From dcbd889c1b8ce2511d87765728d768aa220b5ab0 Mon Sep 17 00:00:00 2001 From: "B. Stack" Date: Wed, 30 Mar 2022 14:02:48 -0400 Subject: lw 98.0 stackrpms rc1 --- librewolf/debian/librewolf_settings/librewolf.cfg | 703 ++++++++++++---------- 1 file changed, 378 insertions(+), 325 deletions(-) (limited to 'librewolf/debian/librewolf_settings/librewolf.cfg') diff --git a/librewolf/debian/librewolf_settings/librewolf.cfg b/librewolf/debian/librewolf_settings/librewolf.cfg index 56918a7..8525c82 100755 --- a/librewolf/debian/librewolf_settings/librewolf.cfg +++ b/librewolf/debian/librewolf_settings/librewolf.cfg @@ -1,208 +1,238 @@ -//----------------------| -// LibreWolf settings | -//----------------------| -/** - - NOTE: please take the time to read and understand, but also to customize the settings to find your own setup. - the answers to the most common questions are at this link https://librewolf.net/docs/faq/ - +/** LIBREWOLF SETTINGS + * + * please take the time to read and understand, but also to customize the settings to find your own setup. + * the answers to the most common questions are at this link https://librewolf.net/docs/faq/ + * + * WARNING: please make sure the first line of this file is empty. this is a known bug. + */ +defaultPref("librewolf.cfg.version", "6.0"); + + +/** INDEX + * the file is organized in categories, and each one has a number of sections: + * + * PRIVACY [ISOLATION, SANITIZING, CACHE AND STORAGE, HISTORY AND SESSION RESTORE, QUERY STRIPPING] + * NETWORKING [HTTPS, IPv6, REFERERS, WEBRTC, PROXY, DNS, PREFETCHING AND SPECULATIVE CONNECTIONS, OFFLINE] + * FINGERPRINTING [RFP, WEBGL] + * SECURITY [SITE ISOLATION, CERTIFICATES, TLS/SSL, PERMISSIONS, FONTS, SAFE BROWSING, OTHERS] + * REGION [LOCATION, LANGUAGE] + * BEHAVIOR [DRM, SEARCH AND URLBAR, DOWNLOADS, AUTOPLAY, POP-UPS AND WINDOWS, MOUSE] + * EXTENSIONS [USER INSTALLED, SYSTEM, EXTENSION FIREWALL] + * BUILT-IN FEATURES [UPDATER, SYNC, LOCKWISE, CONTAINERS, DEVTOOLS, OTHERS] + * UI [BRANDING, HANDLERS, FIRST LAUNCH, NEW TAB PAGE, ABOUT, RECOMMENDED] + * TELEMETRY + * WINDOWS [UPDATES, OTHERS] */ -defaultPref("librewolf.cfg.version", "4.0"); -// ------------------------------- -// # SANITIZING, TP, SESSIONS -// ------------------------------- -/** - strict mode includes: - - dFPI for both normal and private browsing - - strict blocking lists for trackers, including crypto, fping and socialtracking - - shims to avoid breakage caused by blocking lists - - stricter policies for xorigin referrers - - cookie cleaning mechanism specific to dFPI -*/ +/** [CATEGORY] PRIVACY */ + +/** [SECTION] ISOLATION + * default to strict mode, which includes: + * 1. dFPI for both normal and private windows + * 2. strict blocking lists for trackers + * 3. shims to avoid breakage caused by blocking lists + * 4. stricter policies for xorigin referrers + * 5. dFPI specific cookie cleaning mechanism + * + * the desired category must be set with pref() otherwise it won't stick. + * the UI that allows to change mode manually is hidden. + */ pref("browser.contentblocking.category", "strict"); +defaultPref("network.cookie.cookieBehavior", 5); // enforce dFPI +defaultPref("privacy.partition.serviceWorkers", true); // isolate service workers -defaultPref("network.cookie.cookieBehavior", 5); // dFPI is default for strict mode, but enforce +/** [SECTION] SANITIZING */ defaultPref("network.cookie.lifetimePolicy", 2); // keep cookies until end of the session, then clear - // make third party and http cookies session-only defaultPref("network.cookie.thirdparty.sessionOnly", true); defaultPref("network.cookie.thirdparty.nonsecureSessionOnly", true); - /** - this way of sanitizing cookies would override the exceptions set by the users and just delete everything, - we disable it but cookies and site data are still cleared per session unless exceptions are set. - all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want. -*/ + * this way of sanitizing cookies would override the exceptions set by the users and just delete everything, + * we disable it but cookies and site data are still cleared per session unless exceptions are set. + * all the cleaning prefs true by default except for siteSetting and offlineApps, which is what we want. + */ defaultPref("privacy.clearOnShutdown.cookies", false); defaultPref("privacy.sanitize.sanitizeOnShutdown", true); defaultPref("privacy.sanitize.timeSpan", 0); -// disable browsing, search and form history -defaultPref("places.history.enabled", false); -defaultPref("browser.formfill.enable", false); +/** [SECTION] CACHE AND STORAGE */ +defaultPref("browser.cache.disk.enable", false); // disable disk cache +/** prevent media cache from being written to disk in pb, but increase max cache size to avoid playback issues */ +defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true); +defaultPref("media.memory_cache_max_size", 65536); +// disable favicons in profile folder and page thumbnail capturing +defaultPref("browser.shell.shortcutFavicons", false); +defaultPref("browser.pagethumbnails.capturing_disabled", true); +defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps + +/** [SECTION] HISTORY AND SESSION RESTORE + * since we hide the UI for modes other than custom we want to reset it for + * everyone. same thing for always on PB mode. + */ +pref("privacy.history.custom", true); +pref("browser.privatebrowsing.autostart", false); +defaultPref("browser.formfill.enable", false); // disable form history +defaultPref("browser.sessionstore.privacy_level", 2); // prevent websites from storing session data like cookies and forms +defaultPref("browser.sessionstore.interval", 60000); // increase time between session saves + +/** [SECTION] QUERY STRIPPING + * enable query stripping and set the strip list. + * currently we use the same one that brave uses: + * https://github.com/brave/brave-core/blob/f337a47cf84211807035581a9f609853752a32fb/browser/net/brave_site_hacks_network_delegate_helper.cc#L29 + */ +defaultPref("privacy.query_stripping.enabled", true); +defaultPref("privacy.query_stripping.strip_list", "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid"); +/** + * librewolf specific pref that allows to include the query stripping lists in uBO by default. + * the asset file is fetched every 7 days. + */ +defaultPref("librewolf.uBO.assetsBootstrapLocation", "https://gitlab.com/librewolf-community/browser/source/-/raw/main/assets/uBOAssets.json"); + -// prevent websites from storing session data like cookies and forms, increase time between session saves -defaultPref("browser.sessionstore.privacy_level", 2); -defaultPref("browser.sessionstore.interval", 60000); -// ---------------------- -// # NETWORKING -// ---------------------- +/** [CATEGORY] NETWORKING */ -// https and mixed content +/** [SECTION] HTTPS */ defaultPref("dom.security.https_only_mode", true); // only allow https in all windows, including private browsing -defaultPref("network.auth.subresource-http-auth-allow", 1); // stop cross-origin resources from using HTTP authentication -defaultPref("security.insecure_connection_text.enabled", true); // display http websites as insecure in the ui +defaultPref("network.auth.subresource-http-auth-allow", 1); // block HTTP authentication credential dialogs defaultPref("security.mixed_content.block_display_content", true); // block insecure passive content -defaultPref("network.dns.disableIPv6", true); // disable ipv6 +/** [SECTION] IPv6 + * privacy extension isn't the default for all linux distros, so we disable ipv6. + */ +defaultPref("network.dns.disableIPv6", true); -// always send xorigin referer but trim them -defaultPref("network.http.referer.XOriginPolicy", 0); // default, might be worth changing to 2 +/** [SECTION] REFERERS + * to enhance privacy but keep a certain level of usability we trim cross-origin + * referers, instead of completely avoid sending them. + * as a general rule, the behavior of referes which are not cross-origin should not + * be changed. + */ +defaultPref("network.http.referer.XOriginPolicy", 0); // default, might be worth changing to 2 to stop sending them completely defaultPref("network.http.referer.XOriginTrimmingPolicy", 2); // trim referer to only send scheme, host and port -defaultPref("network.file.disable_unc_paths", true); // hidden, disable using uniform naming convention -defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing +/** [SECTION] WEBRTC + * there's no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+. + * with the below preference we protect the value even in trusted environments and for win7/8 users, + * although this will likely cause breakage. + */ +defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate +defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used -// proxy -defaultPref("network.proxy.socks_remote_dns", true); // forces dns query through the proxy when using one +/** [SECTION] PROXY */ defaultPref("network.gio.supported-protocols", ""); // disable gio as it could bypass proxy +defaultPref("network.file.disable_unc_paths", true); // hidden, disable using uniform naming convention to prevent proxy bypass +defaultPref("network.proxy.socks_remote_dns", true); // forces dns query through the proxy when using one +defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy when one is used -// doh +/** [SECTION] DNS */ defaultPref("network.trr.confirmationNS", "skip"); // skip undesired doh test connection -/** - 0 = default - 1 = browser picks faster - 2 = DoH with system dns fallback - 3 = DoH without fallback - 5 = DoH is off, default currently - - below prefs must be applied with pref in order to work -*/ -// pref("network.trr.mode", 2); -// pref("network.trr.uri", "https://dns.quad9.net/dns-query"); - -// prefetching defaultPref("network.dns.disablePrefetch", true); // disable dns prefetching -lockPref("network.predictor.enabled", false); // disable predictor -lockPref("network.prefetch-next", false); // disable link prefetching -lockPref("network.http.speculative-parallel-limit", 0); // disable prefetching on mouse over - -defaultPref("network.manage-offline-status", false); // let user control the offline behavior - -// ------------ -// # DOM -// ------------ - -// pop-ups and window related preferences -defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups on close -defaultPref("dom.disable_open_during_load", true); // block pop-ups windows -defaultPref("dom.popup_maximum", 4); // limit maximum number of pop-ups -defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); // limit events that cause pop-ups -defaultPref("dom.disable_window_move_resize", true); // block scripts from resizing windows -defaultPref("browser.link.open_newwindow", 3); // open 'new windows' targeted links in 'new