlbar.suggest.openpage", type: "bool" }, + + // History + { id: "places.history.enabled", type: "bool" }, + { id: "browser.formfill.enable", type: "bool" }, + { id: "privacy.history.custom", type: "bool" }, + // Cookies + { id: "network.cookie.cookieBehavior", type: "int" }, + { id: "network.cookie.lifetimePolicy", type: "int" }, + { id: "network.cookie.blockFutureCookies", type: "bool" }, + // Clear Private Data + { id: "privacy.sanitize.sanitizeOnShutdown", type: "bool" }, + { id: "privacy.sanitize.timeSpan", type: "int" }, + // Do not track + { id: "privacy.donottrackheader.enabled", type: "bool" }, + + // Media + { id: "media.autoplay.default", type: "int" }, + { id: "media.autoplay.enabled.ask-permission", type: "bool" }, + { id: "media.autoplay.enabled.user-gestures-needed", type: "bool" }, + + // Popups + { id: "dom.disable_open_during_load", type: "bool" }, + // Passwords + { id: "signon.rememberSignons", type: "bool" }, + + // Buttons + { id: "pref.privacy.disable_button.view_passwords", type: "bool" }, + { id: "pref.privacy.disable_button.view_passwords_exceptions", type: "bool" }, + + /* Certificates tab + * security.default_personal_cert + * - a string: + * "Select Automatically" select a certificate automatically when a site + * requests one + * "Ask Every Time" present a dialog to the user so he can select + * the certificate to use on a site which + * requests one + */ + { id: "security.default_personal_cert", type: "string" }, + + { id: "security.disable_button.openCertManager", type: "bool" }, + + { id: "security.disable_button.openDeviceManager", type: "bool" }, + + { id: "security.OCSP.enabled", type: "int" }, + + // Add-ons, malware, phishing + { id: "xpinstall.whitelist.required", type: "bool" }, + + { id: "browser.safebrowsing.malware.enabled", type: "bool" }, + { id: "browser.safebrowsing.phishing.enabled", type: "bool" }, + + { id: "browser.safebrowsing.downloads.enabled", type: "bool" }, + + { id: "urlclassifier.malwareTable", type: "string" }, + + { id: "browser.safebrowsing.downloads.remote.block_potentially_unwanted", type: "bool" }, + { id: "browser.safebrowsing.downloads.remote.block_uncommon", type: "bool" }, + +]); + +// Study opt out +if (AppConstants.MOZ_DATA_REPORTING) { + Preferences.addAll([ + // Preference instances for prefs that we need to monitor while the page is open. + { id: PREF_OPT_OUT_STUDIES_ENABLED, type: "bool" }, + { id: PREF_UPLOAD_ENABLED, type: "bool" }, + ]); +} + +// Data Choices tab +if (AppConstants.NIGHTLY_BUILD) { + Preferences.add({ id: "browser.chrome.errorReporter.enabled", type: "bool" }); +} +if (AppConstants.MOZ_CRASHREPORTER) { + Preferences.add({ id: "browser.crashReports.unsubmittedCheck.autoSubmit2", type: "bool" }); +} + +function setEventListener(aId, aEventType, aCallback) { + document.getElementById(aId) + .addEventListener(aEventType, aCallback.bind(gPrivacyPane)); +} + +var gPrivacyPane = { + _pane: null, + + /** + * Whether the prompt to restart Firefox should appear when changing the autostart pref. + */ + _shouldPromptForRestart: true, + + /** + * Initialize the tracking protection prefs and linkify its Learn More link. + */ + _initTrackingProtection() { + setEventListener("trackingProtectionRadioGroup", "command", + this.trackingProtectionWritePrefs); + setEventListener("changeBlockList", "command", this.showBlockLists); + + let link = document.getElementById("trackingProtectionLearnMore"); + let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + "tracking-protection"; + link.setAttribute("href", url); + }, + + /** + * Update the tracking protection UI to deal with extension control. + */ + _updateTrackingProtectionUI() { + let isLocked = TRACKING_PROTECTION_PREFS.some( + pref => Services.prefs.prefIsLocked(pref)); + + function setInputsDisabledState(isControlled) { + let disabled = isLocked || isControlled; + if (contentBlockingUiEnabled) { + let tpCheckbox = + document.getElementById("contentBlockingTrackingProtectionCheckbox"); + // Only enable the TP menu if content blocking and Detect All Trackers + // are enabled. + document.getElementById("trackingProtectionMenu").disabled = disabled || + !tpCheckbox.checked || + !contentBlockingEnabled; + // Only enable the TP category checkbox if content blocking is enabled. + tpCheckbox.disabled = disabled || !contentBlockingEnabled; + } else { + document.querySelectorAll("#trackingProtectionRadioGroup > radio") + .forEach((element) => { + element.disabled = disabled; + }); + document.querySelector("#trackingProtectionDesc > label") + .disabled = disabled; + } + + // Notify observers that the TP UI has been updated. + // This is needed since our tests need to be notified about the + // trackingProtectionMenu element getting disabled/enabled at the right time. + Services.obs.notifyObservers(window, "privacy-pane-tp-ui-updated"); + } + + if (isLocked) { + // An extension can't control this setting if either pref is locked. + hideControllingExtension(TRACKING_PROTECTION_KEY); + setInputsDisabledState(false); + } else { + handleControllingExtension( + PREF_SETTING_TYPE, + TRACKING_PROTECTION_KEY) + .then(setInputsDisabledState); + } + }, + + /** + * Set up handlers for showing and hiding controlling extension info + * for tracking protection. + */ + _initTrackingProtectionExtensionControl() { + let disableButton = contentBlockingUiEnabled ? + "contentBlockingDisableTrackingProtectionExtension" : "disableTrackingProtectionExtension"; + setEventListener(disableButton, "command", + makeDisableControllingExtension( + PREF_SETTING_TYPE, TRACKING_PROTECTION_KEY)); + + let trackingProtectionObserver = { + observe(subject, topic, data) { + gPrivacyPane._updateTrackingProtectionUI(); + }, + }; + + for (let pref of TRACKING_PROTECTION_PREFS) { + Services.prefs.addObserver(pref, trackingProtectionObserver); + } + window.addEventListener("unload", () => { + for (let pref of TRACKING_PROTECTION_PREFS) { + Services.prefs.removeObserver(pref, trackingProtectionObserver); + } + }); + }, + + /** + * Initialize autocomplete to ensure prefs are in sync. + */ + _initAutocomplete() { + Cc["@mozilla.org/autocomplete/search;1?name=unifiedcomplete"] + .getService(Ci.mozIPlacesAutoComplete); + }, + + /** + * Sets up the UI for the number of days of history to keep, and updates the + * label of the "Clear Now..." button. + */ + init() { + this._updateSanitizeSettingsButton(); + this.initializeHistoryMode(); + this.initAutoplay(); + this.updateAutoplayMediaControlsVisibility(); + this.updateHistoryModePane(); + this.updatePrivacyMicroControls(); + this.initAutoStartPrivateBrowsingReverter(); + this._initAutocomplete(); + + /* Initialize Content Blocking / Tracking Protection */ + + if (contentBlockingUiEnabled) { + this.initContentBlocking(); + } else { + this._initTrackingProtection(); + } + + this.trackingProtectionReadPrefs(); + this.networkCookieBehaviorReadPrefs(); + this._initTrackingProtectionExtensionControl(); + + this.updateContentBlockingVisibility(); + + Preferences.get("privacy.trackingprotection.enabled").on("change", + gPrivacyPane.trackingProtectionReadPrefs.bind(gPrivacyPane)); + Preferences.get("privacy.trackingprotection.pbmode.enabled").on("change", + gPrivacyPane.trackingProtectionReadPrefs.bind(gPrivacyPane)); + + // Watch all of the prefs that the new Cookies & Site Data UI depends on + Preferences.get("network.cookie.cookieBehavior").on("change", + gPrivacyPane.networkCookieBehaviorReadPrefs.bind(gPrivacyPane)); + Preferences.get("network.cookie.lifetimePolicy").on("change", + gPrivacyPane.networkCookieBehaviorReadPrefs.bind(gPrivacyPane)); + Preferences.get("browser.privatebrowsing.autostart").on("change", + gPrivacyPane.networkCookieBehaviorReadPrefs.bind(gPrivacyPane)); + + setEventListener("trackingProtectionExceptions", "command", + gPrivacyPane.showTrackingProtectionExceptions); + + Preferences.get("privacy.sanitize.sanitizeOnShutdown").on("change", + gPrivacyPane._updateSanitizeSettingsButton.bind(gPrivacyPane)); + Preferences.get("browser.privatebrowsing.autostart").on("change", + gPrivacyPane.updatePrivacyMicroControls.bind(gPrivacyPane)); + Preferences.get("media.autoplay.enabled.ask-permission").on("change", + gPrivacyPane.updateAutoplayMediaControlsVisibility.bind(gPrivacyPane)); + Preferences.get("media.autoplay.enabled.user-gestures-needed").on("change", + gPrivacyPane.updateAutoplayMediaControlsVisibility.bind(gPrivacyPane)); + setEventListener("historyMode", "command", function() { + gPrivacyPane.updateHistoryModePane(); + gPrivacyPane.updateHistoryModePrefs(); + gPrivacyPane.updatePrivacyMicroControls(); + gPrivacyPane.updateAutostart(); + }); + setEventListener("clearHistoryButton", "command", function() { + let historyMode = document.getElementById("historyMode"); + // Select "everything" in the clear history dialog if the + // user has set their history mode to never remember history. + gPrivacyPane.clearPrivateDataNow(historyMode.value == "dontremember"); + }); + setEventListener("openSearchEnginePreferences", "click", function(event) { + if (event.button == 0) { + gotoPref("search"); + } + return false; + }); + setEventListener("privateBrowsingAutoStart", "command", + gPrivacyPane.updateAutostart); + setEventListener("cookieExceptions", "command", + gPrivacyPane.showCookieExceptions); + setEventListener("clearDataSettings", "command", + gPrivacyPane.showClearPrivateDataSettings); + setEventListener("passwordExceptions", "command", + gPrivacyPane.showPasswordExceptions); + setEventListener("useMasterPassword", "command", + gPrivacyPane.updateMasterPasswordButton); + setEventListener("changeMasterPassword", "command", + gPrivacyPane.changeMasterPassword); + setEventListener("showPasswords", "command", + gPrivacyPane.showPasswords); + setEventListener("addonExceptions", "command", + gPrivacyPane.showAddonExceptions); + setEventListener("viewCertificatesButton", "command", + gPrivacyPane.showCertificates); + setEventListener("viewSecurityDevicesButton", "command", + gPrivacyPane.showSecurityDevices); + + this._pane = document.getElementById("panePrivacy"); + this._initMasterPasswordUI(); + this._initSafeBrowsing(); + + setEventListener("notificationSettingsButton", "command", + gPrivacyPane.showNotificationExceptions); + setEventListener("locationSettingsButton", "command", + gPrivacyPane.showLocationExceptions); + setEventListener("cameraSettingsButton", "command", + gPrivacyPane.showCameraExceptions); + setEventListener("microphoneSettingsButton", "command", + gPrivacyPane.showMicrophoneExceptions); + setEventListener("popupPolicyButton", "command", + gPrivacyPane.showPopupExceptions); + setEventListener("autoplayMediaCheckbox", "command", + gPrivacyPane.toggleAutoplayMedia); + setEventListener("autoplayMediaPolicyButton", "command", + gPrivacyPane.showAutoplayMediaExceptions); + setEventListener("autoplayMediaPolicyComboboxButton", "command", + gPrivacyPane.showAutoplayMediaExceptions); + setEventListener("notificationsDoNotDisturb", "command", + gPrivacyPane.toggleDoNotDisturbNotifications); + + if (AlertsServiceDND) { + let notificationsDoNotDisturbBox = + document.getElementById("notificationsDoNotDisturbBox"); + notificationsDoNotDisturbBox.removeAttribute("hidden"); + let checkbox = document.getElementById("notificationsDoNotDisturb"); + document.l10n.setAttributes(checkbox, "permissions-notification-pause"); + if (AlertsServiceDND.manualDoNotDisturb) { + let notificationsDoNotDisturb = + document.getElementById("notificationsDoNotDisturb"); + notificationsDoNotDisturb.setAttribute("checked", true); + } + } + + this.initSiteDataControls(); + + setEventListener("clearSiteDataButton", "command", + gPrivacyPane.clearSiteData); + setEventListener("siteDataSettings", "command", + gPrivacyPane.showSiteDataSettings); + let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + "storage-permissions"; + document.getElementById("siteDataLearnMoreLink").setAttribute("href", url); + + let notificationInfoURL = + Services.urlFormatter.formatURLPref("app.support.baseURL") + "push"; + document.getElementById("notificationPermissionsLearnMore").setAttribute("href", + notificationInfoURL); + let drmInfoURL = + Services.urlFormatter.formatURLPref("app.support.baseURL") + "drm-content"; + document.getElementById("playDRMContentLink").setAttribute("href", drmInfoURL); + let emeUIEnabled = Services.prefs.getBoolPref("browser.eme.ui.enabled"); + // Force-disable/hide on WinXP: + if (navigator.platform.toLowerCase().startsWith("win")) { + emeUIEnabled = emeUIEnabled && parseFloat(Services.sysinfo.get("version")) >= 6; + } + if (!emeUIEnabled) { + // Don't want to rely on .hidden for the toplevel groupbox because + // of the pane hiding/showing code potentially interfering: + document.getElementById("drmGroup").setAttribute("style", "display: none !important"); + } + + if (AppConstants.MOZ_DATA_REPORTING) { + this.initDataCollection(); + if (AppConstants.NIGHTLY_BUILD) { + this.initCollectBrowserErrors(); + } + if (AppConstants.MOZ_CRASHREPORTER) { + this.initSubmitCrashes(); + } + this.initSubmitHealthReport(); + setEventListener("submitHealthReportBox", "command", + gPrivacyPane.updateSubmitHealthReport); + this.initOptOutStudyCheckbox(); + } + this._initA11yState(); + let signonBundle = document.getElementById("signonBundle"); + let pkiBundle = document.getElementById("pkiBundle"); + appendSearchKeywords("showPasswords", [ + signonBundle.getString("loginsDescriptionAll2"), + ]); + appendSearchKeywords("viewSecurityDevicesButton", [ + pkiBundle.getString("enable_fips"), + ]); + + if (!PrivateBrowsingUtils.enabled) { + document.getElementById("privateBrowsingAutoStart").hidden = true; + document.querySelector("menuitem[value='dontremember']").hidden = true; + } + + // Notify observers that the UI is now ready + Services.obs.notifyObservers(window, "privacy-pane-loaded"); + }, + + initSiteDataControls() { + Services.obs.addObserver(this, "sitedatamanager:sites-updated"); + Services.obs.addObserver(this, "sitedatamanager:updating-sites"); + let unload = () => { + window.removeEventListener("unload", unload); + Services.obs.removeObserver(this, "sitedatamanager:sites-updated"); + Services.obs.removeObserver(this, "sitedatamanager:updating-sites"); + }; + window.addEventListener("unload", unload); + SiteDataManager.updateSites(); + }, + + // CONTENT BLOCKING + + /** + * Initializes the content blocking section. + */ + initContentBlocking() { + let contentBlockingCheckbox = document.getElementById("contentBlockingCheckbox"); + setEventListener("contentBlockingToggle", "command", + () => contentBlockingCheckbox.click()); + setEventListener("contentBlockingToggle", "command", + this.updateContentBlockingControls); + setEventListener("changeBlockListLink", "click", this.showBlockLists); + setEventListener("contentBlockingRestoreDefaults", "command", + this.restoreContentBlockingPrefs); + setEventListener("contentBlockingTrackingProtectionCheckbox", "command", + this.trackingProtectionWritePrefs); + setEventListener("contentBlockingTrackingProtectionCheckbox", "command", + this._updateTrackingProtectionUI); + setEventListener("trackingProtectionMenu", "command", + this.trackingProtectionWritePrefs); + setEventListener("contentBlockingChangeCookieSettings", "command", + this.changeCookieSettings); + setEventListener("contentBlockingBlockCookiesCheckbox", "command", + this.writeBlockCookiesCheckbox); + + Preferences.get("network.cookie.cookieBehavior").on("change", + gPrivacyPane.readBlockCookiesCheckbox.bind(gPrivacyPane)); + + this.readBlockCookiesCheckbox(); + + let link = document.getElementById("contentBlockingLearnMore"); + let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + "tracking-protection"; + link.setAttribute("href", url); + + // Honour our Content Blocking category UI prefs. If each pref is set to false, + // Make all descendants of the corresponding selector hidden. + let selectorPrefMap = { + ".fast-block-ui": contentBlockingFastBlockUiEnabled, + ".tracking-protection-ui": contentBlockingTrackingProtectionUiEnabled, + ".reject-trackers-ui": contentBlockingRejectTrackersUiEnabled, + }; + + for (let selector in selectorPrefMap) { + let pref = selectorPrefMap[selector]; + if (!pref) { + let elements = document.querySelectorAll(selector); + for (let element of elements) { + element.hidden = true; + } + } + } + + // Allow turning off the "(recommended)" label using a pref + let blockCookiesFromTrackers = document.getElementById("blockCookiesFromTrackersCB"); + if (contentBlockingRejectTrackersRecommended) { + document.l10n.setAttributes(blockCookiesFromTrackers, "content-blocking-reject-trackers-block-trackers-option-recommended"); + } + }, + + /** + * Resets all user-exposed content blocking preferences to their default values. + */ + async restoreContentBlockingPrefs() { + function clearIfNotLocked(pref) { + if (!Services.prefs.prefIsLocked(pref)) { + Services.prefs.clearUserPref(pref); + } + } + + clearIfNotLocked("browser.contentblocking.enabled"); + clearIfNotLocked("browser.fastblock.enabled"); + clearIfNotLocked("urlclassifier.trackingTable"); + clearIfNotLocked("network.cookie.cookieBehavior"); + clearIfNotLocked("network.cookie.lifetimePolicy"); + + let controllingExtension = await getControllingExtension( + PREF_SETTING_TYPE, TRACKING_PROTECTION_KEY); + if (!controllingExtension) { + for (let preference of TRACKING_PROTECTION_PREFS) { + clearIfNotLocked(preference); + } + } + }, + + /** + * Highlights the Cookies & Site Data UI section. + */ + changeCookieSettings() { + gotoPref("privacy-sitedata"); + }, + + /** + * Changes the visibility of elements in the TP/CB section depending on the + * content blocking UI pref. + */ + updateContentBlockingVisibility() { + // First, update the content blocking UI. + let visibleState = { + "contentBlockingHeader": true, + "contentBlockingDescription": true, + "contentBlockingLearnMore": true, + "contentBlockingRestoreDefaults": true, + "contentBlockingCheckboxContainer": true, + "contentBlockingCategories": true, + + "trackingProtectionHeader": false, + "trackingProtectionDescription": false, + "trackingProtectionBox": false, + }; + for (let id in visibleState) { + document.getElementById(id).hidden = contentBlockingUiEnabled != visibleState[id]; + } + + if (contentBlockingUiEnabled) { + // Update the Do Not Track section to not mention "Tracking Protection". + let dntDefaultRadioItem = + document.querySelector("#doNotTrackRadioGroup > radio[value=false]"); + document.l10n.setAttributes( + dntDefaultRadioItem, "do-not-track-option-default-content-blocking"); + + // Potentially hide the global toggle. + document.getElementById("contentBlockingCheckboxContainer").hidden = + !Services.prefs.getBoolPref("browser.contentblocking.global-toggle.enabled", true); + } + + // Allow turning off the "(recommended)" label using a pref + let blockCookiesFromTrackers = document.getElementById("blockCookiesFromTrackers"); + if (contentBlockingCookiesAndSiteDataRejectTrackersRecommended) { + document.l10n.setAttributes(blockCookiesFromTrackers, "sitedata-block-trackers-option-recommended"); + } + + // Allow hiding the Reject Trackers option based on a pref + if (!contentBlockingCookiesAndSiteDataRejectTrackersEnabled) { + blockCookiesFromTrackers.remove(); + } + }, + + /** + * Updates the preferences UI to reflect the browser.contentblocking.enabled pref. + * This affects the button to toggle the pref and the disabled state of the dependent controls. + */ + updateContentBlockingToggle() { + let onOrOff = contentBlockingEnabled ? "on" : "off"; + let contentBlockingToggle = document.getElementById("contentBlockingToggle"); + let contentBlockingToggleLabel = document.getElementById("contentBlockingToggleLabel"); + + document.l10n.setAttributes(contentBlockingToggle, + "content-blocking-toggle-" + onOrOff); + contentBlockingToggle.setAttribute("aria-pressed", contentBlockingEnabled); + document.l10n.setAttributes(contentBlockingToggleLabel, + "content-blocking-toggle-label-" + onOrOff); + + this.updateContentBlockingControls(); + }, + + /** + * Changes the disabled state of controls that depend on the browser.contentblocking.enabled pref. + */ + updateContentBlockingControls() { + let dependentControls = [ + "#content-blocking-categories-label", + ".content-blocking-checkbox", + "#changeBlockListLink", + "#contentBlockingChangeCookieSettings", + "#blockCookiesCB, #blockCookiesCB > radio", + "#blockCookies, #blockCookies > radio", + ]; + + this._toggleControls(dependentControls, contentBlockingEnabled); + + // The list of dependent controls here would normally include #blockCookiesLabel, + // #blockCookiesMenu, #keepUntil and #keepCookiesUntil, but in order to avoid + // having two parts of the code responsible for figuring out whether these + // controls must be enabled or disabled, we offload that responsibility to + // networkCookieBehaviorReadPrefs() which already knows how to deal with it. + this.networkCookieBehaviorReadPrefs(); + + // If Content Blocking gets disabled, show the warning in the Cookies and Site Data section. + let blockCookiesWarning = document.getElementById("blockCookiesWarning"); + blockCookiesWarning.hidden = contentBlockingEnabled; + + // Need to make sure we account for pref locking/extension overrides when enabling the TP menu. + this._updateTrackingProtectionUI(); + + // If we are turning Content Blocking on, we may need to keep some parts of the Third-Party Cookies + // UI off, depending on the value of the cookieBehavior pref. readBlockCookiesCheckbox() can do + // the work that is needed for that. + this.readBlockCookiesCheckbox(); + }, + + _toggleControls(dependentControls, enabled) { + for (let selector of dependentControls) { + let controls = document.querySelectorAll(selector); + + for (let control of controls) { + if (enabled) { + control.removeAttribute("disabled"); + } else { + control.setAttribute("disabled", "true"); + } + } + } + }, + + // TRACKING PROTECTION MODE + + /** + * Selects the right item of the Tracking Protection radiogroup. + */ + trackingProtectionReadPrefs() { + let enabledPref = Preferences.get("privacy.trackingprotection.enabled"); + let pbmPref = Preferences.get("privacy.trackingprotection.pbmode.enabled"); + let btpmPref = Preferences.get("browser.privacy.trackingprotection.menu"); + let tpControl, + tpCheckbox; + if (contentBlockingUiEnabled) { + tpControl = document.getElementById("trackingProtectionMenu"); + tpCheckbox = document.getElementById("contentBlockingTrackingProtectionCheckbox"); + } else { + tpControl = document.getElementById("trackingProtectionRadioGroup"); + } + + let savedMenuValue; + if (contentBlockingUiEnabled) { + // Only look at the backup pref when restoring the checkbox next to + // "All Detected Trackers". + if (["always", "private"].includes(btpmPref.value) && + tpCheckbox.checked) { + savedMenuValue = btpmPref.value; + } + } + + this._updateTrackingProtectionUI(); + + // Global enable takes precedence over enabled in Private Browsing. + if (enabledPref.value) { + tpControl.value = "always"; + if (tpCheckbox) { + tpCheckbox.checked = true; + } + } else if (pbmPref.value) { + tpControl.value = "private"; + if (tpCheckbox) { + tpCheckbox.checked = true; + } + } else if (!tpCheckbox) { + tpControl.value = "never"; + } else { + if (savedMenuValue) { + tpControl.value = savedMenuValue; + } + tpCheckbox.checked = false; + } + }, + + /** + * Selects the right items of the new Cookies & Site Data UI. + */ + networkCookieBehaviorReadPrefs() { + let behavior = Preferences.get("network.cookie.cookieBehavior").value; + let blockCookiesCtrl = document.getElementById("blockCookies"); + let blockCookiesLabel = document.getElementById("blockCookiesLabel"); + let blockCookiesMenu = document.getElementById("blockCookiesMenu"); + let keepUntilLabel = document.getElementById("keepUntil"); + let keepUntilMenu = document.getElementById("keepCookiesUntil"); + + let disabledByCB = contentBlockingUiEnabled ? !contentBlockingEnabled : false; + let blockCookies = (behavior != 0); + let cookieBehaviorLocked = Services.prefs.prefIsLocked("network.cookie.cookieBehavior"); + let blockCookiesControlsDisabled = !blockCookies || cookieBehaviorLocked || disabledByCB; + blockCookiesLabel.disabled = blockCookiesMenu.disabled = blockCookiesControlsDisabled; + + let completelyBlockCookies = (behavior == 2); + let privateBrowsing = Preferences.get("browser.privatebrowsing.autostart").value; + let cookieExpirationLocked = Services.prefs.prefIsLocked("network.cookie.lifetimePolicy"); + let keepUntilControlsDisabled = privateBrowsing || completelyBlockCookies || + cookieExpirationLocked || disabledByCB; + keepUntilLabel.disabled = keepUntilMenu.disabled = keepUntilControlsDisabled; + + switch (behavior) { + case Ci.nsICookieService.BEHAVIOR_ACCEPT: + blockCookiesCtrl.value = "allow"; + break; + case Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN: + blockCookiesCtrl.value = "disallow"; + blockCookiesMenu.value = "all-third-parties"; + break; + case Ci.nsICookieService.BEHAVIOR_REJECT: + blockCookiesCtrl.value = "disallow"; + blockCookiesMenu.value = "always"; + break; + case Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN: + blockCookiesCtrl.value = "disallow"; + blockCookiesMenu.value = "unvisited"; + break; + case Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER: + blockCookiesCtrl.value = "disallow"; + blockCookiesMenu.value = "trackers"; + break; + } + }, + + /** + * Sets the pref values based on the selected item of the radiogroup. + */ + trackingProtectionWritePrefs() { + let enabledPref = Preferences.get("privacy.trackingprotection.enabled"); + let pbmPref = Preferences.get("privacy.trackingprotection.pbmode.enabled"); + let btpmPref = Preferences.get("browser.privacy.trackingprotection.menu"); + let tpControl, + tpCheckbox; + if (contentBlockingUiEnabled) { + tpControl = document.getElementById("trackingProtectionMenu"); + tpCheckbox = document.getElementById("contentBlockingTrackingProtectionCheckbox"); + } else { + tpControl = document.getElementById("trackingProtectionRadioGroup"); + } + + let value; + if (tpCheckbox) { + if (tpCheckbox.checked) { + value = tpControl.value; + btpmPref.value = value; + } else { + value = "never"; + } + } else { + value = tpControl.value; + } + + switch (value) { + case "always": + enabledPref.value = true; + pbmPref.value = true; + break; + case "private": + enabledPref.value = false; + pbmPref.value = true; + break; + case "never": + enabledPref.value = false; + pbmPref.value = false; + break; + } + }, + + // HISTORY MODE + + /** + * The list of preferences which affect the initial history mode settings. + * If the auto start private browsing mode pref is active, the initial + * history mode would be set to "Don't remember anything". + * If ALL of these preferences are set to the values that correspond + * to keeping some part of history, and the auto-start + * private browsing mode is not active, the initial history mode would be + * set to "Remember everything". + * Otherwise, the initial history mode would be set to "Custom". + * + * Extensions adding their own preferences can set values here if needed. + */ + prefsForKeepingHistory: { + "places.history.enabled": true, // History is enabled + "browser.formfill.enable": true, // Form information is saved + "privacy.sanitize.sanitizeOnShutdown": false, // Private date is NOT cleared on shutdown + }, + + /** + * The list of control IDs which are dependent on the auto-start private + * browsing setting, such that in "Custom" mode they would be disabled if + * the auto-start private browsing checkbox is checked, and enabled otherwise. + * + * Extensions adding their own controls can append their IDs to this array if needed. + */ + dependentControls: [ + "rememberHistory", + "rememberForms", + "alwaysClear", + "clearDataSettings", + ], + + /** + * Check whether preferences values are set to keep history + * + * @param aPrefs an array of pref names to check for + * @returns boolean true if all of the prefs are set to keep history, + * false otherwise + */ + _checkHistoryValues(aPrefs) { + for (let pref of Object.keys(aPrefs)) { + if (Preferences.get(pref).value != aPrefs[pref]) + return false; + } + return true; + }, + + /** + * Initialize the history mode menulist based on the privacy preferences + */ + initializeHistoryMode() { + let mode; + let getVal = aPref => Preferences.get(aPref).value; + + if (getVal("privacy.history.custom")) + mode = "custom"; + else if (this._checkHistoryValues(this.prefsForKeepingHistory)) { + if (getVal("browser.privatebrowsing.autostart")) + mode = "dontremember"; + else + mode = "remember"; + } else + mode = "custom"; + + document.getElementById("historyMode").value = mode; + }, + + /** + * Update the selected pane based on the history mode menulist + */ + updateHistoryModePane() { + let selectedIndex = -1; + switch (document.getElementById("historyMode").value) { + case "remember": + selectedIndex = 0; + break; + case "dontremember": + selectedIndex = 1; + break; + case "custom": + selectedIndex = 2; + break; + } + document.getElementById("historyPane").selectedIndex = selectedIndex; + Preferences.get("privacy.history.custom").value = selectedIndex == 2; + }, + + /** + * Update the private browsing auto-start pref and the history mode + * micro-management prefs based on the history mode menulist + */ + updateHistoryModePrefs() { + let pref = Preferences.get("browser.privatebrowsing.autostart"); + switch (document.getElementById("historyMode").value) { + case "remember": + if (pref.value) + pref.value = false; + + // select the remember history option if needed + Preferences.get("places.history.enabled").value = true; + + // select the remember forms history option + Preferences.get("browser.formfill.enable").value = true; + + // select the clear on close option + Preferences.get("privacy.sanitize.sanitizeOnShutdown").value = false; + break; + case "dontremember": + if (!pref.value) + pref.value = true; + break; + } + }, + + /** + * Update the privacy micro-management controls based on the + * value of the private browsing auto-start preference. + */ + updatePrivacyMicroControls() { + // Set "Keep cookies until..." to "I close Nightly" and disable the setting + // when we're in auto private mode (or reset it back otherwise). + document.getElementById("keepCookiesUntil").value = this.readKeepCookiesUntil(); + + let clearDataSettings = document.getElementById("clearDataSettings"); + + if (document.getElementById("historyMode").value == "custom") { + let disabled = Preferences.get("browser.privatebrowsing.autostart").value; + this.dependentControls.forEach(function(aElement) { + let control = document.getElementById(aElement); + let preferenceId = control.getAttribute("preference"); + if (!preferenceId) { + let dependentControlId = control.getAttribute("control"); + if (dependentControlId) { + let dependentControl = document.getElementById(dependentControlId); + preferenceId = dependentControl.getAttribute("preference"); + } + } + + let preference = preferenceId ? Preferences.get(preferenceId) : {}; + control.disabled = disabled || preference.locked; + }); + + clearDataSettings.removeAttribute("hidden"); + + // adjust the checked state of the sanitizeOnShutdown checkbox + document.getElementById("alwaysClear").checked = disabled ? false : + Preferences.get("privacy.sanitize.sanitizeOnShutdown").value; + + // adjust the checked state of the remember history checkboxes + document.getElementById("rememberHistory").checked = disabled ? false : + Preferences.get("places.history.enabled").value; + document.getElementById("rememberForms").checked = disabled ? false : + Preferences.get("browser.formfill.enable").value; + + if (!disabled) { + // adjust the Settings button for sanitizeOnShutdown + this._updateSanitizeSettingsButton(); + } + } else { + clearDataSettings.setAttribute("hidden", "true"); + } + }, + + // CLEAR PRIVATE DATA + + /* + * Preferences: + * + * privacy.sanitize.sanitizeOnShutdown + * - true if the user's private data is cleared on startup according to the + * Clear Private Data settings, false otherwise + */ + + /** + * Displays the Clear Private Data settings dialog. + */ + showClearPrivateDataSettings() { + gSubDialog.open("chrome://browser/content/preferences/sanitize.xul", "resizable=no"); + }, + + + /** + * Displays a dialog from which individual parts of private data may be + * cleared. + */ + clearPrivateDataNow(aClearEverything) { + var ts = Preferences.get("privacy.sanitize.timeSpan"); + var timeSpanOrig = ts.value; + + if (aClearEverything) { + ts.value = 0; + } + + gSubDialog.open("chrome://browser/content/sanitize.xul", "resizable=no", null, () => { + // reset the timeSpan pref + if (aClearEverything) { + ts.value = timeSpanOrig; + } + + Services.obs.notifyObservers(null, "clear-private-data"); + }); + }, + + /** + * Enables or disables the "Settings..." button depending + * on the privacy.sanitize.sanitizeOnShutdown preference value + */ + _updateSanitizeSettingsButton() { + var settingsButton = document.getElementById("clearDataSettings"); + var sanitizeOnShutdownPref = Preferences.get("privacy.sanitize.sanitizeOnShutdown"); + + settingsButton.disabled = !sanitizeOnShutdownPref.value; + }, + + toggleDoNotDisturbNotifications(event) { + AlertsServiceDND.manualDoNotDisturb = event.target.checked; + }, + + // PRIVATE BROWSING + + /** + * Initialize the starting state for the auto-start private browsing mode pref reverter. + */ + initAutoStartPrivateBrowsingReverter() { + let mode = document.getElementById("historyMode"); + let autoStart = document.getElementById("privateBrowsingAutoStart"); + this._lastMode = mode.selectedIndex; + this._lastCheckState = autoStart.hasAttribute("checked"); + }, + + _lastMode: null, + _lastCheckState: null, + async updateAutostart() { + let mode = document.getElementById("historyMode"); + let autoStart = document.getElementById("privateBrowsingAutoStart"); + let pref = Preferences.get("browser.privatebrowsing.autostart"); + if ((mode.value == "custom" && this._lastCheckState == autoStart.checked) || + (mode.value == "remember" && !this._lastCheckState) || + (mode.value == "dontremember" && this._lastCheckState)) { + // These are all no-op changes, so we don't need to prompt. + this._lastMode = mode.selectedIndex; + this._lastCheckState = autoStart.hasAttribute("checked"); + return; + } + + if (!this._shouldPromptForRestart) { + // We're performing a revert. Just let it happen. + return; + } + + let buttonIndex = await confirmRestartPrompt(autoStart.checked, 1, + true, false); + if (buttonIndex == CONFIRM_RESTART_PROMPT_RESTART_NOW) { + pref.value = autoStart.hasAttribute("checked"); + Services.startup.quit(Ci.nsIAppStartup.eAttemptQuit | Ci.nsIAppStartup.eRestart); + return; + } + + this._shouldPromptForRestart = false; + + if (this._lastCheckState) { + autoStart.checked = "checked"; + } else { + autoStart.removeAttribute("checked"); + } + pref.value = autoStart.hasAttribute("checked"); + mode.selectedIndex = this._lastMode; + mode.doCommand(); + + this._shouldPromptForRestart = true; + }, + + /** + * Displays fine-grained, per-site preferences for tracking protection. + */ + showTrackingProtectionExceptions() { + let params = { + permissionType: "trackingprotection", + hideStatusColumn: true, + }; + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + null, params); + }, + + /** + * Displays the available block lists for tracking protection. + */ + showBlockLists() { + gSubDialog.open("chrome://browser/content/preferences/blocklists.xul", null); + }, + + // COOKIES AND SITE DATA + + /* + * Preferences: + * + * network.cookie.cookieBehavior + * - determines how the browser should handle cookies: + * 0 means enable all cookies + * 1 means reject all third party cookies + * 2 means disable all cookies + * 3 means reject third party cookies unless at least one is already set for the eTLD + * see netwerk/cookie/src/nsCookieService.cpp for details + * network.cookie.lifetimePolicy + * - determines how long cookies are stored: + * 0 means keep cookies until they expire + * 2 means keep cookies until the browser is closed + */ + + readKeepCookiesUntil() { + let privateBrowsing = Preferences.get("browser.privatebrowsing.autostart").value; + if (privateBrowsing) { + return Ci.nsICookieService.ACCEPT_SESSION; + } + + let lifetimePolicy = Preferences.get("network.cookie.lifetimePolicy").value; + if (lifetimePolicy == Ci.nsICookieService.ACCEPT_SESSION) { + return Ci.nsICookieService.ACCEPT_SESSION; + } + + // network.cookie.lifetimePolicy can be set to any value, but we just + // support ACCEPT_SESSION and ACCEPT_NORMALLY. Let's force ACCEPT_NORMALLY. + return Ci.nsICookieService.ACCEPT_NORMALLY; + }, + + /** + * Reads the network.cookie.cookieBehavior preference value and + * enables/disables the rest of the new cookie & site data UI accordingly. + * + * Returns "allow" if cookies are accepted and "disallow" if they are entirely + * disabled. + */ + readBlockCookies() { + // enable the rest of the UI for anything other than "accept all cookies" + let pref = Preferences.get("network.cookie.cookieBehavior"); + let blockCookies = (pref.value != 0); + + // Our top-level setting is a radiogroup that only sets "enable all" + // and "disable all", so convert the pref value accordingly. + return blockCookies ? "disallow" : "allow"; + }, + + /** + * Updates the "accept third party cookies" menu based on whether the + * "accept cookies" or "block cookies" radio buttons are selected. + */ + writeBlockCookies() { + let block = document.getElementById("blockCookies"); + let blockCookiesMenu = document.getElementById("blockCookiesMenu"); + + // if we're disabling cookies, automatically select 'third-party trackers' + if (block.value == "disallow") { + blockCookiesMenu.selectedIndex = 0; + return this.writeBlockCookiesFrom(); + } + + return Ci.nsICookieService.BEHAVIOR_ACCEPT; + }, + + enableThirdPartyCookiesUI() { + document.getElementById("blockCookiesCBDeck").selectedIndex = 0; + document.getElementById("contentBlockingChangeCookieSettings").hidden = true; + + let dependentControls = [ + ".reject-trackers-ui .content-blocking-checkbox", + "#blockCookiesCB, #blockCookiesCB > radio", + "#blockCookiesCBDeck", + ]; + + this._toggleControls(dependentControls, contentBlockingEnabled); + }, + + disableThirdPartyCookiesUI(reason) { + let deckIndex = 0; + switch (reason) { + case "always": + deckIndex = 1; + break; + case "unvisited": + deckIndex = 2; + break; + } + document.getElementById("blockCookiesCBDeck").selectedIndex = deckIndex; + document.getElementById("contentBlockingChangeCookieSettings").hidden = false; + + let dependentControls = [ + ".reject-trackers-ui .content-blocking-checkbox", + "#blockCookiesCB, #blockCookiesCB > radio", + "#blockCookiesCBDeck", + ]; + + this._toggleControls(dependentControls, false); + }, + + /** + * Converts between network.cookie.cookieBehavior and the new content blocking UI + */ + readBlockCookiesCB() { + let pref = Preferences.get("network.cookie.cookieBehavior"); + switch (pref.value) { + case Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN: + return "all-third-parties"; + case Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER: + return "trackers"; + default: + return undefined; + } + }, + + writeBlockCookiesCB() { + let block = document.getElementById("blockCookiesCB").selectedItem; + switch (block.value) { + case "trackers": + return Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER; + case "all-third-parties": + return Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN; + default: + return undefined; + } + }, + + writeBlockCookiesCheckbox() { + let pref = Preferences.get("network.cookie.cookieBehavior"); + let bcCheckbox = document.getElementById("contentBlockingBlockCookiesCheckbox"); + let bcControl = document.getElementById("blockCookiesCB"); + + let value; + if (bcCheckbox.checked) { + value = bcControl.selectedItem.value; + } else { + value = "none"; + } + + switch (value) { + case "trackers": + case "all-third-parties": + bcControl.disabled = false; + pref.value = this.writeBlockCookiesCB(); + break; + default: + bcControl.disabled = true; + pref.value = Ci.nsICookieService.BEHAVIOR_ACCEPT; + break; + } + }, + + readBlockCookiesCheckbox() { + let pref = Preferences.get("network.cookie.cookieBehavior"); + let bcCheckbox = document.getElementById("contentBlockingBlockCookiesCheckbox"); + let bcControl = document.getElementById("blockCookiesCB"); + + switch (pref.value) { + case Ci.nsICookieService.BEHAVIOR_ACCEPT: + this.enableThirdPartyCookiesUI(); + bcCheckbox.checked = false; + bcControl.disabled = true; + break; + case Ci.nsICookieService.BEHAVIOR_REJECT: + this.disableThirdPartyCookiesUI("always"); + break; + case Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN: + this.disableThirdPartyCookiesUI("unvisited"); + break; + case Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN: + this.enableThirdPartyCookiesUI(); + bcCheckbox.checked = true; + bcControl.disabled = !contentBlockingEnabled; + break; + case Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER: + this.enableThirdPartyCookiesUI(); + bcCheckbox.checked = true; + bcControl.disabled = !contentBlockingEnabled; + break; + default: + break; + } + }, + + /** + * Converts between network.cookie.cookieBehavior and the new third-party cookies UI + */ + readBlockCookiesFrom() { + let pref = Preferences.get("network.cookie.cookieBehavior"); + switch (pref.value) { + case Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN: + return "all-third-parties"; + case Ci.nsICookieService.BEHAVIOR_REJECT: + return "always"; + case Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN: + return "unvisited"; + case Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER: + return "trackers"; + default: + return undefined; + } + }, + + writeBlockCookiesFrom() { + let block = document.getElementById("blockCookiesMenu").selectedItem; + switch (block.value) { + case "trackers": + return Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER; + case "unvisited": + return Ci.nsICookieService.BEHAVIOR_LIMIT_FOREIGN; + case "always": + return Ci.nsICookieService.BEHAVIOR_REJECT; + case "all-third-parties": + return Ci.nsICookieService.BEHAVIOR_REJECT_FOREIGN; + default: + return undefined; + } + }, + + /** + * Displays fine-grained, per-site preferences for cookies. + */ + showCookieExceptions() { + var params = { + blockVisible: true, + sessionVisible: true, + allowVisible: true, + prefilledHost: "", + permissionType: "cookie", + }; + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + null, params); + }, + + showSiteDataSettings() { + gSubDialog.open("chrome://browser/content/preferences/siteDataSettings.xul"); + }, + + toggleSiteData(shouldShow) { + let clearButton = document.getElementById("clearSiteDataButton"); + let settingsButton = document.getElementById("siteDataSettings"); + clearButton.disabled = !shouldShow; + settingsButton.disabled = !shouldShow; + }, + + showSiteDataLoading() { + let totalSiteDataSizeLabel = document.getElementById("totalSiteDataSize"); + document.l10n.setAttributes(totalSiteDataSizeLabel, "sitedata-total-size-calculating"); + }, + + updateTotalDataSizeLabel(siteDataUsage) { + SiteDataManager.getCacheSize().then(function(cacheUsage) { + let totalSiteDataSizeLabel = document.getElementById("totalSiteDataSize"); + let totalUsage = siteDataUsage + cacheUsage; + let [value, unit] = DownloadUtils.convertByteUnits(totalUsage); + document.l10n.setAttributes(totalSiteDataSizeLabel, "sitedata-total-size", { + value, + unit, + }); + }); + }, + + clearSiteData() { + gSubDialog.open("chrome://browser/content/preferences/clearSiteData.xul"); + }, + + // GEOLOCATION + + /** + * Displays the location exceptions dialog where specific site location + * preferences can be set. + */ + showLocationExceptions() { + let params = { permissionType: "geo" }; + + gSubDialog.open("chrome://browser/content/preferences/sitePermissions.xul", + "resizable=yes", params); + }, + + // CAMERA + + /** + * Displays the camera exceptions dialog where specific site camera + * preferences can be set. + */ + showCameraExceptions() { + let params = { permissionType: "camera" }; + + gSubDialog.open("chrome://browser/content/preferences/sitePermissions.xul", + "resizable=yes", params); + }, + + // MICROPHONE + + /** + * Displays the microphone exceptions dialog where specific site microphone + * preferences can be set. + */ + showMicrophoneExceptions() { + let params = { permissionType: "microphone" }; + + gSubDialog.open("chrome://browser/content/preferences/sitePermissions.xul", + "resizable=yes", params); + }, + + // NOTIFICATIONS + + /** + * Displays the notifications exceptions dialog where specific site notification + * preferences can be set. + */ + showNotificationExceptions() { + let params = { permissionType: "desktop-notification" }; + + gSubDialog.open("chrome://browser/content/preferences/sitePermissions.xul", + "resizable=yes", params); + + try { + Services.telemetry + .getHistogramById("WEB_NOTIFICATION_EXCEPTIONS_OPENED").add(); + } catch (e) { } + }, + + + // MEDIA + + initAutoplay() { + let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + + "block-autoplay"; + document.getElementById("autoplayLearnMoreLink").setAttribute("href", url); + }, + + /** + * The checkbox enabled sets the pref to BLOCKED + */ + toggleAutoplayMedia(event) { + let blocked = event.target.checked ? Ci.nsIAutoplay.BLOCKED : Ci.nsIAutoplay.ALLOWED; + Services.prefs.setIntPref("media.autoplay.default", blocked); + }, + + /** + * If user-gestures-needed is false we do not show any UI for configuring autoplay, + * if user-gestures-needed is false and ask-permission is false we show a checkbox + * which only allows the user to block autoplay + * if user-gestures-needed and ask-permission are true we show a combobox that + * allows the user to block / allow or prompt for autoplay + * We will be performing a shield study to determine the behaviour to be + * shipped, at which point we can remove these pref switches. + * https://bugzilla.mozilla.org/show_bug.cgi?id=1475099 + */ + updateAutoplayMediaControlsVisibility() { + let askPermission = + Services.prefs.getBoolPref("media.autoplay.ask-permission", false); + let userGestures = + Services.prefs.getBoolPref("media.autoplay.enabled.user-gestures-needed", false); + // Hide the combobox if we don't let the user ask for permission. + document.getElementById("autoplayMediaComboboxWrapper").hidden = + !userGestures || !askPermission; + // If the user may ask for permission, hide the checkbox instead. + document.getElementById("autoplayMediaCheckboxWrapper").hidden = + !userGestures || askPermission; + }, + + /** + * Displays the autoplay exceptions dialog where specific site autoplay preferences + * can be set. + */ + showAutoplayMediaExceptions() { + var params = { + blockVisible: true, sessionVisible: false, allowVisible: true, + prefilledHost: "", permissionType: "autoplay-media", + }; + + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + "resizable=yes", params); + }, + + // POP-UPS + + /** + * Displays the popup exceptions dialog where specific site popup preferences + * can be set. + */ + showPopupExceptions() { + var params = { + blockVisible: false, sessionVisible: false, allowVisible: true, + prefilledHost: "", permissionType: "popup", + }; + + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + "resizable=yes", params); + }, + + // UTILITY FUNCTIONS + + /** + * Utility function to enable/disable the button specified by aButtonID based + * on the value of the Boolean preference specified by aPreferenceID. + */ + updateButtons(aButtonID, aPreferenceID) { + var button = document.getElementById(aButtonID); + var preference = Preferences.get(aPreferenceID); + button.disabled = !preference.value; + return undefined; + }, + + // BEGIN UI CODE + + /* + * Preferences: + * + * dom.disable_open_during_load + * - true if popups are blocked by default, false otherwise + */ + + // POP-UPS + + /** + * Displays a dialog in which the user can view and modify the list of sites + * where passwords are never saved. + */ + showPasswordExceptions() { + var params = { + blockVisible: true, + sessionVisible: false, + allowVisible: false, + hideStatusColumn: true, + prefilledHost: "", + permissionType: "login-saving", + }; + + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + null, params); + }, + + /** + * Initializes master password UI: the "use master password" checkbox, selects + * the master password button to show, and enables/disables it as necessary. + * The master password is controlled by various bits of NSS functionality, so + * the UI for it can't be controlled by the normal preference bindings. + */ + _initMasterPasswordUI() { + var noMP = !LoginHelper.isMasterPasswordSet(); + + var button = document.getElementById("changeMasterPassword"); + button.disabled = noMP; + + var checkbox = document.getElementById("useMasterPassword"); + checkbox.checked = !noMP; + checkbox.disabled = noMP && !Services.policies.isAllowed("createMasterPassword"); + }, + + /** + * Enables/disables the master password button depending on the state of the + * "use master password" checkbox, and prompts for master password removal if + * one is set. + */ + updateMasterPasswordButton() { + var checkbox = document.getElementById("useMasterPassword"); + var button = document.getElementById("changeMasterPassword"); + button.disabled = !checkbox.checked; + + // unchecking the checkbox should try to immediately remove the master + // password, because it's impossible to non-destructively remove the master + // password used to encrypt all the passwords without providing it (by + // design), and it would be extremely odd to pop up that dialog when the + // user closes the prefwindow and saves his settings + if (!checkbox.checked) + this._removeMasterPassword(); + else + this.changeMasterPassword(); + + this._initMasterPasswordUI(); + }, + + /** + * Displays the "remove master password" dialog to allow the user to remove + * the current master password. When the dialog is dismissed, master password + * UI is automatically updated. + */ + _removeMasterPassword() { + var secmodDB = Cc["@mozilla.org/security/pkcs11moduledb;1"]. + getService(Ci.nsIPKCS11ModuleDB); + if (secmodDB.isFIPSEnabled) { + var bundle = document.getElementById("bundlePreferences"); + Services.prompt.alert(window, + bundle.getString("pw_change_failed_title"), + bundle.getString("pw_change2empty_in_fips_mode")); + this._initMasterPasswordUI(); + } else { + gSubDialog.open("chrome://mozapps/content/preferences/removemp.xul", + null, null, this._initMasterPasswordUI.bind(this)); + } + }, + + /** + * Displays a dialog in which the master password may be changed. + */ + changeMasterPassword() { + gSubDialog.open("chrome://mozapps/content/preferences/changemp.xul", + "resizable=no", null, this._initMasterPasswordUI.bind(this)); + }, + + /** + * Shows the sites where the user has saved passwords and the associated login + * information. + */ + showPasswords() { + gSubDialog.open("chrome://passwordmgr/content/passwordManager.xul"); + }, + + /** + * Enables/disables the Exceptions button used to configure sites where + * passwords are never saved. When browser is set to start in Private + * Browsing mode, the "Remember passwords" UI is useless, so we disable it. + */ + readSavePasswords() { + var pref = Preferences.get("signon.rememberSignons"); + var excepts = document.getElementById("passwordExceptions"); + + if (PrivateBrowsingUtils.permanentPrivateBrowsing) { + document.getElementById("savePasswords").disabled = true; + excepts.disabled = true; + return false; + } + excepts.disabled = !pref.value; + // don't override pref value in UI + return undefined; + }, + + /** + * Enables/disables the add-ons Exceptions button depending on whether + * or not add-on installation warnings are displayed. + */ + readWarnAddonInstall() { + var warn = Preferences.get("xpinstall.whitelist.required"); + var exceptions = document.getElementById("addonExceptions"); + + exceptions.disabled = !warn.value; + + // don't override the preference value + return undefined; + }, + + _initSafeBrowsing() { + let enableSafeBrowsing = document.getElementById("enableSafeBrowsing"); + let blockDownloads = document.getElementById("blockDownloads"); + let blockUncommonUnwanted = document.getElementById("blockUncommonUnwanted"); + + let safeBrowsingPhishingPref = Preferences.get("browser.safebrowsing.phishing.enabled"); + let safeBrowsingMalwarePref = Preferences.get("browser.safebrowsing.malware.enabled"); + + let blockDownloadsPref = Preferences.get("browser.safebrowsing.downloads.enabled"); + let malwareTable = Preferences.get("urlclassifier.malwareTable"); + + let blockUnwantedPref = Preferences.get("browser.safebrowsing.downloads.remote.block_potentially_unwanted"); + let blockUncommonPref = Preferences.get("browser.safebrowsing.downloads.remote.block_uncommon"); + + let learnMoreLink = document.getElementById("enableSafeBrowsingLearnMore"); + let phishingUrl = Services.urlFormatter.formatURLPref("app.support.baseURL") + "phishing-malware"; + learnMoreLink.setAttribute("href", phishingUrl); + + enableSafeBrowsing.addEventListener("command", function() { + safeBrowsingPhishingPref.value = enableSafeBrowsing.checked; + safeBrowsingMalwarePref.value = enableSafeBrowsing.checked; + + if (enableSafeBrowsing.checked) { + if (blockDownloads) { + blockDownloads.removeAttribute("disabled"); + if (blockDownloads.checked) { + blockUncommonUnwanted.removeAttribute("disabled"); + } + } else { + blockUncommonUnwanted.removeAttribute("disabled"); + } + } else { + if (blockDownloads) { + blockDownloads.setAttribute("disabled", "true"); + } + blockUncommonUnwanted.setAttribute("disabled", "true"); + } + }); + + if (blockDownloads) { + blockDownloads.addEventListener("command", function() { + blockDownloadsPref.value = blockDownloads.checked; + if (blockDownloads.checked) { + blockUncommonUnwanted.removeAttribute("disabled"); + } else { + blockUncommonUnwanted.setAttribute("disabled", "true"); + } + }); + } + + blockUncommonUnwanted.addEventListener("command", function() { + blockUnwantedPref.value = blockUncommonUnwanted.checked; + blockUncommonPref.value = blockUncommonUnwanted.checked; + + let malware = malwareTable.value + .split(",") + .filter(x => x !== "goog-unwanted-proto" && + x !== "goog-unwanted-shavar" && + x !== "test-unwanted-simple"); + + if (blockUncommonUnwanted.checked) { + if (malware.includes("goog-malware-shavar")) { + malware.push("goog-unwanted-shavar"); + } else { + malware.push("goog-unwanted-proto"); + } + + malware.push("test-unwanted-simple"); + } + + // sort alphabetically to keep the pref consistent + malware.sort(); + + malwareTable.value = malware.join(","); + + // Force an update after changing the malware table. + let listmanager = Cc["@mozilla.org/url-classifier/listmanager;1"] + .getService(Ci.nsIUrlListManager); + if (listmanager) { + listmanager.forceUpdates(malwareTable.value); + } + }); + + // set initial values + + // Librefox + if (Services.prefs.prefIsLocked("browser.safebrowsing.downloads.enabled")) { + enableSafeBrowsing.setAttribute("disabled", "true"); + } + + enableSafeBrowsing.checked = safeBrowsingPhishingPref.value && safeBrowsingMalwarePref.value; + if (!enableSafeBrowsing.checked) { + if (blockDownloads) { + blockDownloads.setAttribute("disabled", "true"); + } + + blockUncommonUnwanted.setAttribute("disabled", "true"); + } + + if (blockDownloads) { + blockDownloads.checked = blockDownloadsPref.value; + if (!blockDownloadsPref.value) { + blockUncommonUnwanted.setAttribute("disabled", "true"); + } + } + + blockUncommonUnwanted.checked = blockUnwantedPref.value && blockUncommonPref.value; + }, + + /** + * Displays the exceptions lists for add-on installation warnings. + */ + showAddonExceptions() { + var params = this._addonParams; + + gSubDialog.open("chrome://browser/content/preferences/permissions.xul", + null, params); + }, + + /** + * Parameters for the add-on install permissions dialog. + */ + _addonParams: + { + blockVisible: false, + sessionVisible: false, + allowVisible: true, + prefilledHost: "", + permissionType: "install", + }, + + /** + * readEnableOCSP is used by the preferences UI to determine whether or not + * the checkbox for OCSP fetching should be checked (it returns true if it + * should be checked and false otherwise). The about:config preference + * "security.OCSP.enabled" is an integer rather than a boolean, so it can't be + * directly mapped from {true,false} to {checked,unchecked}. The possible + * values for "security.OCSP.enabled" are: + * 0: fetching is disabled + * 1: fetch for all certificates + * 2: fetch only for EV certificates + * Hence, if "security.OCSP.enabled" is non-zero, the checkbox should be + * checked. Otherwise, it should be unchecked. + */ + readEnableOCSP() { + var preference = Preferences.get("security.OCSP.enabled"); + // This is the case if the preference is the default value. + if (preference.value === undefined) { + return true; + } + return preference.value != 0; + }, + + /** + * writeEnableOCSP is used by the preferences UI to map the checked/unchecked + * state of the OCSP fetching checkbox to the value that the preference + * "security.OCSP.enabled" should be set to (it returns that value). See the + * readEnableOCSP documentation for more background. We unfortunately don't + * have enough information to map from {true,false} to all possible values for + * "security.OCSP.enabled", but a reasonable alternative is to map from + * {true,false} to {<the default value>,0}. That is, if the box is checked, + * "security.OCSP.enabled" will be set to whatever default it should be, given + * the platform and channel. If the box is unchecked, the preference will be + * set to 0. Obviously this won't work if the default is 0, so we will have to + * revisit this if we ever set it to 0. + */ + writeEnableOCSP() { + var checkbox = document.getElementById("enableOCSP"); + var defaults = Services.prefs.getDefaultBranch(null); + var defaultValue = defaults.getIntPref("security.OCSP.enabled"); + return checkbox.checked ? defaultValue : 0; + }, + + /** + * Displays the user's certificates and associated options. + */ + showCertificates() { + gSubDialog.open("chrome://pippki/content/certManager.xul"); + }, + + /** + * Displays a dialog from which the user can manage his security devices. + */ + showSecurityDevices() { + gSubDialog.open("chrome://pippki/content/device_manager.xul"); + }, + + initDataCollection() { + this._setupLearnMoreLink("toolkit.datacollection.infoURL", + "dataCollectionPrivacyNotice"); + }, + + initCollectBrowserErrors() { + this._setupLearnMoreLink("browser.chrome.errorReporter.infoURL", + "collectBrowserErrorsLearnMore"); + }, + + initSubmitCrashes() { + this._setupLearnMoreLink("toolkit.crashreporter.infoURL", + "crashReporterLearnMore"); + }, + + /** + * Set up or hide the Learn More links for various data collection options + */ + _setupLearnMoreLink(pref, element) { + // set up the Learn More link with the correct URL + let url = Services.urlFormatter.formatURLPref(pref); + let el = document.getElementById(element); + + if (url) { + el.setAttribute("href", url); + } else { + el.setAttribute("hidden", "true"); + } + }, + + /** + * Initialize the health report service reference and checkbox. + */ + initSubmitHealthReport() { + this._setupLearnMoreLink("datareporting.healthreport.infoURL", "FHRLearnMore"); + + let checkbox = document.getElementById("submitHealthReportBox"); + + // Telemetry is only sending data if MOZ_TELEMETRY_REPORTING is defined. + // We still want to display the preferences panel if that's not the case, but + // we want it to be disabled and unchecked. + if (Services.prefs.prefIsLocked(PREF_UPLOAD_ENABLED) || + !AppConstants.MOZ_TELEMETRY_REPORTING) { + checkbox.setAttribute("disabled", "true"); + return; + } + + checkbox.checked = Services.prefs.getBoolPref(PREF_UPLOAD_ENABLED) && + AppConstants.MOZ_TELEMETRY_REPORTING; + }, + + /** + * Update the health report preference with state from checkbox. + */ + updateSubmitHealthReport() { + let checkbox = document.getElementById("submitHealthReportBox"); + Services.prefs.setBoolPref(PREF_UPLOAD_ENABLED, checkbox.checked); + }, + + + /** + * Initialize the opt-out-study preference checkbox into about:preferences and + * handles events coming from the UI for it. + */ + initOptOutStudyCheckbox(doc) { + const allowedByPolicy = Services.policies.isAllowed("Shield"); + const checkbox = document.getElementById("optOutStudiesEnabled"); + + function updateStudyCheckboxState() { + // The checkbox should be disabled if any of the below are true. This + // prevents the user from changing the value in the box. + // + // * the policy forbids shield + // * the Shield Study preference is locked + // * the FHR pref is false + // + // The checkbox should match the value of the preference only if all of + // these are true. Otherwise, the checkbox should remain unchecked. This + // is because in these situations, Shield studies are always disabled, and + // so showing a checkbox would be confusing. + // + // * the policy allows Shield + // * the FHR pref is true + // * Normandy is enabled + + const checkboxMatchesPref = ( + allowedByPolicy && + Services.prefs.getBoolPref(PREF_UPLOAD_ENABLED, false) && + Services.prefs.getBoolPref(PREF_NORMANDY_ENABLED, false) + ); + + if (checkboxMatchesPref) { + if (Services.prefs.getBoolPref(PREF_OPT_OUT_STUDIES_ENABLED, false)) { + checkbox.setAttribute("checked", "checked"); + } else { + checkbox.removeAttribute("checked"); + } + checkbox.setAttribute("preference", PREF_OPT_OUT_STUDIES_ENABLED); + } else { + checkbox.removeAttribute("preference"); + checkbox.removeAttribute("checked"); + } + + const isDisabled = ( + !allowedByPolicy || + Services.prefs.prefIsLocked(PREF_OPT_OUT_STUDIES_ENABLED) || + !Services.prefs.getBoolPref(PREF_UPLOAD_ENABLED, false) + ); + + // We can't use checkbox.disabled here because the XBL binding may not be present, + // in which case setting the property won't work properly. + if (isDisabled) { + checkbox.setAttribute("disabled", "true"); + } else { + checkbox.removeAttribute("disabled"); + } + } + Preferences.get(PREF_UPLOAD_ENABLED).on("change", updateStudyCheckboxState); + updateStudyCheckboxState(); + }, + + observe(aSubject, aTopic, aData) { + switch (aTopic) { + case "sitedatamanager:updating-sites": + // While updating, we want to disable this section and display loading message until updated + this.toggleSiteData(false); + this.showSiteDataLoading(); + break; + + case "sitedatamanager:sites-updated": + this.toggleSiteData(true); + SiteDataManager.getTotalUsage() + .then(this.updateTotalDataSizeLabel.bind(this)); + break; + } + }, + + // Accessibility checkbox helpers + _initA11yState() { + this._initA11yString(); + let checkbox = document.getElementById("a11yPrivacyCheckbox"); + switch (Services.prefs.getIntPref("accessibility.force_disabled")) { + case 1: // access blocked + checkbox.checked = true; + break; + case -1: // a11y is forced on for testing + case 0: // access allowed + checkbox.checked = false; + break; + } + }, + + _initA11yString() { + let a11yLearnMoreLink = + Services.urlFormatter.formatURLPref("accessibility.support.url"); + document.getElementById("a11yLearnMoreLink") + .setAttribute("href", a11yLearnMoreLink); + }, + + async updateA11yPrefs(checked) { + let buttonIndex = await confirmRestartPrompt(checked, 0, true, false); + if (buttonIndex == CONFIRM_RESTART_PROMPT_RESTART_NOW) { + Services.prefs.setIntPref("accessibility.force_disabled", checked ? 1 : 0); + Services.telemetry.scalarSet("preferences.prevent_accessibility_services", true); + Services.startup.quit(Ci.nsIAppStartup.eAttemptQuit | Ci.nsIAppStartup.eRestart); + } + + // Revert the checkbox in case we didn't quit + document.getElementById("a11yPrivacyCheckbox").checked = !checked; + }, +}; diff --git a/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js.patch b/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js.patch new file mode 100644 index 0000000..58b8b16 --- /dev/null +++ b/archive/omni-patching/browser/omni.ja/chrome/browser/content/browser/preferences/in-content/privacy.js.patch @@ -0,0 +1,14 @@ +--- privacy.js 2010-01-01 00:00:00.000000000 +0100 ++++ privacy.patched.js 2018-12-11 17:08:48.076552654 +0100 +@@ -1746,6 +1746,11 @@ + }); + + // set initial values ++ ++ // Librefox ++ if (Services.prefs.prefIsLocked("browser.safebrowsing.downloads.enabled")) { ++ enableSafeBrowsing.setAttribute("disabled", "true"); ++ } + + enableSafeBrowsing.checked = safeBrowsingPhishingPref.value && safeBrowsingMalwarePref.value; + if (!enableSafeBrowsing.checked) { diff --git a/archive/packaging/mac/background.esr.png b/archive/packaging/mac/background.esr.png Binary files differnew file mode 100644 index 0000000..8e55c88 --- /dev/null +++ b/archive/packaging/mac/background.esr.png diff --git a/archive/packaging/mac/background.png b/archive/packaging/mac/background.png Binary files differnew file mode 100644 index 0000000..5a61b32 --- /dev/null +++ b/archive/packaging/mac/background.png diff --git a/archive/packaging/mac/background.privafox.png b/archive/packaging/mac/background.privafox.png Binary files differnew file mode 100644 index 0000000..3ab47f1 --- /dev/null +++ b/archive/packaging/mac/background.privafox.png diff --git a/archive/packaging/mac/background.tiff b/archive/packaging/mac/background.tiff Binary files differnew file mode 100644 index 0000000..ca73f41 --- /dev/null +++ b/archive/packaging/mac/background.tiff diff --git a/archive/packaging/package_macos.sh b/archive/packaging/package_macos.sh new file mode 100755 index 0000000..e4b2be9 --- /dev/null +++ b/archive/packaging/package_macos.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +# Usage: ./package_macos.sh /path/to/Firefox.dmg [--install] +# If `--install` is passed, will copy Librefox.app into /Applications. +# Otherwise, Librefox.dmg will be created next to Firefox.dmg + +repo=$(git rev-parse --show-toplevel) + +vol=$(hdiutil attach "$1" -shadow | tail -n 1 | cut -f 3) +app="$(basename "$vol").app" + +cp "$repo/packaging/mac/background.png" "$vol/.background/" + +cd "$vol" +codesign --remove-signature "$app" + +cd "$app/Contents" +rm -rf _CodeSignature Library/LaunchServices/org.mozilla.updater + +cd MacOS +rm -rf plugin-container.app/Contents/_CodeSignature \ + crashreporter.app \ + updater.app + +cd ../Resources +rm -rf update-settings.ini updater.ini +cp -R "$repo/librefox/." . + +cd browser/features +rm -rf aushelper@mozilla.org.xpi \ + firefox@getpocket.com.xpi \ + onboarding@mozilla.org.xpi + +if [ "$2" == "--install" ]; then + cd "$vol" + cp -R "$app" /Applications/Librefox.app +fi + +cd "$repo" +hdiutil detach "$vol" + +if [ "$2" != "--install" ]; then + out_dir=$(dirname "$1") + rm -f "$out_dir/Librefox.dmg" + hdiutil convert -format UDZO -o "$out_dir/Librefox.dmg" "$1" -shadow +fi diff --git a/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/librefox.http.watcher.tor@intika.be.xpi b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/librefox.http.watcher.tor@intika.be.xpi Binary files differnew file mode 100644 index 0000000..f060906 --- /dev/null +++ b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/librefox.http.watcher.tor@intika.be.xpi diff --git a/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/{efd1ce61-97d1-4b4f-a378-67d0d41d858d}.xpi b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/{efd1ce61-97d1-4b4f-a378-67d0d41d858d}.xpi Binary files differnew file mode 100644 index 0000000..d15080c --- /dev/null +++ b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/extensions/{efd1ce61-97d1-4b4f-a378-67d0d41d858d}.xpi diff --git a/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/user.js b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/user.js new file mode 100644 index 0000000..1a2dd5d --- /dev/null +++ b/archive/packaging/tor/TorBrowser/Data/Browser/profile.default/user.js @@ -0,0 +1,10 @@ +// Librefox + +// Librefox Compatibility Fix +user_pref("extensions.autoDisableScopes", 0); + +// Removing https-everywhere adding 2 librefox addons +user_pref("extensions.enabledAddons", "librefox.http.watcher.tor%40intika.be:2.8,%7Befd1ce61-97d1-4b4f-a378-67d0d41d858d%7D:1.2,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,tor-launcher%40torproject.org:0.1.1pre-alpha,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5"); + +// Icons arrangement +user_pref("browser.uiCustomization.state", '{"placements":{"widget-overflow-fixed-list":[],"nav-bar":["back-button","forward-button","stop-reload-button","urlbar-container","downloads-button","_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action","_efd1ce61-97d1-4b4f-a378-67d0d41d858d_-browser-action","torbutton-button"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["personal-bookmarks"],"PanelUI-contents":["home-button","edit-controls","zoom-controls","new-window-button","save-page-button","print-button","bookmarks-menu-button","history-panelmenu","find-button","preferences-button","add-ons-button","developer-button","https-everywhere-button"],"addon-bar":["addonbar-closebutton","status-bar"]},"seen":["developer-button","_73a6fe31-595d-460b-a920-fcc0f8843232_-browser-action"],"dirtyAreaCache":["PersonalToolbar","nav-bar","TabsToolbar","toolbar-menubar"],"currentVersion":14,"newElementCount":3}'); diff --git a/archive/packaging/tor/Windows/Librefox-Tor-Create-Link-Here.bat b/archive/packaging/tor/Windows/Librefox-Tor-Create-Link-Here.bat new file mode 100644 index 0000000..ac197a5 --- /dev/null +++ b/archive/packaging/tor/Windows/Librefox-Tor-Create-Link-Here.bat @@ -0,0 +1,3 @@ +@echo off +REM wscript Browser\link.vbs %USERPROFILE%\Desktop\Librefox-Tor.lnk Browser\firefox.exe +wscript Browser\link.vbs Librefox-Tor.lnk Browser\firefox.exe diff --git a/archive/packaging/tor/Windows/link.vbs b/archive/packaging/tor/Windows/link.vbs new file mode 100644 index 0000000..2a65461 --- /dev/null +++ b/archive/packaging/tor/Windows/link.vbs @@ -0,0 +1,9 @@ +set fs = CreateObject("Scripting.FileSystemObject") +set ws = WScript.CreateObject("WScript.Shell") +set arg = Wscript.Arguments + +linkFile = arg(0) + +set link = ws.CreateShortcut(linkFile) + link.TargetPath = fs.BuildPath(ws.CurrentDirectory, arg(1)) + link.Save diff --git a/branding/README.md b/branding/README.md new file mode 100644 index 0000000..0945ec4 --- /dev/null +++ b/branding/README.md @@ -0,0 +1,4 @@ +## Branding + +This folder contains all related icons, artwork, images and media related to LibreWolf. +If editing these files, avoid changing the names as scripts in the "browser" folder uses these to generate the browser branding diff --git a/branding/icon/icon.svg b/branding/icon/icon.svg new file mode 100644 index 0000000..2c6262a --- /dev/null +++ b/branding/icon/icon.svg @@ -0,0 +1,90 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="67.733337mm" + height="67.733337mm" + viewBox="0 0 67.733337 67.733337" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="LibreWolf.svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="0.9899495" + inkscape:cx="-15.106575" + inkscape:cy="110.91343" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" /> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title /> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-42.106554,-153.8982)"> + <circle + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:0.53545821;stroke-miterlimit:4;stroke-dasharray:none" + id="path875" + cx="75.973221" + cy="187.76486" + r="33.866669" /> + <path + style="fill:#ffffff;stroke-width:0.13229167" + d="m 72.543594,214.67719 c -4.744093,-0.60875 -9.281981,-2.49991 -13.241953,-5.51858 -1.29157,-0.98455 -3.714943,-3.42363 -4.772834,-4.80375 -2.96241,-3.86476 -4.804479,-8.2508 -5.41218,-12.88661 -0.260164,-1.98464 -0.258719,-5.63349 0.0029,-7.44738 1.308078,-9.0677 7.01463,-16.8454 15.20915,-20.72918 3.811512,-1.80647 7.300266,-2.57114 11.730683,-2.57114 7.165903,0 13.5265,2.56749 18.680882,7.54063 2.483054,2.39575 4.148141,4.66808 5.573968,7.60677 1.92868,3.9751 2.70979,7.43276 2.70979,11.99526 0,6.00619 -1.7345,11.24407 -5.336957,16.11672 -1.070527,1.44797 -3.161747,3.64749 -4.549468,4.78507 -3.806562,3.12041 -8.658642,5.23183 -13.473174,5.86296 -1.663528,0.21807 -5.593318,0.24524 -7.120854,0.0492 z m 10.041381,-4.86547 c 2.898391,-0.91366 5.260364,-2.14146 7.540624,-3.91979 1.212494,-0.9456 3.308223,-3.06144 4.186916,-4.22711 2.38328,-3.16162 4.004927,-7.12196 4.482067,-10.94597 0.229814,-1.84182 0.09634,-5.73827 -0.2545,-7.4296 -0.9294,-4.48046 -2.931647,-8.26499 -6.086007,-11.50342 -1.966575,-2.01898 -3.756882,-3.34972 -6.060203,-4.50458 -3.495001,-1.75236 -6.489835,-2.46043 -10.423481,-2.46442 -4.164073,-0.004 -7.815325,0.95024 -11.429055,2.98766 -3.289753,1.85476 -6.690628,5.25952 -8.553227,8.563 -1.371786,2.43299 -2.37583,5.32029 -2.767595,7.95869 -0.256867,1.72991 -0.261933,5.16508 -0.01006,6.82145 0.504067,3.31489 1.761474,6.59111 3.584314,9.33904 0.995409,1.50058 0.964154,1.48393 1.842248,0.98153 1.570774,-0.8987 1.980396,-1.33342 2.836087,-3.00984 1.000624,-1.96036 2.070459,-3.6735 3.037094,-4.86332 1.115822,-1.37347 1.269228,-1.61793 1.828988,-2.9147 0.281654,-0.65249 0.786977,-1.61074 1.122938,-2.12943 l 0.61084,-0.94309 -0.79023,-0.77671 c -1.049647,-1.03168 -1.922751,-2.2016 -2.087012,-2.79651 -0.167761,-0.60758 0.03021,-0.9466 0.818744,-1.40207 0.797354,-0.46057 1.367585,-0.5929 3.498657,-0.81193 1.037629,-0.10665 2.164153,-0.30199 2.518962,-0.43681 0.353024,-0.13414 1.407825,-0.70824 2.344001,-1.27579 2.702947,-1.63863 2.931619,-1.72344 4.552111,-1.68831 1.368686,0.0297 1.371262,0.0291 2.182813,-0.46143 1.700674,-1.02802 4.14305,-2.88289 7.357044,-5.58733 0.61632,-0.5186 1.21002,-0.92569 1.31934,-0.90464 0.45462,0.0876 1.289567,2.13636 1.416407,3.47562 0.07693,0.81225 -0.08023,1.6155 -0.562014,2.87261 -0.13146,0.34301 -0.19208,0.67043 -0.134706,0.7276 0.13774,0.13726 0.610706,-0.4535 0.610706,-0.76279 0,-0.39435 0.261127,-0.43936 0.616327,-0.10623 0.258235,0.24218 0.480842,0.31151 1.000202,0.31151 0.567073,0 0.707447,0.0526 0.928773,0.3479 0.375574,0.50112 0.463647,1.86688 0.176201,2.73231 -0.279641,0.84191 -1.124801,1.81287 -1.891829,2.17341 -0.686334,0.32262 -2.075841,1.67928 -2.726081,2.66164 -0.248906,0.37604 -0.715586,1.15995 -1.037066,1.74204 -0.321487,0.58208 -0.86074,1.46154 -1.19834,1.95436 -0.664294,0.96972 -1.233147,2.3224 -1.782214,4.23798 -0.322553,1.1253 -0.34962,1.41826 -0.362953,3.92797 -0.01613,3.0317 -0.172894,3.77561 -0.9925,4.7091 -0.931805,1.06126 -1.861937,3.39186 -1.940127,4.8613 -0.04935,0.92751 -0.192246,1.83164 -0.395304,2.50122 -0.08942,0.29484 0.07752,0.2914 1.072102,-0.0221 z" + id="path847" + inkscape:connector-curvature="0" /> + <path + sodipodi:type="star" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:1.5;stroke-miterlimit:4;stroke-dasharray:none" + id="path814" + sodipodi:sides="4" + sodipodi:cx="18.854025" + sodipodi:cy="172.98837" + sodipodi:r1="1.6036172" + sodipodi:r2="1.1339285" + sodipodi:arg1="1.5707963" + sodipodi:arg2="2.3561945" + inkscape:flatsided="true" + inkscape:rounded="0" + inkscape:randomized="0" + d="m 18.854025,174.59199 -1.603617,-1.60362 1.603617,-1.60361 1.603617,1.60361 z" + transform="matrix(0.23203125,0.40188991,-0.99392962,0.57384553,246.21921,73.888081)" /> + </g> +</svg> diff --git a/branding/icon/icon_transparent.svg b/branding/icon/icon_transparent.svg new file mode 100644 index 0000000..dc5328b --- /dev/null +++ b/branding/icon/icon_transparent.svg @@ -0,0 +1,68 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="67.733337mm" + height="67.733337mm" + viewBox="0 0 67.733337 67.733337" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="LibreWolf.svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="1.4" + inkscape:cx="187.46066" + inkscape:cy="134.07761" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" /> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title /> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-42.106554,-153.8982)"> + <path + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:2.02377915;stroke-miterlimit:4;stroke-dasharray:none" + d="M 128 0 A 128.00001 128.00001 0 0 0 0 128 A 128.00001 128.00001 0 0 0 128 256 A 128.00001 128.00001 0 0 0 256 128 A 128.00001 128.00001 0 0 0 128 0 z M 128.32617 25.785156 C 155.4099 25.785156 179.44856 35.489037 198.92969 54.285156 C 208.31446 63.339959 214.60909 71.928296 219.99805 83.035156 C 227.28755 98.059156 230.23828 111.127 230.23828 128.37109 C 230.23828 151.07165 223.68394 170.86884 210.06836 189.28516 C 206.02227 194.7578 198.11798 203.07158 192.87305 207.37109 C 178.48604 219.16477 160.14783 227.14392 141.95117 229.5293 C 135.66382 230.3535 120.81047 230.45578 115.03711 229.71484 L 115.03711 229.7168 C 97.106679 227.41601 79.957058 220.26657 64.990234 208.85742 C 60.10871 205.13629 50.9495 195.91933 46.951172 190.70312 C 35.754662 176.09617 28.790963 159.51727 26.494141 141.99609 C 25.510844 134.49509 25.517063 120.70526 26.505859 113.84961 C 31.449776 79.577987 53.016868 50.18276 83.988281 35.503906 C 98.393996 28.676303 111.58129 25.785156 128.32617 25.785156 z M 127.99023 41.267578 C 112.25201 41.25246 98.451161 44.858109 84.792969 52.558594 C 72.359257 59.56871 59.504588 72.438234 52.464844 84.923828 C 47.280141 94.119381 43.486546 105.032 42.005859 115.00391 C 41.035023 121.54215 41.014836 134.52486 41.966797 140.78516 C 43.871932 153.31387 48.624198 165.69615 55.513672 176.08203 C 59.275848 181.75351 59.157783 181.6918 62.476562 179.79297 C 68.413346 176.39631 69.963158 174.75209 73.197266 168.41602 C 76.979152 161.00678 81.022358 154.53211 84.675781 150.03516 C 88.893061 144.84409 89.472262 143.92071 91.587891 139.01953 C 92.65241 136.55343 94.562257 132.93111 95.832031 130.9707 L 98.140625 127.40625 L 95.154297 124.4707 C 91.187127 120.57144 87.886454 116.14887 87.265625 113.90039 C 86.631568 111.60403 87.381042 110.32302 90.361328 108.60156 C 93.37495 106.86083 95.529543 106.36103 103.58398 105.5332 C 107.50573 105.13012 111.76251 104.39237 113.10352 103.88281 C 114.43778 103.37583 118.42459 101.20562 121.96289 99.060547 C 132.17875 92.8673 133.04327 92.546913 139.16797 92.679688 C 144.34096 92.791938 144.35069 92.789519 147.41797 90.935547 C 153.84571 87.050117 163.07723 80.039865 175.22461 69.818359 C 177.55401 67.858296 179.79776 66.318878 180.21094 66.398438 C 181.92919 66.729523 185.08506 74.473386 185.56445 79.535156 C 185.85521 82.605078 185.26037 85.641296 183.43945 90.392578 C 182.9426 91.688994 182.71479 92.926503 182.93164 93.142578 C 183.45223 93.661356 185.24023 91.428736 185.24023 90.259766 C 185.24023 88.769309 186.22587 88.598348 187.56836 89.857422 C 188.54437 90.772748 189.38667 91.035156 191.34961 91.035156 C 193.49288 91.035156 194.02287 91.233515 194.85938 92.349609 C 196.27886 94.243606 196.6118 99.406822 195.52539 102.67773 C 194.46848 105.85976 191.274 109.52796 188.375 110.89062 C 185.78098 112.10998 180.52987 117.23832 178.07227 120.95117 C 177.13152 122.37243 175.36739 125.33513 174.15234 127.53516 C 172.93727 129.73514 170.89902 133.05925 169.62305 134.92188 C 167.11233 138.58695 164.96193 143.69947 162.88672 150.93945 C 161.66762 155.19256 161.56602 156.29964 161.51562 165.78516 C 161.45467 177.24355 160.8614 180.05583 157.76367 183.58398 C 154.24189 187.59505 150.72716 196.40324 150.43164 201.95703 C 150.24512 205.46258 149.70496 208.87946 148.9375 211.41016 C 148.59953 212.52451 149.23118 212.51105 152.99023 211.32617 C 163.94478 207.87297 172.87193 203.23297 181.49023 196.51172 C 186.07289 192.9378 193.99341 184.94084 197.31445 180.53516 C 206.32213 168.58573 212.45054 153.61701 214.25391 139.16406 C 215.12249 132.20285 214.61898 117.47641 213.29297 111.08398 C 209.78028 94.149967 202.21105 79.847157 190.28906 67.607422 C 182.85634 59.976631 176.09023 54.946856 167.38477 50.582031 C 154.17531 43.958938 142.85756 41.282658 127.99023 41.267578 z M 144.16211 97.949219 L 136.73242 98.990234 L 132.11328 104.9043 L 139.54492 103.86133 L 144.16211 97.949219 z " + transform="matrix(0.26458333,0,0,0.26458333,42.106554,153.8982)" + id="path875" /> + </g> +</svg> diff --git a/branding/logo/Logo.svg b/branding/logo/Logo.svg new file mode 100644 index 0000000..179b518 --- /dev/null +++ b/branding/logo/Logo.svg @@ -0,0 +1,159 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="314.78802mm" + height="67.733337mm" + viewBox="0 0 314.78802 67.733337" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="Logo (Pre Merging variant 2).svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="0.35" + inkscape:cx="187.36648" + inkscape:cy="312.95353" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" + showguides="true" + inkscape:guide-bbox="true" + inkscape:snap-bbox="true" + inkscape:bbox-paths="true" + inkscape:bbox-nodes="true" + inkscape:snap-bbox-edge-midpoints="true" + inkscape:snap-bbox-midpoints="true"> + <sodipodi:guide + position="5.6059918,150.21715" + orientation="1,0" + id="guide869" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18215,150.21715" + orientation="1,0" + id="guide871" + inkscape:locked="false" /> + <sodipodi:guide + position="73.339052,116.35049" + orientation="1,0" + id="guide823" + inkscape:locked="false" /> + <sodipodi:guide + position="278.22089,116.35049" + orientation="1,0" + id="guide825" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18227,116.35049" + orientation="0,1" + id="guide827" + inkscape:locked="false" /> + </sodipodi:namedview> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title></dc:title> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-141.21625,-244.81668)"> + <g + id="g830" + transform="translate(0,-13.522126)"> + <rect + ry="33.866665" + y="258.33881" + x="141.21625" + height="67.73333" + width="314.78802" + id="rect815" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:4.0283823;stroke-miterlimit:4;stroke-dasharray:none" /> + <rect + ry="27.044252" + y="265.16122" + x="148.03986" + height="54.088505" + width="301.14081" + id="rect815-3" + style="fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:3.52093244;stroke-miterlimit:4;stroke-dasharray:none" /> + </g> + <g + id="g898" + transform="translate(-5.6059837,116.35049)"> + <ellipse + ry="33.866669" + rx="33.866535" + cy="162.33286" + cx="180.68877" + id="path875" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:0.53545713;stroke-miterlimit:4;stroke-dasharray:none" /> + <path + inkscape:connector-curvature="0" + id="path847" + d="m 177.2593,189.24526 c -4.74409,-0.60875 -9.28199,-2.4999 -13.24196,-5.51857 -1.29157,-0.98454 -3.71494,-3.42362 -4.77283,-4.80374 -2.96242,-3.86475 -4.80449,-8.25078 -5.41219,-12.88658 -0.26017,-1.98463 -0.25872,-5.63348 0.003,-7.44736 1.30807,-9.06768 7.01464,-16.84537 15.20917,-20.72914 3.81151,-1.80647 7.30026,-2.57113 11.73069,-2.57113 7.1659,0 13.52651,2.56748 18.68089,7.54061 2.48307,2.39574 4.14815,4.66807 5.57398,7.60675 1.92868,3.9751 2.70979,7.43275 2.70979,11.99524 0,6.00618 -1.7345,11.24405 -5.33696,16.11669 -1.07052,1.44796 -3.16175,3.64748 -4.54948,4.78506 -3.80656,3.1204 -8.65865,5.23181 -13.47318,5.86294 -1.66353,0.21807 -5.59333,0.24524 -7.12086,0.0492 z m 10.04139,-4.86546 c 2.89841,-0.91365 5.26038,-2.14145 7.54064,-3.91978 1.21249,-0.9456 3.30822,-3.06143 4.18691,-4.2271 2.38329,-3.16161 4.00494,-7.12194 4.48208,-10.94595 0.22982,-1.84181 0.0963,-5.73826 -0.2545,-7.42958 -0.9294,-4.48045 -2.93165,-8.26497 -6.08602,-11.5034 -1.96657,-2.01897 -3.75688,-3.34971 -6.0602,-4.50457 -3.49501,-1.75235 -6.48984,-2.46042 -10.42349,-2.46441 -4.16408,-0.004 -7.81533,0.95023 -11.42906,2.98765 -3.28977,1.85476 -6.69064,5.25951 -8.55324,8.56298 -1.37179,2.43299 -2.37584,5.32028 -2.76761,7.95868 -0.25686,1.7299 -0.26193,5.16507 -0.0101,6.82143 0.50407,3.31489 1.76149,6.5911 3.58433,9.33902 0.99541,1.50058 0.96415,1.48393 1.84225,0.98153 1.57077,-0.8987 1.98039,-1.33342 2.83608,-3.00983 1.00063,-1.96036 2.07046,-3.6735 3.03711,-4.86331 1.11582,-1.37347 1.26922,-1.61793 1.82898,-2.9147 0.28166,-0.65249 0.78698,-1.61073 1.12294,-2.12942 l 0.61084,-0.94309 -0.79023,-0.77671 c -1.04964,-1.03168 -1.92275,-2.20159 -2.08701,-2.7965 -0.16776,-0.60758 0.0302,-0.9466 0.81874,-1.40207 0.79736,-0.46057 1.36759,-0.5929 3.49866,-0.81193 1.03763,-0.10665 2.16415,-0.30199 2.51896,-0.43681 0.35303,-0.13414 1.40783,-0.70824 2.344,-1.27578 2.70296,-1.63863 2.93163,-1.72344 4.55213,-1.68831 1.36868,0.0297 1.37126,0.0291 2.18281,-0.46143 1.70067,-1.02802 4.14306,-2.88288 7.35705,-5.58732 0.61632,-0.5186 1.21002,-0.92569 1.31934,-0.90464 0.45462,0.0876 1.28957,2.13636 1.41641,3.47562 0.0769,0.81224 -0.0802,1.61549 -0.56201,2.8726 -0.13146,0.34301 -0.19208,0.67043 -0.13471,0.7276 0.13774,0.13726 0.61071,-0.4535 0.61071,-0.76279 0,-0.39435 0.26112,-0.43936 0.61632,-0.10623 0.25824,0.24218 0.48084,0.31151 1.0002,0.31151 0.56708,0 0.70745,0.0526 0.92878,0.3479 0.37557,0.50112 0.46364,1.86687 0.1762,2.7323 -0.27964,0.84191 -1.1248,1.81287 -1.89183,2.17341 -0.68633,0.32262 -2.07584,1.67928 -2.72608,2.66163 -0.24891,0.37604 -0.71559,1.15995 -1.03707,1.74204 -0.32148,0.58208 -0.86074,1.46154 -1.19834,1.95436 -0.66429,0.96971 -1.23314,2.32239 -1.78221,4.23797 -0.32255,1.12529 -0.34962,1.41825 -0.36295,3.92796 -0.0161,3.03169 -0.1729,3.7756 -0.99251,4.70909 -0.93181,1.06126 -1.86194,3.39185 -1.94013,4.86129 -0.0494,0.92751 -0.19225,1.83163 -0.39531,2.50121 -0.0894,0.29484 0.0775,0.2914 1.07211,-0.0221 z" + style="fill:#ffffff;stroke-width:0.13229167" /> + <path + transform="matrix(0.23203125,0.40188991,-0.99392962,0.57384553,350.9349,48.456078)" + d="m 18.854025,174.59199 -1.603617,-1.60362 1.603617,-1.60361 1.603617,1.60361 