diff options
author | B. Stack <bgstack15@gmail.com> | 2022-01-05 16:21:31 -0500 |
---|---|---|
committer | B. Stack <bgstack15@gmail.com> | 2022-01-05 16:21:31 -0500 |
commit | 826a2e7f8c7786acb3b5d2217f19814f314289ab (patch) | |
tree | 9c1b67262b407684d8874fc9f525042c90d88207 /librewolf/debian/librewolf_settings/librewolf.cfg | |
parent | check gcc ver instead of fedora ver (diff) | |
download | stackrpms-826a2e7f8c7786acb3b5d2217f19814f314289ab.tar.gz stackrpms-826a2e7f8c7786acb3b5d2217f19814f314289ab.tar.bz2 stackrpms-826a2e7f8c7786acb3b5d2217f19814f314289ab.zip |
add initial lw d/ contents
Diffstat (limited to 'librewolf/debian/librewolf_settings/librewolf.cfg')
-rwxr-xr-x | librewolf/debian/librewolf_settings/librewolf.cfg | 518 |
1 files changed, 518 insertions, 0 deletions
diff --git a/librewolf/debian/librewolf_settings/librewolf.cfg b/librewolf/debian/librewolf_settings/librewolf.cfg new file mode 100755 index 0000000..56918a7 --- /dev/null +++ b/librewolf/debian/librewolf_settings/librewolf.cfg @@ -0,0 +1,518 @@ +//----------------------| +// LibreWolf settings | +//----------------------| + +/** + + NOTE: please take the time to read and understand, but also to customize the settings to find your own setup. + the answers to the most common questions are at this link https://librewolf.net/docs/faq/ + + */ + +defaultPref("librewolf.cfg.version", "4.0"); + +// ------------------------------- +// # SANITIZING, TP, SESSIONS +// ------------------------------- + +/** + strict mode includes: + - dFPI for both normal and private browsing + - strict blocking lists for trackers, including crypto, fping and socialtracking + - shims to avoid breakage caused by blocking lists + - stricter policies for xorigin referrers + - cookie cleaning mechanism specific to dFPI +*/ +pref("browser.contentblocking.category", "strict"); + +defaultPref("network.cookie.cookieBehavior", 5); // dFPI is default for strict mode, but enforce +defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until end of the session, then clear + +// make third party and http cookies session-only +defaultPref("network.cookie.thirdparty.sessionOnly", true); +defaultPref("network.cookie.thirdparty.nonsecureSessionOnly", true); + +/** + this way of sanitizing cookies would override the exceptions set by the users and just delete everything, + we disable it but cookies and site data are still cleared per session unless exceptions are set. + all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want. +*/ +defaultPref("privacy.clearOnShutdown.cookies", false); +defaultPref("privacy.sanitize.sanitizeOnShutdown", true); +defaultPref("privacy.sanitize.timeSpan", 0); + +// disable browsing, search and form history +defaultPref("places.history.enabled", false); +defaultPref("browser.formfill.enable", false); + +// prevent websites from storing session data like cookies and forms, increase time between session saves +defaultPref("browser.sessionstore.privacy_level", 2); +defaultPref("browser.sessionstore.interval", 60000); + +// ---------------------- +// # NETWORKING +// ---------------------- + +// https and mixed content +defaultPref("dom.security.https_only_mode", true); // only allow https in all windows, including private browsing +defaultPref("network.auth.subresource-http-auth-allow", 1); // stop cross-origin resources from using HTTP authentication +defaultPref("security.insecure_connection_text.enabled", true); // display http websites as insecure in the ui +defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content + +defaultPref("network.dns.disableIPv6", true); // disable ipv6 + +// always send xorigin referer but trim them +defaultPref("network.http.referer.XOriginPolicy", 0); // default, might be worth changing to 2 +defaultPref("network.http.referer.XOriginTrimmingPolicy", 2); // trim referer to only send scheme, host and port + +defaultPref("network.file.disable_unc_paths", true); // hidden, disable using uniform naming convention +defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing + +// proxy +defaultPref("network.proxy.socks_remote_dns", true); // forces dns query through the proxy when using one +defaultPref("network.gio.supported-protocols", ""); // disable gio as it could bypass proxy + +// doh +defaultPref("network.trr.confirmationNS", "skip"); // skip undesired doh test connection +/** + 0 = default + 1 = browser picks faster + 2 = DoH with system dns fallback + 3 = DoH without fallback + 5 = DoH is off, default currently + + below prefs must be applied with pref in order to work +*/ +// pref("network.trr.mode", 2); +// pref("network.trr.uri", "https://dns.quad9.net/dns-query"); + +// prefetching +defaultPref("network.dns.disablePrefetch", true); // disable dns prefetching +lockPref("network.predictor.enabled", false); // disable predictor +lockPref("network.prefetch-next", false); // disable link prefetching +lockPref("network.http.speculative-parallel-limit", 0); // disable prefetching on mouse over + +defaultPref("network.manage-offline-status", false); // let user control the offline behavior + +// ------------ +// # DOM +// ------------ + +// pop-ups and window related preferences +defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups on close +defaultPref("dom.disable_open_during_load", true); // block pop-ups windows +defaultPref("dom.popup_maximum", 4); // limit maximum number of pop-ups +defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); // limit events that cause pop-ups +defaultPref("dom.disable_window_move_resize", true); // block scripts from resizing windows +defaultPref("browser.link.open_newwindow", 3); // open 'new windows' targeted links in 'new tab' +defaultPref("browser.link.open_newwindow.restriction", 0); // ignore the size when applying the above pref + +// push notifications and service workeers +defaultPref("dom.push.enabled", false); // disable push notifications +defaultPref("dom.push.serverURL", ""); // default "wss://push.services.mozilla.com/" +defaultPref("dom.serviceWorkers.enabled", false); // disable service workers, must enable for push notifications + +// -------------------------------- +// # CACHE AND TEMPORARY FILES +// -------------------------------- + +defaultPref("browser.cache.disk.enable", false); // disable disk cache +defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true); // block media cache from writing to disk in pb mode +defaultPref("media.memory_cache_max_size", 65536); // increase max cache size to avoid playback issues caused by above setting + +defaultPref("browser.shell.shortcutFavicons", false); // disable shortcut favicons from being stored in profile +defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps +defaultPref("browser.pagethumbnails.capturing_disabled", true); // disable page thumbnails capturing + +// ---------------------- +// # MEDIA +// ---------------------- + +/** + * limit potential private IP leaks for webrtc users. + * mDNS protects the value on linux, osx and win10+. + * these prefs protect the value when allowing mic and camera access, and for win7/8.x. + * */ +defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate +defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used +defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy, when one is used + +// autoplay +defaultPref("media.autoplay.blocking_policy", 2); // only allow to play when a certain element is clicked +defaultPref("media.autoplay.default", 5); // personal preference, currently apply blocking policy to all autplay including muted + +// -------------------------------------- +// # FINGERPRINTING +// -------------------------------------- + +defaultPref("privacy.resistFingerprinting", true); // master switch + +// rfp compatibility settings +defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); // prevents rfp from breaking AMO +defaultPref("browser.startup.blankWindow", false); // if set to true it breaks RFP windows resizing +defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP + +defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default + +/** + * increase the size of new RFP windows for better usability, while still using a rounded value. + * if the screen resolution is lower it will stretch to the biggest possible rounded value. + * */ +defaultPref("privacy.window.maxInnerWidth", 1600); +defaultPref("privacy.window.maxInnerHeight", 900); + +defaultPref("webgl.disabled", true); // master switch, disable webgl + +// -------------------------------- +// # SECURITY +// -------------------------------- + +defaultPref("fission.autostart", true); // enable fission by default + +// certificates +defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning +defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates +defaultPref("security.OCSP.enabled", 0); // disable ocsp fetching + +// crl with no ocsp fallback +defaultPref("security.remote_settings.crlite_filters.enabled", true); +defaultPref("security.pki.crlite_mode", 2); + +// safe negotiation +defaultPref("security.ssl.require_safe_negotiation", true); // block websites that do not support safe negotiation, occasional breakage +defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); // show warning when safe negotiation is not enable and website is accessed + +// tls behavior +lockPref("security.tls.enable_0rtt_data", false); // disable 0 round trip time to improve tls 1.3 security +defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference +defaultPref("browser.ssl_override_behavior", 1); // prepopulate url on ssl warning screens +defaultPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos for broken connections + +// permissions +lockPref("permissions.delegation.enabled", false); // force permission request to show the real origin +lockPref("permissions.manager.defaultsUrl", ""); // revoke special permissions from some mozilla domains + +defaultPref("gfx.font_rendering.opentype_svg.enabled", false); // disale svg opentype fonts + +defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location + +lockPref("security.csp.enable", true); // default + +// --------------------------------- +// # SAFE BROWSING +// --------------------------------- + +// disable safe browsing, including the fetch of updates and all outgoing connections +defaultPref("browser.safebrowsing.malware.enabled", false); +defaultPref("browser.safebrowsing.phishing.enabled", false); +defaultPref("browser.safebrowsing.blockedURIs.enabled", false); +defaultPref("browser.safebrowsing.provider.google4.gethashURL", ""); +defaultPref("browser.safebrowsing.provider.google4.updateURL", ""); +defaultPref("browser.safebrowsing.provider.google.gethashURL", ""); +defaultPref("browser.safebrowsing.provider.google.updateURL", ""); + +// disable safe browsing checks on downloads, both local and remote +defaultPref("browser.safebrowsing.downloads.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.url", ""); +lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); +lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false); + +// other safe browsing options, all default but enforce +lockPref("browser.safebrowsing.passwords.enabled", false); +lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); +lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); + +// ----------------------- +// # DRM +// ----------------------- + +defaultPref("media.eme.enabled", false); // disable drm content, master switch that also controls widevine plugin +defaultPref("media.gmp-manager.url", "data:text/plain,"); // prevent outgoing connections when DRM is disabled + +// disable the openh264 plugin +defaultPref("media.gmp-provider.enabled", false); +defaultPref("media.gmp-gmpopenh264.enabled", false); + +// --------------------------------------------- +// # LOCATION, LANGUAGE AND REGION +// --------------------------------------------- + +// use mozilla geo service as deault +defaultPref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); + +// prevent use of OS location services +lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] +lockPref("geo.provider.use_corelocation", false); // [MAC] +lockPref("geo.provider.use_gpsd", false); // [LINUX] + +// show language as en-US for all users, regardless of their OS language and local version, to avoid leaking +defaultPref("javascript.use_us_english_locale", true); +defaultPref("intl.locale.requested", "en-US"); +defaultPref("privacy.spoof_english", 2); + +// disable region updates +lockPref("browser.region.network.url", ""); +lockPref("browser.region.update.enabled", false); + +// -------------------------------- +// # SEARCH AND URLBAR +// -------------------------------- + +// disable search suggestions +defaultPref("browser.urlbar.suggest.searches", false); +defaultPref("browser.search.suggest.enabled", false); + +// firefox suggest, review to trim +lockPref("browser.urlbar.quicksuggest.scenario", "history"); // prevent opt-in, doesn't work alone +lockPref("browser.urlbar.quicksuggest.enabled", false); // disable suggest and hide its ui +lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // disable suggestions from firefox +lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); // disable sponsored suggestions +lockPref("browser.urlbar.quicksuggest.dataCollection.enabled", false); // default + +defaultPref("browser.search.region", "US"); // set a default search region for all users +defaultPref("browser.search.update", false); // do not update open search search engines +defaultPref("browser.urlbar.trimURLs", false); // do not trim urls in the urlbar + +// urlbar-dns interactions, avoid unwanted and speculative connections +defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); +defaultPref("browser.urlbar.speculativeConnect.enabled", false); +lockPref("browser.fixup.alternate.enabled", false); + +// ---------------------------------- +// # BROWSER BEHAVIOR +// ---------------------------------- + +lockPref("app.update.auto", false); // disable update auto installs + +// password manager +defaultPref("signon.rememberSignons", false); // disable saving passwords in the browser +defaultPref("signon.autofillForms", false); // disable username and password autofills +defaultPref("signon.formlessCapture.enabled", false); // disable formless login capture + +// autofill +defaultPref("extensions.formautofill.available", "off"); +defaultPref("extensions.formautofill.addresses.enabled", false); +defaultPref("extensions.formautofill.creditCards.enabled", false); +defaultPref("extensions.formautofill.creditCards.available", false); +defaultPref("extensions.formautofill.heuristics.enabled", false); + +// mouse and input +defaultPref("general.autoScroll", false); // prevent mouse middle click from triggering scrolling +defaultPref("middlemouse.contentLoadURL", false); // prevent mouse middle click from opening links +defaultPref("clipboard.autocopy", false); // disable autocopy to clibpboard + +// containers +defaultPref("privacy.userContext.enabled", true); // enable