tab' -defaultPref("browser.link.open_newwindow.restriction", 0); // ignore the size when applying the above pref - -// push notifications and service workeers -defaultPref("dom.push.enabled", false); // disable push notifications -defaultPref("dom.push.serverURL", ""); // default "wss://push.services.mozilla.com/" -defaultPref("dom.serviceWorkers.enabled", false); // disable service workers, must enable for push notifications - -// -------------------------------- -// # CACHE AND TEMPORARY FILES -// -------------------------------- - -defaultPref("browser.cache.disk.enable", false); // disable disk cache -defaultPref("browser.privatebrowsing.forceMediaMemoryCache", true); // block media cache from writing to disk in pb mode -defaultPref("media.memory_cache_max_size", 65536); // increase max cache size to avoid playback issues caused by above setting - -defaultPref("browser.shell.shortcutFavicons", false); // disable shortcut favicons from being stored in profile -defaultPref("browser.helperApps.deleteTempFileOnExit", true); // delete temporary files opened with external apps -defaultPref("browser.pagethumbnails.capturing_disabled", true); // disable page thumbnails capturing +/** + * librewolf doesn't use DoH, but it can be enabled with the following prefs: + * pref("network.trr.mode", 2); + * pref("network.trr.uri", "https://dns.quad9.net/dns-query"); + * + * the possible modes are: + * 0 = default + * 1 = browser picks faster + * 2 = DoH with system dns fallback + * 3 = DoH without fallback + * 5 = DoH is off, default currently + */ -// ---------------------- -// # MEDIA -// ---------------------- +/** [SECTION] PREFETCHING AND SPECULATIVE CONNECTIONS + * disable prefecthing for different things such as links, bookmarks and predictors. + */ +lockPref("network.predictor.enabled", false); +lockPref("network.prefetch-next", false); +lockPref("network.http.speculative-parallel-limit", 0); +defaultPref("browser.places.speculativeConnect.enabled", false); +// disable speculative connections and domain guessing from the urlbar +defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); +defaultPref("browser.urlbar.speculativeConnect.enabled", false); +lockPref("browser.fixup.alternate.enabled", false); -/** - * limit potential private IP leaks for webrtc users. - * mDNS protects the value on linux, osx and win10+. - * these prefs protect the value when allowing mic and camera access, and for win7/8.x. - * */ -defaultPref("media.peerconnection.ice.no_host", true); // don't use any private IPs for ICE candidate -defaultPref("media.peerconnection.ice.default_address_only", true); // use a single interface for ICE candidates, the vpn one when a vpn is used -defaultPref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy, when one is used +/** [SECTION] OFFLINE + * let users set the browser as offline, without the browser trying to guess. + */ +defaultPref("network.manage-offline-status", false); -// autoplay -defaultPref("media.autoplay.blocking_policy", 2); // only allow to play when a certain element is clicked -defaultPref("media.autoplay.default", 5); // personal preference, currently apply blocking policy to all autplay including muted -// -------------------------------------- -// # FINGERPRINTING -// -------------------------------------- -defaultPref("privacy.resistFingerprinting", true); // master switch +/** [CATEGORY] FINGERPRINTING */ -// rfp compatibility settings +/** [SECTION] RFP + * librewolf should stick to RFP for fingerprinting. we should not set prefs that interfere with it + * and disabling API for no good reason will be counter productive, so it should also be avoided. + */ +defaultPref("privacy.resistFingerprinting", true); +// rfp related settings defaultPref("privacy.resistFingerprinting.block_mozAddonManager", true); // prevents rfp from breaking AMO defaultPref("browser.startup.blankWindow", false); // if set to true it breaks RFP windows resizing defaultPref("browser.display.use_system_colors", false); // default but enforced due to RFP - -defaultPref("privacy.resistFingerprinting.letterboxing", false); // expose hidden letterboxing pref, but do not enable by default - /** * increase the size of new RFP windows for better usability, while still using a rounded value. * if the screen resolution is lower it will stretch to the biggest possible rounded value. - * */ + * also, expose hidden letterboxing pref but do not enable it for now. + */ defaultPref("privacy.window.maxInnerWidth", 1600); defaultPref("privacy.window.maxInnerHeight", 900); +defaultPref("privacy.resistFingerprinting.letterboxing", false); -defaultPref("webgl.disabled", true); // master switch, disable webgl +/** [SECTION] WEBGL */ +defaultPref("webgl.disabled", true); -// -------------------------------- -// # SECURITY -// -------------------------------- -defaultPref("fission.autostart", true); // enable fission by default -// certificates -defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning -defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates -defaultPref("security.OCSP.enabled", 0); // disable ocsp fetching +/** [CATEGORY] SECURITY */ -// crl with no ocsp fallback -defaultPref("security.remote_settings.crlite_filters.enabled", true); -defaultPref("security.pki.crlite_mode", 2); - -// safe negotiation -defaultPref("security.ssl.require_safe_negotiation", true); // block websites that do not support safe