z" + inkscape:randomized="0" + inkscape:rounded="0" + inkscape:flatsided="true" + sodipodi:arg2="2.3561945" + sodipodi:arg1="1.5707963" + sodipodi:r2="1.1339285" + sodipodi:r1="1.6036172" + sodipodi:cy="172.98837" + sodipodi:cx="18.854025" + sodipodi:sides="4" + id="path814" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:1.5;stroke-miterlimit:4;stroke-dasharray:none" + sodipodi:type="star" /> + </g> + <text + xml:space="preserve" + style="font-style:normal;font-weight:normal;font-size:10.58333302px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.26458332" + x="208.94958" + y="296.53955" + id="text819"><tspan + sodipodi:role="line" + x="208.94958" + y="296.53955" + style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.79999924px;font-family:Rajdhani;-inkscape-font-specification:'Rajdhani Bold';fill:#00acff;fill-opacity:1;stroke-width:0.26458332" + id="tspan853"> LibreWolf </tspan></text> + </g> +</svg> diff --git a/branding/logo/Logo.svg.png b/branding/logo/Logo.svg.png Binary files differnew file mode 100644 index 0000000..54beb32 --- /dev/null +++ b/branding/logo/Logo.svg.png diff --git a/branding/logo/Logo_transparent.svg b/branding/logo/Logo_transparent.svg new file mode 100644 index 0000000..ab744ad --- /dev/null +++ b/branding/logo/Logo_transparent.svg @@ -0,0 +1,106 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="314.78802mm" + height="67.733337mm" + viewBox="0 0 314.78802 67.733337" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="Logo.svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="0.49497475" + inkscape:cx="514.59448" + inkscape:cy="33.729412" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" + showguides="true" + inkscape:guide-bbox="true" + inkscape:snap-bbox="true" + inkscape:bbox-paths="true" + inkscape:bbox-nodes="true" + inkscape:snap-bbox-edge-midpoints="true" + inkscape:snap-bbox-midpoints="true"> + <sodipodi:guide + position="5.6059918,150.21715" + orientation="1,0" + id="guide869" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18215,150.21715" + orientation="1,0" + id="guide871" + inkscape:locked="false" /> + <sodipodi:guide + position="73.339052,116.35049" + orientation="1,0" + id="guide823" + inkscape:locked="false" /> + <sodipodi:guide + position="278.22089,116.35049" + orientation="1,0" + id="guide825" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18227,116.35049" + orientation="0,1" + id="guide827" + inkscape:locked="false" /> + </sodipodi:namedview> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title /> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-141.21625,-244.81668)"> + <path + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:15.22538185;stroke-miterlimit:4;stroke-dasharray:none" + d="M 128 0 C 57.088004 0 0 57.088004 0 128 C 0 198.912 57.088004 256 128 256 L 1061.75 256 C 1132.662 256 1189.75 198.912 1189.75 128 C 1189.75 57.088004 1132.662 0 1061.75 0 L 128 0 z M 128.00391 25.785156 L 1061.7461 25.785156 C 1118.3729 25.785156 1163.9609 71.37317 1163.9609 128 C 1163.9609 184.62683 1118.3729 230.21484 1061.7461 230.21484 L 128.00391 230.21484 C 71.377072 230.21484 25.789062 184.62683 25.789062 128 C 25.789062 71.37317 71.377072 25.785156 128.00391 25.785156 z M 399.98438 60.511719 C 397.42438 60.511719 396.14453 61.791564 396.14453 64.351562 L 396.14453 81.056641 C 396.14453 83.616641 397.42438 84.896484 399.98438 84.896484 L 416.68945 84.896484 C 419.24945 84.896484 420.5293 83.616641 420.5293 81.056641 L 420.5293 64.160156 C 420.5293 61.728156 419.24945 60.511719 416.68945 60.511719 L 399.98438 60.511719 z M 446.4668 60.511719 C 443.7788 60.511719 442.43555 61.856922 442.43555 64.544922 L 442.43555 191.45508 C 442.43555 194.14308 443.7788 195.48828 446.4668 195.48828 L 492.54688 195.48828 C 502.65886 195.48828 510.4667 192.79983 515.9707 187.42383 C 521.4747 182.04783 524.22656 174.30341 524.22656 164.19141 L 524.22656 128.48047 C 524.22656 118.36847 521.4747 110.62405 515.9707 105.24805 C 510.4667 99.872044 502.65886 97.183594 492.54688 97.183594 L 486.40234 97.183594 C 482.43434 97.183594 478.65822 98.079094 475.07422 99.871094 C 471.49022 101.66309 468.99589 104.28814 467.58789 107.74414 L 466.81836 107.74414 L 466.81836 64.544922 C 466.81836 61.856922 465.47511 60.511719 462.78711 60.511719 L 446.4668 60.511719 z M 963.05273 60.511719 C 960.36473 60.511719 959.01953 61.856922 959.01953 64.544922 L 959.01953 191.45508 C 959.01953 194.14308 960.36473 195.48828 963.05273 195.48828 L 979.37109 195.48828 C 982.05909 195.48828 983.4043 194.14308 983.4043 191.45508 L 983.4043 64.544922 C 983.4043 61.856922 982.05909 60.511719 979.37109 60.511719 L 963.05273 60.511719 z M 1045.4375 60.511719 C 1035.3255 60.511719 1027.5811 63.200172 1022.2051 68.576172 C 1016.9571 73.952172 1014.334 81.696594 1014.334 91.808594 L 1014.334 95.455078 C 1014.334 96.863078 1013.5653 97.568359 1012.0293 97.568359 L 1003.1973 97.568359 C 1001.6613 97.568359 1000.5736 97.823938 999.93359 98.335938 C 999.42159 98.847936 999.16602 99.872206 999.16602 101.4082 L 999.16602 114.65625 C 999.16602 117.34425 1000.5093 118.6875 1003.1973 118.6875 L 1012.0293 118.6875 C 1013.5653 118.6875 1014.334 119.39278 1014.334 120.80078 L 1014.334 191.45508 C 1014.334 194.14308 1015.6772 195.48828 1018.3652 195.48828 L 1034.4941 195.48828 C 1037.3101 195.48828 1038.7188 194.14308 1038.7188 191.45508 L 1038.7188 120.80078 C 1038.7187 119.39278 1039.4221 118.6875 1040.8301 118.6875 L 1056.1895 118.6875 C 1058.8775 118.6875 1060.2227 117.34425 1060.2227 114.65625 L 1060.2227 101.4082 C 1060.2227 100.0002 1059.9017 99.039344 1059.2617 98.527344 C 1058.7497 97.887344 1057.7255 97.568359 1056.1895 97.568359 L 1040.8301 97.568359 C 1039.4221 97.568359 1038.7188 96.863078 1038.7188 95.455078 L 1038.7188 92.960938 C 1038.7187 88.864938 1039.4221 85.984312 1040.8301 84.320312 C 1042.3661 82.528314 1045.1813 81.632812 1049.2773 81.632812 L 1056.3828 81.632812 C 1058.9428 81.632813 1060.2227 80.287609 1060.2227 77.599609 L 1060.2227 64.351562 C 1060.2227 62.943564 1059.9651 61.984656 1059.4531 61.472656 C 1058.9411 60.832656 1057.9188 60.511719 1056.3828 60.511719 L 1045.4375 60.511719 z M 314.88672 72.03125 C 312.19872 72.03125 310.85547 73.376453 310.85547 76.064453 L 310.85547 191.45508 C 310.85547 194.14308 312.19872 195.48828 314.88672 195.48828 L 378.05469 195.48828 C 380.61469 195.48828 381.89453 194.14308 381.89453 191.45508 L 381.89453 178.40039 C 381.89453 175.58439 380.61469 174.17578 378.05469 174.17578 L 337.54297 174.17578 C 336.00697 174.17578 335.23828 173.47245 335.23828 172.06445 L 335.23828 76.064453 C 335.23828 73.376453 333.89503 72.03125 331.20703 72.03125 L 314.88672 72.03125 z M 701.66211 72.03125 C 698.59011 72.03125 697.24686 73.376453 697.63086 76.064453 L 718.17383 191.45508 C 718.55783 194.14308 720.15861 195.48828 722.97461 195.48828 L 749.85352 195.48828 C 752.41352 195.48828 753.95089 194.14308 754.46289 191.45508 L 771.93359 101.4082 L 772.70117 101.4082 L 789.98242 191.45508 C 790.36642 194.14308 791.90184 195.48828 794.58984 195.48828 L 821.66211 195.48828 C 824.22211 195.48828 825.69414 194.14308 826.07812 191.45508 L 846.81445 76.255859 C 847.19845 73.439859 845.85325 72.03125 842.78125 72.03125 L 822.81445 72.03125 C 819.87045 72.03125 818.33308 73.439859 818.20508 76.255859 L 807.26172 170.7207 L 805.72656 170.7207 L 786.91016 75.296875 C 786.52616 73.120875 785.11755 72.03125 782.68555 72.03125 L 761.18164 72.03125 C 758.87764 72.03125 757.53439 73.184281 757.15039 75.488281 L 738.71875 170.7207 L 737.37305 170.7207 L 726.23828 76.064453 C 726.11028 73.376453 724.57486 72.03125 721.63086 72.03125 L 701.66211 72.03125 z M 399.98438 97.568359 C 397.42438 97.568359 396.14453 98.911608 396.14453 101.59961 L 396.14453 191.45508 C 396.14453 194.14308 397.48973 195.48828 400.17773 195.48828 L 416.68945 195.48828 C 418.09745 195.48828 419.05636 195.2327 419.56836 194.7207 C 420.20836 194.2087 420.5293 193.11908 420.5293 191.45508 L 420.5293 101.59961 C 420.5293 98.911608 419.18409 97.568359 416.49609 97.568359 L 399.98438 97.568359 z M 547.3418 97.568359 C 544.6538 97.568359 543.31055 98.911608 543.31055 101.59961 L 543.31055 191.45508 C 543.31055 194.14308 544.6538 195.48828 547.3418 195.48828 L 563.66211 195.48828 C 566.35011 195.48828 567.69336 194.14308 567.69336 191.45508 L 567.69336 133.66406 C 567.69336 123.68006 572.10941 118.6875 580.94141 118.6875 L 594.18945 118.6875 C 595.59745 118.8155 596.55831 118.62333 597.07031 118.11133 C 597.71031 117.47133 598.0293 116.38366 598.0293 114.84766 L 598.0293 101.59961 C 598.0293 98.911608 596.74945 97.568359 594.18945 97.568359 L 587.27734 97.568359 C 583.30934 97.568359 579.53322 98.463858 575.94922 100.25586 C 572.36522 102.04786 569.87089 104.67291 568.46289 108.12891 L 567.69336 108.12891 L 567.69336 101.59961 C 567.69336 98.911608 566.35011 97.568359 563.66211 97.568359 L 547.3418 97.568359 z M 640.19531 97.568359 C 630.08331 97.568359 622.27548 100.25681 616.77148 105.63281 C 611.26748 111.00881 608.51562 118.75128 608.51562 128.86328 L 608.51562 164.19141 C 608.51563 174.30341 611.26748 182.04783 616.77148 187.42383 C 622.27548 192.79983 630.08331 195.48828 640.19531 195.48828 L 682.62695 195.48828 C 684.16295 195.48828 685.18722 195.2327 685.69922 194.7207 C 686.33922 194.0807 686.6582 193.05644 686.6582 191.64844 L 686.6582 178.97656 C 686.6582 176.16056 685.31495 174.75195 682.62695 174.75195 L 643.84375 174.75195 C 639.74775 174.75195 636.80372 173.91986 635.01172 172.25586 C 633.34772 170.46386 632.51562 167.58323 632.51562 163.61523 L 632.51562 159.39258 C 632.51563 157.98458 633.28236 157.2793 634.81836 157.2793 L 683.01172 157.2793 C 685.69972 157.2793 687.04297 155.93605 687.04297 153.24805 L 687.04297 128.86328 C 687.04297 118.75128 684.29111 111.00881 678.78711 105.63281 C 673.28311 100.25681 665.47528 97.568359 655.36328 97.568359 L 640.19531 97.568359 z M 889.94531 97.568359 C 879.83331 97.568359 872.02548 100.25681 866.52148 105.63281 C 861.01748 111.00881 858.26562 118.75128 858.26562 128.86328 L 858.26562 164.19141 C 858.26563 174.30341 861.01748 182.04783 866.52148 187.42383 C 872.02548 192.79983 879.83331 195.48828 889.94531 195.48828 L 907.0332 195.48828 C 917.0172 195.48828 924.76164 192.79983 930.26562 187.42383 C 935.89762 181.91983 938.71289 174.17541 938.71289 164.19141 L 938.71289 128.86328 C 938.71289 118.87928 935.89762 111.20022 930.26562 105.82422 C 924.76164 100.32022 917.0172 97.568359 907.0332 97.568359 L 889.94531 97.568359 z M 480.06641 118.30469 L 488.51562 118.30469 C 492.61162 118.30469 495.4903 119.20019 497.1543 120.99219 C 498.9463 122.65619 499.84375 125.53681 499.84375 129.63281 L 499.84375 163.03906 C 499.84375 167.13506 498.9463 170.07909 497.1543 171.87109 C 495.4903 173.53509 492.61162 174.36719 488.51562 174.36719 L 468.93164 174.36719 C 467.52364 174.36719 466.81836 173.66386 466.81836 172.25586 L 466.81836 132.89648 C 466.81836 123.16848 471.23441 118.30469 480.06641 118.30469 z M 643.84375 118.49609 L 651.90625 118.49609 C 656.00225 118.49609 658.88288 119.32819 660.54688 120.99219 C 662.21086 122.65619 663.04297 125.53681 663.04297 129.63281 L 663.04297 138.84766 C 663.04297 140.25566 662.33964 140.96094 660.93164 140.96094 L 634.81836 140.96094 C 633.41036 140.96094 632.70703 140.25566 632.70703 138.84766 L 632.70703 129.63281 C 632.70703 125.53681 633.53914 122.65619 635.20312 120.99219 C 636.86712 119.32819 639.74775 118.49609 643.84375 118.49609 z M 893.59375 118.49609 L 903.38477 118.49609 C 907.48077 118.49609 910.36139 119.32819 912.02539 120.99219 C 913.81739 122.65619 914.71289 125.53681 914.71289 129.63281 L 914.71289 163.42383 C 914.71289 167.51983 913.81739 170.40045 912.02539 172.06445 C 910.36139 173.72845 907.48077 174.56055 903.38477 174.56055 L 893.59375 174.56055 C 889.49775 174.56055 886.61712 173.72845 884.95312 172.06445 C 883.28914 170.40045 882.45703 167.51983 882.45703 163.42383 L 882.45703 129.63281 C 882.45703 125.53681 883.28914 122.65619 884.95312 120.99219 C 886.61712 119.32819 889.49775 118.49609 893.59375 118.49609 z " + transform="matrix(0.26458333,0,0,0.26458333,141.21625,244.81668)" + id="rect815" /> + <path + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:2.0237751;stroke-miterlimit:4;stroke-dasharray:none" + d="M 128 0 A 127.9995 128.00001 0 0 0 0 128 A 127.9995 128.00001 0 0 0 128 256 A 127.9995 128.00001 0 0 0 255.99805 128 A 127.9995 128.00001 0 0 0 128 0 z M 128.32617 25.785156 C 155.40989 25.785156 179.45052 35.489074 198.93164 54.285156 C 208.31647 63.339922 214.60908 71.928334 219.99805 83.035156 C 227.28755 98.059156 230.24023 111.12899 230.24023 128.37305 C 230.24023 151.07357 223.68396 170.86888 210.06836 189.28516 C 206.0223 194.75776 198.11801 203.07158 192.87305 207.37109 C 178.48605 219.16473 160.14782 227.14392 141.95117 229.5293 C 135.66381 230.3535 120.81045 230.45774 115.03711 229.7168 C 97.10669 227.41601 79.95705 220.26851 64.990234 208.85938 C 60.10871 205.13828 50.949496 195.91933 46.951172 190.70312 C 35.754624 176.09621 28.79096 159.51918 26.494141 141.99805 C 25.510821 134.49708 25.516681 120.70522 26.505859 113.84961 C 31.449746 79.578063 53.018783 50.182722 83.990234 35.503906 C 98.395941 28.676303 111.58124 25.785156 128.32617 25.785156 z M 127.99023 41.267578 C 112.25198 41.25246 98.451161 44.860062 84.792969 52.560547 C 72.359192 59.570663 59.504592 72.438272 52.464844 84.923828 C 47.280126 94.119381 43.486565 105.032 42.005859 115.00391 C 41.03505 121.54211 41.014998 134.5249 41.966797 140.78516 C 43.871943 153.31387 48.624198 165.69619 55.513672 176.08203 C 59.275851 181.75351 59.15776 181.6918 62.476562 179.79297 C 68.413331 176.39631 69.963162 174.75205 73.197266 168.41602 C 76.979174 161.00678 81.022301 154.53208 84.675781 150.03516 C 88.893054 144.84409 89.472262 143.92071 91.587891 139.01953 C 92.652432 136.55343 94.562261 132.93111 95.832031 130.9707 L 98.140625 127.40625 L 95.154297 124.4707 C 91.187154 120.57144 87.88645 116.15082 87.265625 113.90234 C 86.631571 111.60598 87.381019 110.32498 90.361328 108.60352 C 93.374972 106.86278 95.529551 106.36103 103.58398 105.5332 C 107.50574 105.13012 111.7625 104.39237 113.10352 103.88281 C 114.4378 103.37583 118.42461 101.20558 121.96289 99.060547 C 132.1788 92.8673 133.04324 92.546913 139.16797 92.679688 C 144.34093 92.791938 144.35069 92.789519 147.41797 90.935547 C 153.8457 87.050117 163.07725 80.039865 175.22461 69.818359 C 177.55401 67.858296 179.79776 66.320832 180.21094 66.400391 C 181.92919 66.731477 185.08506 74.473386 185.56445 79.535156 C 185.8551 82.60504 185.26047 85.641296 183.43945 90.392578 C 182.9426 91.688994 182.71481 92.926503 182.93164 93.142578 C 183.45223 93.661356 185.24023 91.428736 185.24023 90.259766 C 185.24023 88.769309 186.22587 88.600301 187.56836 89.859375 C 188.54438 90.774701 189.38667 91.035156 191.34961 91.035156 C 193.4929 91.035156 194.02285 91.235469 194.85938 92.351562 C 196.27884 94.245559 196.61178 99.406822 195.52539 102.67773 C 194.46848 105.85976 191.27401 109.52991 188.375 110.89258 C 185.781 112.11193 180.52987 117.23835 178.07227 120.95117 C 177.1315 122.37243 175.36739 125.33513 174.15234 127.53516 C 172.9373 129.73514 170.89902 133.05925 169.62305 134.92188 C 167.11234 138.58691 164.96194 143.69947 162.88672 150.93945 C 161.66763 155.19252 161.56601 156.29964 161.51562 165.78516 C 161.45478 177.24351 160.86141 180.05583 157.76367 183.58398 C 154.24187 187.59505 150.72716 196.40324 150.43164 201.95703 C 150.24493 205.46258 149.70497 208.87946 148.9375 211.41016 C 148.59961 212.52451 149.23108 212.51105 152.99023 211.32617 C 163.94485 207.87301 172.87193 203.23297 181.49023 196.51172 C 186.07287 192.9378 193.99342 184.94084 197.31445 180.53516 C 206.32216 168.58576 212.45054 153.61897 214.25391 139.16602 C 215.12252 132.20484 214.61883 117.47637 213.29297 111.08398 C 209.78028 94.150005 202.21109 79.847157 190.28906 67.607422 C 182.85636 59.976669 176.09023 54.946856 167.38477 50.582031 C 154.17528 43.958976 142.85757 41.282658 127.99023 41.267578 z M 144.16211 97.949219 L 136.73242 98.990234 L 132.11523 104.9043 L 139.54492 103.86133 L 144.16211 97.949219 z " + transform="matrix(0.26458333,0,0,0.26458333,141.21625,244.81668)" + id="path875" /> + </g> +</svg> diff --git a/branding/logo/Notes b/branding/logo/Notes new file mode 100644 index 0000000..3d2b9c8 --- /dev/null +++ b/branding/logo/Notes @@ -0,0 +1 @@ +Font used is Rajandi diff --git a/branding/logo_2/Logo.svg b/branding/logo_2/Logo.svg new file mode 100644 index 0000000..752c4f3 --- /dev/null +++ b/branding/logo_2/Logo.svg @@ -0,0 +1,150 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="292.36459mm" + height="67.733337mm" + viewBox="0 0 292.36459 67.733336" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="Logo (Pre Merging).svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="0.35" + inkscape:cx="279.50002" + inkscape:cy="312.95353" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" + showguides="false" + inkscape:guide-bbox="true" + inkscape:snap-bbox="true" + inkscape:bbox-paths="true" + inkscape:bbox-nodes="true" + inkscape:snap-bbox-edge-midpoints="true" + inkscape:snap-bbox-midpoints="true"> + <sodipodi:guide + position="5.605989,150.21715" + orientation="1,0" + id="guide869" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18215,150.21715" + orientation="1,0" + id="guide871" + inkscape:locked="false" /> + <sodipodi:guide + position="73.339049,116.35049" + orientation="1,0" + id="guide823" + inkscape:locked="false" /> + <sodipodi:guide + position="278.22089,116.35049" + orientation="1,0" + id="guide825" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18227,116.35049" + orientation="0,1" + id="guide827" + inkscape:locked="false" /> + </sodipodi:namedview> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title></dc:title> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-141.21625,-244.81668)"> + <g + id="g898" + transform="translate(-5.6059837,116.35049)"> + <ellipse + ry="33.866669" + rx="33.866535" + cy="162.33286" + cx="180.68877" + id="path875" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:0.53545713;stroke-miterlimit:4;stroke-dasharray:none" /> + <path + inkscape:connector-curvature="0" + id="path847" + d="m 177.2593,189.24526 c -4.74409,-0.60875 -9.28199,-2.4999 -13.24196,-5.51857 -1.29157,-0.98454 -3.71494,-3.42362 -4.77283,-4.80374 -2.96242,-3.86475 -4.80449,-8.25078 -5.41219,-12.88658 -0.26017,-1.98463 -0.25872,-5.63348 0.003,-7.44736 1.30807,-9.06768 7.01464,-16.84537 15.20917,-20.72914 3.81151,-1.80647 7.30026,-2.57113 11.73069,-2.57113 7.1659,0 13.52651,2.56748 18.68089,7.54061 2.48307,2.39574 4.14815,4.66807 5.57398,7.60675 1.92868,3.9751 2.70979,7.43275 2.70979,11.99524 0,6.00618 -1.7345,11.24405 -5.33696,16.11669 -1.07052,1.44796 -3.16175,3.64748 -4.54948,4.78506 -3.80656,3.1204 -8.65865,5.23181 -13.47318,5.86294 -1.66353,0.21807 -5.59333,0.24524 -7.12086,0.0492 z m 10.04139,-4.86546 c 2.89841,-0.91365 5.26038,-2.14145 7.54064,-3.91978 1.21249,-0.9456 3.30822,-3.06143 4.18691,-4.2271 2.38329,-3.16161 4.00494,-7.12194 4.48208,-10.94595 0.22982,-1.84181 0.0963,-5.73826 -0.2545,-7.42958 -0.9294,-4.48045 -2.93165,-8.26497 -6.08602,-11.5034 -1.96657,-2.01897 -3.75688,-3.34971 -6.0602,-4.50457 -3.49501,-1.75235 -6.48984,-2.46042 -10.42349,-2.46441 -4.16408,-0.004 -7.81533,0.95023 -11.42906,2.98765 -3.28977,1.85476 -6.69064,5.25951 -8.55324,8.56298 -1.37179,2.43299 -2.37584,5.32028 -2.76761,7.95868 -0.25686,1.7299 -0.26193,5.16507 -0.0101,6.82143 0.50407,3.31489 1.76149,6.5911 3.58433,9.33902 0.99541,1.50058 0.96415,1.48393 1.84225,0.98153 1.57077,-0.8987 1.98039,-1.33342 2.83608,-3.00983 1.00063,-1.96036 2.07046,-3.6735 3.03711,-4.86331 1.11582,-1.37347 1.26922,-1.61793 1.82898,-2.9147 0.28166,-0.65249 0.78698,-1.61073 1.12294,-2.12942 l 0.61084,-0.94309 -0.79023,-0.77671 c -1.04964,-1.03168 -1.92275,-2.20159 -2.08701,-2.7965 -0.16776,-0.60758 0.0302,-0.9466 0.81874,-1.40207 0.79736,-0.46057 1.36759,-0.5929 3.49866,-0.81193 1.03763,-0.10665 2.16415,-0.30199 2.51896,-0.43681 0.35303,-0.13414 1.40783,-0.70824 2.344,-1.27578 2.70296,-1.63863 2.93163,-1.72344 4.55213,-1.68831 1.36868,0.0297 1.37126,0.0291 2.18281,-0.46143 1.70067,-1.02802 4.14306,-2.88288 7.35705,-5.58732 0.61632,-0.5186 1.21002,-0.92569 1.31934,-0.90464 0.45462,0.0876 1.28957,2.13636 1.41641,3.47562 0.0769,0.81224 -0.0802,1.61549 -0.56201,2.8726 -0.13146,0.34301 -0.19208,0.67043 -0.13471,0.7276 0.13774,0.13726 0.61071,-0.4535 0.61071,-0.76279 0,-0.39435 0.26112,-0.43936 0.61632,-0.10623 0.25824,0.24218 0.48084,0.31151 1.0002,0.31151 0.56708,0 0.70745,0.0526 0.92878,0.3479 0.37557,0.50112 0.46364,1.86687 0.1762,2.7323 -0.27964,0.84191 -1.1248,1.81287 -1.89183,2.17341 -0.68633,0.32262 -2.07584,1.67928 -2.72608,2.66163 -0.24891,0.37604 -0.71559,1.15995 -1.03707,1.74204 -0.32148,0.58208 -0.86074,1.46154 -1.19834,1.95436 -0.66429,0.96971 -1.23314,2.32239 -1.78221,4.23797 -0.32255,1.12529 -0.34962,1.41825 -0.36295,3.92796 -0.0161,3.03169 -0.1729,3.7756 -0.99251,4.70909 -0.93181,1.06126 -1.86194,3.39185 -1.94013,4.86129 -0.0494,0.92751 -0.19225,1.83163 -0.39531,2.50121 -0.0894,0.29484 0.0775,0.2914 1.07211,-0.0221 z" + style="fill:#ffffff;stroke-width:0.13229167" /> + <path + transform="matrix(0.23203125,0.40188991,-0.99392962,0.57384553,350.9349,48.456078)" + d="m 18.854025,174.59199 -1.603617,-1.60362 1.603617,-1.60361 1.603617,1.60361 z" + inkscape:randomized="0" + inkscape:rounded="0" + inkscape:flatsided="true" + sodipodi:arg2="2.3561945" + sodipodi:arg1="1.5707963" + sodipodi:r2="1.1339285" + sodipodi:r1="1.6036172" + sodipodi:cy="172.98837" + sodipodi:cx="18.854025" + sodipodi:sides="4" + id="path814" + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:1.5;stroke-miterlimit:4;stroke-dasharray:none" + sodipodi:type="star" /> + </g> + <text + xml:space="preserve" + style="font-style:normal;font-weight:normal;font-size:10.58333302px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.26458332" + x="208.94958" + y="296.53955" + id="text819"><tspan + sodipodi:role="line" + x="208.94958" + y="296.53955" + style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.79999924px;font-family:Rajdhani;-inkscape-font-specification:'Rajdhani Bold';fill:#00acff;fill-opacity:1;stroke-width:0.26458332" + id="tspan853"> LibreWolf </tspan></text> + <flowRoot + xml:space="preserve" + id="flowRoot826" + style="font-style:normal;font-weight:normal;font-size:40px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none" + transform="matrix(0.26458333,0,0,0.26458333,208.94958,260.82715)"><flowRegion + id="flowRegion828"><rect + id="rect830" + width="180" + height="148.57143" + x="-325.71429" + y="-259.30972" /></flowRegion><flowPara + id="flowPara832"></flowPara></flowRoot> </g> +</svg> diff --git a/branding/logo_2/Logo.svg.png b/branding/logo_2/Logo.svg.png Binary files differnew file mode 100644 index 0000000..972ff3a --- /dev/null +++ b/branding/logo_2/Logo.svg.png diff --git a/branding/logo_2/Logo_transparent.svg b/branding/logo_2/Logo_transparent.svg new file mode 100644 index 0000000..ffe03c5 --- /dev/null +++ b/branding/logo_2/Logo_transparent.svg @@ -0,0 +1,123 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Created with Inkscape (http://www.inkscape.org/) --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + width="292.36459mm" + height="67.733337mm" + viewBox="0 0 292.36459 67.733336" + version="1.1" + id="svg8" + inkscape:version="0.92.4 5da689c313, 2019-01-14" + sodipodi:docname="Logo.svg"> + <defs + id="defs2" /> + <sodipodi:namedview + id="base" + pagecolor="#ffffff" + bordercolor="#666666" + borderopacity="1.0" + inkscape:pageopacity="0.0" + inkscape:pageshadow="2" + inkscape:zoom="1.4" + inkscape:cx="261.1233" + inkscape:cy="69.658245" + inkscape:document-units="mm" + inkscape:current-layer="layer1" + showgrid="false" + inkscape:window-width="1366" + inkscape:window-height="711" + inkscape:window-x="0" + inkscape:window-y="30" + inkscape:window-maximized="1" + inkscape:showpageshadow="false" + units="px" + fit-margin-top="0" + fit-margin-left="0" + fit-margin-right="0" + fit-margin-bottom="0" + showguides="false" + inkscape:guide-bbox="true" + inkscape:snap-bbox="true" + inkscape:bbox-paths="true" + inkscape:bbox-nodes="true" + inkscape:snap-bbox-edge-midpoints="true" + inkscape:snap-bbox-midpoints="true"> + <sodipodi:guide + position="5.605989,150.21715" + orientation="1,0" + id="guide869" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18215,150.21715" + orientation="1,0" + id="guide871" + inkscape:locked="false" /> + <sodipodi:guide + position="73.339049,116.35049" + orientation="1,0" + id="guide823" + inkscape:locked="false" /> + <sodipodi:guide + position="278.22089,116.35049" + orientation="1,0" + id="guide825" + inkscape:locked="false" /> + <sodipodi:guide + position="309.18227,116.35049" + orientation="0,1" + id="guide827" + inkscape:locked="false" /> + </sodipodi:namedview> + <metadata + id="metadata5"> + <rdf:RDF> + <cc:Work + rdf:about=""> + <dc:format>image/svg+xml</dc:format> + <dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> + <dc:title /> + </cc:Work> + </rdf:RDF> + </metadata> + <g + inkscape:label="Layer 1" + inkscape:groupmode="layer" + id="layer1" + transform="translate(-141.21625,-244.81668)"> + <path + style="fill:#00acff;fill-opacity:1;stroke:none;stroke-width:2.0237751;stroke-miterlimit:4;stroke-dasharray:none" + d="M 128 0 A 127.9995 128.00001 0 0 0 0 128 A 127.9995 128.00001 0 0 0 128 256 A 127.9995 128.00001 0 0 0 255.99805 128 A 127.9995 128.00001 0 0 0 128 0 z M 128.32617 25.785156 C 155.40989 25.785156 179.45052 35.489074 198.93164 54.285156 C 208.31647 63.339922 214.60908 71.928334 219.99805 83.035156 C 227.28755 98.059156 230.24023 111.12899 230.24023 128.37305 C 230.24023 151.07357 223.68396 170.86888 210.06836 189.28516 C 206.0223 194.75776 198.11801 203.07158 192.87305 207.37109 C 178.48605 219.16473 160.14782 227.14392 141.95117 229.5293 C 135.66381 230.3535 120.81045 230.45774 115.03711 229.7168 C 97.10669 227.41601 79.95705 220.26851 64.990234 208.85938 C 60.10871 205.13828 50.949496 195.91933 46.951172 190.70312 C 35.754624 176.09621 28.79096 159.51918 26.494141 141.99805 C 25.510821 134.49708 25.516681 120.70522 26.505859 113.84961 C 31.449746 79.578063 53.018783 50.182722 83.990234 35.503906 C 98.395941 28.676303 111.58124 25.785156 128.32617 25.785156 z M 127.99023 41.267578 C 112.25198 41.25246 98.451161 44.860062 84.792969 52.560547 C 72.359192 59.570663 59.504592 72.438272 52.464844 84.923828 C 47.280126 94.119381 43.486565 105.032 42.005859 115.00391 C 41.03505 121.54211 41.014998 134.5249 41.966797 140.78516 C 43.871943 153.31387 48.624198 165.69619 55.513672 176.08203 C 59.275851 181.75351 59.15776 181.6918 62.476562 179.79297 C 68.413331 176.39631 69.963162 174.75205 73.197266 168.41602 C 76.979174 161.00678 81.022301 154.53208 84.675781 150.03516 C 88.893054 144.84409 89.472262 143.92071 91.587891 139.01953 C 92.652432 136.55343 94.562261 132.93111 95.832031 130.9707 L 98.140625 127.40625 L 95.154297 124.4707 C 91.187154 120.57144 87.88645 116.15082 87.265625 113.90234 C 86.631571 111.60598 87.381019 110.32498 90.361328 108.60352 C 93.374972 106.86278 95.529551 106.36103 103.58398 105.5332 C 107.50574 105.13012 111.7625 104.39237 113.10352 103.88281 C 114.4378 103.37583 118.42461 101.20558 121.96289 99.060547 C 132.1788 92.8673 133.04324 92.546913 139.16797 92.679688 C 144.34093 92.791938 144.35069 92.789519 147.41797 90.935547 C 153.8457 87.050117 163.07725 80.039865 175.22461 69.818359 C 177.55401 67.858296 179.79776 66.320832 180.21094 66.400391 C 181.92919 66.731477 185.08506 74.473386 185.56445 79.535156 C 185.8551 82.60504 185.26047 85.641296 183.43945 90.392578 C 182.9426 91.688994 182.71481 92.926503 182.93164 93.142578 C 183.45223 93.661356 185.24023 91.428736 185.24023 90.259766 C 185.24023 88.769309 186.22587 88.600301 187.56836 89.859375 C 188.54438 90.774701 189.38667 91.035156 191.34961 91.035156 C 193.4929 91.035156 194.02285 91.235469 194.85938 92.351562 C 196.27884 94.245559 196.61178 99.406822 195.52539 102.67773 C 194.46848 105.85976 191.27401 109.52991 188.375 110.89258 C 185.781 112.11193 180.52987 117.23835 178.07227 120.95117 C 177.1315 122.37243 175.36739 125.33513 174.15234 127.53516 C 172.9373 129.73514 170.89902 133.05925 169.62305 134.92188 C 167.11234 138.58691 164.96194 143.69947 162.88672 150.93945 C 161.66763 155.19252 161.56601 156.29964 161.51562 165.78516 C 161.45478 177.24351 160.86141 180.05583 157.76367 183.58398 C 154.24187 187.59505 150.72716 196.40324 150.43164 201.95703 C 150.24493 205.46258 149.70497 208.87946 148.9375 211.41016 C 148.59961 212.52451 149.23108 212.51105 152.99023 211.32617 C 163.94485 207.87301 172.87193 203.23297 181.49023 196.51172 C 186.07287 192.9378 193.99342 184.94084 197.31445 180.53516 C 206.32216 168.58576 212.45054 153.61897 214.25391 139.16602 C 215.12252 132.20484 214.61883 117.47637 213.29297 111.08398 C 209.78028 94.150005 202.21109 79.847157 190.28906 67.607422 C 182.85636 59.976669 176.09023 54.946856 167.38477 50.582031 C 154.17528 43.958976 142.85757 41.282658 127.99023 41.267578 z M 144.16211 97.949219 L 136.73242 98.990234 L 132.11523 104.9043 L 139.54492 103.86133 L 144.16211 97.949219 z " + transform="matrix(0.26458333,0,0,0.26458333,141.21625,244.81668)" + id="path875" /> + <text + xml:space="preserve" + style="font-style:normal;font-weight:normal;font-size:10.58333302px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.26458332" + x="208.94958" + y="296.53955" + id="text819"><tspan + sodipodi:role="line" + x="208.94958" + y="296.53955" + style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:50.79999924px;font-family:Rajdhani;-inkscape-font-specification:'Rajdhani Bold';fill:#00acff;fill-opacity:1;stroke-width:0.26458332" + id="tspan853"> LibreWolf </tspan></text> + <flowRoot + xml:space="preserve" + id="flowRoot826" + style="font-style:normal;font-weight:normal;font-size:40px;line-height:1.25;font-family:sans-serif;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none" + transform="matrix(0.26458333,0,0,0.26458333,208.94958,260.82715)"><flowRegion + id="flowRegion828"><rect + id="rect830" + width="180" + height="148.57143" + x="-325.71429" + y="-259.30972" /></flowRegion><flowPara + id="flowPara832" /></flowRoot> </g> +</svg> diff --git a/branding/logo_2/Notes b/branding/logo_2/Notes new file mode 100644 index 0000000..3d2b9c8 --- /dev/null +++ b/branding/logo_2/Notes @@ -0,0 +1 @@ +Font used is Rajandi diff --git a/browser/README.md b/browser/README.md new file mode 100644 index 0000000..52b3746 --- /dev/null +++ b/browser/README.md @@ -0,0 +1,14 @@ +This folder contains all the required material to build the browser. + + +### Requirements +* Ubuntu or Linux Mint + +### Notes +* As this script installs files during the build, it is recommended to run this script in a VM or installation dedicated to building. +* You will occassionally need to enter your sudo password. Running this script as root has not been tested +* This script has been tested with Linux Mint 19.1 + +### Instructions +* Run build.sh inside this folder. + diff --git a/browser/build.sh b/browser/build.sh new file mode 100755 index 0000000..c7cde02 --- /dev/null +++ b/browser/build.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# PREBUILD ######################################################################################## + +# Prevents build from breaking in CI/CD environments +export SHELL=/bin/bash; + +# Downloads and immediately runs bootstrapper to install dependencies. +wget -nv -O - \ +https://hg.mozilla.org/mozilla-central/raw-file/default/python/mozboot/bin/bootstrap.py \ +| python - --application-choice=browser --no-interactive; + +# adds the new rust install to PATH +. $HOME/.cargo/env; + +# Downloads further dependencies +sudo apt install inkscape; + +# BUILD ########################################################################################### +# Creates and enters the folder where compiling will take place +mkdir work_dir; +cd work_dir; + +# Clones the firefox source code for compiling +hg clone https://hg.mozilla.org/releases/mozilla-release; + +# Generates and extracts our branding to the source code, changing it from firefox to librewolf +../scripts/generate_icons.sh; +cp -r ../source_files/* mozilla-release; + +# Bootstraps, builds and packages librewolf +cd mozilla-release; +./mach bootstrap --application-choice=browser --no-interactive; +./mach build; +./mach package; + +# POSTBUILD ####################################################################################### + +# moves the packaged tarball to the main folder +cd ../../; +cp ./work_dir/mozilla-release/obj*/dist/librewolf*.tar.bz2 ./; + +# Adds the librefox config files to the packaged tarball +PACKAGE_FILE_NAME="librewolf*.tar.bz2"; +tar -xvf ./$PACKAGE_FILE_NAME; +cp -r ../settings/* ./librewolf; +tar -jcvf ./$PACKAGE_FILE_NAME librewolf; +rm -rvf ./librewolf; + +# Cleanup ######################################################################################### +# todo: remove work dir + diff --git a/browser/scripts/generate_icons.sh b/browser/scripts/generate_icons.sh new file mode 100755 index 0000000..2587296 --- /dev/null +++ b/browser/scripts/generate_icons.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +SRC_DIR=`dirname $0`; + +# update these if the location/name of this script, the main icon file or the branding folder changes +ICON_FILE_PATH=$SRC_DIR/../../branding/icon/icon.svg; +BRANDING_FOLDER_PATH=$SRC_DIR/../source_files/browser/branding/librewolf; + +# generate icons and moves them to the branding folder +echo Generating icons from $ICON_FILE_PATH and moving to $BRANDING_FOLDER_PATH; + +# Linux Icons +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/default16.png --export-width=16 --export-height=16; +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/default32.png --export-width=32 --export-height=32; +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/default48.png --export-width=48 --export-height=48; +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/default64.png --export-width=64 --export-height=64; +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/default128.png --export-width=128 --export-height=128; + +# Windows Icons +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/VisualElements_70.png --export-width=70 --export-height=70; +inkscape --without-gui --file=$ICON_FILE_PATH --export-png=$BRANDING_FOLDER_PATH/VisualElements_150.png --export-width=150 --export-height=150; + +# Apple Icons diff --git a/browser/source_files/browser/branding/librewolf/background.png b/browser/source_files/browser/branding/librewolf/background.png Binary files differnew file mode 100644 index 0000000..1aa7a15 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/background.png diff --git a/browser/source_files/browser/branding/librewolf/bgstub.jpg b/browser/source_files/browser/branding/librewolf/bgstub.jpg Binary files differnew file mode 100644 index 0000000..79e381b --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/bgstub.jpg diff --git a/browser/source_files/browser/branding/librewolf/bgstub_2x.jpg b/browser/source_files/browser/branding/librewolf/bgstub_2x.jpg Binary files differnew file mode 100644 index 0000000..b971ce9 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/bgstub_2x.jpg diff --git a/browser/source_files/browser/branding/librewolf/branding.nsi b/browser/source_files/browser/branding/librewolf/branding.nsi new file mode 100644 index 0000000..36cc1d4 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/branding.nsi @@ -0,0 +1,50 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# NSIS branding defines for unofficial builds. +# The official release build branding.nsi is located in other-license/branding/firefox/ +# The nightly build branding.nsi is located in browser/installer/windows/nsis/ + +# BrandFullNameInternal is used for some registry and file system values +# instead of BrandFullName and typically should not be modified. +!define BrandFullNameInternal "LibreWolf" +!define BrandFullName "LibreWolf" +!define CompanyName "LibreWolf" +!define URLInfoAbout "https://www.libreWolf.gitlab.io" +!define HelpLink "https://github.com/LibreWolf-Browser" + +!define URLStubDownloadX86 "https://github.com/LibreWolf-Browser/LibreWolf/releases" +!define URLStubDownloadAMD64 "https://github.com/LibreWolf-Browser/LibreWolf/releases" +!define URLStubDownloadAArch64 "https://github.com/LibreWolf-Browser/LibreWolf/releases" +!define URLManualDownload "https://github.com/LibreWolf-Browser/LibreWolf/releases" +!define URLSystemRequirements "https://github.com/LibreWolf-Browser/LibreWolf" +!define Channel "unofficial" + +# The installer's certificate name and issuer expected by the stub installer +!define CertNameDownload "Mozilla Corporation" +!define CertIssuerDownload "DigiCert SHA2 Assured ID Code Signing CA" + +# Dialog units are used so the UI displays correctly with the system's DPI +# settings. +# The dialog units for the bitmap's dimensions should match exactly with the +# bitmap's width and height in pixels. +!define APPNAME_BMP_WIDTH_DU 159u +!define APPNAME_BMP_HEIGHT_DU 50u +!define INTRO_BLURB_WIDTH_DU "230u" +!define INTRO_BLURB_EDGE_DU "198u" +!define INTRO_BLURB_LTR_TOP_DU "16u" +!define INTRO_BLURB_RTL_TOP_DU "11u" +!define INSTALL_FOOTER_TOP_DU "-48u" + +# UI Colors that can be customized for each channel +!define FOOTER_CONTROL_TEXT_COLOR_NORMAL 0x000000 +!define FOOTER_CONTROL_TEXT_COLOR_FADED 0x999999 +!define FOOTER_BKGRD_COLOR 0xFFFFFF +!define INSTALL_FOOTER_TEXT_COLOR 0xFFFFFF +!define INTRO_BLURB_TEXT_COLOR 0xFFFFFF +!define INSTALL_BLURB_TEXT_COLOR 0xFFFFFF +!define INSTALL_PROGRESS_TEXT_COLOR_NORMAL 0xFFFFFF +!define COMMON_TEXT_COLOR_NORMAL 0xFFFFFF +!define COMMON_TEXT_COLOR_FADED 0xA1AAB3 +!define COMMON_BKGRD_COLOR 0x0F1B26 diff --git a/browser/source_files/browser/branding/librewolf/configure.sh b/browser/source_files/browser/branding/librewolf/configure.sh new file mode 100644 index 0000000..69a5b64 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/configure.sh @@ -0,0 +1,9 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +MOZ_APP_NAME=librewolf +MOZ_APP_BASENAME="LibreWolf" +MOZ_APP_PROFILE=librewolf +MOZ_APP_VENDOR=LibreWolf + diff --git a/browser/source_files/browser/branding/librewolf/content/about-background.png b/browser/source_files/browser/branding/librewolf/content/about-background.png Binary files differnew file mode 100644 index 0000000..9d2aa7d --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/about-background.png diff --git a/browser/source_files/browser/branding/librewolf/content/about-logo.png b/browser/source_files/browser/branding/librewolf/content/about-logo.png Binary files differnew file mode 100644 index 0000000..3da143e --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/about-logo.png diff --git a/browser/source_files/browser/branding/librewolf/content/about-wordmark.svg b/browser/source_files/browser/branding/librewolf/content/about-wordmark.svg new file mode 100644 index 0000000..60b278d --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/about-wordmark.svg @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> +<svg xmlns="http://www.w3.org/2000/svg" width="132px" height="48px" viewBox="0 0 132 48"> + <path fill="#fff" d="M60.6,14.3l-2.4-2.4C57,12.7,56,13,54.7,13c-3,0-3.8-1.4-7.6-1.4c-5.4,0-9.2,3.4-9.2,8.4 + c0,3.3,2.2,6.1,5.6,7.2c-3.4,1-4.5,2.2-4.5,4.3c0,2.2,1.8,3.6,4.7,3.6h3.8c2.5,0,3.9,0.2,4.9,0.9c0.9,0.6,1.4,1.6,1.4,3 + c0,3.1-2.2,4.4-6,4.4c-2,0-3.8-0.5-5.1-1.2c-0.9-0.6-1.5-1.6-1.5-2.9c0-0.8,0.3-1.7,0.7-2.2l-4.1,0.4c-0.3,1-0.5,1.7-0.5,2.6 + c0,3.5,3,6.4,10.8,6.4c6.1,0,9.9-2.5,9.9-7.9c0-2.1-0.8-3.9-2.7-5.3c-1.5-1.1-3.1-1.4-6-1.4h-4c-1.3,0-2-0.5-2-1.2 + c0-0.8,1.1-1.7,4.5-2.9c1.8,0,3.4-0.3,4.7-1.1c2.3-1.4,3.7-4.1,3.7-6.8c0-1.6-0.5-3-1.5-4.3c0.4,0.2,1.1,0.3,1.7,0.3 + C57.9,15.8,59,15.4,60.6,14.3z M47.1,24.8c-3.1,0-4.8-1.7-4.8-4.8c0-3.5,1.6-5.1,4.7-5.1c3.3,0,4.6,1.5,4.6,4.9 + C51.6,23.1,50.1,24.8,47.1,24.8z M30.7,1.3c-1.7,0-3,1.4-3,3.1s1.4,3,3,3c1.7,0,3.1-1.3,3.1-3C33.7,2.7,32.4,1.3,30.7,1.3z + M107.7,34.5c-1.1,0-1.4-0.6-1.4-2.5V6.5c0-3.8-0.6-5.9-0.6-5.9l-3.9,0.8c0,0,0.6,1.9,0.6,5.1v26.4c0,1.8,0.4,2.8,1.2,3.5 + c0.7,0.7,1.7,1,2.9,1c1,0,1.5-0.1,2.5-0.5l-0.8-2.5C108.2,34.4,107.8,34.5,107.7,34.5z M74.7,11.6c-3.2,0-6.1,1.8-8.3,3.9 + c0,0,0.2-1.8,0.2-3.4V6.3c0-3.8-0.7-5.9-0.7-5.9l-3.9,0.7c0,0,0.7,1.9,0.7,5.1V37h3.9V19.3c2.1-2.7,4.9-4.2,7.2-4.2 + c1.3,0,2.3,0.4,2.9,1c0.7,0.7,0.9,1.8,0.9,3.7V37h3.8V19.1c0-1.8-0.1-2.6-0.4-3.6C80.4,13.2,77.7,11.6,74.7,11.6z M127.4,12.1 + l-4.9,16.4c-0.6,2-1.6,5.2-1.6,5.2s-0.7-3.9-1.5-6.2l-5.1-16.2l-3.9,1.3l5.4,15.6c0.8,2.5,2.2,7.4,2.5,9l1.6-0.3 + c-1.3,5.1-2.5,6.7-5.7,7.6l1.2,2.7c4.4-1,6.4-4.3,8-9.3l8.6-25.8H127.4z M96.9,15l1.2-2.9h-6.2c0-3.3,0.5-7.2,0.5-7.2l-4.1,0.9 + c0,0-0.4,3.9-0.4,6.3h-3.2V15h3.2v17.1c0,2.5,0.7,4.1,2.4,5c0.9,0.4,1.9,0.7,3.3,0.7c1.8,0,3.1-0.4,4.4-1l-0.6-2.5 + c-0.7,0.3-1.3,0.5-2.4,0.5c-2.4,0-3.2-0.9-3.2-3.7V15H96.9z M28.6,37h4.1V11.5l-4.1,0.6V37z M18.9,21.3c0,5,0.4,10.5,0.4,10.5 + s-1.4-3.8-3.2-7.2L4.8,2.7H0V37h4.2L4,17.1c0-4.5-0.4-9.3-0.4-9.3s1.7,4.1,3.9,8.2l11,21h4.3V2.7h-4L18.9,21.3z"/> +</svg> diff --git a/browser/source_files/browser/branding/librewolf/content/about.png b/browser/source_files/browser/branding/librewolf/content/about.png Binary files differnew file mode 100644 index 0000000..58f4928 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/about.png diff --git a/browser/source_files/browser/branding/librewolf/content/aboutDialog.css b/browser/source_files/browser/branding/librewolf/content/aboutDialog.css new file mode 100644 index 0000000..e6a1d9e --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/aboutDialog.css @@ -0,0 +1,25 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#aboutDialogContainer { + background-image: url("chrome://branding/content/about-background.png"); + background-repeat: no-repeat; + background-color: #00acff; + color: #fff; +} + +.text-link { + color: #fff !important; + text-decoration: underline; +} + +#rightBox { + /* this margin prevents text from overlapping the planet image */ + margin-left: 280px; + margin-right: 20px; +} + +#bottomBox { + background-color: rgba(0,0,0,.7); +} diff --git a/browser/source_files/browser/branding/librewolf/content/horizontal-lockup.svg b/browser/source_files/browser/branding/librewolf/content/horizontal-lockup.svg new file mode 100644 index 0000000..07dc4e0 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/horizontal-lockup.svg @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> +<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1011.2 346"><path d="M497.6 247.9l-58.5-122.3c1 11.9 2.7 29.5 2.7 56.2v66h-18.6v-144h25.9l59.1 122.5c-.4-3.3-2.7-26.3-2.7-43.9v-78.6h18.6v144h-26.5v.1zm80.1-138.4c0 7.3-5.4 13-13.6 13-7.9 0-13.4-5.6-13.4-13 0-7.5 5.4-13.2 13.4-13.2 8.1 0 13.6 5.7 13.6 13.2zm-23 28.3h19.2v110.1h-19.2V137.8zm105.3 8.4c13 5.9 19.4 15 19.4 27.8 0 21.7-15.7 37.4-42 37.4-5 0-9.4-.6-14-2.1-3.1 2.3-5.4 6.3-5.4 10.2 0 5 3.1 9 14.4 9H650c22.6 0 37.6 13 37.6 30.5 0 21.3-17.6 33.4-51.6 33.4-35.9 0-47.2-11.1-47.2-33.4h17.3c0 12.5 5.6 18.4 29.9 18.4 23.8 0 32.2-6.1 32.2-17.1 0-10.5-8.4-15.7-22.2-15.7h-17.3c-19.6 0-28.4-9.8-28.4-20.9 0-7.1 4.2-14.2 12.1-19.4-12.7-6.7-18.6-16.3-18.6-30.5 0-22.6 18.2-38.5 42.4-38.5 27.4.6 37.4-4 50.4-9.8l5.6 17.3c-9.2 2.9-19.6 3.4-32.2 3.4zm-46.6 27.5c0 14.6 8.2 24.9 23.2 24.9s23.2-9.2 23.2-25.1c0-16.1-7.9-24.5-23.6-24.5-14.8.1-22.8 10.3-22.8 24.7zm172.2-4.8v79h-19.2v-76.3c0-16.5-7.1-21.3-17.6-21.3-11.9 0-20.5 7.7-27.8 19.2v78.4h-19.2V93.7l19.2-2.1V153c7.9-10.9 18.8-17.8 32.6-17.8 20.1.1 32 13 32 33.7zm59.4 81.5c-18.6 0-29.7-10.9-29.7-31.3v-66.5h-19.2v-14.8h19.2v-24.9l19.2-2.3v27.2h26.1l-2.1 14.8h-24v65.6c0 11.1 3.6 16.3 13.2 16.3 4.8 0 9.2-1.5 14.6-4.8l7.3 13.2c-7.3 5-15.2 7.5-24.6 7.5zm59.3-15.8c2.7 0 5-.4 7.1-1.3l5 13.4c-5.2 2.5-10.7 3.8-16.3 3.8-14 0-21.9-8.4-21.9-24.2V93.5l19.2-2.3v134.6c0 5.8 1.9 8.8 6.9 8.8zm18.9 57.9l-2.1-15c22.4-3.8 28.6-12.3 34.9-29.5h-6.5l-37-110.1H933l29.5 96.1 28.8-96.1h19.9l-36.8 110.8c-7.8 23.3-20.7 40.4-51.2 43.8z" fill="#363959"/><radialGradient id="a" cx="-7592.893" cy="-8773.69" r="306.995" gradientTransform="matrix(1.23 0 0 1.22 9568.41 10762.02)" gradientUnits="userSpaceOnUse"><stop offset=".02" stop-color="#005fe7"/><stop offset=".18" stop-color="#0042b4"/><stop offset=".32" stop-color="#002989"/><stop offset=".4" stop-color="#002079"/><stop offset=".47" stop-color="#131d78"/><stop offset=".66" stop-color="#3b1676"/><stop offset=".75" stop-color="#4a1475"/></radialGradient><path d="M172 346c95.2 0 172.2-77.5 172.2-173S267.1 0 172.1 0 0 77.3 0 172.9C-.2 268.6 77 346 172 346z" fill="url(#a)"/></svg>