containers +defaultPref("privacy.userContext.ui.enabled", true); // enable containers ui + +defaultPref("pdfjs.enableScripting", false); // block pdf js scripting + +defaultPref("accessibility.force_disabled", 1); // block accessibility services + +// devtools +defaultPref("devtools.chrome.enabled", false); // disable chrome debugging tools +defaultPref("devtools.debugger.remote-enabled", false); // default, disable remote debugging +defaultPref("devtools.remote.adb.extensionURL", ""); // url to download ad extension +defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 + +// misc +defaultPref("browser.shell.checkDefaultBrowser", false); // do not check if default browser +defaultPref("browser.aboutConfig.showWarning", false); // disable about:config warning +defaultPref("browser.download.autohideButton", false); // hide download button automatically +defaultPref("browser.download.manager.addToRecentDocs", false); // do not add downloads to recents +defaultPref("browser.tabs.loadBookmarksInTabs", true); // always open bookmarks in new tab +defaultPref("webchannel.allowObject.urlWhitelist", ""); // remove webchannel whitelist + +// -------------------------------------- +// # EXTENSIONS +// -------------------------------------- + +/** + allow extensions to work on all domains. + default is "debug-notes.log" + */ +defaultPref("extensions.webextensions.restrictedDomains", ""); + +// set extensions scopes +defaultPref("extensions.enabledScopes", 5); // hidden + +defaultPref("extensions.postDownloadThirdPartyPrompt", false); // force install prompt for thrid party extensions + +/** + prevent users from adding lang packs, which would cause leaks. + default is https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% +*/ +defaultPref("extensions.getAddons.langpacks.url", ""); + +// about:addons ui +defaultPref("extensions.getAddons.showPane", false); // disable recommendations section +defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); // disable recommendations from addons list +defaultPref("lightweightThemes.getMoreURL", ""); // disable button to get more themes + +// background checking and updating of extensions +defaultPref("extensions.update.enabled", false); // disable automatic checks for extension updates +defaultPref("extensions.update.autoUpdateDefault", false); // disable automatic installs of extension updates +defaultPref("extensions.getAddons.cache.enabled", false); // disable fetching of extension metadata + +// extension firewall, disabled by default +// defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';"); +// defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';"); + +// report site issue, disable button and url for in depth defense +lockPref("extensions.webcompat-reporter.enabled", false); +lockPref("extensions.webcompat-reporter.newIssueEndpoint", ""); + +// system addons, prevent updates and strip url for in depth defense +defaultPref("extensions.systemAddon.update.enabled", false); +defaultPref("extensions.systemAddon.update.url", ""); + +// -------------------------------- +// # URLS AND ANNOYANCES +// -------------------------------- + +// set librewolf support and releases urls +defaultPref("app.support.baseURL", "https://librewolf.net/docs/faq/#"); +defaultPref("browser.search.searchEnginesURL", "https://librewolf.net/docs/faq/#how-do-i-add-a-search-engine"); +defaultPref("browser.geolocation.warning.infoURL", "https://librewolf.net/docs/faq/#how-do-i-enable-location-aware-browsing"); +defaultPref("app.feedback.baseURL", "https://librewolf.net/#questions"); +defaultPref("app.releaseNotesURL", "https://gitlab.com/librewolf-community/browser"); +defaultPref("app.releaseNotesURL.aboutDialog", "https://gitlab.com/librewolf-community/browser"); +defaultPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); +defaultPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); + +// remove default handlers and translation engine +lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.mailto.0.name", ""); +lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.mailto.1.name", ""); +lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.irc.0.name", ""); +lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); +lockPref("gecko.handlerService.schemes.ircs.0.name", ""); +lockPref("browser.translation.engine", ""); + +// disable welcome, what is new pages and ui tour +defaultPref("browser.startup.homepage_override.mstone", "ignore"); +defaultPref("startup.homepage_override_url", "about:blank"); +defaultPref("startup.homepage_welcome_url", "about:blank"); +defaultPref("startup.homepage_welcome_url.additional", ""); +lockPref("browser.messaging-system.whatsNewPanel.enabled", false); +lockPref("browser.uitour.enabled", false); +lockPref("browser.uitour.url", ""); + +// hide annoying ui elements from about:protections +defaultPref("browser.contentblocking.report.lockwise.enabled", false); +defaultPref("browser.contentblocking.report.monitor.enabled", false); +lockPref("browser.contentblocking.report.hide_vpn_banner", true); +lockPref("browser.contentblocking.report.vpn.enabled", false); +lockPref("browser.contentblocking.report.show_mobile_app", false); + +defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button from about:preferences#home + +// ------------------------------------ +// # NEW TAB PAGE +// ------------------------------------ + +defaultPref("browser.newtab.preload", false); +defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); +defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); +defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false); + +// hide pocket and sponsored content, from new tab page and search bar +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); +lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false); +lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); +lockPref("browser.newtabpage.activity-stream.feeds.section.topstories.options", "{\"hidden\":true}"); // hide buggy pocket section from about:preferences#home +lockPref("browser.newtabpage.activity-stream.showSponsored", false); +lockPref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); +lockPref("browser.newtabpage.activity-stream.telemetry", false); +lockPref("browser.newtabpage.activity-stream.default.sites", ""); +lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); +lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false); +lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // default + +// disable recommend as you browse +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); +lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); + +// -------------------------------- +// # TELEMETRY +// -------------------------------- + +lockPref("toolkit.telemetry.unified", false); // master switch +lockPref("toolkit.telemetry.enabled", false); // master switch +lockPref("toolkit.telemetry.server", "data:,"); +lockPref("toolkit.telemetry.archive.enabled", false); +lockPref("toolkit.telemetry.newProfilePing.enabled", false); +lockPref("toolkit.telemetry.updatePing.enabled", false); +lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); +lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); +lockPref("toolkit.telemetry.shutdownPingSender.enabledFirstSession", false); // default +lockPref("toolkit.telemetry.bhrPing.enabled", false); +lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); // default +lockPref("toolkit.telemetry.cachedClientID", ""); +lockPref("toolkit.telemetry.previousBuildID", ""); +lockPref("toolkit.telemetry.server_owner", ""); +lockPref("toolkit.coverage.opt-out", true); // hidden +lockPref("toolkit.telemetry.coverage.opt-out", true); // hidden +lockPref("toolkit.coverage.enabled", false); +lockPref("toolkit.coverage.endpoint.base", ""); +lockPref("toolkit.crashreporter.infoURL", ""); +lockPref("datareporting.healthreport.uploadEnabled", false); +lockPref("datareporting.policy.dataSubmissionEnabled", false); +lockPref("security.protectionspopup.recordEventTelemetry", false); +lockPref("browser.ping-centre.telemetry", false); + +// crash report +lockPref("breakpad.reportURL", ""); +lockPref("browser.tabs.crashReporting.sendReport", false); + +// normandy and studies +lockPref("app.normandy.enabled", false); +lockPref("app.normandy.api_url", ""); +lockPref("app.shield.optoutstudies.enabled", false); + +// personalized extension recommendations +lockPref("browser.discovery.enabled", false); +lockPref("browser.discovery.containers.enabled", false); +lockPref("browser.discovery.sites", ""); + +// connectivity checks +lockPref("network.connectivity-service.enabled", false); + +// captive portal +lockPref("network.captive-portal-service.enabled", false); +lockPref("captivedetect.canonicalURL", ""); + +// prevent sending server side analytics +lockPref("beacon.enabled", false); + +// -------------------------------- +// # WINDOWS +// -------------------------------- + +// disable windows specific background update service +lockPref("app.update.service.enabled", false); +defaultPref("app.update.background.scheduling.enabled", false); + +defaultPref("network.protocol-handler.external.ms-windows-store", false); // disable links launching windows store + +lockPref("toolkit.winRegisterApplicationRestart", false); // disable automatic Firefox start and session restore after reboot + +lockPref("security.family_safety.mode", 0); // disable win8.1 family safety cert + +lockPref("default-browser-agent.enabled", false); // disable windows specific telemetry + +defaultPref("network.http.windows-sso.enabled", false); // disable MS auto authentication via sso + +// ----------------------------------- +// # OVERRIDES +// ----------------------------------- + +// allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg` +// or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak). +let profile_directory; +if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) { + pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); +} |