negotiation, occasional breakage -defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); // show warning when safe negotiation is not enable and website is accessed - -// tls behavior -lockPref("security.tls.enable_0rtt_data", false); // disable 0 round trip time to improve tls 1.3 security -defaultPref("security.tls.version.enable-deprecated", false); // default but helps resetting the preference -defaultPref("browser.ssl_override_behavior", 1); // prepopulate url on ssl warning screens -defaultPref("browser.xul.error_pages.expert_bad_cert", true); // advanced ui infos for broken connections - -// permissions -lockPref("permissions.delegation.enabled", false); // force permission request to show the real origin -lockPref("permissions.manager.defaultsUrl", ""); // revoke special permissions from some mozilla domains +/** [SECTION] SITE ISOLATION + * https://wiki.mozilla.org/Project_Fission + * this has been rolled out and is now a default on most FF releases + */ +defaultPref("fission.autostart", true); +/** [SECTION] CERTIFICATES */ +defaultPref("security.cert_pinning.enforcement_level", 2); // enable strict public key pinning, might cause issues with AVs +defaultPref("security.pki.sha1_enforcement_level", 1); // disable sha-1 certificates +/** + * enable safe negotiation and show warning when it is not supported. might cause breakage. + */ +defaultPref("security.ssl.require_safe_negotiation", true); +defaultPref("security.ssl.treat_unsafe_negotiation_as_broken", true); +/** + * our strategy with revocation is to perform all possible checks with CRL, but when a cert + * cannot be checked with it we use OCSP stapled with hard-fail, to still keep privacy and + * increase security. + * switching to crlite mode 3 (v99+) would allow us to detect false positive with OCSP. + */ +defaultPref("security.remote_settings.crlite_filters.enabled", true); +defaultPref("security.pki.crlite_mode", 2); // mode 2 means enforce CRL checks +defaultPref("security.OCSP.enabled", 1); // default +defaultPref("security.OCSP.require", true); // set to hard-fail + +/** [SECTION] TLS/SSL */ +lockPref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security +pref("security.tls.version.enable-deprecated", false); // make TLS downgrades session only by enforcing it with pref() +// show relevant and advanced issues on warnings and error screens +defaultPref("browser.ssl_override_behavior", 1); +defaultPref("browser.xul.error_pages.expert_bad_cert", true); + +/** [SECTION] PERMISSIONS */ +lockPref("permissions.delegation.enabled", false); // force permission request to show real origin +lockPref("permissions.manager.defaultsUrl", ""); // revoke special permissions for some mozilla domains + +/** [SECTION] FONTS */ defaultPref("gfx.font_rendering.opentype_svg.enabled", false); // disale svg opentype fonts -defaultPref("browser.download.useDownloadDir", false); // force user interaction on downloads, by always asking location - -lockPref("security.csp.enable", true); // default - -// --------------------------------- -// # SAFE BROWSING -// --------------------------------- - -// disable safe browsing, including the fetch of updates and all outgoing connections +/** [SECTION] SAFE BROWSING + * disable safe browsing, including the fetch of updates. reverting the 7 prefs below + * allows to perform local checks and to fetch updated lists from google. + */ defaultPref("browser.safebrowsing.malware.enabled", false); defaultPref("browser.safebrowsing.phishing.enabled", false); defaultPref("browser.safebrowsing.blockedURIs.enabled", false); @@ -210,168 +240,192 @@ defaultPref("browser.safebrowsing.provider.google4.gethashURL", ""); defaultPref("browser.safebrowsing.provider.google4.updateURL", ""); defaultPref("browser.safebrowsing.provider.google.gethashURL", ""); defaultPref("browser.safebrowsing.provider.google.updateURL", ""); - -// disable safe browsing checks on downloads, both local and remote +/** + * disable safe browsing checks on downloads, both local and remote. the locked prefs + * control remote checks, while the first one is for local checks only. + */ defaultPref("browser.safebrowsing.downloads.enabled", false); lockPref("browser.safebrowsing.downloads.remote.enabled", false); lockPref("browser.safebrowsing.downloads.remote.url", ""); lockPref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); lockPref("browser.safebrowsing.downloads.remote.block_uncommon", false); - // other safe browsing options, all default but enforce lockPref("browser.safebrowsing.passwords.enabled", false); lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); lockPref("browser.safebrowsing.provider.google4.dataSharingURL", ""); -// ----------------------- -// # DRM -// ----------------------- +/** [SECTION] OTHERS */ +lockPref("security.csp.enable", true); // enforce csp, default +defaultPref("network.IDN_show_punycode", true); // use punycode in idn to prevent spoofing +defaultPref("pdfjs.enableScripting", false); // disable js scripting in the built-in pdf reader -defaultPref("media.eme.enabled", false); // disable drm content, master switch that also controls widevine plugin -defaultPref("media.gmp-manager.url", "data:text/plain,"); // prevent outgoing connections when DRM is disabled -// disable the openh264 plugin -defaultPref("media.gmp-provider.enabled", false); -defaultPref("media.gmp-gmpopenh264.enabled", false); -// --------------------------------------------- -// # LOCATION, LANGUAGE