\ No newline at end of file diff --git a/browser/source_files/browser/branding/librewolf/content/identity-icons-brand.svg b/browser/source_files/browser/branding/librewolf/content/identity-icons-brand.svg new file mode 100644 index 0000000..6c33113 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/identity-icons-brand.svg @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> +<svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" viewBox="0 0 32 32"> + <path fill="#144787" d="M15.953,30.000 C8.221,30.000 1.953,23.732 1.953,16.000 C1.953,8.268 8.221,2.000 15.953,2.000 C23.685,2.000 29.953,8.268 29.953,16.000 C29.953,23.732 23.685,30.000 15.953,30.000 ZM16.000,4.000 C9.373,4.000 4.000,9.373 4.000,16.000 C4.000,22.627 9.373,28.000 16.000,28.000 C22.627,28.000 28.000,22.627 28.000,16.000 C28.000,9.373 22.627,4.000 16.000,4.000 ZM27.085,16.311 C27.142,16.652 27.085,17.189 26.942,17.483 C26.885,17.958 26.784,18.470 26.561,18.931 C26.407,19.254 26.189,19.798 25.772,19.846 C25.646,19.858 25.319,20.214 25.283,20.155 C25.208,20.028 25.155,19.869 24.999,19.809 C24.873,19.751 24.990,19.698 24.895,19.643 C24.828,19.607 24.816,19.527 24.803,19.452 C24.756,19.459 24.710,19.469 24.668,19.492 C24.580,19.543 24.528,19.636 24.445,19.693 C24.391,19.671 24.300,19.631 24.307,19.561 C24.235,19.627 24.158,19.762 24.088,19.660 C24.030,19.576 24.071,19.459 24.068,19.367 C24.064,19.275 23.978,19.139 23.883,19.254 C23.816,19.334 23.769,19.345 23.665,19.365 C23.570,19.385 23.496,19.449 23.395,19.450 C23.156,19.456 23.176,19.563 23.117,19.744 C23.063,19.902 22.845,19.920 22.750,20.050 C22.700,20.117 22.549,20.431 22.421,20.318 C22.319,20.227 22.581,19.988 22.581,19.868 C22.581,19.767 22.498,19.709 22.475,19.618 C22.457,19.552 22.479,19.498 22.403,19.463 C22.448,19.376 22.500,19.239 22.455,19.142 C22.398,19.015 22.189,19.130 22.139,19.206 C22.088,19.277 21.964,19.523 21.848,19.374 C21.819,19.341 21.840,19.299 21.785,19.301 C21.747,19.301 21.720,19.325 21.702,19.354 C21.621,19.328 21.652,19.254 21.682,19.199 C21.770,19.040 21.781,18.864 21.900,18.718 C22.026,18.561 22.220,18.468 22.333,18.301 C22.372,18.242 22.441,18.131 22.385,18.064 C22.364,18.038 22.326,18.027 22.313,17.995 C22.297,17.956 22.315,17.913 22.310,17.874 C22.268,17.891 22.222,17.909 22.175,17.894 C22.169,17.851 22.175,17.805 22.164,17.761 C22.108,17.783 22.049,17.851 21.982,17.836 C21.919,17.823 21.927,17.867 21.857,17.865 C21.916,17.772 21.952,17.667 22.015,17.575 C22.051,17.521 22.101,17.473 22.130,17.413 C22.198,17.271 22.058,17.158 22.081,17.020 C22.106,16.863 22.281,16.825 22.417,16.839 C22.554,16.854 22.707,16.980 22.845,16.930 C22.975,16.887 23.014,16.706 22.977,16.590 C22.933,16.460 22.768,16.424 22.779,16.265 C22.784,16.172 22.831,16.089 22.813,15.996 C22.799,15.921 22.761,15.854 22.743,15.779 C22.700,15.598 22.867,15.549 22.923,15.405 C22.951,15.329 22.964,15.138 23.092,15.223 C23.205,15.300 23.158,15.476 23.266,15.564 C23.392,15.670 23.563,15.600 23.690,15.535 C23.796,15.480 23.958,15.425 24.012,15.314 C24.088,15.163 23.947,14.988 24.138,14.892 C24.217,14.853 24.415,14.744 24.505,14.779 C24.587,14.810 24.616,14.902 24.675,14.961 C24.699,14.882 24.731,14.810 24.781,14.748 C24.889,14.613 25.040,14.518 25.035,14.330 C25.082,14.104 25.010,14.119 24.970,13.940 C24.961,13.858 24.888,13.292 25.017,13.315 C25.310,13.366 25.065,12.676 25.022,12.563 C25.008,12.523 24.942,12.470 24.895,12.448 C24.767,12.330 24.692,12.528 24.611,12.454 C24.512,12.332 24.530,12.133 24.515,11.982 C24.490,11.818 24.397,11.698 24.393,11.534 C24.391,11.455 23.924,10.932 24.021,10.856 C24.079,10.823 24.816,10.879 24.776,10.823 C24.654,10.644 24.704,10.469 24.461,10.371 C24.307,10.307 24.204,10.138 24.055,10.065 C23.983,10.030 23.679,9.806 23.937,9.790 C24.106,9.779 23.902,9.526 23.827,9.502 C23.735,9.473 23.742,9.752 23.654,9.509 C23.635,9.469 23.273,9.012 23.264,9.056 C23.252,9.127 23.343,9.225 23.333,9.307 C23.306,9.533 22.982,9.108 22.993,9.125 C22.933,9.059 22.694,8.882 22.666,8.802 C22.671,8.819 22.774,8.629 22.775,8.629 C22.833,8.553 22.774,8.467 22.707,8.398 C22.624,8.314 22.486,8.305 22.473,8.177 C22.471,8.157 22.374,7.979 22.459,7.982 C22.529,7.988 22.754,8.172 22.836,8.210 C23.061,8.314 22.996,8.383 23.128,8.505 C23.313,8.638 23.606,8.799 23.768,8.997 C23.793,9.043 24.122,9.380 24.134,9.252 C24.138,9.209 24.019,8.872 23.971,8.855 C23.971,8.855 23.755,8.580 23.750,8.556 C23.751,8.565 23.408,8.154 23.493,8.168 C23.624,8.192 24.093,8.542 24.064,8.677 C24.044,8.766 24.221,8.830 24.248,8.912 C24.255,8.935 24.567,9.221 24.611,9.241 C24.658,9.263 24.819,9.415 24.855,9.460 C24.920,9.506 24.972,9.462 24.994,9.578 C25.003,9.631 25.087,9.819 25.114,9.855 C25.193,9.961 25.247,10.125 25.294,10.249 C25.360,10.431 25.319,10.633 25.323,10.821 C25.342,10.874 25.233,10.938 25.240,11.005 C25.253,11.111 25.254,11.235 25.269,11.329 C25.283,11.426 25.466,11.679 25.436,11.759 C25.366,11.907 25.416,11.891 25.486,12.027 C25.533,12.120 25.436,12.159 25.479,12.277 C25.296,12.295 25.477,12.379 25.360,12.421 C25.254,12.435 25.222,12.414 25.132,12.483 C25.100,12.506 25.506,13.100 25.580,12.526 C25.600,12.372 25.765,12.220 25.921,12.157 C26.006,12.120 26.087,12.281 26.110,12.120 C26.115,12.075 26.029,11.929 26.071,11.909 C26.155,11.878 26.299,12.539 26.365,12.588 C26.529,12.703 26.642,12.893 26.664,13.093 C26.687,13.325 27.108,13.685 27.021,13.898 C26.960,14.050 26.984,14.494 27.000,14.662 C27.027,14.841 27.085,14.984 27.086,15.176 C27.086,15.280 27.016,15.531 27.063,15.619 C27.169,15.815 27.050,16.103 27.085,16.311 ZM22.142,23.184 C22.112,23.125 22.171,23.051 22.238,23.053 C22.254,23.009 22.333,22.943 22.382,22.954 C22.416,22.963 22.419,23.000 22.453,22.969 C22.486,22.940 22.480,22.892 22.522,22.869 C22.633,22.801 22.687,22.918 22.624,23.003 C22.576,23.067 22.455,23.115 22.380,23.094 C22.284,23.069 22.231,23.151 22.142,23.184 ZM23.207,22.324 C23.239,22.315 23.270,22.260 23.306,22.269 C23.406,22.296 23.298,22.486 23.288,22.537 C23.275,22.612 23.284,22.763 23.169,22.745 L23.178,22.726 C23.171,22.725 23.158,22.726 23.151,22.728 C23.149,22.736 23.142,22.743 23.142,22.745 C23.147,22.701 23.158,22.644 23.137,22.603 C23.111,22.555 23.056,22.544 23.013,22.521 C22.969,22.499 22.959,22.482 22.986,22.442 C23.007,22.409 23.041,22.351 23.077,22.331 C23.117,22.311 23.164,22.338 23.207,22.324 ZM22.843,22.551 C22.923,22.537 22.969,22.582 23.023,22.635 C23.084,22.697 23.040,22.772 22.962,22.794 C22.887,22.818 22.856,22.754 22.786,22.754 C22.784,22.741 22.788,22.725 22.782,22.715 L22.784,22.717 C22.770,22.644 22.750,22.570 22.843,22.551 ZM21.519,24.762 C21.567,24.727 21.846,24.663 21.821,24.594 C21.794,24.527 21.833,24.497 21.894,24.472 C21.932,24.456 21.966,24.405 22.006,24.399 C22.036,24.472 22.031,24.559 22.135,24.559 C22.214,24.559 22.293,24.523 22.355,24.476 C22.432,24.421 22.439,24.330 22.536,24.295 C22.621,24.266 22.687,24.230 22.764,24.186 C22.833,24.148 22.894,24.066 22.975,24.056 C23.014,24.053 23.111,24.047 23.138,24.086 C23.178,24.144 23.007,24.248 22.971,24.277 C22.933,24.308 22.826,24.395 22.905,24.445 C22.964,24.479 23.050,24.417 23.102,24.395 C23.176,24.363 23.259,24.339 23.313,24.275 C23.363,24.217 23.378,24.138 23.448,24.097 C23.536,24.044 23.588,23.991 23.640,23.902 C23.674,23.845 23.670,23.783 23.719,23.732 C23.768,23.678 23.748,23.617 23.778,23.557 C23.830,23.464 23.868,23.572 23.893,23.610 C23.953,23.590 23.971,23.508 24.025,23.473 C24.059,23.452 24.122,23.435 24.138,23.393 C24.152,23.359 24.143,23.326 24.174,23.297 C24.231,23.242 24.357,23.260 24.429,23.226 C24.472,23.206 24.526,23.098 24.578,23.111 C24.487,23.399 24.310,23.603 24.102,23.820 C23.895,24.033 23.706,24.266 23.458,24.435 C23.205,24.609 22.957,24.793 22.680,24.931 C22.405,25.070 22.198,25.292 21.945,25.461 C21.384,25.837 20.791,26.207 20.145,26.425 C19.822,26.536 19.494,26.666 19.162,26.751 C19.054,26.779 18.944,26.802 18.835,26.828 C18.811,26.833 18.676,26.883 18.658,26.872 C18.648,26.848 18.444,26.892 18.414,26.908 C18.301,26.966 18.196,26.992 18.071,26.992 C17.968,26.992 17.857,26.963 17.765,27.012 C17.733,27.030 17.578,27.065 17.628,26.974 C17.655,26.924 17.821,26.954 17.862,26.954 C17.963,26.952 18.056,26.912 18.150,26.879 C18.270,26.839 18.383,26.793 18.504,26.755 C18.570,26.735 18.631,26.724 18.687,26.688 C18.784,26.624 18.892,26.637 18.993,26.598 C19.061,26.573 19.104,26.473 19.201,26.498 C19.250,26.511 19.275,26.533 19.329,26.533 C19.399,26.531 19.370,26.513 19.385,26.462 C19.403,26.392 19.458,26.381 19.487,26.438 C19.525,26.511 19.644,26.394 19.694,26.381 C19.771,26.363 19.759,26.287 19.866,26.290 C19.962,26.296 20.025,26.216 20.116,26.197 C20.163,26.186 20.285,26.190 20.310,26.145 C20.187,26.148 20.064,26.166 19.947,26.214 C19.825,26.263 19.710,26.334 19.579,26.360 C19.457,26.381 19.329,26.369 19.207,26.396 C19.090,26.422 18.986,26.482 18.874,26.520 C18.777,26.555 18.653,26.580 18.556,26.531 C18.448,26.473 18.551,26.391 18.624,26.372 C18.720,26.350 18.836,26.365 18.919,26.305 C18.986,26.258 19.005,26.172 19.025,26.099 C18.982,26.103 18.525,26.137 18.667,26.010 C18.732,25.950 18.835,25.935 18.919,25.917 C19.013,25.897 19.102,25.851 19.201,25.855 C19.324,25.860 19.401,25.950 19.520,25.868 C19.590,25.820 19.647,25.747 19.728,25.716 C19.807,25.684 19.904,25.746 19.976,25.693 C20.039,25.645 20.052,25.567 20.138,25.545 C20.224,25.523 20.384,25.545 20.399,25.418 C20.408,25.352 20.267,25.281 20.230,25.230 C20.183,25.164 20.122,25.079 20.066,25.020 C20.028,24.982 19.915,24.969 19.920,24.904 C19.929,24.802 20.086,24.807 20.156,24.791 C20.266,24.763 20.348,24.703 20.467,24.729 C20.569,24.749 20.647,24.763 20.738,24.703 C20.819,24.650 20.891,24.596 20.986,24.569 C20.943,24.654 20.934,24.754 20.879,24.835 C20.830,24.904 20.749,24.947 20.695,25.015 C20.542,25.206 20.843,25.316 20.879,25.172 C20.897,25.095 20.857,25.039 20.952,24.999 C21.010,24.975 21.102,24.977 21.110,24.907 C21.123,24.820 21.227,24.762 21.312,24.751 C21.400,24.738 21.497,24.663 21.583,24.671 C21.562,24.691 21.508,24.727 21.519,24.762 ZM19.358,6.878 C19.266,7.018 19.200,7.122 19.066,7.232 C18.993,7.294 19.013,7.534 18.871,7.436 C18.822,7.401 18.820,7.388 18.748,7.396 C18.700,7.401 18.649,7.447 18.639,7.487 C18.612,7.492 18.581,7.587 18.547,7.525 C18.527,7.534 18.419,7.572 18.400,7.563 C18.371,7.551 18.347,7.478 18.319,7.454 C18.245,7.394 18.373,7.308 18.310,7.246 C18.263,7.199 18.205,7.193 18.151,7.226 C18.065,7.283 18.029,7.228 17.946,7.244 C17.858,7.261 17.905,7.195 17.891,7.131 C17.853,7.113 17.808,7.117 17.770,7.128 C17.720,7.142 17.736,7.152 17.731,7.173 C17.713,7.157 17.630,7.152 17.618,7.150 C17.610,7.117 17.702,7.062 17.707,7.011 C17.707,6.997 17.689,6.860 17.684,6.855 C17.616,6.805 17.722,6.776 17.761,6.811 C17.806,6.849 17.844,6.778 17.902,6.802 C17.907,6.774 17.799,6.742 17.776,6.738 C17.715,6.729 17.653,6.800 17.589,6.807 C17.567,6.809 17.475,6.842 17.463,6.813 C17.452,6.791 17.468,6.758 17.475,6.738 C17.443,6.711 17.407,6.694 17.364,6.691 C17.299,6.685 17.233,6.705 17.173,6.672 C17.098,6.629 17.057,6.599 16.969,6.585 C16.906,6.574 16.852,6.537 16.843,6.474 C16.834,6.423 16.808,6.293 16.821,6.242 C16.893,6.228 16.846,6.304 16.904,6.308 C16.963,6.312 17.008,6.330 17.067,6.337 C17.118,6.343 17.191,6.377 17.242,6.361 C17.324,6.335 17.348,6.204 17.395,6.193 C17.393,6.175 17.382,6.160 17.366,6.149 C17.404,6.140 17.441,6.128 17.472,6.106 C17.445,6.091 17.382,6.133 17.391,6.075 C17.398,6.033 17.423,5.996 17.429,5.954 C17.438,5.869 17.231,5.867 17.181,5.887 C17.139,5.902 17.102,5.931 17.076,5.967 C17.037,6.025 16.994,6.000 16.925,5.991 C16.938,5.900 16.871,5.883 16.818,5.825 C16.742,5.745 16.690,5.636 16.699,5.528 C16.706,5.439 16.629,5.364 16.690,5.278 C16.785,5.145 17.116,5.151 17.272,5.206 C17.623,5.224 17.968,5.258 18.310,5.355 C18.696,5.464 19.038,5.663 19.417,5.781 C19.597,5.836 19.649,5.934 19.590,6.104 C19.539,6.250 19.669,6.293 19.784,6.333 C19.886,6.372 20.003,6.441 19.955,6.568 C19.913,6.678 19.759,6.701 19.658,6.718 C19.530,6.738 19.430,6.765 19.358,6.878 ZM16.767,16.426 C16.812,16.438 16.868,16.393 16.922,16.404 C16.956,16.411 16.963,16.433 16.990,16.444 C17.021,16.460 17.021,16.460 17.051,16.453 C17.073,16.438 17.096,16.433 17.127,16.449 C17.147,16.462 17.152,16.484 17.179,16.493 C17.218,16.510 17.247,16.493 17.289,16.491 C17.350,16.500 17.377,16.542 17.420,16.482 C17.447,16.426 17.459,16.373 17.526,16.373 C17.578,16.377 17.618,16.400 17.578,16.442 C17.553,16.473 17.535,16.502 17.538,16.551 C17.549,16.590 17.582,16.590 17.610,16.566 C17.643,16.533 17.653,16.473 17.709,16.466 C17.759,16.462 17.804,16.508 17.857,16.511 C17.882,16.513 17.905,16.508 17.932,16.517 C17.961,16.526 17.972,16.539 17.991,16.551 C18.040,16.571 18.076,16.553 18.115,16.577 C18.189,16.632 18.220,16.715 18.277,16.774 C18.311,16.807 18.364,16.817 18.391,16.852 C18.403,16.874 18.409,16.889 18.419,16.903 C18.439,16.914 18.459,16.925 18.473,16.947 C18.500,16.981 18.480,17.011 18.475,17.052 C18.468,17.087 18.484,17.116 18.502,17.153 C18.531,17.195 18.579,17.322 18.489,17.328 C18.466,17.335 18.432,17.335 18.414,17.331 C18.382,17.331 18.400,17.335 18.378,17.315 C18.346,17.291 18.313,17.266 18.283,17.242 C18.238,17.202 18.240,17.145 18.211,17.094 C18.195,17.065 18.162,17.054 18.124,17.038 C18.103,17.020 18.090,17.020 18.060,17.001 C18.033,16.992 18.008,16.998 17.975,16.998 C17.923,16.996 17.849,16.932 17.821,16.890 C17.804,16.861 17.801,16.847 17.767,16.847 C17.742,16.845 17.715,16.867 17.688,16.867 C17.621,16.867 17.571,16.830 17.499,16.848 C17.436,16.865 17.384,16.852 17.314,16.845 C17.240,16.848 17.161,16.836 17.105,16.785 C17.073,16.759 17.055,16.723 17.015,16.699 C16.979,16.692 16.938,16.694 16.911,16.684 C16.848,16.668 16.769,16.655 16.711,16.628 C16.665,16.608 16.636,16.566 16.595,16.535 C16.546,16.506 16.474,16.491 16.424,16.462 C16.379,16.449 16.264,16.422 16.318,16.375 C16.345,16.351 16.406,16.329 16.440,16.327 C16.501,16.336 16.505,16.386 16.546,16.415 C16.578,16.440 16.625,16.429 16.659,16.397 C16.679,16.375 16.674,16.358 16.704,16.377 C16.731,16.386 16.747,16.415 16.767,16.426 ZM16.489,5.335 C16.436,5.355 16.381,5.339 16.325,5.351 C16.325,5.348 16.323,5.342 16.323,5.339 C16.285,5.328 16.242,5.295 16.257,5.253 C16.303,5.233 16.589,5.189 16.598,5.257 C16.604,5.293 16.515,5.324 16.489,5.335 ZM15.832,5.765 C15.861,5.889 15.724,6.033 15.696,6.158 C15.671,6.273 15.550,6.434 15.455,6.505 C15.354,6.581 15.158,6.740 15.027,6.700 C14.950,6.678 14.871,6.658 14.791,6.638 C14.711,6.618 14.644,6.548 14.572,6.530 C14.617,6.417 14.687,6.558 14.741,6.477 C14.747,6.501 14.799,6.523 14.820,6.499 C14.844,6.477 14.822,6.415 14.822,6.388 C14.820,6.319 14.939,6.235 15.002,6.228 C15.047,6.224 15.099,6.226 15.137,6.200 C15.185,6.166 15.223,6.202 15.286,6.186 C15.331,6.177 15.503,6.078 15.480,6.018 C15.392,6.027 15.354,6.018 15.277,6.082 C15.293,6.020 15.419,5.951 15.399,5.894 C15.338,5.896 15.336,5.980 15.279,5.989 C15.223,5.998 15.214,5.892 15.182,5.865 C15.043,5.750 14.982,6.140 14.854,6.107 C14.797,6.093 14.815,6.013 14.732,6.029 C14.630,6.049 14.603,6.122 14.596,6.215 C14.592,6.268 14.500,6.330 14.459,6.379 C14.394,6.457 14.311,6.441 14.236,6.388 C14.171,6.344 14.180,6.242 14.101,6.215 C14.026,6.188 13.929,6.210 13.860,6.250 C13.778,6.297 13.736,6.394 13.657,6.437 C13.583,6.474 13.461,6.461 13.384,6.465 C13.339,6.466 13.136,6.492 13.157,6.397 C13.172,6.330 13.215,6.275 13.138,6.228 C13.098,6.202 13.019,6.153 13.062,6.097 C13.098,6.051 13.175,6.053 13.197,5.996 C13.127,5.958 13.031,5.947 13.035,5.849 C12.924,5.829 12.884,5.927 12.814,5.980 C12.717,6.051 12.773,5.914 12.792,5.882 C12.818,5.838 12.866,5.774 12.915,5.758 C12.965,5.739 12.969,5.690 13.003,5.656 L12.990,5.667 C12.951,5.628 12.933,5.550 12.951,5.499 C12.972,5.437 13.048,5.448 13.100,5.441 C13.256,5.422 13.431,5.288 13.592,5.340 C13.745,5.391 13.848,5.300 14.002,5.306 C14.080,5.308 14.169,5.293 14.247,5.286 C14.329,5.277 14.394,5.227 14.480,5.227 C14.542,5.227 14.680,5.238 14.631,5.328 C14.606,5.377 14.576,5.462 14.673,5.455 C14.800,5.446 14.887,5.264 15.005,5.237 C15.086,5.216 15.045,5.306 15.020,5.335 C15.011,5.344 14.915,5.492 14.993,5.461 C15.011,5.452 15.025,5.439 15.036,5.422 C15.063,5.380 15.111,5.377 15.160,5.364 C15.253,5.339 15.342,5.309 15.431,5.275 C15.604,5.207 15.669,5.282 15.818,5.349 C15.863,5.371 16.160,5.346 16.131,5.441 C16.111,5.504 15.976,5.534 15.920,5.552 C15.789,5.594 15.807,5.648 15.832,5.765 ZM12.967,8.084 C12.936,8.126 12.792,8.137 12.760,8.097 C12.764,8.090 12.767,8.077 12.774,8.072 L12.742,8.086 C12.694,8.134 12.623,8.154 12.557,8.145 C12.559,8.110 12.541,8.057 12.555,8.026 C12.571,7.993 12.614,7.984 12.638,7.957 C12.679,7.908 12.704,7.835 12.753,7.793 C12.807,7.747 12.907,7.731 12.927,7.815 C12.949,7.895 12.868,7.928 12.853,7.991 C12.909,7.988 13.008,8.032 12.967,8.084 ZM12.708,6.525 C12.735,6.534 12.771,6.548 12.803,6.552 C12.783,6.576 12.776,6.609 12.830,6.594 C12.803,6.652 12.746,6.714 12.683,6.731 C12.611,6.749 12.528,6.732 12.474,6.793 C12.386,6.893 12.501,7.060 12.631,7.008 C12.643,7.057 12.607,7.068 12.647,7.084 C12.530,7.226 12.440,7.387 12.298,7.166 C12.165,6.960 11.940,7.117 11.804,7.241 C11.654,7.376 11.638,7.600 11.856,7.676 C11.994,7.725 11.973,7.742 11.870,7.831 C11.917,7.886 11.775,7.937 11.759,8.004 C11.796,7.964 11.874,7.970 11.886,7.906 C11.951,7.917 11.911,7.837 11.960,7.848 C12.082,7.873 11.928,8.001 11.906,8.026 C11.949,8.055 11.998,8.032 12.045,8.032 C12.086,8.032 12.125,8.059 12.165,8.052 C12.221,8.044 12.194,7.999 12.230,7.982 C12.294,7.955 12.253,8.061 12.244,8.073 C12.205,8.130 12.176,8.248 12.109,8.261 C12.048,8.272 12.014,8.283 12.025,8.360 C12.034,8.432 12.057,8.425 12.009,8.502 C11.940,8.606 12.055,8.642 12.071,8.726 C12.088,8.815 12.061,8.791 12.140,8.830 C12.206,8.862 12.273,8.857 12.343,8.868 C12.426,8.879 12.566,8.782 12.537,8.689 C12.523,8.644 12.516,8.620 12.550,8.584 C12.573,8.558 12.640,8.502 12.674,8.544 C12.641,8.498 12.701,8.465 12.708,8.420 C12.715,8.365 12.814,8.374 12.778,8.303 C12.758,8.268 12.638,8.230 12.650,8.210 C12.728,8.201 12.810,8.190 12.884,8.221 C13.003,8.272 13.046,8.471 13.202,8.398 C13.366,8.321 13.483,8.163 13.529,7.995 C13.565,7.860 13.454,7.829 13.350,7.791 C13.287,7.767 13.278,7.727 13.249,7.669 C13.217,7.603 13.342,7.536 13.245,7.521 C13.125,7.501 13.084,7.376 13.209,7.325 C13.267,7.303 13.328,7.317 13.386,7.301 C13.438,7.286 13.458,7.144 13.506,7.228 C13.510,7.166 13.666,7.232 13.715,7.228 C13.783,7.223 13.729,7.164 13.790,7.172 C13.830,7.179 13.855,7.217 13.894,7.221 C13.948,7.226 13.947,7.181 13.984,7.162 C14.035,7.141 14.069,7.210 14.110,7.219 C14.155,7.228 14.202,7.261 14.249,7.239 C14.283,7.223 14.342,7.197 14.349,7.261 C14.362,7.348 14.405,7.403 14.414,7.478 C14.423,7.552 14.601,7.554 14.489,7.653 C14.425,7.709 14.358,7.815 14.263,7.786 C14.204,7.769 14.216,7.798 14.162,7.831 C14.114,7.860 14.107,7.913 14.063,7.917 C13.925,7.930 14.083,8.044 14.078,8.110 C14.072,8.166 14.112,8.194 14.114,8.245 C14.117,8.301 14.071,8.361 14.063,8.418 C14.051,8.503 14.216,8.647 14.263,8.718 C14.344,8.841 14.425,8.955 14.560,9.026 C14.644,9.070 14.684,9.165 14.763,9.216 C14.802,9.241 14.862,9.225 14.863,9.274 C14.863,9.320 14.858,9.371 14.874,9.416 C14.894,9.478 15.023,9.487 15.079,9.487 C15.088,9.588 15.235,9.480 15.279,9.469 C15.180,9.584 15.104,9.693 14.986,9.793 C14.930,9.839 14.865,9.899 14.790,9.910 C14.725,9.921 14.673,9.883 14.619,9.939 C14.576,9.983 14.585,10.052 14.543,10.100 C14.504,10.145 14.421,10.152 14.371,10.191 C14.347,10.207 14.112,10.371 14.128,10.251 C14.133,10.209 14.160,10.176 14.169,10.136 C14.182,10.080 14.117,10.076 14.092,10.049 C14.049,10.003 14.020,10.038 14.008,9.957 C14.000,9.912 13.986,9.861 13.945,9.832 C13.876,9.784 13.898,9.786 13.866,9.708 C13.840,9.646 13.781,9.606 13.758,9.546 C13.700,9.404 13.716,9.256 13.616,9.127 C13.612,9.178 13.652,9.220 13.635,9.260 C13.619,9.303 13.632,9.373 13.657,9.411 C13.569,9.404 13.513,9.376 13.450,9.316 C13.422,9.291 13.328,9.200 13.289,9.254 C13.337,9.249 13.441,9.394 13.504,9.425 C13.648,9.497 13.648,9.548 13.587,9.695 C13.646,9.706 13.736,9.655 13.776,9.724 C13.812,9.786 13.756,9.854 13.864,9.852 C13.848,9.996 13.706,10.089 13.698,10.234 C13.693,10.316 13.725,10.386 13.698,10.469 C13.670,10.557 13.600,10.633 13.506,10.659 C13.276,10.721 13.175,10.484 13.094,10.331 C13.060,10.267 12.974,10.209 12.898,10.245 C12.868,10.260 12.855,10.293 12.825,10.307 C12.767,10.336 12.706,10.322 12.652,10.362 C12.587,10.409 12.551,10.495 12.469,10.521 C12.418,10.537 12.350,10.521 12.307,10.553 C12.280,10.573 12.273,10.608 12.271,10.639 C12.235,10.646 12.208,10.670 12.185,10.697 C12.136,10.754 12.041,10.790 12.003,10.847 C11.951,10.923 12.066,10.992 12.057,11.069 C12.052,11.115 11.976,11.231 11.940,11.244 C11.777,11.300 11.894,11.463 11.937,11.554 C11.946,11.572 11.953,11.597 11.929,11.610 C11.890,11.634 11.904,11.650 11.929,11.698 C11.971,11.776 12.037,11.836 12.106,11.893 C12.163,11.938 12.289,11.965 12.305,12.031 C12.334,12.149 12.251,12.244 12.185,12.335 C12.133,12.406 12.091,12.488 12.055,12.568 C12.037,12.607 12.037,12.707 12.001,12.731 C11.852,12.829 11.879,12.435 11.707,12.526 C11.600,12.583 11.572,12.751 11.439,12.767 C11.370,12.776 11.343,12.705 11.334,12.652 C11.297,12.652 11.253,12.649 11.219,12.630 C11.140,12.592 11.192,12.567 11.210,12.512 C11.237,12.425 11.327,12.435 11.392,12.390 C11.475,12.332 11.396,12.281 11.397,12.211 C11.336,12.204 11.286,12.111 11.252,12.069 C11.183,11.989 11.117,11.987 11.018,11.985 C10.975,11.985 10.941,11.956 10.905,11.936 C10.892,11.985 10.712,11.934 10.651,11.965 C10.596,11.995 10.518,12.162 10.603,12.180 C10.572,12.250 10.491,12.328 10.502,12.405 C10.506,12.430 10.551,12.415 10.515,12.454 C10.486,12.483 10.480,12.526 10.473,12.565 C10.443,12.740 10.491,12.900 10.538,13.064 C10.459,13.084 10.383,13.122 10.310,13.162 C10.367,13.091 10.302,12.973 10.204,13.004 C10.204,13.039 10.191,13.071 10.177,13.100 C10.119,13.113 10.080,13.111 10.053,13.062 C10.015,12.993 10.056,13.013 10.087,12.960 C10.150,12.851 10.011,12.709 9.956,12.836 C9.952,12.725 9.761,12.548 9.729,12.762 C9.720,12.829 9.758,12.958 9.628,12.915 C9.571,12.896 9.510,12.771 9.499,12.716 C9.490,12.820 9.603,12.873 9.585,12.960 C9.576,13.009 9.481,13.090 9.441,13.126 C9.508,13.124 9.580,13.120 9.645,13.130 C9.643,13.179 9.601,13.206 9.601,13.268 C9.589,13.270 9.576,13.274 9.565,13.275 C9.610,13.332 9.574,13.414 9.558,13.476 C9.537,13.472 9.502,13.485 9.481,13.483 C9.477,13.518 9.463,13.538 9.434,13.529 C9.438,13.540 9.436,13.549 9.431,13.558 C9.420,13.567 9.407,13.567 9.396,13.560 C9.396,13.543 9.386,13.518 9.387,13.501 C9.334,13.552 9.305,13.470 9.245,13.481 C9.236,13.567 9.244,13.651 9.125,13.625 C9.078,13.616 8.979,13.507 8.934,13.520 C8.915,13.525 8.902,13.552 8.893,13.583 C8.871,13.574 8.846,13.569 8.818,13.567 C8.728,13.560 8.663,13.642 8.555,13.629 C8.435,13.614 8.418,13.629 8.320,13.698 C8.233,13.760 8.172,13.685 8.086,13.669 C8.028,13.658 7.971,13.656 7.915,13.640 C7.892,13.633 7.863,13.620 7.849,13.600 C7.822,13.560 7.726,13.569 7.676,13.563 C7.466,13.545 7.257,13.549 7.070,13.658 C6.928,13.742 6.752,13.875 6.723,14.046 C6.676,14.327 7.052,14.356 7.218,14.476 C7.431,14.629 6.987,14.759 6.881,14.797 C6.756,14.841 6.632,14.901 6.536,14.995 C6.461,15.068 6.412,15.243 6.277,15.185 C6.087,15.101 5.939,14.870 5.832,14.704 C5.745,14.664 5.666,14.383 5.655,14.294 C5.648,14.239 5.549,14.061 5.627,14.046 C5.643,14.001 5.601,13.953 5.583,13.917 C5.549,13.846 5.571,13.762 5.540,13.687 C5.508,13.611 5.630,13.479 5.614,13.385 C5.607,13.345 5.574,13.326 5.609,13.286 C5.652,13.233 5.659,13.195 5.670,13.130 C5.690,13.022 5.817,13.031 5.846,12.936 C5.855,12.909 5.857,12.856 5.893,12.847 C5.965,12.829 5.884,12.953 5.921,12.982 C5.923,12.884 5.956,12.789 5.956,12.687 C5.956,12.567 5.977,12.448 5.995,12.330 C6.008,12.239 6.024,12.146 6.065,12.064 C6.094,12.011 6.099,11.832 5.990,11.918 C5.986,11.721 5.988,11.524 6.024,11.331 C6.065,11.107 6.164,10.910 6.267,10.710 C6.466,10.324 6.626,9.908 6.869,9.546 C6.987,9.369 7.126,9.207 7.246,9.030 C7.309,8.934 7.378,8.841 7.426,8.737 C7.471,8.640 7.548,8.585 7.620,8.507 C7.750,8.369 7.854,8.237 8.009,8.119 C8.075,8.068 8.149,7.973 8.242,7.995 C8.345,8.017 8.375,7.937 8.449,7.889 C8.447,7.953 8.460,8.001 8.451,8.066 C8.508,8.004 8.546,7.917 8.598,7.849 C8.672,7.758 8.756,7.676 8.857,7.612 C8.895,7.587 8.920,7.547 8.960,7.523 C8.990,7.507 9.026,7.509 9.057,7.492 C9.093,7.470 9.316,7.357 9.283,7.319 C9.157,7.168 8.710,7.729 8.578,7.704 C8.573,7.633 8.758,7.538 8.809,7.503 C8.956,7.405 9.096,7.277 9.236,7.168 C9.384,7.053 9.533,6.931 9.691,6.829 C9.765,6.783 9.846,6.751 9.914,6.698 C9.963,6.661 10.017,6.589 10.089,6.598 C10.081,6.747 10.202,6.612 10.259,6.598 C10.400,6.563 10.547,6.463 10.678,6.404 C10.761,6.366 11.435,5.923 11.466,6.046 C11.529,6.053 11.561,5.965 11.640,5.978 C11.743,5.993 11.807,5.947 11.890,5.894 C12.027,5.805 12.172,5.716 12.312,5.632 C12.366,5.601 12.415,5.594 12.406,5.672 C12.400,5.719 12.303,5.739 12.269,5.759 C12.206,5.798 12.160,5.854 12.122,5.916 C12.064,6.007 11.985,6.080 11.920,6.168 C11.985,6.182 12.016,6.128 12.071,6.109 C12.140,6.089 12.154,6.142 12.224,6.098 C12.257,6.080 12.289,6.104 12.316,6.115 C12.356,6.131 12.365,6.106 12.397,6.093 C12.444,6.075 12.499,6.169 12.562,6.171 C12.758,6.171 12.357,6.397 12.553,6.426 C12.636,6.437 12.631,6.497 12.708,6.525 ZM12.925,6.519 C12.893,6.521 12.868,6.543 12.836,6.550 C12.827,6.552 12.814,6.552 12.803,6.552 C12.810,6.543 12.819,6.536 12.827,6.532 C12.857,6.519 12.893,6.517 12.925,6.519 ZM7.191,20.631 C7.273,20.622 7.280,20.739 7.342,20.770 C7.342,20.762 7.343,20.759 7.345,20.753 C7.390,20.788 7.412,20.824 7.421,20.882 C7.430,20.954 7.448,20.992 7.473,21.057 C7.491,21.103 7.494,21.205 7.426,21.221 C7.365,21.234 7.349,21.156 7.307,21.128 C7.200,21.057 7.047,21.183 7.002,20.999 C6.984,20.928 6.993,20.881 6.943,20.819 C6.903,20.770 6.860,20.739 6.896,20.671 C6.950,20.571 7.122,20.522 7.191,20.631 ZM7.360,20.726 C7.356,20.737 7.351,20.744 7.345,20.753 C7.340,20.748 7.334,20.744 7.329,20.740 L7.360,20.726 ZM7.298,20.467 C7.237,20.411 7.275,20.221 7.370,20.301 C7.410,20.332 7.426,20.425 7.405,20.462 C7.378,20.507 7.322,20.527 7.298,20.467 ZM7.521,14.913 C7.548,14.895 7.548,14.870 7.565,14.848 C7.588,14.815 7.606,14.817 7.636,14.830 C7.647,14.835 7.660,14.848 7.676,14.842 C7.699,14.833 7.678,14.824 7.694,14.819 C7.751,14.766 7.748,14.850 7.746,14.893 C7.748,14.943 7.768,14.928 7.795,14.952 C7.818,14.970 7.798,14.984 7.805,15.008 C7.814,15.030 7.843,15.037 7.861,15.065 C7.881,15.090 7.870,15.112 7.856,15.141 C7.805,15.218 7.705,15.178 7.640,15.141 C7.611,15.134 7.574,15.105 7.550,15.088 C7.527,15.072 7.496,15.057 7.473,15.041 C7.444,15.034 7.403,15.014 7.410,14.986 C7.412,14.968 7.458,14.935 7.475,14.930 L7.521,14.913 ZM16.778,18.530 C16.859,18.576 16.931,18.607 17.024,18.572 C17.107,18.539 17.164,18.488 17.260,18.497 C17.373,18.507 17.386,18.572 17.425,18.658 C17.486,18.789 17.698,18.758 17.670,18.940 C17.520,19.022 17.664,19.144 17.704,19.248 C17.724,19.301 17.720,19.359 17.722,19.416 C17.722,19.458 17.738,19.529 17.704,19.561 C17.673,19.591 17.603,19.591 17.564,19.600 C17.510,19.614 17.458,19.642 17.402,19.649 C17.305,19.664 17.229,19.600 17.141,19.667 C17.107,19.693 17.082,19.725 17.042,19.746 C16.997,19.767 16.942,19.775 16.893,19.786 C16.846,19.797 16.791,19.815 16.744,19.795 C16.706,19.778 16.688,19.736 16.652,19.716 C16.564,19.665 16.427,19.756 16.341,19.784 C16.273,19.806 16.147,19.875 16.075,19.840 C15.971,19.789 16.116,19.654 16.145,19.600 C16.190,19.510 16.170,19.410 16.192,19.315 C16.154,19.312 16.149,19.283 16.118,19.270 C16.107,19.264 16.080,19.266 16.068,19.263 C16.053,19.261 16.039,19.252 16.025,19.248 C16.019,19.292 15.949,19.334 15.951,19.272 C15.931,19.266 15.915,19.261 15.897,19.255 C15.899,19.219 15.965,19.099 16.010,19.100 L15.998,19.090 C16.111,18.986 16.235,18.865 16.391,18.833 C16.463,18.816 16.551,18.791 16.602,18.732 C16.659,18.667 16.589,18.596 16.607,18.523 C16.627,18.439 16.729,18.503 16.778,18.530 ZM17.698,17.537 C17.704,17.564 17.756,17.581 17.754,17.605 C17.754,17.616 17.691,17.621 17.680,17.621 C17.646,17.632 17.610,17.632 17.582,17.648 C17.560,17.659 17.542,17.676 17.519,17.687 C17.432,17.725 17.497,17.597 17.497,17.552 C17.502,17.512 17.465,17.406 17.504,17.366 L17.499,17.339 C17.499,17.315 17.488,17.293 17.506,17.266 C17.511,17.247 17.546,17.237 17.564,17.220 C17.587,17.209 17.610,17.176 17.632,17.198 C17.644,17.209 17.650,17.227 17.650,17.238 C17.666,17.255 17.684,17.273 17.695,17.295 C17.700,17.322 17.700,17.357 17.688,17.379 C17.682,17.419 17.693,17.430 17.698,17.468 C17.698,17.492 17.688,17.513 17.698,17.537 ZM18.757,18.490 C18.745,18.519 18.682,18.516 18.649,18.510 C18.631,18.510 18.613,18.510 18.595,18.494 C18.576,18.476 18.590,18.446 18.561,18.452 C18.536,18.448 18.522,18.477 18.493,18.481 C18.482,18.485 18.461,18.474 18.446,18.485 C18.376,18.497 18.414,18.514 18.407,18.563 C18.405,18.607 18.355,18.636 18.369,18.678 C18.378,18.718 18.407,18.767 18.425,18.802 C18.486,18.955 18.277,18.829 18.232,18.791 C18.186,18.760 18.141,18.740 18.133,18.683 C18.117,18.640 18.121,18.598 18.115,18.552 C18.107,18.441 18.141,18.333 18.151,18.224 C18.153,18.164 18.139,18.120 18.130,18.064 C18.115,18.022 18.076,17.982 18.119,17.949 C18.146,17.891 18.130,17.861 18.115,17.801 C18.099,17.759 18.092,17.738 18.087,17.692 C18.096,17.581 18.015,17.508 17.988,17.397 C17.977,17.348 18.000,17.298 18.060,17.326 L18.103,17.346 C18.119,17.371 18.115,17.395 18.141,17.399 C18.177,17.415 18.263,17.349 18.286,17.397 C18.293,17.417 18.272,17.424 18.279,17.446 C18.288,17.468 18.310,17.477 18.324,17.484 C18.367,17.504 18.405,17.523 18.416,17.572 C18.416,17.590 18.409,17.603 18.425,17.628 C18.443,17.646 18.461,17.645 18.479,17.645 C18.531,17.652 18.588,17.643 18.610,17.688 C18.648,17.741 18.569,17.739 18.565,17.783 C18.561,17.825 18.603,17.852 18.624,17.882 C18.648,17.909 18.680,17.951 18.689,17.989 C18.700,18.040 18.664,18.058 18.666,18.111 C18.658,18.160 18.736,18.188 18.714,18.250 C18.700,18.295 18.658,18.346 18.676,18.399 C18.696,18.435 18.772,18.445 18.757,18.490 ZM7.507,20.618 C7.588,20.596 7.665,20.660 7.744,20.642 C7.827,20.624 7.852,20.527 7.859,20.458 C7.892,20.498 7.935,20.489 7.964,20.527 C7.994,20.573 8.061,20.580 8.106,20.602 C8.125,20.545 8.077,20.452 8.079,20.391 C8.079,20.356 8.045,20.288 8.055,20.263 C8.079,20.205 8.188,20.155 8.244,20.137 C8.311,20.115 8.390,20.165 8.449,20.190 C8.508,20.216 8.573,20.201 8.634,20.188 C8.665,20.181 8.697,20.177 8.729,20.176 C8.737,20.148 8.751,20.123 8.773,20.103 C8.819,20.055 8.873,20.075 8.924,20.101 C9.021,20.146 9.100,19.953 9.118,19.873 C9.141,19.771 9.152,19.580 9.123,19.478 C9.091,19.359 9.062,19.325 9.172,19.266 C9.195,19.255 9.202,19.228 9.213,19.203 C9.121,19.037 9.073,18.856 9.166,18.701 C9.242,18.574 9.409,18.461 9.359,18.322 C9.443,18.330 9.529,18.337 9.616,18.344 C9.751,18.169 9.950,18.047 10.166,18.011 C10.292,17.871 10.493,17.721 10.644,17.834 C10.693,17.871 10.723,17.929 10.779,17.956 C10.833,17.982 10.896,17.971 10.955,17.969 C11.164,17.964 11.370,18.100 11.448,18.297 C11.397,18.359 11.349,18.421 11.298,18.483 C11.360,18.711 11.712,18.793 11.849,18.601 C11.940,18.476 11.946,18.270 12.089,18.219 C12.161,18.193 12.244,18.219 12.323,18.246 C12.325,18.244 12.325,18.244 12.327,18.242 C12.329,18.242 12.329,18.248 12.329,18.248 C12.395,18.270 12.462,18.292 12.516,18.290 C12.530,18.266 12.532,18.257 12.548,18.230 C12.546,18.231 12.564,18.255 12.568,18.264 C12.586,18.255 12.605,18.257 12.618,18.237 C12.672,18.162 12.627,18.051 12.661,17.965 C12.694,17.885 12.782,17.887 12.857,17.920 C12.909,17.814 12.960,17.712 13.028,17.566 C13.062,17.492 13.033,17.869 12.981,18.242 C12.987,18.246 12.983,18.255 12.990,18.259 C13.031,18.271 13.073,18.237 13.102,18.202 C13.170,18.118 13.220,18.016 13.307,17.949 C13.364,17.903 13.440,17.896 13.508,17.913 C13.538,17.865 13.571,17.809 13.587,17.805 C13.682,17.783 13.756,17.745 13.853,17.781 C13.936,17.814 14.004,17.880 14.090,17.902 C14.148,17.916 14.256,17.914 14.286,17.976 C14.310,18.027 14.351,18.027 14.412,18.044 C14.437,18.051 14.489,18.053 14.491,18.089 C14.488,18.109 14.477,18.113 14.457,18.100 C14.464,18.155 14.534,18.153 14.574,18.169 C14.648,18.200 14.709,18.250 14.772,18.295 C14.894,18.384 14.978,18.514 15.070,18.632 C15.093,18.663 15.196,18.783 15.153,18.825 C15.126,18.853 15.068,18.847 15.034,18.864 C14.978,18.889 14.898,18.920 14.849,18.955 C14.804,18.986 14.784,19.039 14.739,19.066 C14.617,19.139 14.518,18.955 14.452,18.900 C14.362,18.825 14.400,18.691 14.328,18.630 C14.213,18.530 14.056,18.485 13.921,18.419 C13.848,18.383 13.767,18.355 13.704,18.301 C13.661,18.262 13.619,18.219 13.560,18.206 C13.560,18.206 13.558,18.208 13.558,18.210 C13.528,18.322 13.670,18.374 13.742,18.426 C13.830,18.490 13.851,18.587 13.894,18.678 C13.945,18.783 14.027,18.871 14.103,18.958 C14.137,18.995 14.182,19.022 14.205,19.068 C14.227,19.111 14.207,19.161 14.238,19.201 C14.090,19.259 13.963,18.947 13.878,18.876 C13.844,18.845 13.774,18.809 13.727,18.827 C13.700,18.880 13.653,18.949 13.691,18.991 C13.722,19.024 13.718,19.075 13.734,19.115 C13.752,19.161 13.790,19.210 13.815,19.252 C13.846,19.299 13.900,19.319 13.930,19.367 C13.950,19.399 13.959,19.436 13.975,19.469 C14.002,19.525 14.080,19.622 14.153,19.580 C14.234,19.534 14.204,19.168 14.322,19.332 C14.383,19.418 14.403,19.857 14.581,19.762 C14.685,19.707 14.662,19.643 14.791,19.694 C14.853,19.716 14.926,19.605 14.953,19.713 C14.977,19.797 14.995,19.778 15.068,19.818 C15.126,19.849 15.122,19.926 15.122,19.981 C15.122,20.048 15.126,20.128 15.209,20.143 C15.282,20.154 15.264,20.239 15.275,20.290 C15.324,20.513 15.636,20.316 15.680,20.474 C15.690,20.516 15.696,20.558 15.742,20.576 C15.769,20.587 15.805,20.589 15.822,20.615 C15.872,20.684 15.867,20.724 15.971,20.748 C16.100,20.779 16.305,20.742 16.402,20.647 C16.445,20.607 16.462,20.511 16.517,20.489 C16.582,20.462 16.658,20.569 16.672,20.615 C16.701,20.697 16.704,20.766 16.782,20.821 C16.859,20.873 16.929,20.924 16.970,21.010 C17.069,21.214 16.835,21.365 16.915,21.558 C16.933,21.602 16.965,21.640 16.999,21.671 C16.992,21.691 16.976,21.733 16.997,21.752 C17.049,21.797 17.112,21.695 17.148,21.757 C17.247,21.936 17.013,22.016 16.902,22.085 C16.780,22.162 16.834,22.357 16.848,22.471 C16.943,22.466 17.021,22.378 17.121,22.377 C17.267,22.377 17.152,22.579 17.100,22.623 C16.986,22.715 16.789,22.739 16.654,22.675 C16.613,22.657 16.535,22.604 16.507,22.670 C16.478,22.734 16.417,22.792 16.462,22.865 C16.537,22.992 16.747,22.945 16.780,23.118 C16.801,23.237 16.622,23.313 16.749,23.391 C16.848,23.452 16.888,23.532 16.951,23.621 C17.028,23.732 17.170,23.521 17.220,23.656 C17.197,23.574 17.307,23.599 17.351,23.590 C17.414,23.579 17.463,23.523 17.481,23.464 C17.515,23.357 17.380,23.306 17.310,23.257 C17.251,23.215 17.262,23.186 17.310,23.140 C17.278,23.058 17.195,23.023 17.147,22.954 C17.085,22.865 17.127,22.721 17.217,22.664 C17.359,22.573 17.493,22.787 17.627,22.812 C17.778,22.841 17.946,22.805 18.071,22.914 C18.184,23.011 18.241,23.149 18.382,23.220 C18.443,23.251 18.506,23.268 18.518,23.344 C18.531,23.430 18.619,23.393 18.676,23.450 C18.714,23.486 18.718,23.543 18.777,23.557 C18.676,23.681 18.563,23.796 18.435,23.894 C18.329,23.976 18.211,24.051 18.144,24.169 C18.008,24.412 18.117,24.716 17.950,24.949 C17.808,25.150 17.592,25.250 17.520,25.498 C17.454,25.725 17.395,25.931 17.161,26.044 C16.893,26.172 16.582,26.210 16.289,26.239 C16.012,26.265 15.724,26.268 15.485,26.429 C15.262,26.578 15.043,26.706 14.764,26.706 C14.698,26.706 14.633,26.702 14.567,26.697 C14.511,26.739 14.475,26.799 14.421,26.842 C14.313,26.930 14.187,26.821 14.085,26.782 C14.101,26.815 14.105,26.848 14.096,26.883 C14.044,26.862 13.988,26.912 13.939,26.873 C13.896,26.842 13.871,26.790 13.813,26.779 C13.679,26.755 13.596,26.819 13.465,26.733 C13.274,26.609 13.078,26.627 12.855,26.598 C12.625,26.567 12.397,26.516 12.172,26.451 C11.769,26.336 11.334,26.207 10.968,26.001 C10.797,25.906 10.621,25.778 10.560,25.587 C10.534,25.512 10.556,25.416 10.529,25.345 C10.511,25.299 10.315,25.279 10.267,25.263 C10.162,25.228 9.925,25.244 9.972,25.088 C10.004,24.977 10.148,25.017 10.234,25.009 C10.403,24.995 10.387,24.822 10.285,24.732 C10.193,24.650 9.992,24.616 10.000,24.472 C10.011,24.326 10.107,24.022 9.911,23.964 C9.763,23.920 9.621,23.900 9.569,23.750 C9.542,23.670 9.472,23.616 9.441,23.532 C9.409,23.450 9.316,23.371 9.235,23.339 C9.179,23.315 9.024,23.342 9.003,23.278 C8.987,23.229 8.970,23.165 8.972,23.115 C8.983,22.940 9.218,23.211 9.285,23.211 C9.423,23.207 9.547,23.036 9.452,22.920 C9.494,22.900 9.569,22.909 9.589,22.858 C9.542,22.848 9.445,22.892 9.416,22.834 C9.387,22.777 9.449,22.699 9.400,22.648 C9.357,22.601 9.280,22.657 9.226,22.652 C9.161,22.646 9.265,22.577 9.262,22.553 C9.186,22.551 9.123,22.617 9.058,22.644 C8.999,22.672 8.936,22.688 8.877,22.715 C8.825,22.679 8.897,22.626 8.922,22.601 C8.978,22.548 8.943,22.490 8.922,22.431 C9.051,22.440 9.055,22.347 8.979,22.269 C8.880,22.169 8.925,22.096 8.880,21.981 C8.828,21.848 8.746,21.919 8.699,22.001 C8.611,22.152 8.525,21.963 8.483,22.003 C8.444,21.888 8.356,21.828 8.258,21.761 C8.170,21.702 8.158,21.597 8.097,21.518 C8.023,21.425 7.897,21.391 7.836,21.285 C7.780,21.189 7.755,21.076 7.680,20.990 C7.635,20.939 7.295,20.673 7.507,20.618 ZM8.787,22.989 C8.819,22.987 8.868,23.022 8.857,23.053 L8.843,23.067 C8.857,23.073 8.868,23.078 8.871,23.094 C8.819,23.100 8.827,23.167 8.807,23.202 C8.724,23.202 8.685,23.116 8.721,23.053 C8.731,23.031 8.758,22.991 8.787,22.989 ZM24.510,20.174 C24.490,20.126 24.542,20.112 24.566,20.075 C24.594,20.033 24.580,19.982 24.647,19.984 C24.675,19.986 24.679,19.993 24.704,19.984 C24.729,19.977 24.758,19.955 24.781,19.942 C24.796,20.002 24.814,20.039 24.843,20.090 C24.871,20.139 24.852,20.181 24.819,20.223 C24.796,20.250 24.773,20.281 24.737,20.292 C24.697,20.307 24.638,20.312 24.634,20.258 C24.631,20.258 24.625,20.258 24.621,20.256 C24.623,20.252 24.625,20.250 24.627,20.247 L24.618,20.258 C24.584,20.241 24.524,20.210 24.510,20.174 ZM24.501,21.961 C24.438,22.069 24.310,22.100 24.213,22.160 C24.127,22.216 24.075,22.304 23.990,22.360 C23.857,22.449 23.538,22.719 23.383,22.666 C23.368,22.568 23.539,22.466 23.609,22.418 C23.663,22.382 23.687,22.336 23.726,22.295 C23.785,22.236 23.856,22.205 23.897,22.121 C23.951,22.012 23.849,21.817 23.942,21.746 C24.014,21.693 24.048,21.761 24.122,21.739 C24.167,21.724 24.194,21.691 24.217,21.666 C24.287,21.562 24.233,21.373 24.104,21.345 C24.138,21.240 24.345,21.061 24.471,21.103 C24.460,21.148 24.426,21.207 24.449,21.263 C24.544,21.258 24.639,21.123 24.621,21.032 C24.612,20.992 24.566,20.934 24.526,20.915 C24.434,20.879 24.433,20.941 24.377,20.961 C24.260,21.005 24.127,20.992 24.003,21.048 C23.884,21.099 23.811,21.147 23.670,21.123 C23.660,21.107 23.660,21.090 23.670,21.076 C23.701,21.079 23.748,21.061 23.778,21.066 C23.785,20.997 23.917,20.955 23.978,20.924 C24.003,20.910 24.052,20.886 24.071,20.875 C24.096,20.859 24.138,20.821 24.161,20.808 C24.251,20.751 24.409,20.573 24.524,20.569 C24.560,20.667 24.616,20.740 24.733,20.722 C24.789,20.711 24.810,20.718 24.837,20.637 C24.855,20.584 24.859,20.533 24.821,20.487 C25.037,20.498 24.897,20.321 25.028,20.232 C25.096,20.288 25.143,20.212 25.217,20.234 C25.220,20.250 25.224,20.265 25.227,20.281 C25.247,20.272 25.287,20.278 25.308,20.259 C25.398,20.421 25.186,20.764 25.105,20.908 C25.053,20.999 24.979,21.074 24.942,21.170 C24.898,21.281 24.920,21.413 24.826,21.496 C24.751,21.562 24.690,21.588 24.623,21.668 C24.587,21.710 24.550,21.728 24.530,21.783 C24.508,21.845 24.537,21.899 24.501,21.961 Z"/> +</svg> diff --git a/browser/source_files/browser/branding/librewolf/content/jar.mn b/browser/source_files/browser/branding/librewolf/content/jar.mn new file mode 100644 index 0000000..acb0c10 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/jar.mn @@ -0,0 +1,18 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +browser.jar: +% content branding %content/branding/ contentaccessible=yes + content/branding/about.png + content/branding/about-background.png + content/branding/about-logo.png + content/branding/about-wordmark.svg + content/branding/icon16.png (../default16.png) + content/branding/icon32.png (../default32.png) + content/branding/icon48.png (../default48.png) + content/branding/icon64.png (../default64.png) + content/branding/icon128.png (../default128.png) + content/branding/identity-icons-brand.svg + content/branding/aboutDialog.css + content/branding/horizontal-lockup.svg diff --git a/browser/source_files/browser/branding/librewolf/content/moz.build b/browser/source_files/browser/branding/librewolf/content/moz.build new file mode 100644 index 0000000..eb4454d --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/content/moz.build @@ -0,0 +1,7 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +JAR_MANIFESTS += ['jar.mn']
