├── .Archive ├── Containerise.txt ├── HE_experimental.json ├── HeaderEditor.json ├── Neat_URL-custom_parameters.txt ├── firefox-update.ps1 ├── my-ublock-backup-with_uM.txt ├── my-umatrix-backup.txt ├── profile-update.ps1 ├── temporary_containers_preferences.json ├── temporary_containers_preferences_demo.json ├── temporary_containers_preferences_si-sl.json ├── uBO-3rdPartyIFrame.txt ├── uBO-3rdPartyScript.txt ├── uBO-3rdPartyXHR.txt ├── user-overrides.js ├── userChrome.css └── userContent.css ├── .Tools ├── README.md ├── create-profile.ps1 ├── dejsonlz4.exe └── jsonlz4.exe ├── .gitattributes ├── CanvasBlocker-settings.json ├── LICENSE ├── POOP-Exclusions.txt ├── Profile.zip ├── README.md ├── Skip_Redirect-Blacklist.txt ├── Smart_Referer-Whitelist.txt ├── get-profile.ps1 ├── my-ublock-backup.txt ├── temporary_containers_preferences.json ├── user-overrides.js └── user.js /.Archive/Containerise.txt: -------------------------------------------------------------------------------- 1 | !google\. , GOOGLE 2 | *.youtube.com , GOOGLE 3 | *.facebook.com , FACEBOOK 4 | *.instagram.com , FACEBOOK 5 | *.messenger.com , FACEBOOK 6 | *.fb.com , FACEBOOK 7 | *.m.me , FACEBOOK 8 | *.t.co , TWITTER 9 | *.twitter.com , TWITTER 10 | -------------------------------------------------------------------------------- /.Archive/HeaderEditor.json: -------------------------------------------------------------------------------- 1 | { 2 | "request": [ 3 | { 4 | "enable": true, 5 | "name": "[global] clean image links", 6 | "ruleType": "redirect", 7 | "matchType": "regexp", 8 | "pattern": "(https?://.*\\.)(bmp|jpg|jpeg|gif|png|svg|tiff).*", 9 | "exclude": "", 10 | "group": "Ungrouped", 11 | "isFunction": false, 12 | "action": "redirect", 13 | "to": "$1$2" 14 | } 15 | ], 16 | "sendHeader": [], 17 | "receiveHeader": [ 18 | { 19 | "enable": true, 20 | "name": "ETag Removal", 21 | "ruleType": "modifyReceiveHeader", 22 | "matchType": "all", 23 | "pattern": "", 24 | "exclude": "", 25 | "group": "Ungrouped", 26 | "isFunction": false, 27 | "action": { 28 | "name": "etag", 29 | "value": "" 30 | } 31 | } 32 | ] 33 | } -------------------------------------------------------------------------------- /.Archive/Neat_URL-custom_parameters.txt: -------------------------------------------------------------------------------- 1 | [Override list for default blocked parameters] 2 | _encoding@amazon.*, assetId, c_id, cid, ei@google.*, ref_@amazon.*, siteId 3 | 4 | [Blocked parameters] 5 | adid, AdID, adserverid, adserveroptimizerid, adset_*, adtype, adurl, affiliate, AffiliateGuid, aqs, atp, bav, bvm, CAMPAIGN*, campaign*, Campaign*, clickid, clkulrenc, CNDID, csi, d@banggood.com, dni, dq, e@linkedin.com, ek, email_source, email_token, ems_l, feeditemid, first_visit, forward, fromEmail, goalType, iact, icid, ijn, ImpressionGuid, Itemid, li@linkedin.com, lipi, lkid@gearbest.com, loc_, ncid, ndsp, ORIGIN, origin@linkedin.com, originalReferer, originalSubdomain, p@banggood.com, pbx, piggiebackcookie, pq, prmd, pubclick, pubid, ref_*@twitter.com, refId, rni, RSS*, sclient, scroll, snr, sr_share, stick, tbnid, tctx, terminal_id, trackId, tracking, trackingId, transAbTest, trkEmail, ut 6 | 7 | [URL request types] 8 | font, image, imageset, main_frame, media, object, object_subrequest, script, stylesheet, sub_frame, websocket, xbl, xml_dtd, xmlhttprequest, xslt, other 9 | -------------------------------------------------------------------------------- /.Archive/firefox-update.ps1: -------------------------------------------------------------------------------- 1 | if ($PSVersionTable.PSVersion.Major -le 4) { Exit } 2 | 3 | do { Start-Sleep -Milliseconds 500 } while ((Get-Process -Name 'firefox' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 4 | 5 | Remove-Item -Path ($tmpFile = New-TemporaryFile) 6 | $tmpFolder = New-Item -Path $tmpFile.DirectoryName -Name $tmpFile.Name -ItemType 'directory' 7 | Remove-Variable -Name tmpFile 8 | 9 | Import-Module -Name BitsTransfer 10 | try { Start-BitsTransfer -Source https://github.com/crssi/Firefox/raw/master/Profile.zip -Destination $tmpFolder } catch { Exit } 11 | 12 | $timestamp = (Get-Date).ToString('yyyy.MM.dd_HH.mm.ss') 13 | try { Compress-Archive -Path "$($env:APPDATA)\Mozilla\Firefox\*" -DestinationPath "$($env:APPDATA)\Mozilla\Firefox_Profile_Backup-$timestamp.zip" -CompressionLevel Fastest } catch { Remove-Item -Path $tmpFolder -Recurse -Force; Exit } 14 | 15 | Expand-Archive -Path "$tmpFolder\Profile.zip" -DestinationPath $tmpFolder 16 | 17 | Get-Content -Path "$tmpFolder\Firefox\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $newProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 18 | Get-Content -Path "$($env:APPDATA)\Mozilla\Firefox\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $oldProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 19 | $tmpProfilePath = "$tmpFolder\Firefox\Profiles\$($newProfilePath.split('\')[-1])" 20 | 21 | $userProfileFiles = @('cert9.db','content-prefs.sqlite','favicons.sqlite','handlers.json','key4.db','logins.json','permissions.sqlite','persdict.dat','pkcs11.txt','places.sqlite') 22 | $userProfileFiles | ForEach-Object { Copy-Item -Path "$oldProfilePath\$_" -Destination "$tmpProfilePath\$_" -Force -ErrorAction SilentlyContinue } 23 | 24 | Remove-Item -Path "$($env:APPDATA)\Mozilla\Firefox" -Recurse -Force 25 | Move-Item -Path "$tmpFolder\Firefox" -Destination "$($env:APPDATA)\Mozilla\Firefox" -Force 26 | Remove-Item -Path $tmpFolder -Recurse -Force 27 | Remove-Variable -Name tmpFolder,oldProfilePath,newProfilePath,tmpProfilePath 28 | 29 | Start-Process -FilePath 'firefox.exe' -ArgumentList 'about:addons' 30 | do { Start-Sleep -Milliseconds 500 } while ($firefoxApp.AppActivate('Firefox') -eq $false) 31 | [System.Windows.Forms.Messagebox]::Show("Please, enable all addons !","User action required !") 32 | 33 | #Start-Process -FilePath 'firefox.exe' -ArgumentList '-safe-mode' 34 | #$firefoxApp = New-Object -ComObject wscript.shell 35 | # 36 | #Start-Sleep -Milliseconds 3000 37 | #do { Start-Sleep -Milliseconds 500 } while ($firefoxApp.AppActivate('Firefox Safe Mode') -eq $false) 38 | #$firefoxApp.SendKeys('~') 39 | #Remove-Variable -Name firefoxApp 40 | # 41 | #Start-Sleep -Milliseconds 3000 42 | #do { Start-Sleep -Milliseconds 500 } while ((Get-Process -Name 'firefox' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 43 | #Start-Process -FilePath 'firefox.exe' 44 | -------------------------------------------------------------------------------- /.Archive/my-ublock-backup-with_uM.txt: -------------------------------------------------------------------------------- 1 | { 2 | "timeStamp": 1590042396500, 3 | "version": "1.27.2", 4 | "userSettings": { 5 | "advancedUserEnabled": true, 6 | "alwaysDetachLogger": true, 7 | "autoUpdate": true, 8 | "cloudStorageEnabled": false, 9 | "collapseBlocked": true, 10 | "colorBlindFriendly": false, 11 | "contextMenuEnabled": true, 12 | "dynamicFilteringEnabled": false, 13 | "externalLists": "https://badmojr.github.io/1Hosts/mini/adblock.txt\nhttps://cdn.adblockcdn.com/filters/easylist_lite.txt\nhttps://easylist-downloads.adblockplus.org/adwarefilters.txt\nhttps://easylist-downloads.adblockplus.org/message_seen_remover_for_facebook.txt\nhttps://easylist-downloads.adblockplus.org/yt_annoyances_other.txt\nhttps://easylist-downloads.adblockplus.org/yt_annoyances_suggestions.txt\nhttps://filters.adtidy.org/extension/chromium/filters/15.txt\nhttps://filters.adtidy.org/extension/chromium/filters/3.txt\nhttps://filters.adtidy.org/extension/chromium/filters/4.txt\nhttps://hexxiumcreations.github.io/threat-list/hexxiumthreatlist.txt\nhttps://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/UsefulAdsFilter/sections/usefulads.txt\nhttps://raw.githubusercontent.com/FadeMind/hosts.extras/master/StreamingAds/hosts\nhttps://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\nhttps://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt\nhttps://raw.githubusercontent.com/cbuijs/shallalist/master/tracker/domains\nhttps://raw.githubusercontent.com/crssi/Firefox/master/uBO-Cosmetic.txt\nhttps://raw.githubusercontent.com/crssi/Firefox/master/uBO-Deny.txt\nhttps://raw.githubusercontent.com/crssi/Firefox/master/uBO-Unbreak.txt\nhttps://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt\nhttps://raw.githubusercontent.com/nextdns/cname-cloaking-blocklist/master/domains\nhttps://raw.githubusercontent.com/nextdns/metadata/master/security/parked-domains-cname\nhttps://raw.githubusercontent.com/ookangzheng/dbl-oisd-nl/master/abp.txt\nhttps://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist\nhttps://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt", 