AND REGION -// --------------------------------------------- +/** [CATEGORY] REGION */ -// use mozilla geo service as deault +/** [SECTION] LOCATION + * replace google with mozilla as the default geolocation provide and prevent use of OS location services + */ defaultPref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); - -// prevent use of OS location services lockPref("geo.provider.ms-windows-location", false); // [WINDOWS] lockPref("geo.provider.use_corelocation", false); // [MAC] lockPref("geo.provider.use_gpsd", false); // [LINUX] -// show language as en-US for all users, regardless of their OS language and local version, to avoid leaking -defaultPref("javascript.use_us_english_locale", true); -defaultPref("intl.locale.requested", "en-US"); -defaultPref("privacy.spoof_english", 2); - -// disable region updates +/** [SECTION] LANGUAGE + * show language as en-US for all users, regardless of their OS language and browser language. + * both prefs must use pref() and not defaultPref to work. + */ +pref("javascript.use_us_english_locale", true); +pref("intl.accept_languages", "en-US, en"); +// disable region specific updates from mozilla lockPref("browser.region.network.url", ""); lockPref("browser.region.update.enabled", false); -// -------------------------------- -// # SEARCH AND URLBAR -// -------------------------------- -// disable search suggestions + +/** [CATEGORY] BEHAVIOR */ + +/** [SECTION] DRM */ +defaultPref("media.eme.enabled", false); // master switch for drm content +defaultPref("media.gmp-manager.url", "data:text/plain,"); // prevent checks for plugin updates when drm is disabled +// disable the widevine and the openh264 plugins +defaultPref("media.gmp-provider.enabled", false); +defaultPref("media.gmp-gmpopenh264.enabled", false); + +/** [SECTION] SEARCH AND URLBAR + * disable search suggestion by default and do not update opensearch engines. urls should also be + * displayed in full instead of trimming them. + */ defaultPref("browser.urlbar.suggest.searches", false); defaultPref("browser.search.suggest.enabled", false); - -// firefox suggest, review to trim -lockPref("browser.urlbar.quicksuggest.scenario", "history"); // prevent opt-in, doesn't work alone -lockPref("browser.urlbar.quicksuggest.enabled", false); // disable suggest and hide its ui -lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // disable suggestions from firefox -lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); // disable sponsored suggestions +defaultPref("browser.search.update", false); +defaultPref("browser.urlbar.trimURLs", false); +/** + * quicksuggest is a feature of firefox that shows sponsored suggestions. we disable it in full + * but the list could and should be trimmed at some point. the scenario controls the opt-in, while + * the second pref disables the feature and hides it from the ui. + */ +lockPref("browser.urlbar.quicksuggest.scenario", "history"); +lockPref("browser.urlbar.quicksuggest.enabled", false); +lockPref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); +lockPref("browser.urlbar.suggest.quicksuggest.sponsored", false); lockPref("browser.urlbar.quicksuggest.dataCollection.enabled", false); // default -defaultPref("browser.search.region", "US"); // set a default search region for all users -defaultPref("browser.search.update", false); // do not update open search search engines -defaultPref("browser.urlbar.trimURLs", false); // do not trim urls in the urlbar +/** [SECTION] DOWNLOADS + * user interaction should always be required for downloads, as a way to enhance security by asking + * the user to specific a certain save location. + */ +defaultPref("browser.download.useDownloadDir", false); +defaultPref("browser.download.autohideButton", false); // do not hide download button automatically +defaultPref("browser.download.manager.addToRecentDocs", false); // do not add downloads to recents +defaultPref("browser.download.alwaysOpenPanel", false); // do not expand toolbar menu for every download, we already have enough interaction -// urlbar-dns interactions, avoid unwanted and speculative connections -defaultPref("browser.urlbar.dnsResolveSingleWordsAfterSearch", 0); -defaultPref("browser.urlbar.speculativeConnect.enabled", false); -lockPref("browser.fixup.alternate.enabled", false); +/** [SECTION] AUTOPLAY + * block autoplay unless element is clicked, and apply the policy to all elements + * including muted ones. + */ +defaultPref("media.autoplay.blocking_policy", 2); +defaultPref("media.autoplay.default", 5); -// ---------------------------------- -// # BROWSER BEHAVIOR -// ---------------------------------- +/** [SECTION] POP-UPS AND WINDOWS + * disable annoyin pop-ups and limit events that can trigger them. + */ +defaultPref("dom.disable_beforeunload", true); // disable "confirm you want to leave" pop-ups +defaultPref("dom.disable_open_during_load", true); // block pop-ups windows +defaultPref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); +/** + * prevent scripts from resizing existing windows and opening new ones, by forcing them into + * new tabs that can't be resized as well. + */ +defaultPref("dom.disable_window_move_resize", true); +defaultPref("browser.link.open_newwindow", 3); +defaultPref("browser.link.open_newwindow.restriction", 0); -lockPref("app.update.auto", false); // disable update