\ No newline at end of file diff --git a/browser/source_files/browser/branding/librewolf/disk.icns b/browser/source_files/browser/branding/librewolf/disk.icns Binary files differnew file mode 100644 index 0000000..718f1a3 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/disk.icns diff --git a/browser/source_files/browser/branding/librewolf/document.icns b/browser/source_files/browser/branding/librewolf/document.icns Binary files differnew file mode 100644 index 0000000..ff419f2 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/document.icns diff --git a/browser/source_files/browser/branding/librewolf/document.ico b/browser/source_files/browser/branding/librewolf/document.ico Binary files differnew file mode 100644 index 0000000..584a0a1 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/document.ico diff --git a/browser/source_files/browser/branding/librewolf/dsstore b/browser/source_files/browser/branding/librewolf/dsstore Binary files differnew file mode 100644 index 0000000..2d11482 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/dsstore diff --git a/browser/source_files/browser/branding/librewolf/firefox.VisualElementsManifest.xml b/browser/source_files/browser/branding/librewolf/firefox.VisualElementsManifest.xml new file mode 100644 index 0000000..7654e0a --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/firefox.VisualElementsManifest.xml @@ -0,0 +1,8 @@ +<Application xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'> + <VisualElements + ShowNameOnSquare150x150Logo='on' + Square150x150Logo='browser\VisualElements\VisualElements_150.png' + Square70x70Logo='browser\VisualElements\VisualElements_70.png' + ForegroundText='light' + BackgroundColor='#14171a'/> +</Application> diff --git a/browser/source_files/browser/branding/librewolf/firefox.icns b/browser/source_files/browser/branding/librewolf/firefox.icns Binary files differnew file mode 100644 index 0000000..0c6941a --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/firefox.icns diff --git a/browser/source_files/browser/branding/librewolf/firefox.ico b/browser/source_files/browser/branding/librewolf/firefox.ico Binary files differnew file mode 100644 index 0000000..5217a6c --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/firefox.ico diff --git a/browser/source_files/browser/branding/librewolf/firefox64.ico b/browser/source_files/browser/branding/librewolf/firefox64.ico Binary files differnew file mode 100644 index 0000000..a684412 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/firefox64.ico diff --git a/browser/source_files/browser/branding/librewolf/locales/en-US/brand.dtd b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.dtd new file mode 100644 index 0000000..8375aaa --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.dtd @@ -0,0 +1,13 @@ +<!-- This Source Code Form is subject to the terms of the Mozilla Public + - License, v. 2.0. If a copy of the MPL was not distributed with this + - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> + +<!ENTITY brandShorterName "LibreWolf"> +<!ENTITY brandShortName "LibreWolf"> +<!ENTITY brandFullName "LibreWolf"> +<!-- LOCALIZATION NOTE (brandProductName): + This brand name can be used in messages where the product name needs to + remain unchanged across different versions (Nightly, Beta, etc.). --> +<!ENTITY brandProductName "LibreWolf"> +<!ENTITY vendorShortName "LibreWolf"> +<!ENTITY trademarkInfo.part1 " "> diff --git a/browser/source_files/browser/branding/librewolf/locales/en-US/brand.ftl b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.ftl new file mode 100644 index 0000000..9627fd6 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.ftl @@ -0,0 +1,22 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +## Firefox Brand +## +## Firefox must be treated as a brand, and kept in English. +## It cannot be: +## - Declined to adapt to grammatical case. +## - Transliterated. +## - Translated. +## +## Reference: https://www.mozilla.org/styleguide/communications/translation/ + +-brand-shorter-name = LibreWolf +-brand-short-name = LibreWolf +-brand-full-name = LibreWolf +# This brand name can be used in messages where the product name needs to +# remain unchanged across different versions (Nightly, Beta, etc.). +-brand-product-name = LibreWolf +-vendor-short-name = LibreWolf +trademarkInfo = { " " } diff --git a/browser/source_files/browser/branding/librewolf/locales/en-US/brand.properties b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.properties new file mode 100644 index 0000000..40c64c4 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/locales/en-US/brand.properties @@ -0,0 +1,14 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +brandShorterName=LibreWolf +brandShortName=LibreWolf +brandFullName=LibreWolf +# LOCALIZATION NOTE(brandProductName): +# This brand name can be used in messages where the product name needs to +# remain unchanged across different versions (Nightly, Beta, etc.). +brandProductName=LibreWolf +vendorShortName=LibreWolf + +syncBrandShortName=LibreWolf Sync diff --git a/browser/source_files/browser/branding/librewolf/locales/jar.mn b/browser/source_files/browser/branding/librewolf/locales/jar.mn new file mode 100644 index 0000000..d007b20 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/locales/jar.mn @@ -0,0 +1,13 @@ +#filter substitution +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +[localization] @AB_CD@.jar: + branding (en-US/**/*.ftl) + +@AB_CD@.jar: +% locale branding @AB_CD@ %locale/branding/ +# Unofficial branding only exists in en-US + locale/branding/brand.dtd (en-US/brand.dtd) + locale/branding/brand.properties (en-US/brand.properties) diff --git a/browser/source_files/browser/branding/librewolf/locales/moz.build b/browser/source_files/browser/branding/librewolf/locales/moz.build new file mode 100644 index 0000000..8bad131 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/locales/moz.build @@ -0,0 +1,9 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +DEFINES['MOZ_DISTRIBUTION_ID_UNQUOTED'] = CONFIG['MOZ_DISTRIBUTION_ID'] + +JAR_MANIFESTS += ['jar.mn']
\ No newline at end of file diff --git a/browser/source_files/browser/branding/librewolf/moz.build b/browser/source_files/browser/branding/librewolf/moz.build new file mode 100644 index 0000000..9045cee --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/moz.build @@ -0,0 +1,13 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +DIRS += ['content', 'locales'] + +DIST_SUBDIR = 'browser' +export('DIST_SUBDIR') + +include('../branding-common.mozbuild') +FirefoxBranding() diff --git a/browser/source_files/browser/branding/librewolf/newtab.ico b/browser/source_files/browser/branding/librewolf/newtab.ico Binary files differnew file mode 100644 index 0000000..a9b37c0 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/newtab.ico diff --git a/browser/source_files/browser/branding/librewolf/newwindow.ico b/browser/source_files/browser/branding/librewolf/newwindow.ico Binary files differnew file mode 100644 index 0000000..5537207 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/newwindow.ico diff --git a/browser/source_files/browser/branding/librewolf/pbmode.ico b/browser/source_files/browser/branding/librewolf/pbmode.ico Binary files differnew file mode 100644 index 0000000..47677c1 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/pbmode.ico diff --git a/browser/source_files/browser/branding/librewolf/pref/firefox-branding.js b/browser/source_files/browser/branding/librewolf/pref/firefox-branding.js new file mode 100644 index 0000000..a4e8cfd --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/pref/firefox-branding.js @@ -0,0 +1,29 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +//---------------------- Updates --------------------------------------------- +// URL user can browse to manually if for some reason all update installation attempts fail. +pref("app.update.url.manual", "https://github.com/librewolf-browser"); + +// A default value for the "More information about this update" link supplied in +//the "An update is available" page of the update wizard. +pref("app.update.url.details", "https://github.com/librewolf-browser"); + +// The time interval between checks for a new version (in seconds) +pref("app.update.interval", 86400); // 24 hours + +// Give the user x seconds to react before showing the big UI. +pref("app.update.promptWaitTime", 86400); // 24 hours + +// The number of days a binary is permitted to be old without checking for an update. +// This assumes that app.update.checkInstallTime is true. +pref("app.update.checkInstallTime.days", 2); + +// Give the user x seconds to reboot before showing a badge on the hamburger +// button. default=immediately +pref("app.update.badgeWaitTime", 0); + +// Number of usages of the web console or scratchpad. +// If this is less than 5, then pasting code into the web console or scratchpad is disabled +pref("devtools.selfxss.count", 5); diff --git a/browser/source_files/browser/branding/librewolf/wizHeader.bmp b/browser/source_files/browser/branding/librewolf/wizHeader.bmp Binary files differnew file mode 100644 index 0000000..f67b452 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/wizHeader.bmp diff --git a/browser/source_files/browser/branding/librewolf/wizHeaderRTL.bmp b/browser/source_files/browser/branding/librewolf/wizHeaderRTL.bmp Binary files differnew file mode 100644 index 0000000..7c57e46 --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/wizHeaderRTL.bmp diff --git a/browser/source_files/browser/branding/librewolf/wizWatermark.bmp b/browser/source_files/browser/branding/librewolf/wizWatermark.bmp Binary files differnew file mode 100644 index 0000000..05f0e7f --- /dev/null +++ b/browser/source_files/browser/branding/librewolf/wizWatermark.bmp diff --git a/browser/source_files/docshell/base/nsAboutRedirector.cpp b/browser/source_files/docshell/base/nsAboutRedirector.cpp new file mode 100644 index 0000000..32b7363 --- /dev/null +++ b/browser/source_files/docshell/base/nsAboutRedirector.cpp @@ -0,0 +1,232 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsAboutRedirector.h" +#include "nsNetUtil.h" +#include "nsAboutProtocolUtils.h" +#include "nsBaseChannel.h" +#include "mozilla/ArrayUtils.h" +#include "nsIProtocolHandler.h" + +#if defined(MOZ_WIDGET_ANDROID) && defined(RELEASE_OR_BETA) +# define ABOUT_CONFIG_BLOCKED_GV +#endif + +#ifdef ABOUT_CONFIG_BLOCKED_GV +# include "mozilla/jni/Utils.h" // for mozilla::jni::IsFennec() +#endif + +NS_IMPL_ISUPPORTS(nsAboutRedirector, nsIAboutModule) + +struct RedirEntry { + const char* id; + const char* url; + uint32_t flags; +}; + +class CrashChannel final : public nsBaseChannel { + public: + explicit CrashChannel(nsIURI* aURI) { SetURI(aURI); } + + nsresult OpenContentStream(bool async, nsIInputStream** stream, + nsIChannel** channel) override { + nsAutoCString spec; + mURI->GetSpec(spec); + + if (spec.EqualsASCII("about:crashparent") && XRE_IsParentProcess()) { + MOZ_CRASH("Crash via about:crashparent"); + } + + if (spec.EqualsASCII("about:crashcontent") && XRE_IsContentProcess()) { + MOZ_CRASH("Crash via about:crashcontent"); + } + + NS_WARNING("Unhandled about:crash* URI or wrong process"); + return NS_ERROR_NOT_IMPLEMENTED; + } + + protected: + virtual ~CrashChannel() = default; +}; + +/* + Entries which do not have URI_SAFE_FOR_UNTRUSTED_CONTENT will run with chrome + privileges. This is potentially dangerous. Please use + URI_SAFE_FOR_UNTRUSTED_CONTENT in the third argument to each map item below + unless your about: page really needs chrome privileges. Security review is + required before adding new map entries without + URI_SAFE_FOR_UNTRUSTED_CONTENT. + + URI_SAFE_FOR_UNTRUSTED_CONTENT is not enough to let web pages load that page, + for that you need MAKE_LINKABLE. + */ +static const RedirEntry kRedirMap[] = { + {"about", "chrome://global/content/aboutAbout.xhtml", 0}, + {"addons", "chrome://mozapps/content/extensions/extensions.xul", + nsIAboutModule::ALLOW_SCRIPT}, + {"library", "chrome://browser/content/places/places.xul", + nsIAboutModule::ALLOW_SCRIPT}, + {"buildconfig", "chrome://global/content/buildconfig.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT}, + {"checkerboard", "chrome://global/content/aboutCheckerboard.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT}, + {"config", "chrome://global/content/config.xul", 0}, +#ifdef MOZ_CRASHREPORTER + {"crashes", "chrome://global/content/crashes.xhtml", 0}, +#endif + {"credits", "https://www.mozilla.org/credits/", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT}, + {"license", "chrome://global/content/license.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::MAKE_LINKABLE}, + {"logo", "chrome://branding/content/about.png", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + // Linkable for testing reasons. + nsIAboutModule::MAKE_LINKABLE}, + {"memory", "chrome://global/content/aboutMemory.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"mozilla", "chrome://global/content/mozilla.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT}, + {"neterror", "chrome://global/content/netError.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"networking", "chrome://global/content/aboutNetworking.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"performance", "chrome://global/content/aboutPerformance.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"plugins", "chrome://global/content/plugins.html", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD}, + {"serviceworkers", "chrome://global/content/aboutServiceWorkers.xhtml", + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT}, +#ifndef ANDROID + {"profiles", "chrome://global/content/aboutProfiles.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, +#endif + // about:srcdoc is unresolvable by specification. It is included here + // because the security manager would disallow srcdoc iframes otherwise. + {"srcdoc", "about:blank", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT | + // Needs to be linkable so content can touch its own srcdoc frames + nsIAboutModule::MAKE_LINKABLE | nsIAboutModule::URI_CAN_LOAD_IN_CHILD}, + {"support", "chrome://global/content/aboutSupport.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"telemetry", "chrome://global/content/aboutTelemetry.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"url-classifier", "chrome://global/content/aboutUrlClassifier.xhtml", + nsIAboutModule::ALLOW_SCRIPT}, + {"webrtc", "chrome://global/content/aboutwebrtc/aboutWebrtc.html", + nsIAboutModule::ALLOW_SCRIPT}, + {"printpreview", "about:blank", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD}, + {"crashparent", "about:blank", nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"crashcontent", "about:blank", + nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD}}; +static const int kRedirTotal = mozilla::ArrayLength(kRedirMap); + +NS_IMETHODIMP +nsAboutRedirector::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo, + nsIChannel** aResult) { + NS_ENSURE_ARG_POINTER(aURI); + NS_ENSURE_ARG_POINTER(aLoadInfo); + NS_ASSERTION(aResult, "must not be null"); + + nsAutoCString path; + nsresult rv = NS_GetAboutModuleName(aURI, path); + NS_ENSURE_SUCCESS(rv, rv); + + nsCOMPtr<nsIIOService> ioService = do_GetIOService(&rv); + NS_ENSURE_SUCCESS(rv, rv); + + if (path.EqualsASCII("crashparent") || path.EqualsASCII("crashcontent")) { + bool isExternal; + aLoadInfo->GetLoadTriggeredFromExternal(&isExternal); + if (isExternal) { + return NS_ERROR_NOT_AVAILABLE; + } + + nsCOMPtr<nsIChannel> channel = new CrashChannel(aURI); + channel->SetLoadInfo(aLoadInfo); + channel.forget(aResult); + return NS_OK; + } + +#ifdef ABOUT_CONFIG_BLOCKED_GV + // We don't want to allow access to about:config from + // GeckoView on release or beta, but it's fine for Fennec. + if (path.EqualsASCII("config") && !mozilla::jni::IsFennec()) { + return NS_ERROR_NOT_AVAILABLE; + } +#endif + + for (int i = 0; i < kRedirTotal; i++) { + if (!strcmp(path.get(), kRedirMap[i].id)) { + nsCOMPtr<nsIChannel> tempChannel; + nsCOMPtr<nsIURI> tempURI; + rv = NS_NewURI(getter_AddRefs(tempURI), kRedirMap[i].url); + NS_ENSURE_SUCCESS(rv, rv); + + rv = NS_NewChannelInternal(getter_AddRefs(tempChannel), tempURI, + aLoadInfo); + NS_ENSURE_SUCCESS(rv, rv); + + // If tempURI links to an external URI (i.e. something other than + // chrome:// or resource://) then set result principal URI on the + // load info which forces the channel principal to reflect the displayed + // URL rather then being the systemPrincipal. + bool isUIResource = false; + rv = NS_URIChainHasFlags(tempURI, nsIProtocolHandler::URI_IS_UI_RESOURCE, + &isUIResource); + NS_ENSURE_SUCCESS(rv, rv); + + bool isAboutBlank = NS_IsAboutBlank(tempURI); + + if (!isUIResource && !isAboutBlank) { + aLoadInfo->SetResultPrincipalURI(tempURI); + } + + tempChannel->SetOriginalURI(aURI); + + tempChannel.forget(aResult); + return rv; + } + } + + NS_ERROR("nsAboutRedirector called for unknown case"); + return NS_ERROR_ILLEGAL_VALUE; +} + +NS_IMETHODIMP +nsAboutRedirector::GetURIFlags(nsIURI* aURI, uint32_t* aResult) { + NS_ENSURE_ARG_POINTER(aURI); + + nsAutoCString name; + nsresult rv = NS_GetAboutModuleName(aURI, name); + NS_ENSURE_SUCCESS(rv, rv); + + for (int i = 0; i < kRedirTotal; i++) { + if (name.EqualsASCII(kRedirMap[i].id)) { + *aResult = kRedirMap[i].flags; + return NS_OK; + } + } + + NS_ERROR("nsAboutRedirector called for unknown case"); + return NS_ERROR_ILLEGAL_VALUE; +} + +nsresult nsAboutRedirector::Create(nsISupports* aOuter, REFNSIID aIID, + void** aResult) { + RefPtr<nsAboutRedirector> about = new nsAboutRedirector(); + return about->QueryInterface(aIID, aResult); +} diff --git a/browser/source_files/mozconfig b/browser/source_files/mozconfig new file mode 100644 index 0000000..a79ddd8 --- /dev/null +++ b/browser/source_files/mozconfig @@ -0,0 +1,9 @@ +# This is for the desktop version of librewolf +ac_add_options --enable-application=browser + +# Folder to output the build files: +mk_add_options MOZ_OBJDIR=./obj_BUILD_OUTPUT + +# Setting the branding options +ac_add_options --with-branding=browser/branding/librewolf +ac_add_options --with-distribution-id=io.github.librewolf diff --git a/browser/source_files/mozconfig-android b/browser/source_files/mozconfig-android new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/browser/source_files/mozconfig-android diff --git a/settings/disable_settings.sh b/settings/disable_settings.sh new file mode 100755 index 0000000..8fc23ac --- /dev/null +++ b/settings/disable_settings.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +mv ./defaults/pref/local-settings.js ./settings/defaults/pref/local-settings.js; +mv ./distribution/policies.json ./settings/distribution/policies.json; +mv ./librewolf.cfg ./settings/librewolf.cfg; + diff --git a/settings/enable_settings.sh b/settings/enable_settings.sh new file mode 100755 index 0000000..b9baa59 --- /dev/null +++ b/settings/enable_settings.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +cp -r ./settings/* ./ diff --git a/settings/settings/defaults/pref/local-settings.js b/settings/settings/defaults/pref/local-settings.js new file mode 100644 index 0000000..6639c70 --- /dev/null +++ b/settings/settings/defaults/pref/local-settings.js @@ -0,0 +1,21 @@ +// + +// ============================================================================================================================================ +// LibreWolf Version : 2.1 +// ============================== +// +// Metrics available on librewolfa.cfg +// +// ============================================================================================================================================ + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : General Settings +// Bench Diff : ++/5000 +// >>>>>>>>>>>>>>>>>>>> + +// LibreWolf MoD +pref("general.config.filename", "librewolf.cfg"); + +// Default Firefox +// ROT13 Settings primitive encryption routing that +pref("general.config.obscure_value", 0); diff --git a/settings/settings/distribution/policies.json b/settings/settings/distribution/policies.json new file mode 100644 index 0000000..0fbda0e --- /dev/null +++ b/settings/settings/distribution/policies.json @@ -0,0 +1,16 @@ +{ + "policies": { + "AppUpdateURL": "", + "DisableAppUpdate": true, + "OverridePostUpdatePage": "", + "DisableMasterPasswordCreation": true, + "DisableFeedbackCommands": true, + "DisableFirefoxAccounts": true, + "DisableFirefoxStudies": true, + "DisablePocket": true, + "DisableProfileImport": true, + "DisableSetDesktopBackground": true, + "DisableSystemAddonUpdate": true, + "DisableTelemetry": true + } +} diff --git a/settings/settings/librewolf.cfg b/settings/settings/librewolf.cfg new file mode 100644 index 0000000..5e9c80f --- /dev/null +++ b/settings/settings/librewolf.cfg @@ -0,0 +1,3243 @@ +// ============================================================================================================================================ +// LibreWolf Version : 2.2 +// ============================== +// +// LibreWolf : Firefox settings for a better security, privacy and performance +// +// Mozilla.cfg : Locking firefox settings for security, privacy & prevent settings changes +// +// Author : Intika - intikadev (at) gmail.com +// +// Donation : Paypal : intikadev (at) gmail.com +// +// Site : https://github.com/LibreWolf-Browser/LibreWolf +// +// Based on : Ghacks-user.js (https://github.com/ghacksuserjs/ghacks-user.js) +// User.js (https://github.com/pyllyukko/user.js/) +// PrivaConf (https://addons.mozilla.org/en-US/firefox/addon/privaconf/) +// Big thanks to all of them +// +// ============================================================================================================================================ +// Documentation .............. : +// ============================== +// +// "Section" : Description of the settings section separated by "----" +// "Bench Diff" : Impact on the performance of firefox can be a gain or loss of performance +// +100/5000 stand for 2% gained performance and -1500/5000 stand for -30% performance loss +// Performance can be tested here : https://intika.github.io/octane/ +// "Pref" : Preference/Settings name and or description followed by links or documentations +// and some time explanation why the setting is commented and ignored. +// "lockPref" : Locked preference can not be changed on firefox, nor by extensions, can only be changed here +// lockPref is used to lock preferences so they cannot be changed through the GUI or about:config. +// In many cases the GUI will change to reflect this, graying out or removing options. Appears +// in about:config as "locked". Some config items require lockPref to be set, such as app.update.enabled. +// It will not work if it set with just pref. +// "pref" : Sets the preference as if a user had set it, every time you start the browser. So users can make changes, +// but they will be erased on restart. If you set a particular preference this way, +// it shows up in about:config as "user set". +// "defaultPref" : Defaulting : Is used to alter the default value, though users can set it normally and their changes will +// be saved between sessions. If preferences are reset to default through the GUI or some other method, +// this is what they will go back to. Appears in about:config as "default". +// "clearPref" : Can be used to "blank" certain preferences. This can be useful e.g. to disable functions +// that rely on comparing version numbers. +// +// ============================================================================================================================================ +// Protection ................. : +// ============================== +// +// Pref : Locking mozilla.cfg itself +lockPref("general.config.filename", "mozilla.cfg"); +// +// ============================================================================================================================================ +// Index mozilla.cfg .......... : +// ============================== +// +// ----------------------------------------------------------------------- +// Section : User settings // Bench Diff : +0 / 5000 +// Section : Defaulting Settings // Bench Diff : +0 / 5000 +// ------------------------------------------- +// Section : Controversial // Bench Diff : +0 / 5000 +// Section : Firefox Fingerprint // Bench Diff : +0 / 5000 +// Section : Locale/Time // Bench Diff : +0 / 5000 +// Section : Ghacks-user Selection // Bench Diff : +100 / 5000 +// Section : Extensions Manager // Bench Diff : +0 / 5000 +// Section : IJWY To Shut Up // Bench Diff : +0 / 5000 +// Section : Microsoft Windows // Bench Diff : +0 / 5000 +// Section : Firefox ESR60.x // Bench Diff : +0 / 5000 +// ------------------------------------------- +// Section : Security 1/3 // Bench Diff : +0 / 5000 +// Section : Security 2/3 // Bench Diff : +0 / 5000 +// Section : Security 3/3 (Cipher) // Bench Diff : +0 / 5000 +// ------------------------------------------- +// Section : Performance 1/5 // Bench Diff : +650 / 5000 +// Section : Performance 2/5 // Bench Diff : -800 / 5000 +// Section : Performance 3/5 // Bench Diff : -1720 / 5000 +// Section : Performance 4/5 // Bench Diff : -200 / 5000 +// Section : Performance 5/5 // Bench Diff : -50 / 5000 +// ------------------------------------------- +// Section : General Settings 1/3 // Bench Diff : +100 / 5000 +// Section : General Settings 2/3 // Bench Diff : +0 / 5000 +// Section : General Settings 3/3 // Bench Diff : -40 / 5000 +// ------------------------------------------- +// Section : Disabled - ON/OFF // Bench Diff : +0 / 5000 +// Section : Disabled - Deprecated Active // Bench Diff : +0 / 5000 +// Section : Disabled - Deprecated Inactive // Bench Diff : +0 / 5000 +// ----------------------------------------------------------------------- +// +// ============================================================================================================================================ +// Index local-settings.js .... : +// ============================== +// +// ----------------------------------------------------------------------- +// Section : General Settings // Bench Diff : ++ / 5000 +// ----------------------------------------------------------------------- +// +// ============================================================================================================================================ + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : User Settings +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Cookies settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : Accept Only 1st Party Cookies +// http://kb.mozillazine.org/Network.cookie.cookieBehavior#1 +// Blocking 3rd-party cookies breaks a number of payment gateways +// CIS 2.5.1 +lockPref("network.cookie.cookieBehavior", 1); + +// Pref : Cookies expires at the end of the session (when the browser closes) +// http://kb.mozillazine.org/Network.cookie.lifetimePolicy#2 +// 0=until they expire (default) +// 2=until you close Firefox +// 3=for n days +lockPref("network.cookie.lifetimePolicy", 2); + +// Pref : Disable Cookie Exception Button +// WARNING Bug !!! This lock the button whether its false or true +//lockPref("pref.privacy.disable_button.cookie_exceptions", false); + +// Pref : 2706: enable support for same-site cookies (FF60+) +// [1] https://bugzilla.mozilla.org/795346 +// [2] https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/ +// [3] https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ +lockPref("network.cookie.same-site.enabled", true); // default: true + +// Pref : 2705: disable HTTP sites setting cookies with the "secure" directive (FF52+) +// [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP +lockPref("network.cookie.leave-secure-alone", true); // default: true + +// Pref : 2702: set third-party cookies (i.e ALL) (if enabled, see above pref) to session-only +// and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only +// [NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and +// nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones +// [1] https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/ +// [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly +lockPref("network.cookie.thirdparty.sessionOnly", true); // default : false +lockPref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+) // default false + +// Also check "User Settings : Track Protection" for other cookies settings + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Track Protection (Integrated disconnect.me settings like uBlock) +// ---------------------------------------------------------------------------------------------------- + +// Pref : Track Protection +// Firefox now integrate a tracking protection feature (based on disconnect.me) +// it's a light list content blocking, listing can not be edited, this feature +// is disabled in LibreWolf. it's recommended to use ublock instead. +// This feature is disabled : +// - Until it evolve and integrate at least list editing +// - Because double filtering (this + ublock) is not suitable for performance. + +// Pref : Track Protection +lockPref("privacy.trackingprotection.enabled", false); + +// Pref : 0425: disable passive Tracking Protection (FF53+) +// Passive TP annotates channels to lower the priority of network loads for resources +// on the tracking protection list +// [NOTE] It has no effect if TP is enabled, but keep in mind that by default TP is +// only enabled in Private Windows +// This is included for people who want to completely disable Tracking Protection. +// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1170190,1141814 +lockPref("privacy.trackingprotection.annotate_channels", false); +lockPref("privacy.trackingprotection.lower_network_priority", false); +lockPref("privacy.trackingprotection.pbmode.enabled", false); + +// Pref : Changing block list (Tracking protection) +// Default value "test-track-simple,base-track-digest256" +lockPref("urlclassifier.trackingTable", ""); +// As tracking protection is disabled the button is disabled as well +lockPref("pref.privacy.disable_button.change_blocklist", true); + +// Pref : contentblocking reportBreakage +lockPref("browser.contentblocking.reportBreakage.enabled", false); +lockPref("browser.contentblocking.reportBreakage.url", ""); +lockPref("browser.contentblocking.rejecttrackers.reportBreakage.enabled", false); + +// Pref : Third-party cookie ui under preferences +lockPref("browser.contentblocking.rejecttrackers.ui.enabled", false); //This hide third-party cookie ui +// Needed to lock third-party cookie ui (third-party cookies are blocked tho) + +// Pref : Disable tracking protection ui list editing under url bar popup +lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false); + +// Pref : Disable tracking protection ui list editing under preferences +lockPref("browser.contentblocking.trackingprotection.ui.enabled", false); + +// Pref : Other CB/TP UI not needed +//lockPref("browser.contentblocking.global-toggle.enabled", false); +//lockPref("browser.contentblocking.rejecttrackers.ui.recommended", false); +//lockPref("browser.contentblocking.fastblock.ui.enabled", false); +//lockPref("browser.contentblocking.fastblock.control-center.ui.enabled", false); + +// Pref : Tracking Protection Exception List +//lockPref("browser.contentblocking.allowlist.annotations.enabled", false); +//lockPref("browser.contentblocking.allowlist.storage.enabled", false); + +// Pref : Disable exception button but does not work as expected. +//lockPref("pref.privacy.disable_button.tracking_protection_exceptions", false); +// This seems to only disable the button, not suitable + +// Pref : Third-party cookie ui under url bar +//lockPref("browser.contentblocking.rejecttrackers.control-center.ui.enabled", false); +// This disable third-party cookie ui under url bar +// This is disabled to leave icon on url + +// Pref : Disable TP UI +//lockPref("browser.contentblocking.ui.enabled", false); +// Fully disable CB/TP ui, this is disabled to leave icon on url + +// Pref : 0426 : Enforce Content Blocking (required to block cookies) (FF63+) +// Master switch for all content blocking features (includes tracking protection, +// but excludes tracking annotations annotate_channels). +//lockPref("browser.contentblocking.enabled", false); // default: true +// Other settings already regulate this section sub settings (this master switch +// is not suitable). +// Disabled this because it is needed for blocking third party cookies + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Auto play settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : 2030: disable auto-play of HTML5 media (FF63+) +// 0=Allowed (default), 1=Blocked, 2=Prompt +// [SETUP-WEB] This may break video playback on various sites +lockPref("media.autoplay.default", 2); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Password manager settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : Disable password manager +// CIS Version 1.2.0 October 21st, 2011 2.5.2 +lockPref("signon.rememberSignons", false); // policies "OfferToSaveLogins": false, +lockPref("services.sync.prefs.sync.signon.rememberSignons", false); + +// Pref : Disable websites autocomplete (FF30+) +// Don't let sites dictate use of saved logins and passwords. +lockPref("signon.storeWhenAutocompleteOff", false); // default: true + +// Also check policies.json for DisableMasterPasswordCreation + +// Pref : When password manager is enabled, lock the password storage periodically +// CIS Version 1.2.0 October 21st, 2011 2.5.3 Disable Prompting for Credential Storage +// Advanced user settings when password manager is enabled +//lockPref("security.ask_for_password", 2); + +// Pref : Lock the password storage every 1 minutes (default: 30) +// Advanced user settings when password manager is enabled +//lockPref("security.password_lifetime", 5); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : History settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : 0804 : limit history leaks via enumeration (PER TAB: back/forward) - PRIVACY +// This is a PER TAB session history. You still have a full history stored under all history +// default=50, minimum=1=currentpage, 2 is the recommended minimum as some pages +// use it as a means of referral (e.g. hotlinking), 4 or 6 or 10 may be more practical +lockPref("browser.sessionhistory.max_entries", 20); + +// Pref : Disable Displaying Javascript in History URLs +// http://kb.mozillazine.org/Browser.urlbar.filter.javascript +// CIS 2.3.6 +lockPref("browser.urlbar.filter.javascript", true); + +// Defaulting -------------------------- + +// Pref: Default Interface Look +defaultPref("browser.uiCustomization.state", '{"placements":{"widget-overflow-fixed-list":[],"nav-bar":["home-button","downloads-button","back-button","forward-button","stop-reload-button","urlbar-container","add-ons-button","preferences-button","fxa-toolbar-menu-button"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["personal-bookmarks"]},"seen":["developer-button"],"dirtyAreaCache":["nav-bar","toolbar-menubar","TabsToolbar","PersonalToolbar"],"currentVersion":16,"newElementCount":3}'); +defaultPref("browser.uidensity", 2); + +// Pref: Default Home Page +pref("startup.homepage_override_url", "about:blank"); +pref("startup.homepage_welcome_url", "about:blank"); +pref("startup.homepage_welcome_url.additional", ""); + +// Pref : Clear offline site data on shutdown +defaultPref("privacy.clearOnShutdown.offlineApps", true); + +// Pref : Clear offline site data on clear dialog (History/Clear...) +defaultPref("privacy.cpd.offlineApps", true); // Offline Website Data + +// Pref : Set time range to "Everything" as default in "Clear Recent History" +// This should not be enforced +defaultPref("privacy.sanitize.timeSpan", 0); + +// Pref : Disable form autofill, don't save information +// entered in web page forms and the Search Bar +// remember search and form history setting +defaultPref("browser.formfill.enable", false); + +// Pref : Defaulting Settings : Clear history when closing +defaultPref("privacy.sanitize.sanitizeOnShutdown", true); + +// Pref : Defaulting Settings : Does not remember history +defaultPref("places.history.enabled", false); + +// Pref : Settings history settings to custom by default +defaultPref("privacy.history.custom", true); + +// ------------------------------------- + +// Pref : Clear session data on clear dialog (History/Clear...) +//defaultPref("privacy.cpd.openWindows", true); // Clear session data +// Same as 2805, session storage is cleared anyway... check with storage inspector + +// Pref : 2805: privacy.*.openWindows (clear session restore data) (FF34+) +// [NOTE] There is a years-old bug that these cause two windows when Firefox restarts. +// You do not need these anyway if session restore is disabled (see 1020) +//defaultPref("privacy.clearOnShutdown.openWindows", true); +// Break session restore on crash & some theming extensions +// Also this have a bug causing two windows when Firefox restarts. +// The session is deleted anyway on restart so its not useful +// Mitigated with other settings + +// Pref : Defaulting Settings : Clear history when closing - Pref : 2803 : Duplicate ? +// "sessions" removed from cleaning list as its an important data to keep... +// user may add it back in the gui +// This settings work only as string not as bool (This seems to be a bug in Firefox) +// Also this settings seems to kill following settings so it should be the last +//defaultPref("privacy.sanitize.pending", '[{"id":"shutdown","itemsToClear":["cache","cookies","history","formdata","downloads"],"options":{}}]'); +// Its erased if not enforced... and default does not differ a lot (session included in default...) +// This erase the settings no matter what ! so careful here + +// ------------------------------------- + +// Pref : 1006: disable permissions manager from writing to disk [RESTART] +// [NOTE] This means any permission changes are session only +// [1] https://bugzilla.mozilla.org/967812 +//lockPref("permissions.memory_only", true); // (hidden pref) +// This does not keep sites permission and exceptions its then disabled +// This is managed by sanitize settings + +// Pref : Delete Search and Form History +// Disabled - Deprecated Active - This is not deprecated +// Only used in a single test ? does not harm to have it +// CIS Version 1.2.0 October 21st, 2011 2.5.6 +// Default value is 180 day +// Disabled because its managed by sanitize settings +//lockPref("browser.formfill.expire_days", 0); + +// Also check "User Settings : Session" + +// Also check "User Settings : Autofill settings" + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Session : Other session settings on disabled section : Also Pref : 2805 +// ---------------------------------------------------------------------------------------------------- + +// Pref : 1021 : disable storing extra session data +// extra session data contains contents of forms, scrollbar positions, cookies and POST data +// define on which sites to save extra session data: +// Pref : 0=everywhere, 1=unencrypted sites, 2=nowhere +lockPref("browser.sessionstore.privacy_level", 2); + +// Pref : 1023 : set the minimum interval between session save operations +// Default is 15000 (15 secs). Try 30000 (30sec), 60000 (1min) etc +// [WARNING] This can also affect entries in the "Recently Closed Tabs" feature +// i.e. the longer the interval the more chance a quick tab open/close won't be captured. +// This longer interval *may* affect history but we cannot replicate any history not recorded +// [1] https://bugzilla.mozilla.org/1304389 +lockPref("browser.sessionstore.interval", 60000); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Autofill settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : Forms auto fill +lockPref("extensions.formautofill.addresses.enabled", false); +lockPref("extensions.formautofill.available", "off"); +lockPref("extensions.formautofill.creditCards.enabled", false); +lockPref("extensions.formautofill.heuristics.enabled", false); + +// Pref : Require manual intervention to autofill known username/passwords sign-in forms +// http://kb.mozillazine.org/Signon.autofillForms +// https://www.torproject.org/projects/torbrowser/design/#identifier-linkability +lockPref("signon.autofillForms", false); + +// Pref : When username/password autofill is enabled, still disable it on non-HTTPS sites +// https://hg.mozilla.org/integration/mozilla-inbound/rev/f0d146fe7317 +lockPref("signon.autofillForms.http", false); + +// Pref : Disable inline autocomplete in URL bar +// http://kb.mozillazine.org/Inline_autocomplete +//lockPref("browser.urlbar.autoFill", false); +//lockPref("browser.urlbar.autoFill.typed", false); +// This does not cause privacy/leaking issue + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Check default browser Settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : 0101 : disable default browser check +// [SETTING] General>Startup>Always check if Firefox is your default browser +lockPref("browser.shell.checkDefaultBrowser", false); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DRM/CDM - Main +// ---------------------------------------------------------------------------------------------------- + +// Pref : DRM/CDM +// This is disabled because it's a closed source blob +// Encrypted Media Extensions +lockPref("media.eme.enabled", false); +lockPref("media.gmp-provider.enabled", false); +lockPref("media.gmp-manager.url", "data:text/plain,"); +lockPref("media.gmp-manager.url.override", "data:text/plain,"); +lockPref("media.gmp-manager.updateEnabled", false); +// Windows 10 +lockPref("media.gmp.trial-create.enabled", false); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DRM/CDM - Widevine +// ---------------------------------------------------------------------------------------------------- + +// Pref : 1825 : disable widevine CDM (Content Decryption Module) +lockPref("media.gmp-widevinecdm.visible", false); +lockPref("media.gmp-widevinecdm.enabled", false); +lockPref("media.gmp-widevinecdm.autoupdate", false); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DRM/CDM - OpenH264 +// ---------------------------------------------------------------------------------------------------- + +// Pref : Disable automatic downloading of OpenH264 codec +// Why is there OpenH264 ? hhttps://support.mozilla.org/en-US/kb/open-h264-plugin-firefox +// How to manually install OpenH264 ? https://support.mozilla.org/en-US/questions/1029174 +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_media-capabilities +// https://andreasgal.com/2014/10/14/openh264-now-in-firefox/ +// If you want to enable this webrtc need to be enabled too +lockPref("media.gmp-gmpopenh264.enabled", false); +lockPref("media.gmp-gmpopenh264.autoupdate", false); +lockPref("media.peerconnection.video.enabled", false); //Deprecated Active + +// Pref : Force OpenH264 On (Not necessary) +//lockPref("media.peerconnection.video.h264", true); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DRM/CDM - Adobe Primetime +// ---------------------------------------------------------------------------------------------------- + +// Pref : +lockPref("media.gmp-eme-adobe.enabled", false); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DRM/CDM - IJWY To Shut Up +// ---------------------------------------------------------------------------------------------------- + +// Pref : +lockPref("media.gmp-manager.certs.2.commonName", ""); +// Default Value +// aus5.mozilla.org + +// Pref : +lockPref("media.gmp-manager.certs.1.commonName", ""); +// Default Value +// aus5.mozilla.org + +// ---------------------------------------------------------------------------------------------------- +// User Settings : WebRTC (Very efficient for fingerprinting this is why its disabled) +// ---------------------------------------------------------------------------------------------------- + +// Pref : Disable WebRTC getUserMedia, screen sharing, audio capture, video capture +// https://wiki.mozilla.org/Media/getUserMedia +// https://blog.mozilla.org/futurereleases/2013/01/12/capture-local-camera-and-microphone-streams-with-getusermedia-now-enabled-in-firefox/ +// https://developer.mozilla.org/en-US/docs/Web/API/Navigator +lockPref("media.navigator.enabled", false); +lockPref("media.navigator.video.enabled", false); //Deprecated Active +lockPref("media.getusermedia.browser.enabled", false); +lockPref("media.getusermedia.screensharing.enabled", false); +lockPref("media.getusermedia.audiocapture.enabled", false); + +// Pref : 2001 : disable WebRTC (Web Real-Time Communication) +// [1] https://www.privacytools.io/#webrtc +lockPref("media.peerconnection.use_document_iceservers", false); //Deprecated Active +lockPref("media.peerconnection.identity.enabled", false); //Deprecated Active +lockPref("media.peerconnection.identity.timeout", 1); //Deprecated Active +lockPref("media.peerconnection.turn.disable", true); //Deprecated Active +lockPref("media.peerconnection.ice.tcp", false); //Deprecated Active + +// Pref : 2002: limit WebRTC IP leaks if using WebRTC +// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1189041,1297416 +// [2] https://wiki.mozilla.org/Media/WebRTC/Privacy +lockPref("media.peerconnection.ice.default_address_only", true); // (FF42-FF50) +lockPref("media.peerconnection.ice.no_host", true); // (FF51+) + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Proxy settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : 0706 : remove paths when sending URLs to PAC scripts (FF51+) +// CVE-2017-5384 : Information disclosure via Proxy Auto-Config (PAC) +// [1] https://bugzilla.mozilla.org/1255474 +// Does not need to be set as its false by default +// BUG : This lock proxy settings from the panel +// BUG-Fix : Fixed in defaulting section +// MIGRATED : To defaulting section +// WARNING : Do not change this settings here or proxy settings will be locked +//lockPref("network.proxy.autoconfig_url.include_path", false); + +// Pref : Send DNS request through SOCKS when SOCKS proxying is in use +// https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers +// BUG : This lock proxy settings from the panel +// BUG-Fix : Fixed with defaulting section +// MIGRATED : To defaulting section +// WARNING : Do not change this settings here or proxy settings will be locked +//lockPref("network.proxy.socks_remote_dns", true); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : DNS settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : 0707 : disable (or setup) DNS-over-HTTPS (DoH) (FF60+) +// TRR = Trusted Recursive Resolver +// .mode: 0=off, 1=race, 2=TRR first, 3=TRR only, 4=race for stats, +// but always use native result, 5=explicitly turn it off +// [WARNING] DoH bypasses hosts and gives info to yet another party (e.g. Cloudflare) +// [1] https://www.ghacks.net/2018/04/02/configure-dns-over-https-in-firefox/ +// [2] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/ +// BUG : This seem to disable socks_remote_dns ?! need to check with wireshark +// If true, just settings urls to null should be enough to disable +// Without impacting socks_remote_dns +// ------- +// Mode 0 is only off because right now that's the default, the default can change. +// Mode 5 means explicitly off, regardless of default. +// https://wiki.mozilla.org/Trusted_Recursive_Resolver +// https://nakedsecurity.sophos.com/2018/08/07/mozilla-faces-resistance-over-dns-privacy-test/#comment-5193521 +// ------- +lockPref("network.trr.mode", 5); +lockPref("network.trr.bootstrapAddress", ""); +lockPref("network.trr.uri", ""); + +// If your OS or ISP does not support IPv6, there is no reason to have this preference set to false. +lockPref("network.dns.disableIPv6", true); + +// Pref : Disable DNS prefetching +// http://kb.mozillazine.org/Network.dns.disablePrefetch +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Controlling_DNS_prefetching +lockPref("network.dns.disablePrefetch", true); +lockPref("network.dns.disablePrefetchFromHTTPS", true); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Start page highlight +// ---------------------------------------------------------------------------------------------------- + +// Pref : Defaulting Settings : Start page highlight settings +// This does not seems to work with defaultPref +lockPref("browser.newtabpage.activity-stream.feeds.section.highlights", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeBookmarks", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); +lockPref("browser.newtabpage.activity-stream.prerender", false); + +// ---------------------------------------------------------------------------------------------------- +// Defaulting Settings : Do not track settings +// ---------------------------------------------------------------------------------------------------- + +// Set to enforce, choice was left to the user in previous version +lockPref("privacy.donottrackheader.enabled", true); + +// Pref : 1610: (36+) set DNT "value" to "not be tracked" (FF21+) +// [1] http://kb.mozillazine.org/Privacy.donottrackheader.value +// [-] https://bugzilla.mozilla.org/1042135#c101 +lockPref("privacy.donottrackheader.value", 1); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Other theming settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : Fix white text on white background for linux +// fixed with lockPref("ui.use_standins_for_native_colors", true); +//lockPref("widget.content.gtk-theme-override", "Adwaita:light"); + +// Pref : +//lockPref("browser.devedition.theme.enabled", true); + +// Pref : +//lockPref("devtools.theme", "dark"); + +// Pref : +//lockPref("browser.devedition.theme.showCustomizeButton", true); + +// ---------------------------------------------------------------------------------------------------- +// User Settings : Miscellaneous settings +// ---------------------------------------------------------------------------------------------------- + +// Pref : Disable "Are you sure you want to leave this page?" popups on page close +// https://support.mozilla.org/en-US/questions/1043508 +// Does not prevent JS leaks of the page close event. +// https://developer.mozilla.org/en-US/docs/Web/Events/beforeunload +// Disabled by default could be useful on important site like banking +//lockPref("dom.disable_beforeunload", true); + +// Pref : Disable geo localisation +lockPref("permissions.default.geo", 2); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Defaulting Settings +// Those settings are not locked this section purpose is to change default setting... +// Modifications can still be done within firefox +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// ---------------------------------------------------------------------------------------------------- +// Defaulting Settings : Other Defaulting +// ---------------------------------------------------------------------------------------------------- + +// Pref : Preferred language for displaying websites... +// The first settings overflow the second one +defaultPref("privacy.spoof_english", 2); +//defaultPref("intl.accept_languages", "en-US, en"); //This make lang windows unusable + +// Pref : 1606: ALL: set the default Referrer Policy +// 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade +// [NOTE] This is only a default, it can be overridden by a site-controlled Referrer Policy +// [1] https://www.w3.org/TR/referrer-policy/ +// [2] https://developer.mozilla.org/docs/Web/HTTP/Headers/Referrer-Policy +// [3] https://blog.mozilla.org/security/2018/01/31/preventing-data-leaks-by-stripping-path-information-in-http-referrers/ +defaultPref("network.http.referer.defaultPolicy", 3); // (FF59+) default: 3 +defaultPref("network.http.referer.defaultPolicy.pbmode", 2); // (FF59+) default: 2 + +// Pref : 1701: enable Container Tabs setting in preferences (see 1702) (FF50+) +// [1] https://bugzilla.mozilla.org/1279029 +defaultPref("privacy.userContext.ui.enabled", true); +// Pref : 1702: enable Container Tabs (FF50+) +// [SETTING] General>Tabs>Enable Container Tabs +defaultPref("privacy.userContext.enabled", true); +// Pref : 1703: enable a private container for thumbnail loads (FF51+) +defaultPref("privacy.usercontext.about_newtab_segregation.enabled", true); // default: true in FF61+ +// Pref : 1704: set long press behaviour on "+ Tab" button to display container menu (FF53+) +// 0=disables long press, 1=when clicked, the menu is shown +// 2=the menu is shown after X milliseconds +// [NOTE] The menu does not contain a non-container tab option +// [1] https://bugzilla.mozilla.org/1328756 +defaultPref("privacy.userContext.longPressBehavior", 2); + +// Pref : (FF57+) +defaultPref("browser.download.autohideButton", false); + +// Pref : enable "Find As You Type" +defaultPref("accessibility.typeaheadfind", true); + +// Pref : disable autocopy default [LINUX] +defaultPref("clipboard.autocopy", false); + +// Pref : 0=none, 1-multi-line, 2=multi-line & single-line +defaultPref("layout.spellcheckDefault", 2); + +// Pref : closeWindowWithLastTab +defaultPref("browser.tabs.closeWindowWithLastTab", false); + +// Pref : middle-click enabling auto-scrolling [WINDOWS] [MAC] +defaultPref("general.autoScroll", false); + +// Pref : 1601: ALL: control when images/links send a referer +// 0=never, 1=send only when links are clicked, 2=for links and images (default) +//defaultPref("network.http.sendRefererHeader", 1); +// This break a lot of sites.. mitigating by extension + +// Pref : 2620: enable Firefox's built-in PDF reader +// [SETTING] General>Applications>Portable Document Format (PDF) +// This setting controls if the option "Display in Firefox" in the above setting is available +// and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With") +// PROS: pdfjs is lightweight, open source, and as secure/vetted as any pdf reader out there (more than most) +// Exploits are rare (1 serious case in 4 yrs), treated seriously and patched quickly. +// It doesn't break "state separation" of browser content (by not sharing with OS, independent apps). +// It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk. +// CONS: You may prefer a different pdf reader for security reasons +// CAVEAT: JS can still force a pdf to open in-browser by bundling its own code (rare) +defaultPref("pdfjs.disabled", false); + +// Pref : 2210: block popup windows +// [SETTING] Privacy & Security>Permissions>Block pop-up windows +defaultPref("dom.disable_open_during_load", true); + +// Pref : 2203 : open links targeting new windows in a new tab instead +// User Settings : Migrated to Defaulting : Links pop-up open in new tab +// This stops malicious window sizes and some screen resolution leaks. +// You can still right-click a link and open in a new window. +// [TEST] https://people.torproject.org/~gk/misc/entire_desktop.html +// [1] https://trac.torproject.org/projects/tor/ticket/9881 +defaultPref("browser.link.open_newwindow", 3); +defaultPref("browser.link.open_newwindow.restriction", 0); + +// Pref : Defaulting Settings : Proxy +defaultPref("network.proxy.autoconfig_url", ""); +defaultPref("network.proxy.autoconfig_url.include_path", false); +defaultPref("network.proxy.socks_remote_dns", true); +defaultPref("network.proxy.socks_version", 5); + +// Pref : Defaulting Settings : Bookmark should by default open in newtab instead of +// replacing the current page +defaultPref("browser.tabs.loadBookmarksInTabs", true); + +// Pref : Debugging settings +defaultPref("devtools.debugger.remote-enabled", false); +defaultPref("devtools.chrome.enabled", false); + +// Pref : site_specific_overrides useragent +defaultPref("general.useragent.site_specific_overrides", false); + +// Pref : Display all sections by default +defaultPref("extensions.ui.experiment.hidden", false); +// Those two are not needed (they are set to true automatically when their list is empty ) +//defaultPref("extensions.ui.dictionary.hidden", false); +//defaultPref("extensions.ui.locale.hidden", false); + +// Pref : Pref tied to LibreWolf, displaying small density by default +// Small icons... +defaultPref("browser.uidensity", 1); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Controversial +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Disable IndexedDB (disabled) +// Pref : 2720: enforce IndexedDB (IDB) +// IDB is required for extensions and Firefox internals (even before FF63) +// To control *website* IDB data, control allowing cookies and service workers, or use +// Temporary Containers. To mitigate *website* IDB, FPI helps (4001), and/or sanitize +// on close (Offline Website Data, see User Settings : History settings) or on-demand (Ctrl-Shift-Del), +// or automatically via an extension. Note that IDB currently cannot be sanitized by host. +// IndexedDB could be used for tracking purposes, but is required for : +// twitter and many sites, some addons, old version of uBlock, session manager in certain cases +// This is mitigated with addons and sanitize settings +// IndexedDB is a low-level API for client-side storage of significant amounts of structured data, +// including files/blobs. This API uses indexes to enable high-performance searches of this data. +// While Web Storage is useful for storing smaller amounts of data, it is less useful for storing +// larger amounts of structured data. IndexedDB provides a solution. This is the main landing page +// for MDN's IndexedDB coverage — here we provide links to the full API reference and usage guides, +// browser support details, and some explanation of key concepts +// Also this is cleaned by privacy.clearOnShutdown.offlineApps" +// https://blog.mozilla.org/addons/2018/08/03/new-backend-for-storage-local-api/ +// https://developer.mozilla.org/en-US/docs/IndexedDB +// https://en.wikipedia.org/wiki/Indexed_Database_API +// https://wiki.mozilla.org/Security/Reviews/Firefox4/IndexedDB_Security_Review +// http://forums.mozillazine.org/viewtopic.php?p=13842047 +// https://github.com/pyllyukko/user.js/issues/8 +lockPref("dom.indexedDB.enabled", true); //default true + +// Pref : indexedDB Loggingq - disabled for performance +//lockPref("dom.indexedDB.logging.details", false); //default true +//lockPref("dom.indexedDB.logging.enabled", false); //default true + +// Pref : 2516 : disable PointerEvents +// [1] https://developer.mozilla.org/en-US/docs/Web/API/PointerEvent +lockPref("dom.w3c_pointer_events.enabled", false); + +// Pref : 0702 : disable HTTP2 (which was based on SPDY which is now deprecated) +// HTTP2 raises concerns with "multiplexing" and "server push", does nothing to enhance +// privacy, and in fact opens up a number of server-side fingerprinting opportunities +// [1] https://http2.github.io/faq/ +// [2] https://blog.scottlogic.com/2014/11/07/http-2-a-quick-look.html +// [3] https://queue.acm.org/detail.cfm?id=2716278 +// [4] https://github.com/ghacksuserjs/ghacks-user.js/issues/107 +// Disabled because of [4] +//lockPref("network.http.spdy.enabled", false); +//lockPref("network.http.spdy.enabled.deps", false); +//lockPref("network.http.spdy.enabled.http2", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Firefox Fingerprint +// ResistFingerprinting : Overrided by 'privacy.resistFingerprinting' +// This need to be kept disabled to make resistFingerprinting efficient +// https://wiki.mozilla.org/Security/Fingerprinting +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Enable hardening against various fingerprinting vectors (Tor Uplift project) +// https://wiki.mozilla.org/Security/Tor_Uplift/Tracking +// https://bugzilla.mozilla.org/show_bug.cgi?id=1333933 +lockPref("privacy.resistFingerprinting", true); + +// Pref : 4503 : disable mozAddonManager Web API (FF57+) +// [NOTE] As a side-effect in FF57-59 this allowed extensions to work on AMO. In FF60+ you also need +// to sanitize or clear extensions.webextensions.restrictedDomains (see 2662) to keep that side-effect +// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 +lockPref("privacy.resistFingerprinting.block_mozAddonManager", true); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Locale/Time/UserAgent +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : 0864 : disable date/time picker (FF57+ default true) +// This can leak your locale if not en-US +// [1] https://trac.torproject.org/projects/tor/ticket/21787 +// How does this work with resistFingerprinting efficient ?? +lockPref("dom.forms.datetime", false); + +// Pref : Prevent leaking application locale/date format using JavaScript +// https://bugzilla.mozilla.org/show_bug.cgi?id=867501 +// https://hg.mozilla.org/mozilla-central/rev/52d635f2b33d +// Already applied by resistFingerprinting ? +lockPref("javascript.use_us_english_locale", true); + +// Pref : Set Accept-Language HTTP header to en-US regardless of Firefox localization +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language +// Already applied by resistFingerprinting ? +lockPref("intl.regional_prefs.use_os_locales", false); + +// Pref : Local and useragent... +// Already applied by resistFingerprinting ? +lockPref("intl.locale.requested", "en-US"); + +// Pref : Spoof User-agent (disabled) +// Disabled to make resistFingerprinting efficient +//lockPref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:45.0) Gecko/20100101 Firefox/45.0, 45"); + +// Pref : This does not work with resistFingerprinting... (Still needed for ESR) +lockPref("general.appname.override", "Netscape"); +lockPref("general.appversion.override", "5.0 (Windows)"); +lockPref("general.platform.override", "Win32"); +lockPref("general.oscpu.override", "Windows NT 6.1"); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Ghacks-user Selection +// Bench Diff : +100/5000 +// >>>>>>>>>>>>>>>>>>>>>> + +// Pref : 0335 : disable Telemetry Coverage [FF64+] +// [1] https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ +lockPref("toolkit.coverage.endpoint.base", ""); +lockPref("toolkit.coverage.opt-out", true); // [HIDDEN PREF] + +// DOWNLOADS +// Pref : 2652: disable adding downloads to the system's "recent documents" list +lockPref("browser.download.manager.addToRecentDocs", false); //do not disabled +// Pref : 2653: disable hiding mime types (Options>General>Applications) not associated with a plugin +lockPref("browser.download.hide_plugins_without_extensions", false); //do not disabled + +// Pref : 2617: remove webchannel whitelist +// Default value +// "https://content.cdn.mozilla.net https://input.mozilla.org https://support.mozilla.org https://install.mozilla.org" +lockPref("webchannel.allowObject.urlWhitelist", ""); + +// Pref : 2730b: disable offline cache on insecure sites (FF60+) +// [1] https://blog.mozilla.org/security/2018/02/12/restricting-appcache-secure-contexts/ +lockPref("browser.cache.offline.insecure.enable", false); // default: false in FF62+ + +// Pref : 2614: limit HTTP redirects (this does not control redirects with HTML meta tags or JS) +// [NOTE] A low setting of 5 or under will probably break some sites (e.g. gmail logins) +// To control HTML Meta tag and JS redirects, use an extension. Default is 20 +lockPref("network.http.redirection-limit", 10); + +// Pref : 2731: enforce websites to ask to store data for offline use +// [1] https://support.mozilla.org/questions/1098540 +// [2] https://bugzilla.mozilla.org/959985 +lockPref("offline-apps.allow_by_default", false); + +// EXTENSIONS +// Pref : 2660: lock down allowed extension directories +// [SETUP-CHROME] This will break extensions that do not use the default XPI directories +// [1] https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/ +// [1] archived: https://archive.is/DYjAM +lockPref("extensions.enabledScopes", 5); // (hidden pref) // Breaks all default themes (including dark) starting with FF68.0+ +// Tor-compatibility-patch +lockPref("extensions.autoDisableScopes", 15); //Tor value must be 0 +// Pref : 2663: enable warning when websites try to install add-ons +// [SETTING] Privacy & Security>Permissions>Warn you when websites try to install add-ons +lockPref("xpinstall.whitelist.required", true); // default: true + +// Pref : 2306: disable push notifications (FF44+) +// web apps can receive messages pushed to them from a server, whether or +// not the web app is in the foreground, or even currently loaded +// [1] https://developer.mozilla.org/docs/Web/API/Push_API +lockPref("dom.push.enabled", false); +lockPref("dom.push.connection.enabled", false); +lockPref("dom.push.serverURL", ""); //default "wss://push.services.mozilla.com/" +lockPref("dom.push.userAgentID", ""); + +// Pref : 2683: block top level window data: URIs (FF56+) +// [1] https://bugzilla.mozilla.org/1331351 +// [2] https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/ +// [3] https://www.fxsitecompat.com/en-CA/docs/2017/data-url-navigations-on-top-level-window-will-be-blocked/ +lockPref("security.data_uri.block_toplevel_data_uri_navigations", true); // default: true in FF59+ + +// Pref : 2618: disable exposure of system colors to CSS or canvas (FF44+) +// [NOTE] see second listed bug: may cause black on black for elements with undefined colors +// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=232227,1330876 +lockPref("ui.use_standins_for_native_colors", true); // (hidden pref) +// Fix for widget.content.gtk-theme-override;Adwaita:light + +// Pref : 0403: disable individual unwanted/unneeded parts of the Kinto blocklists +// What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications +// As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be +// revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes +lockPref("services.blocklist.onecrl.collection", ""); // revoked certificates +lockPref("services.blocklist.addons.collection", ""); +lockPref("services.blocklist.plugins.collection", ""); +lockPref("services.blocklist.gfx.collection", ""); + +// Pref : disable showing about:blank as soon as possible during startup (FF60+) +// When default true (FF62+) this no longer masks the RFP resizing activity +// [1] https://bugzilla.mozilla.org/1448423 +lockPref("browser.startup.blankWindow", false); + +// Pref : 2428: enforce DOMHighResTimeStamp API +// [WARNING] Required for normalization of timestamps and any timer resolution mitigations +lockPref("dom.event.highrestimestamp.enabled", true); // default: true + +// Pref : 0516 : disable Onboarding (FF55+) +// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time +// about:home or about:newtab is opened, the onboarding overlay is injected into that page +// [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3] +// [1] https://wiki.mozilla.org/Firefox/Onboarding +// [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf +// [3] https://bugzilla.mozilla.org/863246#c154 +// Pref : URL that kicks off the UI tour +lockPref("privacy.trackingprotection.introURL", ""); + +// Pref : 0703 : disable HTTP Alternative Services (FF37+) +// [1] https://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/#comment-3970881 +// [2] https://www.mnot.net/blog/2016/03/09/alt-svc +lockPref("network.http.altsvc.enabled", false); +lockPref("network.http.altsvc.oe", false); + +// Pref : 0709 : disable using UNC (Uniform Naming Convention) paths (FF61+) +// [1] https://trac.torproject.org/projects/tor/ticket/26424 +lockPref("network.file.disable_unc_paths", true); // (hidden pref) + +// Pref : 0710 : disable GIO as a potential proxy bypass vector +// Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, dav, cdda, +// gphoto2, trash, etc. By default only smb and sftp protocols are accepted so far (as of FF64) +// [1] https://bugzilla.mozilla.org/1433507 +// [2] https://trac.torproject.org/23044 +// [3] https://en.wikipedia.org/wiki/GVfs +// [4] https://en.wikipedia.org/wiki/GIO_(software) +lockPref("network.gio.supported-protocols", ""); // (hidden pref) + +// Pref : 0809 : disable location bar suggesting "preloaded" top websites (FF54+) +// [1] https://bugzilla.mozilla.org/1211726 +lockPref("browser.urlbar.usepreloadedtopurls.enabled", false); + +// Pref : 0810 : disable location bar making speculative connections (FF56+) +// [1] https://bugzilla.mozilla.org/1348275 +lockPref("browser.urlbar.speculativeConnect.enabled", false); + +// Pref : 0850e: disable location bar one-off searches (FF51+) +// [1] https://www.ghacks.net/2016/08/09/firefox-one-off-searches-address-bar/ +lockPref("browser.urlbar.oneOffSearches", false); + +// Pref : 0911 : prevent cross-origin images from triggering an HTTP-Authentication prompt (FF55+) +// [1] https://bugzilla.mozilla.org/1357835 +lockPref("network.auth.subresource-img-cross-origin-http-auth-allow", false); //Deprecated Active + +// Pref : 1030 : disable favicons in shortcuts +// URL shortcuts use a cached randomly named .ico file which is stored in your +// profile/shortcutCache directory. The .ico remains after the shortcut is deleted. +// If set to false then the shortcuts use a generic Firefox icon +lockPref("browser.shell.shortcutFavicons", false); + +// Pref : 1032 : disable favicons in web notifications +lockPref("alerts.showFavicons", false); // default: false + +// Pref : 1201 : disable old SSL/TLS "insecure" renegotiation (vulnerable to a MiTM attack) +// [WARNING] <2% of secure sites do NOT support the newer "secure" renegotiation, see [2] +// [1] https://wiki.mozilla.org/Security:Renegotiation +// [2] https://www.ssllabs.com/ssl-pulse/ +lockPref("security.ssl.require_safe_negotiation", true); + +// Pref : 1205 : disable TLS1.3 0-RTT (round-trip time) (FF51+) +// [1] https://github.com/tlswg/tls13-spec/issues/1001 +// [2] https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ +lockPref("security.tls.enable_0rtt_data", false); // (FF55+ default true) + +// Pref : 1272 : display advanced information on Insecure Connection warning pages +// only works when it's possible to add an exception +// i.e. it doesn't work for HSTS discrepancies (https://subdomain.preloaded-hsts.badssl.com/) +// [TEST] https://expired.badssl.com/ +lockPref("browser.xul.error_pages.expert_bad_cert", true); + +// Pref : 1407 : disable special underline handling for a few fonts which you will probably never use [RESTART] +// Any of these fonts on your system can be enumerated for fingerprinting. +// [1] http://kb.mozillazine.org/Font.blacklist.underline_offset +lockPref("font.blacklist.underline_offset", ""); + +// Pref : 1408 : disable graphite which FF49 turned back on by default +// In the past it had security issues. Update: This continues to be the case, see [1] +// [1] https://www.mozilla.org/security/advisories/mfsa2017-15/#CVE-2017-7778 +lockPref("gfx.font_rendering.graphite.enabled", false); + +// Pref : 1604 : CROSS ORIGIN: control the amount of information to send (FF52+) +// Pref : 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port +lockPref("network.http.referer.XOriginTrimmingPolicy", 0); + +// Pref : 1605 : ALL: disable spoofing a referer +// [WARNING] Spoofing effectively disables the anti-CSRF (Cross-Site Request Forgery) protections that some sites may rely on +// Default false +lockPref("network.http.referer.spoofSource", false); + +// Pref : 1801 : set default plugin state (i.e. new plugins on discovery) to never activate +// Pref : 0=disabled, 1=ask to activate, 2=active - you can override individual plugins +lockPref("plugin.default.state", 1); +lockPref("plugin.defaultXpi.state", 1); + +// Pref : 2026 : disable canvas capture stream (FF41+) +// [1] https://developer.mozilla.org/docs/Web/API/HTMLCanvasElement/captureStream +lockPref("canvas.capturestream.enabled", false); + +// Pref : 2027 : disable camera image capture (FF35+) +// [1] https://trac.torproject.org/projects/tor/ticket/16339 +lockPref("dom.imagecapture.enabled", false); // default: false + +// Pref : 2028 : disable offscreen canvas (FF44+) +// [1] https://developer.mozilla.org/docs/Web/API/OffscreenCanvas +lockPref("gfx.offscreencanvas.enabled", false); // default: false + +// Pref : 2201 : prevent websites from disabling new window features +// [1] http://kb.mozillazine.org/Prevent_websites_from_disabling_new_window_features +lockPref("dom.disable_window_open_feature.close", true); +lockPref("dom.disable_window_open_feature.location", true); // default: true +lockPref("dom.disable_window_open_feature.menubar", true); +lockPref("dom.disable_window_open_feature.minimizable", true); +lockPref("dom.disable_window_open_feature.personalbar", true); // bookmarks toolbar +lockPref("dom.disable_window_open_feature.resizable", true); // default: true +lockPref("dom.disable_window_open_feature.status", true); // status bar - default: true +lockPref("dom.disable_window_open_feature.titlebar", true); +lockPref("dom.disable_window_open_feature.toolbar", true); + +// Pref : 2202 : prevent scripts moving and resizing open windows +lockPref("dom.disable_window_move_resize", true); + +// Pref : 2426 : disable Intersection Observer API (FF53+) +// Almost a year to complete, three versions late to stable (as default false), +// number #1 cause of crashes in nightly numerous times, and is (primarily) an +// ad network API for "ad viewability checks" down to a pixel level +// [1] https://developer.mozilla.org/docs/Web/API/Intersection_Observer_API +// [2] https://w3c.github.io/IntersectionObserver/ +// [3] https://bugzilla.mozilla.org/1243846 +lockPref("dom.IntersectionObserver.enabled", false); + +// Pref : 2601 : prevent accessibility services from accessing your browser [RESTART] +// [SETTING] Privacy & Security>Permissions>Prevent accessibility services from accessing your browser +// [1] https://support.mozilla.org/kb/accessibility-services +lockPref("accessibility.force_disabled", 1); + +// Pref : 2606 : disable UITour backend so there is no chance that a remote page can use it +lockPref("browser.uitour.enabled", false); +lockPref("browser.uitour.url", ""); + +// Pref : 2611 : disable middle mouse click opening links from clipboard +// [1] https://trac.torproject.org/projects/tor/ticket/10089 +// [2] http://kb.mozillazine.org/Middlemouse.contentLoadURL +lockPref("middlemouse.contentLoadURL", false); + +// Pref : 2616 : remove special permissions for certain mozilla domains (FF35+) +// [1] resource://app/defaults/permissions +lockPref("permissions.manager.defaultsUrl", ""); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Extensions Manager +// Extensions settings and experimental tentative to firewall extensions +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// ---------------------------------------------------------------------------------- +// Extensions Firewalling - Blocking Domains : +// ------------------------------------------- + +// !!!!!!!!!!!!!!!!!!! Important !!!!!!!!!!!!!!!!!!! +// Please check readme section "Extensions Firewall" + +// Pref : Restricted Domains I/II +// This will allow extensions to work everywhere +defaultPref("extensions.webextensions.restrictedDomains", ""); +// Default Value : available in "debug-notes.log" + +// Pref : Restricted Domains II/II +// Old restrictedDomains implementation +// Redirect basedomain used by identity api +lockPref("extensions.webextensions.identity.redirectDomain", ""); +// Default Value : "extensions.allizom.org" + +// ---------------------------------------------------------------------------------- +// Extensions Firewalling - Blocking The Network : +// ----------------------------------------------- + +// !!!!!!!!!!!!!!!!!!! Important !!!!!!!!!!!!!!!!!!! +// Please check readme section "Extensions Firewall" + +// Pref : CSP Settings For Extensions I/II : Extension Firewall Feature +// Uncomment to disable network for the extensions +// Enable-Firewall-Feature-In-The-Next-Line extensions-firewall >>>>>> +lockPref("extensions.webextensions.base-content-security-policy", "default-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; script-src 'self' moz-extension: blob: filesystem: 'unsafe-eval' 'unsafe-inline'; object-src 'self' moz-extension: blob: filesystem:;"); + +// Pref : CSP Settings For Extensions II/II : Extension Firewall Feature +// This value is applied after the first one (just ignore this) +//defaultPref("extensions.webextensions.default-content-security-policy", "script-src 'self'; object-src 'self';"); +// Default Value : "script-src 'self'; object-src 'self';" + +// ---------------------------------------------------------------------------------- +// Extensions Firewalling - CSP Main Settings : +// --------------------------------------------- + +// !!!!!!!!!!!!!!!!!!! Important !!!!!!!!!!!!!!!!!!! +// Please check readme section "Extensions Firewall" + +// Pref : CSP Main Settings I/II : +// Those are default value for CSP +// Those are not intended to to be uncommented +//defaultPref("security.csp.enable", true); //This is its default value +//defaultPref("security.csp.enableStrictDynamic", true); //This is its default value +//defaultPref("security.csp.enable_violation_events", true); //This is its default value +//defaultPref("security.csp.experimentalEnabled", false); //This is its default value +//defaultPref("security.csp.reporting.script-sample.max-length", 40); //This is its default value +// Default Content Security Policy to apply to signed contents. +//defaultPref("security.signed_content.CSP.default", "script-src 'self'; style-src 'self'"); //This is its default value + +// Pref : Enable Content Security Policy (CSP) +// https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy +// https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +lockPref("security.csp.enable", true); + +// Pref : Enable CSP 1.1 script-nonce directive support +// https://bugzilla.mozilla.org/show_bug.cgi?id=855326 +lockPref("security.csp.experimentalEnabled", true); + +// Pref : CSP Main Settings II/II : Pref : 2681 : Disable CSP Violation Events [FF59+] +// [1] https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent +// [-] https://bugzilla.mozilla.org/1488165 +// Setting removed in firefox v64 +lockPref("security.csp.enable_violation_events", false); //Deprecated Active + +// ---------------------------------------------------------------------------------- +// Extensions Security : +// --------------------- + +// Pref : Enable tab hiding API by default. +defaultPref("extensions.webextensions.tabhide.enabled", false); //Default true + +// ---------------------------------------------------------------------------------- +// Extensions IJWY : +// ----------------- + +// Pref : Report Site Issue button +lockPref("extensions.webcompat-reporter.newIssueEndpoint", ""); +// Default Value +// https://webcompat.com/issues/new + +// Pref : 0518 : disable Web Compatibility Reporter (FF56+) +// Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla +// Report Site Issue button +// Note that on enabling the button in other release channels, make sure to +// disable it in problematic tests, see disableNonReleaseActions() inside +// browser/modules/test/browser/head.js +lockPref("extensions.webcompat-reporter.enabled", false); // Default true + +// ---------------------------------------------------------------------------------- +// Extensions Performance : +// ------------------------ + +// Pref : Delaying extensions background script startup +defaultPref("extensions.webextensions.background-delayed-startup", true); //default true + +// Pref :Whether or not the installed extensions should be migrated to the +// storage.local IndexedDB backend. +//defaultPref("extensions.webextensions.ExtensionStorageIDB.enabled", false); //default false + +// Pref : if enabled, store execution times for API calls +//defaultPref("extensions.webextensions.enablePerformanceCounters", false); //default false + +// Pref : Maximum age in milliseconds of performance counters in children +// When reached, the counters are sent to the main process and +// reset, so we reduce memory footprint. +//defaultPref("extensions.webextensions.performanceCountersMaxAge", 1000); //Hidden prefs + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : IJWY To Shut Up +// I Just Want You To Shut Up : Closing all non necessary communication to mozilla.org etc. +// Thoses settings are not used in gHacks for the moment. +// Will be upstreamed once stable in final version. +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Disabling performance addon url [FF64+] +lockPref("devtools.performance.recording.ui-base-url", ""); +// Default Value : https://perf-html.io + +// Pref : The default set of protocol handlers for irc [FF64+] +lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); +// Default Value : https://www.mibbit.com/?url=%s + +// Pref : +lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); // Deprecated Active +// Default Value +// https://www.mibbit.com/?url=%s + +// Pref : “coverage” ping [FF64+] +// This ping is not enabled by default. When enabled, a ping is generated a total of once +//per profile, as a diagnostic tool to determine whether Telemetry is working for users. +lockPref("toolkit.coverage.enabled", false); //default false + +// Pref : Allow extensions access to list of sites +// https://github.com/mozilla/gecko/blob/central/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp +lockPref("extensions.webapi.testing", false); // hidden prefs // default false + +// Pref : Disable recommended extensions [FF64+] +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false); // disable CFR +// [SETTING] General>Browsing>Recommend extensions as you browse +// [1] https://support.mozilla.org/en-US/kb/extension-recommendations + +// Pref : [FF64+] +lockPref("browser.newtabpage.activity-stream.asrouter.providers.cfr", ""); +// Default Value : +// {\"id\":\"cfr\",\"enabled\":false,\"type\":\"local\",\"localProvider\":\ +// "CFRMessageProvider\",\"frequency\":{\"custom\":[{\"period\":\"daily\",\"cap\":1}]}} + +// Pref : [FF64+] +lockPref("browser.newtabpage.activity-stream.asrouter.providers.onboarding", ""); +// Default Value : +// {\"id\":\"onboarding\",\"type\":\"local\",\"localProvider\":\"OnboardingMessageProvider\",\"enabled\":true} + +// Pref : [FF64+] +lockPref("browser.newtabpage.activity-stream.asrouter.providers.snippets", ""); +// Default Value : +// {\"id\":\"snippets\",\"enabled\":false,\"type\":\"remote\",\"url\":\"https://snippets.cdn.mozilla.net/ +// %STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION% +// /%DISTRIBUTION%/%DISTRIBUTION_VERSION%/\",\"updateCycleInMs\":14400000} + +// Pref : +lockPref("browser.onboarding.notification.tour-ids-queue", ""); + +// Pref : +lockPref("lightweightThemes.getMoreURL", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/themes + +// Pref : +lockPref("devtools.gcli.lodashSrc", ""); +// Default Value +// https://cdnjs.cloudflare.com/ajax/libs/lodash.js/4.6.1/lodash.min.js + +// Pref : +lockPref("media.decoder-doctor.new-issue-endpoint", ""); +// Default Value +// https://webcompat.com/issues/new + +// Pref : +lockPref("identity.sync.tokenserver.uri", ""); +// Default Value +// https://token.services.mozilla.com/1.0/sync/1.5 + +// Pref : +lockPref("devtools.webide.templatesURL", ""); +// Default Value +// https://code.cdn.mozilla.net/templates/list.json + +// Pref : +lockPref("browser.ping-centre.production.endpoint", ""); +// Default Value +// https://tiles.services.mozilla.com/v3/links/ping-centre + +// Pref : +lockPref("browser.translation.engine", ""); +// Default Value +// Google + +// Pref : +lockPref("network.trr.confirmationNS", ""); +// Default Value +// example.com + +// Pref : +lockPref("gecko.handlerService.schemes.mailto.1.name", ""); +// Default Value +// Gmail + +// Pref : +lockPref("gecko.handlerService.schemes.irc.0.name", ""); +// Default Value +// Mibbit + +// Pref : +lockPref("gecko.handlerService.schemes.ircs.0.name", ""); +// Default Value +// Mibbit + +// Pref : +lockPref("gecko.handlerService.schemes.mailto.0.name", ""); +// Default Value +// Yahoo! Mail + +// Pref : +lockPref("services.sync.lastversion", ""); +// Default Value +// firstrun + +// Pref : +lockPref("browser.safebrowsing.provider.mozilla.lists.base", ""); +// Default Value +// moz-std + +// Pref : +lockPref("browser.safebrowsing.provider.mozilla.lists.content", ""); +// Default Value +// moz-full + +// Pref : +lockPref("browser.safebrowsing.provider.google.advisoryName", ""); +// Default Value +// Google Safe Browsing + +// Pref : +lockPref("browser.safebrowsing.provider.google4.advisoryName", ""); +// Default Value +// Google Safe Browsing + +// Pref : Test To Make FFox Silent +lockPref("browser.safebrowsing.provider.mozilla.lists", ""); +// Default Value +// base-track-digest256,mozstd-trackwhite-digest256,content-track-digest256, +// mozplugin-block-digest256,mozplugin2-block-digest256,block-flash-digest256, +// except-flash-digest256,allow-flashallow-digest256,except-flashallow-digest256, +// block-flashsubdoc-digest256,except-flashsubdoc-digest256, +// except-flashinfobar-digest256,ads-track-digest256,social-track-digest256, +// analytics-track-digest256,fastblock1-track-digest256,fastblock1-trackwhite-digest256, +// fastblock2-track-digest256,fastblock2-trackwhite-digest256,fastblock3-track-digest256 + +// Pref : +lockPref("identity.fxaccounts.remote.root", ""); +// Default Value +// https://accounts.firefox.com/ + +// Pref : +lockPref("services.settings.server", ""); +// Default Value +// https://firefox.settings.services.mozilla.com/v1 + +// Pref : +lockPref("services.sync.fxa.privacyURL", ""); +// Default Value +// https://accounts.firefox.com/legal/privacy + +// Pref : +lockPref("services.sync.fxa.termsURL", ""); +// Default Value +// https://accounts.firefox.com/legal/terms + +// Pref : +lockPref("services.blocklist.addons.signer", ""); +// Default Value +// remote-settings.content-signature.mozilla.org + +// Pref : +lockPref("services.blocklist.gfx.signer", ""); +// Default Value +// remote-settings.content-signature.mozilla.org + +// Pref : +lockPref("services.blocklist.onecrl.signer", ""); +// Default Value +// onecrl.content-signature.mozilla.org + +// Pref : +lockPref("services.blocklist.pinning.signer", ""); +// Default Value +// pinning-preload.content-signature.mozilla.org + +// Pref : +lockPref("services.blocklist.plugins.signer", ""); +// Default Value +// remote-settings.content-signature.mozilla.org + +// Pref : +lockPref("services.settings.default_signer", ""); +// Default Value +// remote-settings.content-signature.mozilla.org + +// Pref : +lockPref("accessibility.support.url", ""); +// Default Value +// https://support.mozilla.org/%LOCALE%/kb/accessibility-services + +// Pref : +lockPref("app.normandy.shieldLearnMoreUrl", ""); +// Default Value +// https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield + +// Pref : +lockPref("app.productInfo.baseURL", ""); +// Default Value +// https://www.mozilla.org/firefox/features/ + +// Pref : +lockPref("app.support.baseURL", ""); +// Default Value +// https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/ + +// Pref : +lockPref("browser.chrome.errorReporter.infoURL", ""); +// Default Value +// https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/nightly-error-collection + +// Pref : +lockPref("browser.dictionaries.download.url", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/dictionaries/ + +// Pref : +lockPref("browser.geolocation.warning.infoURL", ""); +// Default Value +// https://www.mozilla.org/%LOCALE%/firefox/geolocation/ + +// Pref : +lockPref("browser.search.searchEnginesURL", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/search-engines/ + +// Pref : +lockPref("browser.uitour.themeOrigin", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/themes/ + +// Pref : Disable WebIDE ADB Dxtension Downloads +// Pref : 2608 : gHacks Deprecated Active +lockPref("devtools.webide.adbAddonURL", ""); +// Default Value +// https://ftp.mozilla.org/pub/mozilla.org/labs/fxos-simulator/adb-helper/#OS#/adbhelper-#OS#-latest.xpi + +// Pref : +lockPref("extensions.getAddons.compatOverides.url", ""); +// Default Value +// https://services.addons.mozilla.org/api/v3/addons/compat-override/?guid=%IDS%&lang=%LOCALE% + +// Pref : +lockPref("extensions.getAddons.get.url", ""); +// Default Value +// https://services.addons.mozilla.org/api/v3/addons/search/?guid=%IDS%&lang=%LOCALE% + +// Pref : +lockPref("extensions.getAddons.langpacks.url", ""); +// Default Value +// https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% + +// Pref : +lockPref("extensions.getAddons.link.url", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/ + +// Pref : +lockPref("extensions.getAddons.search.browseURL", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION% + +// Pref : +lockPref("extensions.getAddons.themes.browseURL", ""); +// Default Value +// https://addons.mozilla.org/%LOCALE%/firefox/themes/?src=firefox + +// Pref : +lockPref("services.sync.addons.trustedSourceHostnames", ""); +// Default Value +// addons.mozilla.org + +// Pref : +lockPref("toolkit.datacollection.infoURL", ""); +// Default Value +// https://www.mozilla.org/legal/privacy/firefox.html + +// Pref : +lockPref("xpinstall.signatures.devInfoURL", ""); +// Default Value +// https://wiki.mozilla.org/Addons/Extension_Signing + +// Pref : +lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines", ""); +// Default Value +// google,amazon + +// Pref : +lockPref("browser.newtabpage.activity-stream.fxaccounts.endpoint", ""); +// Default Value +// https://accounts.firefox.com/ + +// Pref : +lockPref("extensions.update.url", ""); +// Default Value +// https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion= +// %REQ_VERSION%&id=%ITEM_ID%&version=%ITEM_VERSION%&maxAppVersion= +// %ITEM_MAXAPPVERSION%&status=%ITEM_STATUS%&appID=%APP_ID%&appVersion=%APP_VERSION%&appOS= +// %APP_OS%&appABI=%APP_ABI%&locale=%APP_LOCALE%¤tAppVersion= +// %CURRENT_APP_VERSION%&updateType=%UPDATE_TYPE%&compatMode=%COMPATIBILITY_MODE% + +// Pref : +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", ""); +// Default Value +// {"api_key_pref":"extensions.pocket.oAuthConsumerKey","hidden":false,"provider_icon": +// "pocket","provider_name":"Pocket","read_more_endpoint":"https://getpocket.com/explore/ +// trending?src=fx_new_tab","stories_endpoint":"https://getpocket.cdn.mozilla.net/v3/ +// firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=en-US&feed_variant= +// default_spocs_on","stories_referrer":"https://getpocket.com/recommendations", +// "topics_endpoint":"https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics? +// version=2&consumer_key=$apiKey&locale_lang=en-US","show_spocs":true,"personalized":true} + +// Pref : +lockPref("lightweightThemes.recommendedThemes", ""); +// Default Value +// [{"id":"recommended-1","homepageURL":"https://addons.mozilla.org/firefox/addon/a-web-browser-renaissance/", +// "headerURL":"resource:///chrome/browser/content/browser/defaultthemes/1.header.jpg", +// "textcolor":"#000000","accentcolor":"#834d29","iconURL":"resource:///chrome/browser/content/browser/ +// defaultthemes/1.icon.jpg","previewURL":"resource:///chrome/browser/content/browser/defaultthemes/1. +// preview.jpg","author":"Sean.Martell","version":"0"},{"id":"recommended-2","homepageURL": +// "https://addons.mozilla.org/firefox/addon/space-fantasy/","headerURL": +// "resource:///chrome/browser/content/browser/defaultthemes/2.header.jpg", +// "textcolor":"#ffffff","accentcolor":"#d9d9d9","iconURL":"resource:///chrome/browser/content/browser/ +// defaultthemes/2.icon.jpg","previewURL":"resource:///chrome/browser/content/browser/defaultthemes/ +// 2.preview.jpg","author":"fx5800p","version":"1.0"},{"id":"recommended-4","homepageURL": +// "https://addons.mozilla.org/firefox/addon/pastel-gradient/","headerURL": +// "resource:///chrome/browser/content/browser/defaultthemes/4.header.png", +// "textcolor":"#000000","accentcolor":"#000000","iconURL": +// "resource:///chrome/browser/content/browser/defaultthemes/4.icon.png","previewURL": +// "resource:///chrome/browser/content/browser/defaultthemes/4.preview.png", +// "author":"darrinhenein","version":"1.0"}] + +// Other Sync Settings - Disabling By Prevention --------------------------------------------------------- + +lockPref("services.sync.maxResyncs", 0); //5 +lockPref("services.sync.telemetry.maxPayloadCount", 0); //500 +lockPref("services.sync.addons.ignoreUserEnabledChanges", true); //false +lockPref("services.sync.engine.addons", false); //true +lockPref("services.sync.engine.addresses", false); //false +lockPref("services.sync.engine.bookmarks", false); //true +lockPref("services.sync.engine.bookmarks.buffer", false); //false +lockPref("services.sync.engine.creditcards", false); //false +lockPref("services.sync.engine.creditcards.available", false); //false +lockPref("services.sync.engine.history", false); //true +lockPref("services.sync.engine.passwords", false); //true +lockPref("services.sync.engine.prefs", false); //true +lockPref("services.sync.engine.tabs", false); //true +lockPref("services.sync.log.appender.file.logOnError", false); //true +lockPref("services.sync.log.appender.file.logOnSuccess", false); //false +lockPref("services.sync.log.cryptoDebug", false); //false +lockPref("services.sync.sendVersionInfo", false); //true +lockPref("services.sync.syncedTabs.showRemoteIcons", true); //true +lockPref("services.sync.prefs.sync.accessibility.blockautorefresh", false); //true +lockPref("services.sync.prefs.sync.accessibility.browsewithcaret", false); //true +lockPref("services.sync.prefs.sync.accessibility.typeaheadfind", false); //true +lockPref("services.sync.prefs.sync.accessibility.typeaheadfind.linksonly", false); //true +lockPref("services.sync.prefs.sync.addons.ignoreUserEnabledChanges", true); //true +lockPref("services.sync.prefs.sync.browser.contentblocking.enabled", false); //true +lockPref("services.sync.prefs.sync.browser.ctrlTab.recentlyUsedOrder", false); //true +lockPref("services.sync.prefs.sync.browser.download.useDownloadDir", false); //true +lockPref("services.sync.prefs.sync.browser.formfill.enable", false); //true +lockPref("services.sync.prefs.sync.browser.link.open_newwindow", false); //true +lockPref("services.sync.prefs.sync.browser.newtabpage.enabled", false); //true +lockPref("services.sync.prefs.sync.browser.newtabpage.pinned", false); //true +lockPref("services.sync.prefs.sync.browser.offline-apps.notify", false); //true +lockPref("services.sync.prefs.sync.browser.search.update", false); //true +lockPref("services.sync.prefs.sync.browser.sessionstore.restore_on_demand", false); //true +lockPref("services.sync.prefs.sync.browser.startup.homepage", false); //true +lockPref("services.sync.prefs.sync.browser.startup.page", false); //true +lockPref("services.sync.prefs.sync.browser.tabs.loadInBackground", false); //true +lockPref("services.sync.prefs.sync.browser.tabs.warnOnClose", false); //true +lockPref("services.sync.prefs.sync.browser.tabs.warnOnOpen", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.autocomplete.enabled", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.matchBuckets", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.maxRichResults", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.suggest.bookmark", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.suggest.history", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.suggest.history.onlyTyped", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.suggest.openpage", false); //true +lockPref("services.sync.prefs.sync.browser.urlbar.suggest.searches", false); //true +lockPref("services.sync.prefs.sync.dom.disable_open_during_load", false); //true +lockPref("services.sync.prefs.sync.dom.disable_window_flip", false); //true +lockPref("services.sync.prefs.sync.dom.disable_window_move_resize", false); //true +lockPref("services.sync.prefs.sync.dom.event.contextmenu.enabled", false); //true +lockPref("services.sync.prefs.sync.extensions.personas.current", false); //true +lockPref("services.sync.prefs.sync.extensions.update.enabled", false); //true +lockPref("services.sync.prefs.sync.intl.accept_languages", false); //true +lockPref("services.sync.prefs.sync.layout.spellcheckDefault", false); //true +lockPref("services.sync.prefs.sync.lightweightThemes.selectedThemeID", false); //true +lockPref("services.sync.prefs.sync.lightweightThemes.usedThemes", false); //true +lockPref("services.sync.prefs.sync.network.cookie.cookieBehavior", false); //true +lockPref("services.sync.prefs.sync.network.cookie.lifetimePolicy", false); //true +lockPref("services.sync.prefs.sync.network.cookie.thirdparty.sessionOnly", false); //true +lockPref("services.sync.prefs.sync.permissions.default.image", false); //true +lockPref("services.sync.prefs.sync.pref.advanced.images.disable_button.view_image", false); //true +lockPref("services.sync.prefs.sync.pref.advanced.javascript.disable_button.advanced", false); //true +lockPref("services.sync.prefs.sync.pref.downloads.disable_button.edit_actions", false); //true +lockPref("services.sync.prefs.sync.pref.privacy.disable_button.cookie_exceptions", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.cache", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.cookies", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.downloads", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.formdata", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.history", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.offlineApps", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.sessions", false); //true +lockPref("services.sync.prefs.sync.privacy.clearOnShutdown.siteSettings", false); //true +lockPref("services.sync.prefs.sync.privacy.donottrackheader.enabled", false); //true +lockPref("services.sync.prefs.sync.privacy.reduceTimerPrecision", false); //true +lockPref("services.sync.prefs.sync.privacy.resistFingerprinting", false); //true +lockPref("services.sync.prefs.sync.privacy.resistFingerprinting.reduceTimerPrecision.jitter", false); //true +lockPref("services.sync.prefs.sync.privacy.resistFingerprinting.reduceTimerPrecision.microseconds", false); //true +lockPref("services.sync.prefs.sync.privacy.sanitize.sanitizeOnShutdown", false); //true +lockPref("services.sync.prefs.sync.privacy.trackingprotection.enabled", false); //true +lockPref("services.sync.prefs.sync.privacy.trackingprotection.pbmode.enabled", false); //true +lockPref("services.sync.prefs.sync.security.OCSP.enabled", false); //true +lockPref("services.sync.prefs.sync.security.OCSP.require", false); //true +lockPref("services.sync.prefs.sync.security.default_personal_cert", false); //true +lockPref("services.sync.prefs.sync.security.tls.version.max", false); //true +lockPref("services.sync.prefs.sync.security.tls.version.min", false); //true +lockPref("services.sync.prefs.sync.services.sync.syncedTabs.showRemoteIcons", false); //true +lockPref("services.sync.prefs.sync.spellchecker.dictionary", false); //true +lockPref("services.sync.prefs.sync.xpinstall.whitelist.required", false); //true + +// Testing ----------------------------------------------------------------------------------------------- + +// Pref : Test To Make FFox Silent +lockPref("browser.chrome.errorReporter.publicKey", ""); +// Default Value +// c709cb7a2c0b4f0882fcc84a5af161ec + +// Pref : Test To Make FFox Silent +lockPref("prio.publicKeyA", ""); +// Default Value +// 35AC1C7576C7C6EDD7FED6BCFC337B34D48CB4EE45C86BEEFB40BD8875707733 +lockPref("prio.publicKeyB", ""); +// Default Value +// 26E6674E65425B823F1F1D5F96E3BB3EF9E406EC7FBA7DEF8B08A35DD135AF50 + +// Alpha Settings Not Needed For The Moment -------------------------------------------------------------- + +// Pref : +//lockPref("urlclassifier.phishTable", ""); +// Default Value +// goog-phish-proto,test-phish-simple + +// Pref : +//lockPref("urlclassifier.passwordAllowTable", ""); +// Default Value +// goog-passwordwhite-proto + +// Pref : +//lockPref("urlclassifier.downloadAllowTable", ""); +// Default Value +// goog-downloadwhite-proto + +// Pref : +//lockPref("urlclassifier.downloadBlockTable", ""); +// Default Value +// goog-badbinurl-proto + +// Pref : Test To Make FFox Silent +//lockPref("security.content.signature.root_hash", ""); +// Default Value +// 97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E + +// Pref : Test To Make FFox Silent +//lockPref("media.gmp-manager.certs.1.issuerName", ""); +// Default Value +// CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US + +// Pref : Test To Make FFox Silent +//lockPref("media.gmp-manager.certs.2.issuerName", ""); +// Default Value +// CN=thawte SSL CA - G2,O="thawte, Inc.",C=US + +// Disabled ---------------------------------------------------------------------------------------------- + +// Pref : New page default sites +//lockPref("browser.newtabpage.activity-stream.default.sites", ""); +// Default Value +// https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/, +// https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Microsoft Windows +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Other webGl [WINDOWS] +lockPref("webgl.dxgl.enabled", false); + +// Pref : disable scanning for plugins [WINDOWS] +lockPref("plugin.scan.plid.all", false); + +// Pref : disable Windows jumplist [WINDOWS] +lockPref("browser.taskbar.lists.enabled", false); +lockPref("browser.taskbar.lists.frequent.enabled", false); +lockPref("browser.taskbar.lists.recent.enabled", false); +lockPref("browser.taskbar.lists.tasks.enabled", false); + +// Pref : disable Windows taskbar preview [WINDOWS] +lockPref("browser.taskbar.previews.enable", false); + +// Pref : disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS] +// [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/ +lockPref("network.protocol-handler.external.ms-windows-store", false); + +// Pref : disable background update service [WINDOWS] +// [SETTING] General>Firefox Updates>Use a background service to install updates +lockPref("app.update.service.enabled", false); + +// Pref : disable automatic Firefox start and session restore after reboot [WINDOWS] (FF62+) +// [1] https://bugzilla.mozilla.org/603903 +lockPref("toolkit.winRegisterApplicationRestart", false); + +// Pref : 1220: disable Windows 8.1's Microsoft Family Safety cert [WINDOWS] (FF50+) +// 0=disable detecting Family Safety mode and importing the root +// 1=only attempt to detect Family Safety mode (don't import the root) +// 2=detect Family Safety mode and import the root +// [1] https://trac.torproject.org/projects/tor/ticket/21686 +lockPref("security.family_safety.mode", 0); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Firefox ESR60.x +// Deprecated Active For ESR +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Geolocation +lockPref("browser.search.countryCode", "US"); + +// Pref : Disable Mozilla telemetry/experiments +// https://wiki.mozilla.org/Platform/Features/Telemetry +// https://wiki.mozilla.org/Privacy/Reviews/Telemetry +// https://wiki.mozilla.org/Telemetry +// https://www.mozilla.org/en-US/legal/privacy/firefox.html#telemetry +// https://support.mozilla.org/t5/Firefox-crashes/Mozilla-Crash-Reporter/ta-p/1715 +// https://wiki.mozilla.org/Security/Reviews/Firefox6/ReviewNotes/telemetry +// https://gecko.readthedocs.io/en/latest/browser/experiments/experiments/manifest.html +// https://wiki.mozilla.org/Telemetry/Experiments +// https://support.mozilla.org/en-US/questions/1197144 +lockPref("experiments.activeExperiment", false); +lockPref("experiments.enabled", false); +lockPref("experiments.manifest.uri", ""); +lockPref("experiments.supported", false); + +// Pref : 2612: disable remote JAR files being opened, regardless of content type (FF42+) +// [1] https://bugzilla.mozilla.org/1173171 +// [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ +// [-] https://bugzilla.mozilla.org/1427726 +lockPref("network.jar.block-remote-files", true); + +// Pref : 2613: disable JAR from opening Unsafe File Types +// [-] https://bugzilla.mozilla.org/1427726 +lockPref("network.jar.open-unsafe-types", false); + +// Pref : Disable Java NPAPI plugin +lockPref("plugin.state.java", 0); + +// Pref : 0402: enable Kinto blocklist updates (FF50+) +// What is Kinto?: https://wiki.mozilla.org/Firefox/Kinto#Specifications +// As Firefox transitions to Kinto, the blocklists have been broken down into entries for certs to be +// revoked, extensions and plugins to be disabled, and gfx environments that cause problems or crashes +// [-] https://bugzilla.mozilla.org/1458917 +lockPref("services.blocklist.update_enabled", false); + +// Pref : 0503: disable "Savant" Shield study (FF61+) +// [-] https://bugzilla.mozilla.org/1457226 +lockPref("shield.savant.enabled", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Security 1/3 +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Enable insecure password warnings (login forms in non-HTTPS pages) +// https://blog.mozilla.org/tanvi/2016/01/28/no-more-passwords-over-http-please/ +// https://bugzilla.mozilla.org/show_bug.cgi?id=1319119 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1217156 +lockPref("security.insecure_password.ui.enabled", true); + +// Pref : Show in-content login form warning UI for insecure login fields +// https://hg.mozilla.org/integration/mozilla-inbound/rev/f0d146fe7317 +lockPref("security.insecure_field_warning.contextual.enabled", true); + +// Pref : Disable HSTS preload list (pre-set HSTS sites list provided by Mozilla) +// https://blog.mozilla.org/security/2012/11/01/preloading-hsts/ +// https://wiki.mozilla.org/Privacy/Features/HSTS_Preload_List +// https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security +lockPref("network.stricttransportsecurity.preloadlist", false); + +// Pref : Disable TLS Session Tickets +// https://www.blackhat.com/us-13/briefings.html#NextGen +// https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf +// https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-WP.pdf +// https://bugzilla.mozilla.org/show_bug.cgi?id=917049 +// https://bugzilla.mozilla.org/show_bug.cgi?id=967977 +// SSL Session IDs speed up HTTPS connections (no need to renegotiate) and last for 48hrs. +// Since the ID is unique, web servers can (and do) use it for tracking. If set to true, +// this disables sending SSL Session IDs and TLS Session Tickets to prevent session tracking +lockPref("security.ssl.disable_session_identifiers", true); + +// Pref : Blocking GD Parking Scam Site +defaultPref("network.dns.localDomains", "librefox.com"); + +// Pref : Disable insecure TLS version fallback +// https://bugzilla.mozilla.org/show_bug.cgi?id=1084025 +// https://github.com/pyllyukko/user.js/pull/206#issuecomment-280229645 +lockPref("security.tls.version.fallback-limit", 3); + +// Pref : Only allow TLS 1.[0-3] +// http://kb.mozillazine.org/Security.tls.version.* +lockPref("security.tls.version.min", 2); + +// Pref : Enfore Public Key Pinning +// https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning +// https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning +// "2. Strict. Pinning is always enforced." +lockPref("security.cert_pinning.enforcement_level", 2); + +// Pref : Disallow SHA-1 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1302140 +// https://shattered.io/ +lockPref("security.pki.sha1_enforcement_level", 1); + +// Pref : Warn the user when server doesn't support RFC 5746 ("safe" renegotiation) +// https://wiki.mozilla.org/Security:Renegotiation#security.ssl.treat_unsafe_negotiation_as_broken +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555 +lockPref("security.ssl.treat_unsafe_negotiation_as_broken", true); + +// Pref : Pre-populate the current URL but do not pre-fetch the certificate in the +// "Add Security Exception" dialog +// http://kb.mozillazine.org/Browser.ssl_override_behavior +// https://github.com/pyllyukko/user.js/issues/210 +lockPref("browser.ssl_override_behavior", 1); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Security 2/3 +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : +lockPref("security.ssl.errorReporting.automatic", false); +lockPref("security.ssl.errorReporting.url", ""); + +// Pref : Check disabled section +// OCSP Leaks the visited sited exactly same issue as safebrowsing. +// Stapling have the site itsefl proof that his certificate is good +// through the CA so apparently nothing is leaked in this case. +// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ +lockPref("security.OCSP.enabled", 0); +lockPref("security.OCSP.require", false); +lockPref("security.ssl.enable_ocsp_stapling", true); + +// Pref : +lockPref("security.ssl.errorReporting.enabled", false); + +// Pref : Manage certificates button +//lockPref("security.disable_button.openCertManager", false); +// Disabled because of a bug that disable the button no matter what is the value + +// Pref : Manage security devices button +//lockPref("security.disable_button.openDeviceManager", false); +// Disabled because of a bug that disable the button no matter what is the value + +// Pref : +lockPref("security.mixed_content.upgrade_display_content", true); +lockPref("security.mixed_content.block_object_subrequest", true); +lockPref("security.mixed_content.block_display_content", true); +lockPref("security.mixed_content.block_active_content", true); + +// Pref : +lockPref("security.insecure_connection_icon.enabled", true); +lockPref("security.insecure_connection_icon.pbmode.enabled", true); +lockPref("security.insecure_connection_text.enabled", true); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Security 3/3 (Cipher) +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : +lockPref("security.ssl3.rsa_des_ede3_sha", false); +lockPref("security.ssl3.rsa_aes_256_sha", false); +lockPref("security.ssl3.rsa_aes_128_sha", false); + +// Pref : Disable RC4 +// https://developer.mozilla.org/en-US/Firefox/Releases/38#Security +// https://bugzilla.mozilla.org/show_bug.cgi?id=1138882 +// https://rc4.io/ +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566 +lockPref("security.ssl3.ecdh_ecdsa_rc4_128_sha", false); +lockPref("security.ssl3.ecdh_rsa_rc4_128_sha", false); + +// Pref : Disable SEED cipher +// https://en.wikipedia.org/wiki/SEED +lockPref("security.ssl3.rsa_seed_sha", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Performance 1/5 +// Defaulting settings - HW Settings can be checked under about:support +// Bench Diff : +650/5000 +// >>>>>>>>>>>>>>>>>>>>>> + +// Bench Diff : +100/5000 +// Pref : Increases animation speed. May mitigate choppy scrolling. +defaultPref("layout.frame_rate.precise", true); + +// Bench Diff : +500/5000 +// Pref : Enable Hardware Acceleration and Off Main Thread Compositing (OMTC). +// It's likely your browser is already set to use these features. +// May introduce instability on some hardware. +// Tor compatibility - have inverted values in tor. +defaultPref("webgl.force-enabled", true); +defaultPref("layers.acceleration.force-enabled", true); + +// Pref : 2508: disable hardware acceleration to reduce graphics fingerprinting +// [SETTING] General>Performance>Custom>Use hardware acceleration when available +// [SETUP-PERF] Affects text rendering (fonts will look different), impacts video performance, +// and parts of Quantum that utilize the GPU will also be affected as they are rolled out +// [1] https://wiki.mozilla.org/Platform/GFX/HardwareAcceleration +// Resolved with extension +defaultPref("gfx.direct2d.disabled", false); // [WINDOWS] +defaultPref("layers.acceleration.disabled", false); + +// Bench Diff : 0/5000 +// Pref : +defaultPref("html5.offmainthread", true); //default true +defaultPref("layers.offmainthreadcomposition.enabled", true); +defaultPref("layers.offmainthreadcomposition.async-animations", true); +defaultPref("layers.async-video.enabled", true); + +// Bench Diff : +50/5000 +// Pref : Deprecated Active +defaultPref("browser.tabs.animate", false); + +// Pref : The impact for this one is negligible +//defaultPref("browser.download.animateNotifications", false); + +// Bench Diff : -80/5000 +// Pref : Spoof CPU Core Def 16 +// Default settings seems to be the best +//defaultPref("dom.maxHardwareConcurrency", 8); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Performance 2/5 +// Bench Diff : -800/5000 +// >>>>>>>>>>>>>>>>>>>>>> + +// Bench Diff : -500/5000 +// Pref : Tell garbage collector to start running when javascript is using xx MB of memory. +// Garbage collection releases memory back to the system. +// Default settings seems to be the best +//lockPref("javascript.options.mem.high_water_mark", 96); + +// Bench Diff : -200/5000 +// Pref : Disable WebAssembly +// https://webassembly.org/ +// https://en.wikipedia.org/wiki/WebAssembly +// https://trac.torproject.org/projects/tor/ticket/21549 +// Solved with extension disabled here for performance +//lockPref("javascript.options.wasm", false); + +// Bench Diff : -100/5000 +// Pref : Prevent font fingerprinting +// https://browserleaks.com/fonts +// https://github.com/pyllyukko/user.js/issues/120 +// Solved with extension disabled here for performance +//lockPref("browser.display.use_document_fonts", 0); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Performance 3/5 +// Bench Diff : -1720/5000 +// >>>>>>>>>>>>>>>>>>>>>>> + +// Bench Diff : -220/5000 +// Pref : Disable webGL I/II +// WebGL introduce high fingerprinting... (webgl is direct hardware js) +defaultPref("webgl.disabled", false); // Tor have it false but the rest is the same (webgl) +// This does not leak +lockPref("webgl.enable-webgl2", false); +lockPref("webgl.min_capability_mode", true); + +// Bench Diff : 0/5000 +// Pref : Disable webGL II/II +// WebGL introduce high fingerprinting... (webgl is direct hardware js) +lockPref("pdfjs.enableWebGL", false); +lockPref("webgl.disable-extensions", true); +lockPref("webgl.disable-fail-if-major-performance-caveat", true); +lockPref("webgl.enable-debug-renderer-info", false); //Deprecated Active + +// Bench Diff : -1500/5000 +// Pref : Disable asm.js +// http://asmjs.org/ +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/ +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-50/ +// https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2712 +// Solved with extension disabled here for performance +// Tor enforce this +//lockPref("javascript.options.asmjs", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Performance 4/5 +// Bench Diff : -200/5000 +// >>>>>>>>>>>>>>>>>>>>>> + +// Bench Diff : -200/5000 +// Pref : JS Shared Memory - Default false +// https://github.com/MrAlex94/Waterfox/issues/356 +lockPref("javascript.options.shared_memory", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Performance 5/5 +// Bench Diff : -50/5000 +// >>>>>>>>>>>>>>>>>>>>> + +// Bench Diff : -50/5000 +// Pref : 2302 : disable service workers +// Service workers essentially act as proxy servers that sit between web apps, and the browser +// and network, are event driven, and can control the web page/site it is associated with, +// intercepting and modifying navigation and resource requests, and caching resources. +// SW may decrease performance depending on the script this ot that site is running in background +// So overall disabling SW should enhance performance because it block SW Scripts +// [NOTE] Service worker APIs are hidden (in Firefox) and cannot be used when in PB mode. +// [NOTE] Service workers only run over HTTPS. Service Workers have no DOM access. +lockPref("dom.serviceWorkers.enabled", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : General Settings 1/3 +// Bench Diff : +100/5000 +// >>>>>>>>>>>>>>>>>>>>>> + +// Pref : Onboarding tour disable because of included telemetry +// This extension is already removed this setting is just in case it +// comeback or for users using the script outside the bundle +lockPref("browser.onboarding.notification.finished", true); +lockPref("browser.onboarding.tour.onboarding-tour-customize.completed", true); +lockPref("browser.onboarding.tour.onboarding-tour-performance.completed", true); + +// Pref : +lockPref("devtools.onboarding.telemetry.logged", false); + +// Pref : +lockPref("services.sync.engine.addresses.available", false); + +// Pref : +lockPref("browser.bookmarks.restore_default_bookmarks", false); + +// Pref : +lockPref("pdfjs.previousHandler.alwaysAskBeforeHandling", true); + +// Pref : Caching for integrated PDF +lockPref("pdfjs.enabledCache.state", false); + +// Pref : +lockPref("pref.general.disable_button.default_browser", false); +lockPref("pref.privacy.disable_button.view_passwords", false); + +// Pref : +lockPref("identity.mobilepromo.android", ""); + +// Pref : +lockPref("extensions.systemAddon.update.url", ""); + +// Pref : +lockPref("datareporting.healthreport.infoURL", ""); + +// Pref : +lockPref("browser.urlbar.daysBeforeHidingSuggestionsPrompt", 0); +lockPref("browser.urlbar.searchSuggestionsChoice", false); +lockPref("browser.urlbar.timesBeforeHidingSuggestionsHint", 0); + +// Pref : +lockPref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", true); + +// Pref : +lockPref("app.feedback.baseURL", ""); + +// Pref : +lockPref("app.normandy.enabled", false); +lockPref("app.normandy.api_url", ""); +lockPref("app.normandy.first_run", false); +lockPref("app.normandy.user_id", ""); + +// Pref : +lockPref("app.releaseNotesURL", ""); + +// Pref : +lockPref("app.update.auto", false); +lockPref("extensions.update.autoUpdateDefault", false); +lockPref("app.update.staging.enabled", false); +lockPref("app.update.silent", false); +lockPref("app.update.lastUpdateTime.telemetry_modules_ping", 0); +lockPref("app.update.url", ""); +lockPref("app.update.url.details", ""); +lockPref("app.update.url.manual", ""); + +// Pref : +lockPref("app.vendorURL", ""); + +// Pref : +lockPref("breakpad.reportURL", ""); + +// Pref : +lockPref("browser.chrome.errorReporter.submitUrl", ""); +lockPref("browser.chrome.errorReporter.enabled", false); + +// Pref : +lockPref("browser.ping-centre.staging.endpoint", ""); +lockPref("browser.ping-centre.telemetry", false); + +// Pref : Google Safe Browsing (Block dangerous and deceptive contents) + +// browser.safebrowsing.downloads.enabled true + // browser.safebrowsing.downloads.remote.block_potentially_unwanted true + // browser.safebrowsing.downloads.remote.block_uncommon true + // browser.safebrowsing.malware.enabled true + // browser.safebrowsing.phishing.enabled true + +lockPref("browser.safebrowsing.id", ""); +lockPref("browser.safebrowsing.provider.google4.pver", ""); +lockPref("browser.safebrowsing.provider.mozilla.pver", ""); +lockPref("browser.safebrowsing.allowOverride", false); +lockPref("browser.safebrowsing.blockedURIs.enabled", false); +lockPref("browser.safebrowsing.downloads.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.block_dangerous", false); +lockPref("browser.safebrowsing.downloads.remote.block_dangerous_host", false); +lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); +lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false); +lockPref("browser.safebrowsing.downloads.remote.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.url", ""); +lockPref("browser.safebrowsing.malware.enabled", false); +lockPref("browser.safebrowsing.passwords.enabled", false); +lockPref("browser.safebrowsing.phishing.enabled", false); +lockPref("browser.safebrowsing.provider.google4.advisoryURL", ""); +lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); +lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); +lockPref("browser.safebrowsing.provider.google4.gethashURL", ""); +lockPref("browser.safebrowsing.provider.google4.lists", ""); +lockPref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", ""); +lockPref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", ""); +lockPref("browser.safebrowsing.provider.google4.reportURL", ""); +lockPref("browser.safebrowsing.provider.google4.updateURL", ""); +lockPref("browser.safebrowsing.provider.google4.lastupdatetime", ""); +lockPref("browser.safebrowsing.provider.google4.nextupdatetime", ""); +lockPref("browser.safebrowsing.provider.google.advisoryURL", ""); +lockPref("browser.safebrowsing.provider.google.gethashURL", ""); +lockPref("browser.safebrowsing.provider.google.lastupdatetime", ""); +lockPref("browser.safebrowsing.provider.google.lists", ""); +lockPref("browser.safebrowsing.provider.google.nextupdatetime", ""); +lockPref("browser.safebrowsing.provider.google.pver", ""); +lockPref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", ""); +lockPref("browser.safebrowsing.provider.google.reportPhishMistakeURL", ""); +lockPref("browser.safebrowsing.provider.google.reportURL", ""); +lockPref("browser.safebrowsing.provider.google.updateURL", ""); +lockPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); +lockPref("browser.safebrowsing.provider.mozilla.lastupdatetime", ""); +lockPref("browser.safebrowsing.provider.mozilla.nextupdatetime", ""); +lockPref("browser.safebrowsing.provider.mozilla.updateURL", ""); +lockPref("browser.safebrowsing.reportPhishURL", ""); + +// Pref : +lockPref("browser.search.suggest.enabled", false); + +// Pref : +lockPref("captivedetect.canonicalURL", ""); + +// Pref : +lockPref("datareporting.policy.firstRunURL", ""); + +// Pref : +lockPref("devtools.devedition.promo.url", ""); +lockPref("devtools.devices.url", ""); +lockPref("devtools.gcli.imgurUploadURL", ""); +lockPref("devtools.gcli.jquerySrc", ""); +lockPref("devtools.gcli.underscoreSrc", ""); +lockPref("devtools.telemetry.supported_performance_marks", ""); +// Fix ESR Devtools +//lockPref("devtools.telemetry.tools.opened.version", ""); +// Default {"DEVTOOLS_SCREEN_RESOLUTION_ENUMERATED_PER_USER":"60.4.0"} + +// Pref : +lockPref("dom.battery.enabled", false); + +// Pref : +lockPref("dom.permissions.enabled", false); + +// Pref : Maximum pop launch at the same time +lockPref("dom.popup_maximum", 4); + +// Pref : +lockPref("dom.registerProtocolHandler.insecure.enabled", true); + +// Pref : +lockPref("extensions.blocklist.detailsURL", ""); +lockPref("extensions.blocklist.itemURL", ""); + +// Pref : Block list url disabled +// gHacks tune this to minimize privacy issue.. its complitely disabled here +// Disabled complitely +lockPref("extensions.blocklist.url", ""); + +// Pref : +lockPref("extensions.update.background.url", ""); + +// Pref : +lockPref("extensions.getAddons.showPane", false); + +// Pref : +lockPref("extensions.webservice.discoverURL", ""); + +// Pref : +lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.webcal.0.uriTemplate", ""); + +// Pref : +lockPref("geo.enabled", false); +lockPref("geo.wifi.uri", ""); + +// Pref : +lockPref("identity.fxaccounts.auth.uri", ""); +lockPref("identity.fxaccounts.remote.oauth.uri", ""); +lockPref("identity.fxaccounts.remote.profile.uri", ""); +lockPref("identity.mobilepromo.ios", ""); + +// Pref : +lockPref("layout.css.visited_links_enabled", false); + +// Pref : +lockPref("lpbmode.enabled", true); + +// Pref : +lockPref("mailnews.messageid_browser.url", ""); +lockPref("mailnews.mx_service_url", ""); + +// Pref : 0608 : disable predictor / prefetching (FF48+) +// Network predicator load pages before they are opened +// with mose hover for example +lockPref("network.predictor.enabled", false); +lockPref("network.predictor.cleaned-up", true); +lockPref("network.predictor.enable-prefetch", false); + +// Pref : +lockPref("plugins.crash.supportUrl", ""); + +// Pref : Sync prefs +lockPref("services.sync.clients.lastSync", "0"); +lockPref("services.sync.clients.lastSyncLocal", "0"); +lockPref("services.sync.declinedEngines", ""); +lockPref("services.sync.enabled", false); +lockPref("services.sync.globalScore", 0); +lockPref("services.sync.jpake.serverURL", ""); +lockPref("services.sync.migrated", true); +lockPref("services.sync.nextSync", 0); +lockPref("services.sync.prefs.sync.browser.safebrowsing.downloads.enabled", false); +lockPref("services.sync.prefs.sync.browser.safebrowsing.malware.enabled", false); +lockPref("services.sync.prefs.sync.browser.safebrowsing.passwords.enabled", false); +lockPref("services.sync.prefs.sync.browser.safebrowsing.phishing.enabled", false); +lockPref("services.sync.serverURL", ""); +lockPref("services.sync.tabs.lastSync", "0"); +lockPref("services.sync.tabs.lastSyncLocal", "0"); + +// Pref : +lockPref("sync.enabled", false); + +// Pref : +lockPref("sync.jpake.serverURL", ""); + +// Pref : +lockPref("sync.serverURL", ""); + +// Pref : +lockPref("toolkit.crashreporter.infoURL", ""); + +// Pref : Disable telemetry +lockPref("toolkit.telemetry.archive.enabled", false); +lockPref("toolkit.telemetry.updatePing.enabled", false); +lockPref("toolkit.telemetry.bhrPing.enabled", false); +lockPref("toolkit.telemetry.cachedClientID", ""); +lockPref("toolkit.telemetry.enabled", false); +lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); +lockPref("toolkit.telemetry.hybridContent.enabled", false); +lockPref("toolkit.telemetry.infoURL", ""); +lockPref("toolkit.telemetry.newProfilePing.enabled", false); +lockPref("toolkit.telemetry.previousBuildID", ""); +lockPref("toolkit.telemetry.prompted", 2); //Setting seem to still exist +lockPref("toolkit.telemetry.rejected", true); +lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); +lockPref("toolkit.telemetry.server", "data:,"); +lockPref("toolkit.telemetry.server_owner", ""); +lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); +lockPref("toolkit.telemetry.unified", false); +lockPref("toolkit.telemetry.coverage.opt-out", true); + +// Pref : +lockPref("webextensions.storage.sync.serverURL", ""); + +// Pref : +lockPref("extensions.screenshots.upload-disabled", true); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : General Settings 2/3 +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : Referer: ALL: control the amount of information to send +// 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port +lockPref("network.http.referer.trimmingPolicy", 0); + +// Pref : Close tab +lockPref("browser.tabs.closeTabByDblclick", true); + +// Pref : Disable collection/sending of the health report (healthreport.sqlite*) +// https://support.mozilla.org/en-US/kb/firefox-health-report-understand-your-browser-perf +// https://gecko.readthedocs.org/en/latest/toolkit/components/telemetry/telemetry/preferences.html +lockPref("datareporting.healthreport.uploadEnabled", false); +lockPref("datareporting.policy.dataSubmissionEnabled", false); + +// Pref : Disable right-click menu manipulation via JavaScript (disabled) +lockPref("dom.event.contextmenu.enabled", false); + +// Pref : Disable clipboard event detection (onCut/onCopy/onPaste) via Javascript +// Disabling clipboard events breaks Ctrl+C/X/V copy/cut/paste functionaility in +// JS-based web applications (Google Docs...) +// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/dom.event.clipboardevents.enabled +lockPref("dom.event.clipboardevents.enabled", false); + +// Pref : Force Punycode for Internationalized Domain Names +// http://kb.mozillazine.org/Network.IDN_show_punycode +// https://www.xudongz.com/blog/2017/idn-phishing/ +// https://wiki.mozilla.org/IDN_Display_Algorithm +// https://en.wikipedia.org/wiki/IDN_homograph_attack +// https://www.mozilla.org/en-US/security/advisories/mfsa2017-02/ +// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.6 +lockPref("network.IDN_show_punycode", true); + +// Pref : Disable Pocket +// https://support.mozilla.org/en-US/kb/save-web-pages-later-pocket-firefox +// https://github.com/pyllyukko/user.js/issues/143 +lockPref("extensions.pocket.enabled", false); +lockPref("extensions.pocket.site", ""); +lockPref("extensions.pocket.oAuthConsumerKey", ""); +lockPref("extensions.pocket.api", ""); + +// Pref : Disable downloading homepage snippets/messages from Mozilla +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_mozilla-content +// https://wiki.mozilla.org/Firefox/Projects/Firefox_Start/Snippet_Service +lockPref("browser.aboutHomeSnippets.updateUrl", ""); + +// Pref : Don't reveal build ID +// Value taken from Tor Browser +// https://bugzilla.mozilla.org/show_bug.cgi?id=583181 +// Already enforced with 'privacy.resistFingerprinting' ? +lockPref("general.buildID.override", "20100101"); +lockPref("browser.startup.homepage_override.buildID", "20100101"); + +// Pref : Disable pinging URIs specified in HTML <a> ping= attributes +// http://kb.mozillazine.org/Browser.send_pings +lockPref("browser.send_pings", false); + +// Pref : When browser pings are enabled, only allow pinging the same host as the origin page +// http://kb.mozillazine.org/Browser.send_pings.require_same_host +lockPref("browser.send_pings.require_same_host", true); + +// Pref : Do not download URLs for the offline cache +// http://kb.mozillazine.org/Browser.cache.offline.enable +lockPref("browser.cache.offline.enable", false); + +// Pref : Disable prefetching of <link rel="next"> URLs +// http://kb.mozillazine.org/Network.prefetch-next +// https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ#Is_there_a_preference_to_disable_link_prefetching.3F +// Link prefetching is when a webpage hints to the browser that certain pages are likely to be visited, +// so the browser downloads them immediately so they can be displayed immediately when the user requests it. +lockPref("network.prefetch-next", false); + +// Pref : Disable speculative pre-connections +// Disable prefetch link on hover. +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_speculative-pre-connections +// https://bugzilla.mozilla.org/show_bug.cgi?id=814169 +lockPref("network.http.speculative-parallel-limit", 0); + +// Pref : WebSockets is a technology that makes it possible to open an interactive communication +// session between the user's browser and a server. (May leak IP when using