auto installs +/** [SECTION] MOUSE */ +defaultPref("middlemouse.contentLoadURL", false); // prevent mouse middle click from opening links -// password manager -defaultPref("signon.rememberSignons", false); // disable saving passwords in the browser -defaultPref("signon.autofillForms", false); // disable username and password autofills -defaultPref("signon.formlessCapture.enabled", false); // disable formless login capture -// autofill -defaultPref("extensions.formautofill.available", "off"); -defaultPref("extensions.formautofill.addresses.enabled", false); -defaultPref("extensions.formautofill.creditCards.enabled", false); -defaultPref("extensions.formautofill.creditCards.available", false); -defaultPref("extensions.formautofill.heuristics.enabled", false); -// mouse and input -defaultPref("general.autoScroll", false); // prevent mouse middle click from triggering scrolling -defaultPref("middlemouse.contentLoadURL", false); // prevent mouse middle click from opening links -defaultPref("clipboard.autocopy", false); // disable autocopy to clibpboard +/** [CATEGORY] EXTENSIONS */ -// containers -defaultPref("privacy.userContext.enabled", true); // enable containers -defaultPref("privacy.userContext.ui.enabled", true); // enable containers ui +/** [SECTION] USER INSTALLED + * extensions are allowed to operate on restricted domains, while their scope + * is set to profile+applications (https://mike.kaply.com/2012/02/21/understanding-add-on-scopes/). + * an installation prompt should always be displayed. + */ +defaultPref("extensions.webextensions.restrictedDomains", ""); +defaultPref("extensions.enabledScopes", 5); // hidden +defaultPref("extensions.postDownloadThirdPartyPrompt", false); -defaultPref("pdfjs.enableScripting", false); // block pdf js scripting +/** [SECTION] SYSTEM + * built-in extension are not allowed to auto-update. additionally the reporter extension + * of webcompat is disabled. urls are stripped for defense in depth. + */ +defaultPref("extensions.systemAddon.update.enabled", false); +defaultPref("extensions.systemAddon.update.url", ""); +lockPref("extensions.webcompat-reporter.enabled", false); +lockPref("extensions.webcompat-reporter.newIssueEndpoint", ""); -defaultPref("accessibility.force_disabled", 1); // block accessibility services +/** [SECTION] EXTENSION FIREWALL + * the firewall can be enabled with the below prefs, but it is not a sane default: + * defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';"); + * defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';"); + */ -// devtools -defaultPref("devtools.chrome.enabled", false); // disable chrome debugging tools -defaultPref("devtools.debugger.remote-enabled", false); // default, disable remote debugging -defaultPref("devtools.remote.adb.extensionURL", ""); // url to download ad extension -defaultPref("devtools.selfxss.count", 0); // see https://gitlab.com/librewolf-community/browser/linux/-/issues/80 -// misc -defaultPref("browser.shell.checkDefaultBrowser", false); // do not check if default browser -defaultPref("browser.aboutConfig.showWarning", false); // disable about:config warning -defaultPref("browser.download.autohideButton", false); // hide download button automatically -defaultPref("browser.download.manager.addToRecentDocs", false); // do not add downloads to recents -defaultPref("browser.tabs.loadBookmarksInTabs", true); // always open bookmarks in new tab -defaultPref("webchannel.allowObject.urlWhitelist", ""); // remove webchannel whitelist -// -------------------------------------- -// # EXTENSIONS -// -------------------------------------- +/** [CATEGORY] BUILT-IN FEATURES */ -/** - allow extensions to work on all domains. - default is "debug-notes.log" +/** [SECTION] UPDATER + * since we do not bake auto-updates in the browser it doesn't make sense at the moment. */ -defaultPref("extensions.webextensions.restrictedDomains", ""); +lockPref("app.update.auto", false); -// set extensions scopes -defaultPref("extensions.enabledScopes", 5); // hidden +/** [SECTION] SYNC + * this functionality is disabled by default but it can be activated in one click. + * this pref fully controls the feature, including its ui. + */ +defaultPref("identity.fxaccounts.enabled", false); -defaultPref("extensions.postDownloadThirdPartyPrompt", false); // force install prompt for thrid party extensions +/** [SECTION] LOCKWISE + * disable the default password manager built into the browser, including its autofill + * capabilities and formless login capture. + */ +defaultPref("signon.rememberSignons", false); +defaultPref("signon.autofillForms", false); +defaultPref("extensions.formautofill.available", "off"); +defaultPref("extensions.formautofill.addresses.enabled", false); +defaultPref("extensions.formautofill.creditCards.enabled", false); +defaultPref("extensions.formautofill.creditCards.available", false); +defaultPref("extensions.formautofill.heuristics.enabled", false); +defaultPref("signon.formlessCapture.enabled", false); -/** - prevent users from adding lang packs, which would cause leaks. - default is https://services.addons.mozilla.org/api/v3/addons/language-tools/?app=firefox&type=language&appversion=%VERSION% -*/ -defaultPref("extensions.getAddons.langpacks.url", ""); - -// about:addons ui -defaultPref("extensions.getAddons.showPane", false); // disable recommendations section -defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); // disable recommendations from addons list -defaultPref("lightweightThemes.getMoreURL", ""); // disable button to get more themes +/** [SECTION] CONTAINERS + * enable containers and show the settings to control them in the stock ui + */ +defaultPref("privacy.userContext.enabled", true); +defaultPref("privacy.userContext.ui.enabled", true); -// background checking and updating of extensions -defaultPref("extensions.update.enabled", false); // disable automatic checks for extension updates -defaultPref("extensions.update.autoUpdateDefault", false); // disable automatic installs of extension updates -defaultPref("extensions.getAddons.cache.enabled", false); // disable fetching of extension metadata +/** [SECTION] DEVTOOLS + * disable chrome and remote debugging. + */ +defaultPref("devtools.chrome.enabled", false); +defaultPref("devtools.debugger.remote-enabled", false); +defaultPref("devtools.remote.adb.extensionURL", ""); +defaultPref("devtools.selfxss.count", 0); // required for devtools console to work -// extension firewall, disabled by default -// defaultPref("extensions.webextensions.base-content-security-policy", "default-src 'none'; script-src 'none'; object-src 'none';"); -// defaultPref("extensions.webextensions.base-content-security-policy.v3", "default-src 'none'; script-src 'none'; object-src 'none';"); +/** [SECTION] OTHERS */ +lockPref("browser.translation.engine", ""); // remove translation engine +defaultPref("accessibility.force_disabled", 1); // block accessibility services +defaultPref("webchannel.allowObject.urlWhitelist", ""); // do not receive objects through webchannels -// report site issue, disable button and url for in depth defense -lockPref("extensions.webcompat-reporter.enabled", false); -lockPref("extensions.webcompat-reporter.newIssueEndpoint", ""); -// system addons, prevent updates and strip url for in depth defense -defaultPref("extensions.systemAddon.update.enabled", false); -defaultPref("extensions.systemAddon.update.url", ""); -// -------------------------------- -// # URLS AND ANNOYANCES -// -------------------------------- +/** [CATEGORY] UI */ -// set librewolf support and releases urls +/** [SECTION] BRANDING + * set librewolf support and releases urls in the UI, so that users land in the proper places. + */ defaultPref("app.support.baseURL", "https://librewolf.net/docs/faq/#"); defaultPref("browser.search.searchEnginesURL", "https://librewolf.net/docs/faq/#how-do-i-add-a-search-engine"); defaultPref("browser.geolocation.warning.infoURL", "https://librewolf.net/docs/faq/#how-do-i-enable-location-aware-browsing"); @@ -381,18 +435,10 @@ defaultPref("app.releaseNotesURL.aboutDialog", "https://gitlab.com/librewolf-com defaultPref("app.update.url.details", "https://gitlab.com/librewolf-community/browser"); defaultPref("app.update.url.manual", "https://gitlab.com/librewolf-community/browser"); -// remove default handlers and translation engine -lockPref("gecko.handlerService.schemes.mailto.0.uriTemplate", ""); -lockPref("gecko.handlerService.schemes.mailto.0.name", ""); -lockPref("gecko.handlerService.schemes.mailto.1.uriTemplate", ""); -lockPref("gecko.handlerService.schemes.mailto.1.name", ""); -lockPref("gecko.handlerService.schemes.irc.0.uriTemplate", ""); -lockPref("gecko.handlerService.schemes.irc.0.name", ""); -lockPref("gecko.handlerService.schemes.ircs.0.uriTemplate", ""); -lockPref("gecko.handlerService.schemes.ircs.0.name", ""); -lockPref("browser.translation.engine", ""); - -// disable welcome, what is new pages and ui tour +/** [SECTION] FIRST LAUNCH + * disable what's new and ui tour on first start and updates. the browser + * should also not stress user about being the default one. + */ defaultPref("browser.startup.homepage_override.mstone", "ignore"); defaultPref("startup.homepage_override_url", "about:blank"); defaultPref("startup.homepage_welcome_url", "about:blank"); @@ -400,25 +446,15 @@ defaultPref("startup.homepage_welcome_url.additional", ""); lockPref("browser.messaging-system.whatsNewPanel.enabled", false); lockPref("browser.uitour.enabled", false); lockPref("browser.uitour.url", ""); +defaultPref("browser.shell.checkDefaultBrowser", false); -// hide annoying ui elements from about:protections -defaultPref("browser.contentblocking.report.lockwise.enabled", false); -defaultPref("browser.contentblocking.report.monitor.enabled", false); -lockPref("browser.contentblocking.report.hide_vpn_banner", true); -lockPref("browser.contentblocking.report.vpn.enabled", false); -lockPref("browser.contentblocking.report.show_mobile_app", false); - -defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button from about:preferences#home - -// ------------------------------------ -// # NEW TAB PAGE -// ------------------------------------ - +/** [SECTION] NEW TAB PAGE + * we want the new tab page to display nothing but the search bar without anything distracting. + */ defaultPref("browser.newtab.preload", false); defaultPref("browser.newtabpage.activity-stream.section.highlights.includeDownloads", false); defaultPref("browser.newtabpage.activity-stream.section.highlights.includeVisited", false); defaultPref("browser.newtabpage.activity-stream.feeds.topsites", false); - // hide pocket and sponsored content, from new tab page and search bar lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false); lockPref("browser.newtabpage.activity-stream.feeds.system.topstories", false); @@ -432,14 +468,37 @@ lockPref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", false); lockPref("browser.newtabpage.activity-stream.discoverystream.enabled", false); lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); // default -// disable recommend as you browse +/** [SECTION] ABOUT + * remove annoying ui elements from the about pages, including about:protections + */ +defaultPref("browser.contentblocking.report.lockwise.enabled", false); +defaultPref("browser.contentblocking.report.monitor.enabled", false); +lockPref("browser.contentblocking.report.hide_vpn_banner", true); +lockPref("browser.contentblocking.report.vpn.enabled", false); +lockPref("browser.contentblocking.report.show_mobile_app", false); +// ...about:addons recommendations sections and more +defaultPref("extensions.htmlaboutaddons.recommendations.enabled", false); +defaultPref("extensions.getAddons.showPane", false); +defaultPref("extensions.getAddons.cache.enabled", false); // disable fetching of extension metadata +defaultPref("lightweightThemes.getMoreURL", ""); // disable button to get more themes +// ...about:preferences#home +defaultPref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button +// ...and about:config +defaultPref("browser.aboutConfig.showWarning", false); +// hide about:preferences#moreFromMozilla +defaultPref("browser.preferences.moreFromMozilla", false); + +/** [SECTION] RECOMMENDED + * disable all "recommend as you browse" activity. + */ lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); lockPref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); -// -------------------------------- -// # TELEMETRY -// -------------------------------- + +/** [CATEGORY] TELEMETRY + * telemetry is already disabled elsewhere and most of the stuff in here is just for redundancy. + */ lockPref("toolkit.telemetry.unified", false); // master switch lockPref("toolkit.telemetry.enabled", false); // master switch lockPref("toolkit.telemetry.server", "data:,"); @@ -463,56 +522,50 @@ lockPref("datareporting.healthreport.uploadEnabled", false); lockPref("datareporting.policy.dataSubmissionEnabled", false); lockPref("security.protectionspopup.recordEventTelemetry", false); lockPref("browser.ping-centre.telemetry", false); - -// crash report -lockPref("breakpad.reportURL", ""); -lockPref("browser.tabs.crashReporting.sendReport", false); - -// normandy and studies +// opt-out of normandy and studies lockPref("app.normandy.enabled", false); lockPref("app.normandy.api_url", ""); lockPref("app.shield.optoutstudies.enabled", false); - -// personalized extension recommendations +// disable personalized extension recommendations lockPref("browser.discovery.enabled", false); lockPref("browser.discovery.containers.enabled", false); lockPref("browser.discovery.sites", ""); - -// connectivity checks +// disable crash report +lockPref("browser.tabs.crashReporting.sendReport", false); +lockPref("breakpad.reportURL", ""); +// disable connectivity checks lockPref("network.connectivity-service.enabled", false); - -// captive portal +// disable captive portal lockPref("network.captive-portal-service.enabled", false); lockPref("captivedetect.canonicalURL", ""); - // prevent sending server side analytics lockPref("beacon.enabled", false); -// -------------------------------- -// # WINDOWS -// -------------------------------- +/** [CATEGORY] WINDOWS + * the prefs in this section only apply to windows installations and they don't have any + * effect on linux, macos and bsd users. + */ -// disable windows specific background update service +/** [SECTION] UPDATES + * disable windows specific update services. + */ lockPref("app.update.service.enabled", false); defaultPref("app.update.background.scheduling.enabled", false); -defaultPref("network.protocol-handler.external.ms-windows-store", false); // disable links launching windows store - -lockPref("toolkit.winRegisterApplicationRestart", false); // disable automatic Firefox start and session restore after reboot - -lockPref("security.family_safety.mode", 0); // disable win8.1 family safety cert - +/** [SECTION] OTHERS */ lockPref("default-browser-agent.enabled", false); // disable windows specific telemetry - +defaultPref("network.protocol-handler.external.ms-windows-store", false); // prevent links from launching windows store +lockPref("toolkit.winRegisterApplicationRestart", false); // disable automatic start and session restore after reboot +lockPref("security.family_safety.mode", 0); // disable win8.1 family safety cert defaultPref("network.http.windows-sso.enabled", false); // disable MS auto authentication via sso -// ----------------------------------- -// # OVERRIDES -// ----------------------------------- -// allow settings to be overriden with a file at `~/.librewolf/librewolf.overrides.cfg` -// or `~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg` (Flatpak). + +/** [CATEGORY] OVERRIDES + * allow settings to be overriden with a file placed in the right location + * https://librewolf.net/docs/settings/#where-do-i-find-my-librewolfoverridescfg + */ let profile_directory; if (profile_directory = getenv('USERPROFILE') || getenv('HOME')) { - pref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); + defaultPref('autoadmin.global_config_url', `file://${profile_directory}/.librewolf/librewolf.overrides.cfg`); } -- cgit