proxy/VPN) +lockPref("media.peerconnection.enabled", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : General Settings 3/3 +// Bench Diff : -40/5000 +// >>>>>>>>>>>>>>>>>>>>> + +// Pref : Disable DOM timing API +// https://wiki.mozilla.org/Security/Reviews/Firefox/NavigationTimingAPI +// https://www.w3.org/TR/navigation-timing/#privacy +lockPref("dom.enable_performance", false); //Deprecated Active +lockPref("dom.enable_performance_navigation_timing", false); + +// Pref : Make sure the User Timing API does not provide a new high resolution timestamp +// https://trac.torproject.org/projects/tor/ticket/16336 +// https://www.w3.org/TR/2013/REC-user-timing-20131212/#privacy-security +lockPref("dom.enable_user_timing", false); + +// Pref : Disable Web Audio API +// https://bugzilla.mozilla.org/show_bug.cgi?id=1288359 +// Avoid fingerprinting... +lockPref("dom.webaudio.enabled", false); + +// Pref : When geolocation is enabled, don't log geolocation requests to the console +lockPref("geo.wifi.logging.enabled", true); + +// Pref : Disable "beacon" asynchronous HTTP transfers (used for analytics) +// https://developer.mozilla.org/en-US/docs/Web/API/navigator.sendBeacon +lockPref("beacon.enabled", false); + +// Pref : Disable speech recognition +// https://dvcs.w3.org/hg/speech-api/raw-file/tip/speechapi.html +// https://developer.mozilla.org/en-US/docs/Web/API/SpeechRecognition +// https://wiki.mozilla.org/HTML5_Speech_API +lockPref("media.webspeech.recognition.enable", false); + +// Pref : Disable virtual reality devices APIs +// https://developer.mozilla.org/en-US/Firefox/Releases/36#Interfaces.2FAPIs.2FDOM +// https://developer.mozilla.org/en-US/docs/Web/API/WebVR_API +lockPref("dom.vr.enabled", false); + +// Pref : Disable vibrator API +lockPref("dom.vibrator.enabled", false); + +// Pref : Disable GeoIP lookup on your address to set default search engine region +// https://trac.torproject.org/projects/tor/ticket/16254 +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_geolocation-for-default-search-engine +lockPref("browser.search.region", "US"); +lockPref("browser.search.geoip.url", ""); +lockPref("browser.search.geoSpecificDefaults.url", ""); + +// Pref : Don't use Mozilla-provided location-specific search engines +lockPref("browser.search.geoSpecificDefaults", false); + +// Pref : Don't trim HTTP off of URLs in the address bar. +// https://bugzilla.mozilla.org/show_bug.cgi?id=665580 +lockPref("browser.urlbar.trimURLs", false); + +// Pref : Don't try to guess domain names when entering an invalid domain name in URL bar +// http://www-archive.mozilla.org/docs/end-user/domain-guessing.html +lockPref("browser.fixup.alternate.enabled", false); + +// Pref : When browser.fixup.alternate.enabled is enabled, strip password from 'user:password@...' URLs +// https://github.com/pyllyukko/user.js/issues/290#issuecomment-303560851 +lockPref("browser.fixup.hide_user_pass", true); + +// Pref : Don't monitor OS online/offline connection state +// https://trac.torproject.org/projects/tor/ticket/18945 +lockPref("network.manage-offline-status", false); + +// Pref : Set File URI Origin Policy +// http://kb.mozillazine.org/Security.fileuri.strict_origin_policy +// CIS Mozilla Firefox 24 ESR v1.0.0 - 3.8 +lockPref("security.fileuri.strict_origin_policy", true); + +// Pref : Disable SVG in OpenType fonts +// https://wiki.mozilla.org/SVGOpenTypeFonts +// https://github.com/iSECPartners/publications/tree/master/reports/Tor%20Browser%20Bundle +lockPref("gfx.font_rendering.opentype_svg.enabled", false); + +// Pref : Enable only whitelisted URL protocol handlers +// Disabling nonessential protocols breaks all interaction with custom protocols such +// as mailto:, irc:, magnet: ... and breaks opening third-party mail/messaging/torrent/... +// clients when clicking on links with these protocols +lockPref("network.protocol-handler.warn-external-default",true); +lockPref("network.protocol-handler.external.http",false); +lockPref("network.protocol-handler.external.https",false); +lockPref("network.protocol-handler.external.javascript",false); +lockPref("network.protocol-handler.external.moz-extension",false); +lockPref("network.protocol-handler.external.ftp",false); +lockPref("network.protocol-handler.external.file",false); +lockPref("network.protocol-handler.external.about",false); +lockPref("network.protocol-handler.external.chrome",false); +lockPref("network.protocol-handler.external.blob",false); +lockPref("network.protocol-handler.external.data",false); +lockPref("network.protocol-handler.expose-all",false); +lockPref("network.protocol-handler.expose.http",true); +lockPref("network.protocol-handler.expose.https",true); +lockPref("network.protocol-handler.expose.javascript",true); +lockPref("network.protocol-handler.expose.moz-extension",true); +lockPref("network.protocol-handler.expose.ftp",true); +lockPref("network.protocol-handler.expose.file",true); +lockPref("network.protocol-handler.expose.about",true); +lockPref("network.protocol-handler.expose.chrome",true); +lockPref("network.protocol-handler.expose.blob",true); +lockPref("network.protocol-handler.expose.data",true); + +// Pref : Ensure you have a security delay when installing add-ons (milliseconds) +// http://kb.mozillazine.org/Disable_extension_install_delay_-_Firefox +// http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ +lockPref("security.dialog_enable_delay", 700); + +// Pref : Opt-out of add-on metadata updates +// https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/ +lockPref("extensions.getAddons.cache.enabled", false); + +// Pref : Opt-out of themes (Persona) updates +// https://support.mozilla.org/t5/Firefox/how-do-I-prevent-autoamtic-updates-in-a-50-user-environment/td-p/144287 +lockPref("lightweightThemes.update.enabled", false); +lockPref("lightweightThemes.persisted.headerURL", false); +lockPref("lightweightThemes.persisted.footerURL", false); + +// Pref : Disable Flash Player NPAPI plugin +// http://kb.mozillazine.org/Flash_plugin +lockPref("plugin.state.flash", 0); + +// Pref : Disable sending Flash Player crash reports +lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); + +// Pref : When Flash crash reports are enabled, don't send the visited URL in the crash report +lockPref("dom.ipc.plugins.reportCrashURL", false); + +// Pref : Disable Shumway (Mozilla Flash renderer) +// https://developer.mozilla.org/en-US/docs/Mozilla/Projects/Shumway +lockPref("shumway.disabled", true); + +// Pref : Disable Gnome Shell Integration NPAPI plugin +lockPref("plugin.state.libgnome-shell-browser-plugin", 0); + +// Pref : Enable plugins click-to-play +// https://wiki.mozilla.org/Firefox/Click_To_Play +// https://blog.mozilla.org/security/2012/10/11/click-to-play-plugins-blocklist-style/ +lockPref("plugins.click_to_play", true); +lockPref("plugin.sessionPermissionNow.intervalInMinutes", 0); + +// Pref : Updates addons automatically +// https://blog.mozilla.org/addons/how-to-turn-off-add-on-updates/ +lockPref("extensions.update.enabled", false); + +// Pref : Enable add-on and certificate blocklists (OneCRL) from Mozilla +// Updated at interval defined in extensions.blocklist.interval (default: 86400) +lockPref("extensions.blocklist.enabled", false); + +// Pref : Disable system add-on updates (hidden & always-enabled add-ons from Mozilla) +lockPref("extensions.systemAddon.update.enabled", false); + +// Pref : Disable WebIDE Web Debug +// https://trac.torproject.org/projects/tor/ticket/16222 +// https://developer.mozilla.org/docs/Tools/WebIDE +lockPref("devtools.webide.enabled", false); +lockPref("devtools.webide.autoinstallADBExtension", false); // [FF64+] +lockPref("devtools.remote.adb.extensionURL", ""); // [FF64+] +lockPref("devtools.remote.adb.extensionID", ""); // default adb@mozilla.org [FF64+] + +// Pref : Disable remote debugging +// https://developer.mozilla.org/en-US/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop +// https://developer.mozilla.org/en-US/docs/Tools/Tools_Toolbox#Advanced_settings +lockPref("devtools.debugger.force-local", true); + +// Pref : Disallow Necko to do A/B testing +// https://trac.torproject.org/projects/tor/ticket/13170 +lockPref("network.allow-experiments", false); + +// Pref : Disable sending reports of tab crashes to Mozilla (about:tabcrashed), don't +// nag user about unsent crash reports +// https://hg.mozilla.org/mozilla-central/file/tip/browser/app/profile/firefox.js +lockPref("browser.tabs.crashReporting.sendReport", false); +lockPref("browser.crashReports.unsubmittedCheck.enabled", false); +lockPref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); + +// Pref : Disable SHIELD +// https://support.mozilla.org/en-US/kb/shield +// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801 +lockPref("app.shield.optoutstudies.enabled", false); + +// Pref : Disable new tab tile ads & preload & Activity Stream +// http://www.thewindowsclub.com/disable-remove-ad-tiles-from-firefox +// http://forums.mozillazine.org/viewtopic.php?p=13876331#p13876331 +// https://wiki.mozilla.org/Firefox/Activity_Stream +// https://wiki.mozilla.org/Tiles/Technical_Documentation#Ping +// https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-source +// https://gecko.readthedocs.org/en/latest/browser/browser/DirectoryLinksProvider.html#browser-newtabpage-directory-ping +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); +lockPref("browser.newtabpage.activity-stream.section.highlights.includePocket", false); +lockPref("browser.newtabpage.activity-stream.showSponsored", false); +lockPref("browser.newtabpage.activity-stream.aboutHome.enabled", false); +lockPref("browser.newtabpage.activity-stream.asrouter.messageProviders", ""); +lockPref("browser.newtabpage.activity-stream.telemetry", false); +lockPref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", ""); +lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); +lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); +lockPref("browser.newtabpage.activity-stream.disableSnippets", true); +lockPref("browser.newtab.preload", false); + +// Pref : Disable "Show search suggestions in location bar results" +lockPref("browser.urlbar.suggest.searches", false); +lockPref("browser.urlbar.userMadeSearchSuggestionsChoice", true); + +// Pref : Never check updates for search engines +// https://support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections#w_auto-update-checking +lockPref("browser.search.update", false); + +// Pref : Disable automatic captive portal detection (Firefox >= 52.0) +// https://support.mozilla.org/en-US/questions/1157121 +lockPref("network.captive-portal-service.enabled", false); + +// Pref : Disallow NTLMv1 +// https://bugzilla.mozilla.org/show_bug.cgi?id=828183 +lockPref("network.negotiate-auth.allow-insecure-ntlm-v1", false); +// it is still allowed through HTTPS. +lockPref("network.negotiate-auth.allow-insecure-ntlm-v1-https", false); + +// Pref : Disable formless login capture +// https://bugzilla.mozilla.org/show_bug.cgi?id=1166947 +lockPref("signon.formlessCapture.enabled", false); + +// Pref : Delete temporary files on exit +// https://bugzilla.mozilla.org/show_bug.cgi?id=238789 +lockPref("browser.helperApps.deleteTempFileOnExit", true); + +// Pref : Do not create screenshots of visited pages (relates to the "new tab page" feature) +// https://support.mozilla.org/en-US/questions/973320 +// https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/Preference_reference/browser.pagethumbnails.capturing_disabled +lockPref("browser.pagethumbnails.capturing_disabled", true); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Disabled - ON/OFF +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// - Disabled - Section OFF ----------------------------------------------------------------- + +// Pref : Don't remember browsing history +// MIGRATED : To defaulting section, this settings does not need to be enforced +//lockPref("places.history.enabled", false); + +// Pref : Clear all history on shutdown +// MIGRATED : To defaulting section, this settings does not need to be enforced +// This setting can be enforced here +//lockPref("privacy.sanitize.sanitizeOnShutdown", true); + +// Pref : 2804: reset default history items to clear with Ctrl-Shift-Del (to match above) +// This dialog can also be accessed from the menu History>Clear Recent History +// Firefox remembers your last choices. This will reset them when you start Firefox. +// [NOTE] Regardless of what you set privacy.cpd.downloads to, as soon as the dialog +// for "Clear Recent History" is opened, it is synced to the same as 'history' +//defaultPref("privacy.cpd.siteSettings", false); // Site Preferences +//defaultPref("privacy.cpd.downloads", true); // not used, see note above +//defaultPref("privacy.cpd.cache", true); +//defaultPref("privacy.cpd.cookies", true); +//defaultPref("privacy.cpd.formdata", true); // Form & Search History +//defaultPref("privacy.cpd.history", true); // Browsing & Download History +//defaultPref("privacy.cpd.offlineApps", true); // Offline Website Data +//defaultPref("privacy.cpd.passwords", false); // this is not listed +//defaultPref("privacy.cpd.sessions", true); // Active Logins +// Not needed // remplaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true); +// Also default value are already good + +// Pref : 2803: set what history items to clear on shutdown +// [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes>Settings +// [NOTE] If 'history' is true, downloads will also be cleared regardless of the value +// but if 'history' is false, downloads can still be cleared independently +// However, this may not always be the case. The interface combines and syncs these +// prefs when set from there, and the sanitize code may change at any time +//defaultPref("privacy.clearOnShutdown.siteSettings", false); // Site Preferences +//defaultPref("privacy.clearOnShutdown.cache", true); +//defaultPref("privacy.clearOnShutdown.cookies", true); +//defaultPref("privacy.clearOnShutdown.downloads", true); // see note above +//defaultPref("privacy.clearOnShutdown.formdata", true); // Form & Search History +//defaultPref("privacy.clearOnShutdown.history", true); // Browsing & Download History +//defaultPref("privacy.clearOnShutdown.offlineApps", true); // Offline Website Data +//defaultPref("privacy.clearOnShutdown.sessions", true); // Active Logins +// Make panel locked (bug) +// remplaced by //defaultPref("privacy.sanitize.sanitizeOnShutdown", true); + +// Pref : 0801: disable location bar using search - PRIVACY +// don't leak typos to a search engine, give an error message instead +//lockPref("keyword.enabled", false); +// Beak search from url bar +// After other settings this does not send data to search.... + +// Pref : Disable Firefox Account +//lockPref("identity.fxaccounts.enabled", false); //Deprecated Active +// Already disabled in policies.json + +// Pref : 2609: disable MathML (Mathematical Markup Language) (FF51+) +// [TEST] http://browserspy.dk/mathml.php +// [1] https://bugzilla.mozilla.org/1173199 +//lockPref("mathml.disabled", true); +// This setting is a fingerprint in itself + +// Pref : 2304: disable web notifications +// [1] https://developer.mozilla.org/docs/Web/API/Notifications_API +//lockPref("dom.webnotifications.enabled", false); // (FF22+) +//lockPref("dom.webnotifications.serviceworker.enabled", false); // (FF44+) +// After tuning this is no loger a privacy issue but a feature + +// Pref : History sessionhistory +//lockPref("browser.sessionhistory.max_total_viewers", 0); + +// Pref : 0850f: disable location bar suggesting local search history (FF57+) +// [1] https://bugzilla.mozilla.org/1181644 +//lockPref("browser.urlbar.maxHistoricalSearchSuggestions", 0); // max. number of search suggestions +// No privacy issue here + +// Pref : 1020: disable the Session Restore service completely +// [SETUP-CHROME] This also disables the "Recently Closed Tabs" feature +// It does not affect "Recently Closed Windows" or any history. +//lockPref("browser.sessionstore.max_tabs_undo", 0); +//lockPref("browser.sessionstore.max_windows_undo", 0); +// Not really a privacy issue, it's usefull to have this feature + +// Pref : Disable URL bar autocomplete and history/bookmarks suggestions dropdown +//lockPref("browser.urlbar.autocomplete.enabled", false); +//lockPref("browser.urlbar.suggest.history", false); +//lockPref("browser.urlbar.suggest.bookmark", false); +//lockPref("browser.urlbar.suggest.openpage", false); +// This does not cause privacy/leaking issue + +// Pref : 2605: block web content in file processes (FF55+) +// [SETUP-WEB] You may want to disable this for corporate or developer environments +// [1] https://bugzilla.mozilla.org/1343184 +//lockPref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false); +// Not an issue + +// DOWNLOADS +// Pref : 2650: discourage downloading to desktop (0=desktop 1=downloads 2=last used) +// [SETTING] To set your default "downloads": General>Downloads>Save files to +//lockPref("browser.download.folderList", 2); +// Pref : 2651: enforce user interaction for security by always asking the user where to download +// [SETTING] General>Downloads>Always ask you where to save files +//lockPref("browser.download.useDownloadDir", false); +// Pref : 2654: disable "open with" in download dialog (FF50+) +// This is very useful to enable when the browser is sandboxed (e.g. via AppArmor) +// in such a way that it is forbidden to run external applications. +// [SETUP-CHROME] This may interfere with some users' workflow or methods +// [1] https://bugzilla.mozilla.org/1281959 +//lockPref("browser.download.forbid_open_with", true); +// Not an issue + +// OCSP (Online Certificate Status Protocol) +// OCSP Leaks the visited sited exactly same issue as safebrowsing. +// Stapling have the site itsefl proof that his certificate is good +// through the CA so apparently nothing is leaked in this case. +// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ +// Pref : 1211: control when to use OCSP fetching (to confirm current validity of certificates) +// 0=disabled, 1=enabled (default), 2=enabled for EV certificates only +// OCSP (non-stapled) leaks information about the sites you visit to the CA (cert authority) +// It's a trade-off between security (checking) and privacy (leaking info to the CA) +// [NOTE] This pref only controls OCSP fetching and does not affect OCSP stapling +// [1] https://en.wikipedia.org/wiki/Ocsp +//lockPref("security.OCSP.enabled", 1); +// Pref : 1212: set OCSP fetch failures (non-stapled, see 1211) to hard-fail [SETUP-WEB] +// When a CA cannot be reached to validate a cert, Firefox just continues the connection (=soft-fail) +// Setting this pref to true tells Firefox to instead terminate the connection (=hard-fail) +// It is pointless to soft-fail when an OCSP fetch fails: you cannot confirm a cert is still valid (it +// could have been revoked) and/or you could be under attack (e.g. malicious blocking of OCSP servers) +// [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ +// [2] https://www.imperialviolet.org/2014/04/19/revchecking.html +//lockPref("security.OCSP.require", true); + +// Pref : 1022: disable resuming session from crash [SETUP-CHROME] +//lockPref("browser.sessionstore.resume_from_crash", false); +// Not really a privacy issue, it's usefull to have this feature + +// Pref : 0103: set HOME+NEWWINDOW page +// about:home=Activity Stream (default, see 0105), custom URL, about:blank +// [SETTING] Home>New Windows and Tabs>Homepage and new windows +//lockPref("browser.startup.homepage", "about:blank"); +// Let the user have the choice, could be easily changed + +// Pref : 2740: disable service workers cache and cache storage +// [1] https://w3c.github.io/ServiceWorker/#privacy +//lockPref("dom.caches.enabled", false); +// Not really a privacy issue, it's usefull to have this feature +// Other settings solve privacy issue related to this + +// Pref : First-party isolation +// https://bugzilla.mozilla.org/show_bug.cgi?id=1299996 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1260931 +// https://wiki.mozilla.org/Security/FirstPartyIsolation +// First-party isolation breaks Microsoft Teams +// First-party isolation causes HTTP basic auth to ask for credentials for every new tab (see #425) +// Solved with extension +// Pref : 4001: enable First Party Isolation (FF51+) +// [SETUP-WEB] May break cross-domain logins and site functionality until perfected +// [1] https://bugzilla.mozilla.org/1260931 +// enabled via addons +//lockPref("privacy.firstparty.isolate", true); +// Pref : 4002: enforce FPI restriction for window.opener (FF54+) +// [NOTE] Setting this to false may reduce the breakage in 4001 +// [FF65+] blocks postMessage with targetOrigin "*" if originAttributes don't match. But +// to reduce breakage it ignores the 1st-party domain (FPD) originAttribute. (see [2],[3]) +// The 2nd pref removes that limitation and will only allow communication if FPDs also match. +// [1] https://bugzilla.mozilla.org/1319773#c22 +// [2] https://bugzilla.mozilla.org/1492607 +// [3] https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage +//lockPref("privacy.firstparty.isolate.restrict_opener_access", true); // default: true +// lockPref("privacy.firstparty.isolate.block_post_message", true); // (hidden pref) +// Enforced with addon + +// Pref : 0102: set START page (0=blank, 1=home, 2=last visited page, 3=resume previous session) +// [SETTING] General>Startup>Restore previous session +//lockPref("browser.startup.page", 0); +// Let the user choose over settings page + +// Pref : 1001: disable disk cache +//lockPref("browser.cache.disk.enable", false); +//lockPref("browser.cache.disk.capacity", 0); +//lockPref("browser.cache.disk.smart_size.enabled", false); +//lockPref("browser.cache.disk.smart_size.first_run", false); +// Pref : 1003: disable memory cache +// [NOTE] Not recommended due to performance issues +// lockPref("browser.cache.memory.enable", false); +// lockPref("browser.cache.memory.capacity", 0); // (hidden pref) +// This is going too far... disabled for performance +// Firefox should be run in a container... sandbox or... + +// Pref : Newtabpage +//lockPref("browser.newtabpage.enabled", false); +// New page site shortcuts does not spy after tunning can be enabled + +// Pref : Disable in-content SVG rendering (Firefox >= 53) (disabled) +// Disabling SVG support breaks many UI elements on many sites +// https://bugzilla.mozilla.org/show_bug.cgi?id=1216893 +//lockPref("svg.disabled", true); +// Solved with extension + +// Pref : Disable Caching of SSL Pages +// CIS Version 1.2.0 October 21st, 2011 2.5.8 +// http://kb.mozillazine.org/Browser.cache.disk_cache_ssl +//lockPref("browser.cache.disk_cache_ssl", false); + +// Pref : 2212 : limit events that can cause a popup +// default is "change click dblclick mouseup pointerup notificationclick reset submit touchend" +// [1] http://kb.mozillazine.org/Dom.popup_allowed_events +//lockPref("dom.popup_allowed_events", "click dblclick"); +// This does not cause privacy/leaking issue +// Also already set in "dom.popup_maximum" + +// Pref : 2031 : disable audio auto-play in non-active tabs (FF51+) +// [1] https://www.ghacks.net/2016/11/14/firefox-51-blocks-automatic-audio-playback-in-non-active-tabs/ +//lockPref("media.block-autoplay-until-in-foreground", true); +// Not privacy/security related + +// Pref : 2403 : disable clipboard commands (cut/copy) from "non-privileged" content (FF41+) +// this disables document.execCommand("cut"/"copy") to protect your clipboard +// [1] https://bugzilla.mozilla.org/1170911 +//lockPref("dom.allow_cut_copy", false); // (hidden pref) +// Not an issue + +// Pref : 1405 : disable WOFF2 (Web Open Font Format) (FF35+) +//lockPref("gfx.downloadable_fonts.woff2.enabled", false); +// Solved with extension + +// Pref : 1406 : disable CSS Font Loading API +// Disabling fonts can uglify the web a fair bit. +//lockPref("layout.css.font-loading-api.enabled", false); +// Solved with extension + +// - Disabled - Dumped Disabled From (gHacks, Check user.js for description) ---------------- + +//lockPref("browser.chrome.site_icons", false); +//lockPref("browser.library.activity-stream.enabled", false); +//lockPref("browser.privatebrowsing.autostart", true); +//lockPref("browser.urlbar.maxRichResults", 0); +//lockPref("dom.storage.enabled", false); +//lockPref("dom.storageManager.enabled", false); +//lockPref("extensions.screenshots.disabled", true); +//lockPref("extensions.webextensions.restrictedDomains", ""); +//lockPref("font.name.monospace.x-unicode", "Lucida Console"); +//lockPref("font.name.monospace.x-western", "Lucida Console"); +//lockPref("font.name.sans-serif.x-unicode", "Arial"); +//lockPref("font.name.sans-serif.x-western", "Arial"); +//lockPref("font.name.serif.x-unicode", "Georgia"); +//lockPref("font.name.serif.x-western", "Georgia"); +//lockPref("font.system.whitelist", ""); +//lockPref("full-screen-api.enabled", false); +//lockPref("gfx.downloadable_fonts.enabled", false); +//lockPref("gfx.downloadable_fonts.fallback_delay", -1); +//lockPref("javascript.options.baselinejit", false); +//lockPref("javascript.options.ion", false); +//lockPref("media.media-capabilities.enabled", false); +//lockPref("network.dnsCacheEntries", 400); +//lockPref("network.dnsCacheExpiration", 60); +//lockPref("network.ftp.enabled", false); +//lockPref("permissions.default.camera", 2); +//lockPref("permissions.default.desktop-notification", 2); +//lockPref("permissions.default.microphone", 2); +//lockPref("permissions.default.shortcuts", 2); +//lockPref("privacy.window.maxInnerHeight", 900); +//lockPref("privacy.window.maxInnerWidth", 1600); +//lockPref("security.insecure_connection_text.pbmode.enabled", true); +//lockPref("security.nocertdb", true); +//lockPref("security.ssl3.dhe_rsa_aes_128_sha", false); +//lockPref("security.ssl3.dhe_rsa_aes_256_sha", false); +//lockPref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +//lockPref("security.ssl3.ecdhe_rsa_aes_128_sha", false); +//lockPref("urlclassifier.trackingTable", "test-track-simple,base-track-digest256"); + +// - Disabled - Section ON ------------------------------------------------------------------ + +// Pref : Tor settings +// This browser is not meant for tor +// Enabling those settings for user torifying their whole connection +lockPref("network.dns.blockDotOnion", true); +lockPref("network.http.referer.hideOnionSource", true); + +// Pref : 1603 : CROSS ORIGIN: control when to send a referer +// 0=always (default), 1=only if base domains match, 2=only if hosts match +// Can break some important site... (payment... ) +lockPref("network.http.referer.XOriginPolicy", 1); + +// Pref : Only allow TLS 1.[0-3] +lockPref("security.tls.version.max", 4); // 4 = allow up to and including TLS 1.3 + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Disabled - Deprecated Active +// Deprecated settings but left active for various reasons +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// Pref : 0516 : disable Onboarding (FF55+) +// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time +// about:home or about:newtab is opened, the onboarding overlay is injected into that page +// [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3] +// [1] https://wiki.mozilla.org/Firefox/Onboarding +// [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf +// [3] https://bugzilla.mozilla.org/863246#c154 +lockPref("browser.onboarding.enabled", false); // Removed in v64 //Deprecated Active + +// Pref : Disable WebIDE Web Debug Extension +// https://trac.torproject.org/projects/tor/ticket/16222 +// https://developer.mozilla.org/docs/Tools/WebIDE +lockPref("devtools.webide.autoinstallADBHelper", false); +// Remplaced by "devtools.webide.autoinstallADBExtension" in 64 + +// Pref : Disable raw TCP socket support (mozTCPSocket) +// https://trac.torproject.org/projects/tor/ticket/18863 +// https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/ +// https://developer.mozilla.org/docs/Mozilla/B2G_OS/API/TCPSocket +// is only exposed to chrome ( https://trac.torproject.org/projects/tor/ticket/27268#comment:2 ) +// Not important +lockPref("dom.mozTCPSocket.enabled", false); + +// Pref : Enforce checking for Firefox updates +lockPref("app.update.enabled", false); + +// Pref : Disable bookmarks backups (default: 15) +// http://kb.mozillazine.org/Browser.bookmarks.max_backups +lockPref("browser.bookmarks.max_backups", 2); + +// Pref : Disable SSDP +// https://bugzilla.mozilla.org/show_bug.cgi?id=1111967 +lockPref("browser.casting.enabled", false); + +// Pref : +lockPref("browser.newtabpage.activity-stream.enabled", false); +lockPref("browser.newtabpage.directory.ping", "data:text/plain,"); +lockPref("browser.newtabpage.directory.source", "data:text/plain,"); +lockPref("browser.newtabpage.enhanced", false); + +// Pref : +lockPref("browser.pocket.enabled", false); + +// Pref : Disable Heartbeat (Mozilla user rating telemetry) +// https://wiki.mozilla.org/Advocacy/heartbeat +// https://trac.torproject.org/projects/tor/ticket/19047 +lockPref("browser.selfsupport.url", ""); + +// Pref : Don't reveal build ID +// Value taken from Tor Browser +// https://bugzilla.mozilla.org/show_bug.cgi?id=583181 +// Already enforced with 'privacy.resistFingerprinting' ? +lockPref("browser.startup.homepage_override.mstone", "ignore"); + +// Pref : Disable face detection +lockPref("camera.control.face_detection.enabled", false); + +// Pref : +lockPref("datareporting.healthreport.about.reportUrl", "data:,"); +lockPref("datareporting.healthreport.service.enabled", false); + +// Pref : +lockPref("device.sensors.enabled", false); + +// Pref : Disable WebIDE Web Debug +// https://trac.torproject.org/projects/tor/ticket/16222 +// https://developer.mozilla.org/docs/Tools/WebIDE +lockPref("devtools.webide.autoinstallFxdtAdapters", false); +lockPref("devtools.webide.adaptersAddonURL", ""); + +// Pref : Disable resource timing API +// https://www.w3.org/TR/resource-timing/#privacy-security +lockPref("dom.enable_resource_timing", false); + +// Pref : Disable FlyWeb (discovery of LAN/proximity IoT devices that expose a Web interface) +// https://wiki.mozilla.org/FlyWeb +// https://wiki.mozilla.org/FlyWeb/Security_scenarios +// https://docs.google.com/document/d/1eqLb6cGjDL9XooSYEEo7mE-zKQ-o-AuDTcEyNhfBMBM/edit +// http://www.ghacks.net/2016/07/26/firefox-flyweb +lockPref("dom.flyweb.enabled", false); + +// Pref : +lockPref("dom.gamepad.enabled", false); + +// Pref : Disable leaking network/browser connection information via Javascript +// Network Information API provides general information about the system's connection type (WiFi, cellular, etc.) +// https://developer.mozilla.org/en-US/docs/Web/API/Network_Information_API +// https://wicg.github.io/netinfo/#privacy-considerations +// https://bugzilla.mozilla.org/show_bug.cgi?id=960426 +lockPref("dom.netinfo.enabled", false); + +// Pref : 2306: disable push notifications (FF44+) +// web apps can receive messages pushed to them from a server, whether or +// not the web app is in the foreground, or even currently loaded +// [1] https://developer.mozilla.org/docs/Web/API/Push_API +lockPref("dom.push.udp.wakeupEnabled", false); //UDP Wake-up + +// Pref : Disable telephony API +// https://wiki.mozilla.org/WebAPI/Security/WebTelephony +lockPref("dom.telephony.enabled", false); + +// Pref : Disable SHIELD +// https://support.mozilla.org/en-US/kb/shield +// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801 +lockPref("extensions.shield-recipe-client.enabled", false); + +// Pref : Disable Firefox Hello metrics collection +// https://groups.google.com/d/topic/mozilla.dev.platform/nyVkCx-_sFw/discussion +lockPref("loop.logDomains", false); + +// Pref : Disable video stats to reduce fingerprinting threat +// https://bugzilla.mozilla.org/show_bug.cgi?id=654550 +// https://github.com/pyllyukko/user.js/issues/9#issuecomment-100468785 +// https://github.com/pyllyukko/user.js/issues/9#issuecomment-148922065 +lockPref("media.video_stats.enabled", false); + +// Pref : WebSockets is a technology that makes it possible to open an interactive communication +// session between the user's browser and a server. (May leak IP when using proxy/VPN) +lockPref("network.websocket.enabled", false); + +// Pref : Disable Reader +// Not deprecated but usefull to be located here +lockPref("reader.parse-on-load.enabled", false); + +// CIS 2.7.4 Disable Scripting of Plugins by JavaScript +// http://forums.mozillazine.org/viewtopic.php?f=7&t=153889 +lockPref("security.xpconnect.plugin.unrestricted", false); + +// Pref : +lockPref("social.directories", ""); + +// Pref : +lockPref("social.remote-install.enabled", false); + +// Pref : +lockPref("social.whitelist", ""); + +// Pref : Disable RC4 +// https://developer.mozilla.org/en-US/Firefox/Releases/38#Security +// https://bugzilla.mozilla.org/show_bug.cgi?id=1138882 +// https://rc4.io/ +// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566 +lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); +lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); +lockPref("security.ssl3.rsa_rc4_128_md5", false); +lockPref("security.ssl3.rsa_rc4_128_sha", false); +lockPref("security.tls.unrestricted_rc4_fallback", false); + +// >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +// Section : Disabled - Deprecated Inactive +// Bench Diff : +0/5000 +// >>>>>>>>>>>>>>>>>>>> + +// - Disabled - Deprecated Main ------------------------------------------------------------------- + +// Pref : Other old safebrowsing not used +//lockPref("browser.safebrowsing.appRepURL", ""); +//lockPref("browser.safebrowsing.enabled", false); +//lockPref("browser.safebrowsing.gethashURL", ""); +//lockPref("browser.safebrowsing.malware.reportURL", ""); +//lockPref("browser.safebrowsing.provider.google.appRepURL", ""); +//lockPref("browser.safebrowsing.reportErrorURL", ""); +//lockPref("browser.safebrowsing.reportGenericURL", ""); +//lockPref("browser.safebrowsing.reportMalwareErrorURL", ""); +//lockPref("browser.safebrowsing.reportMalwareMistakeURL", ""); +//lockPref("browser.safebrowsing.reportMalwareURL", ""); +//lockPref("browser.safebrowsing.reportPhishMistakeURL", ""); +//lockPref("browser.safebrowsing.reportURL", ""); +//lockPref("browser.safebrowsing.updateURL", ""); + +// Pref : 1031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons +// [-] https://bugzilla.mozilla.org/1453751 +// lockPref("browser.chrome.favicons", false); + +// Pref : Don't use OS values to determine locale, force using Firefox locale setting +// http://kb.mozillazine.org/Intl.locale.matchOS +// Disabled to make resistFingerprinting efficient +//lockPref("intl.locale.matchOS", false); + +// Pref : 1601: disable referer from an SSL Website +// [-] https://bugzilla.mozilla.org/1308725 +//lockPref("network.http.sendSecureXSiteReferrer", false); + +// Pref : 2030: disable auto-play of HTML5 media - replaced by media.autoplay.default +// [WARNING] This may break video playback on various sites +// [-] https://bugzilla.mozilla.org/1470082 +// Still active for ESR60.x but not important +//lockPref("media.autoplay.enabled", false); + +// Pref : 1007: disable randomized FF HTTP cache decay experiments +// [1] https://trac.torproject.org/projects/tor/ticket/13575 +// [-] https://bugzilla.mozilla.org/1430197 +//lockPref("browser.cache.frecency_experiment", -1); + +// Pref : 1606: set the default Referrer Policy - replaced by network.http.referer.defaultPolicy +// [-] https://bugzilla.mozilla.org/587523 +//lockPref("network.http.referer.userControlPolicy", 3); // (FF53-FF58) default: 3 + +// Pref : 2704: set cookie lifetime in days (see 2703) +// [-] https://bugzilla.mozilla.org/1457170 +// lockPref("network.cookie.lifetime.days", 90); // default: 90 + +// Pref : 2604: (25+) disable page thumbnails - replaced by browser.pagethumbnails.capturing_disabled +// [-] https://bugzilla.mozilla.org/897811 +//lockPref("pageThumbs.enabled", false); + +// - Disabled - Default is same ------------------------------------------------------------------- +// This is generally a bad idea: if FF disables something due to a security concern, the +// end user who doesn't keep up to date with changes (IF you do them) is now fucked over +// Thanks to @Thorin-Oakenpants + +// Pref : Display a notification bar when websites offer data for offline use +// http://kb.mozillazine.org/Browser.offline-apps.notify +//lockPref("browser.offline-apps.notify", true); //Default true + +// Pref : Enable Subresource Integrity +// https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity +// https://wiki.mozilla.org/Security/Subresource_Integrity +//lockPref("security.sri.enable", true); //Default true + +// Pref : Enable GCM ciphers (TLSv1.2 only) +// https://en.wikipedia.org/wiki/Galois/Counter_Mode +//lockPref("security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256", true); // Pref : 0xc02b //Default true + +// Pref : Enable ciphers with ECDHE and key size > 128bits +//lockPref("security.ssl3.ecdhe_ecdsa_aes_256_sha", true); // Pref : 0xc00a //Default true + +// Pref : Enable ChaCha20 and Poly1305 (Firefox >= 47) +// https://www.mozilla.org/en-US/firefox/47.0/releasenotes/ +// https://tools.ietf.org/html/rfc7905 +// https://bugzilla.mozilla.org/show_bug.cgi?id=917571 +// https://bugzilla.mozilla.org/show_bug.cgi?id=1247860 +// https://cr.yp.to/chacha.html +//lockPref("security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256", true); //Default true +//lockPref("security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256", true); //Default true + +// Pref : Enable GCM ciphers (TLSv1.2 only) +// https://en.wikipedia.org/wiki/Galois/Counter_Mode +//lockPref("security.ssl3.ecdhe_rsa_aes_128_gcm_sha256", true); // Pref : 0xc02f //Default true + +// Pref : Enable ciphers with ECDHE and key size > 128bits +//lockPref("security.ssl3.ecdhe_rsa_aes_256_sha", true); // Pref : 0xc014 //Default true + +// - Disabled - Dumped Deprecated From (gHacks, Check user.js for description) -------------------- + +//lockPref("general.useragent.locale", "en-US"); +//lockPref("browser.backspace_action", 2); +//lockPref("browser.bookmarks.showRecentlyBookmarked", false); +//lockPref("browser.crashReports.unsubmittedCheck.autoSubmit", false); +//lockPref("browser.ctrlTab.previews", true); +//lockPref("browser.formautofill.enabled", false); +//lockPref("browser.formfill.saveHttpsForms", false); +//lockPref("browser.fullscreen.animate", false); +//lockPref("browser.history.allowPopState", false); +//lockPref("browser.history.allowPushState", false); +//lockPref("browser.history.allowReplaceState", false); +//lockPref("browser.newtabpage.introShown", true); +//lockPref("browser.pocket.api", ""); +//lockPref("browser.pocket.oAuthConsumerKey", ""); +//lockPref("browser.pocket.site", ""); +//lockPref("browser.polaris.enabled", false); +//lockPref("browser.search.showOneOffButtons", false); +//lockPref("browser.selfsupport.enabled", false); +//lockPref("browser.sessionstore.privacy_level_deferred", 2); +//lockPref("browser.tabs.warnOnClose", false); +//lockPref("browser.tabs.warnOnCloseOtherTabs", false); +//lockPref("browser.tabs.warnOnOpen", false); +//lockPref("browser.trackingprotection.gethashURL", ""); +//lockPref("browser.trackingprotection.updateURL", ""); +//lockPref("browser.urlbar.decodeURLsOnCopy", true); +//lockPref("browser.urlbar.unifiedcomplete", false); +//lockPref("browser.usedOnWindows10.introURL", ""); +//lockPref("browser.zoom.siteSpecific", false); +//lockPref("camera.control.autofocus_moving_callback.enabled", false); +//lockPref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,"); +//lockPref("datareporting.healthreport.documentServerURI", ""); +//lockPref("datareporting.policy.dataSubmissionEnabled.v2", false); +//lockPref("dom.archivereader.enabled", false); +//lockPref("dom.beforeAfterKeyboardEvent.enabled", false); +//lockPref("dom.disable_image_src_set", true); +//lockPref("dom.disable_window_open_feature.scrollbars", true); +//lockPref("dom.disable_window_status_change", true); +//lockPref("dom.idle-observers-api.enabled", false); +//lockPref("dom.keyboardevent.code.enabled", false); +//lockPref("dom.network.enabled", false); +//lockPref("dom.vr.oculus050.enabled", false); +//lockPref("dom.w3c_touch_events.enabled", 0); +//lockPref("dom.workers.enabled", false); +//lockPref("dom.workers.sharedWorkers.enabled", false); +//lockPref("extensions.formautofill.experimental", false); +//lockPref("extensions.screenshots.system-disabled", true); +//lockPref("extensions.shield-recipe-client.api_url", ""); +//lockPref("full-screen-api.approval-required", false); +//lockPref("full-screen-api.warning.delay", 0); +//lockPref("full-screen-api.warning.timeout", 0); +//lockPref("general.warnOnAboutConfig", false); +//lockPref("geo.security.allowinsecure", false); +//lockPref("loop.enabled", false); +//lockPref("loop.facebook.appId", ""); +//lockPref("loop.facebook.enabled", false); +//lockPref("loop.facebook.fallbackUrl", ""); +//lockPref("loop.facebook.shareUrl", ""); +//lockPref("loop.feedback.formURL", ""); +//lockPref("loop.feedback.manualFormURL", ""); +//lockPref("loop.server", ""); +//lockPref("media.block-play-until-visible", true); +//lockPref("media.eme.apiVisible", false); +//lockPref("media.eme.chromium-api.enabled", false); +//lockPref("media.getusermedia.screensharing.allow_on_old_platforms", false); +//lockPref("media.getusermedia.screensharing.allowed_domains", ""); +//lockPref("media.gmp-eme-adobe.autoupdate", false); +//lockPref("media.gmp-eme-adobe.visible", false); +//lockPref("media.ondevicechange.enabled", false); +//lockPref("media.webspeech.synth.enabled", false); +//lockPref("network.http.spdy.enabled.http2draft", false); +//lockPref("network.http.spdy.enabled.v3-1", false); +//lockPref("pfs.datasource.url", ""); +//lockPref("plugin.scan.Acrobat", "99999"); +//lockPref("plugin.scan.Quicktime", "99999"); +//lockPref("plugin.scan.WindowsMediaPlayer", "99999"); +//lockPref("plugins.enumerable_names", ""); +//lockPref("plugins.update.notifyUser", false); +//lockPref("plugins.update.url", ""); +//lockPref("privacy.clearOnShutdown.passwords", false); +//lockPref("security.mixed_content.send_hsts_priming", false); +//lockPref("security.mixed_content.use_hsts", true); +//lockPref("security.tls.insecure_fallback_hosts.use_static_list", false); +//lockPref("social.enabled", false); +//lockPref("social.share.activationPanelEnabled", false); +//lockPref("social.shareDirectory", ""); +//lockPref("social.toast-notifications.enabled", false); +//lockPref("startup.homepage_override_url", ""); +//lockPref("startup.homepage_welcome_url", ""); +//lockPref("startup.homepage_welcome_url.additional", ""); +//lockPref("toolkit.cosmeticAnimations.enabled", false); +//lockPref("toolkit.telemetry.unifiedIsOptIn", true); +//lockPref("ui.key.menuAccessKey", 0); +//lockPref("view_source.tab", false); +//lockPref("xpinstall.signatures.required", false); |