14 | "firewallPaneMinimized": false, 15 | "hyperlinkAuditingDisabled": true, 16 | "ignoreGenericCosmeticFilters": false, 17 | "largeMediaSize": 50, 18 | "parseAllABPHideFilters": true, 19 | "popupPanelSections": 31, 20 | "prefetchingDisabled": true, 21 | "requestLogMaxEntries": 1000, 22 | "showIconBadge": true, 23 | "tooltipsDisabled": false, 24 | "webrtcIPAddressHidden": true 25 | }, 26 | "selectedFilterLists": [ 27 | "user-filters", 28 | "ublock-filters", 29 | "ublock-badware", 30 | "ublock-privacy", 31 | "ublock-abuse", 32 | "ublock-unbreak", 33 | "adguard-generic", 34 | "adguard-mobile", 35 | "easylist", 36 | "fanboy-enhanced", 37 | "fanboy-cookiemonster", 38 | "fanboy-social", 39 | "CHN-1", 40 | "CHN-0", 41 | "CZE-0", 42 | "DEU-0", 43 | "ITA-1", 44 | "ITA-0", 45 | "SVN-0", 46 | "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/StreamingAds/hosts", 47 | "https://raw.githubusercontent.com/cbuijs/shallalist/master/tracker/domains", 48 | "https://raw.githubusercontent.com/nextdns/cname-cloaking-blocklist/master/domains", 49 | "https://raw.githubusercontent.com/nextdns/metadata/master/security/parked-domains-cname", 50 | "https://raw.githubusercontent.com/ookangzheng/dbl-oisd-nl/master/abp.txt", 51 | "https://badmojr.github.io/1Hosts/mini/adblock.txt", 52 | "https://filters.adtidy.org/extension/chromium/filters/15.txt", 53 | "https://filters.adtidy.org/extension/chromium/filters/4.txt", 54 | "https://filters.adtidy.org/extension/chromium/filters/3.txt", 55 | "https://raw.githubusercontent.com/AdguardTeam/AdguardFilters/master/UsefulAdsFilter/sections/usefulads.txt", 56 | "https://easylist-downloads.adblockplus.org/adwarefilters.txt", 57 | "https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt", 58 | "https://raw.githubusercontent.com/crssi/Firefox/master/uBO-Cosmetic.txt", 59 | "https://raw.githubusercontent.com/crssi/Firefox/master/uBO-Deny.txt", 60 | "https://raw.githubusercontent.com/crssi/Firefox/master/uBO-Unbreak.txt", 61 | "https://cdn.adblockcdn.com/filters/easylist_lite.txt", 62 | "https://hexxiumcreations.github.io/threat-list/hexxiumthreatlist.txt", 63 | "https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt", 64 | "https://easylist-downloads.adblockplus.org/message_seen_remover_for_facebook.txt", 65 | "https://raw.githubusercontent.com/piperun/iploggerfilter/master/filterlist", 66 | "https://raw.githubusercontent.com/metaphoricgiraffe/tracking-filters/master/trackingfilters.txt", 67 | "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts", 68 | "https://easylist-downloads.adblockplus.org/yt_annoyances_other.txt", 69 | "https://easylist-downloads.adblockplus.org/yt_annoyances_suggestions.txt" 70 | ], 71 | "hiddenSettings": { 72 | "allowGenericProceduralFilters": false, 73 | "assetFetchTimeout": 30, 74 | "autoCommentFilterTemplate": "{{date}} {{origin}}", 75 | "autoUpdateAssetFetchPeriod": 120, 76 | "autoUpdateDelayAfterLaunch": 180, 77 | "autoUpdatePeriod": 7, 78 | "benchmarkDatasetURL": "unset", 79 | "blockingProfiles": "11111/#F00 11011/#C0F 11001/#00F 00001", 80 | "cacheStorageAPI": "unset", 81 | "cacheStorageCompression": true, 82 | "cacheControlForFirefox1376932": "no-cache, no-store, must-revalidate", 83 | "cnameIgnoreList": "unset", 84 | "cnameIgnore1stParty": true, 85 | "cnameIgnoreExceptions": true, 86 | "cnameIgnoreRootDocument": true, 87 | "cnameMaxTTL": 120, 88 | "cnameReplayFullURL": false, 89 | "cnameUncloak": true, 90 | "cnameUncloakProxied": false, 91 | "consoleLogLevel": "unset", 92 | "debugScriptlets": false, 93 | "debugScriptletInjector": false, 94 | "disableWebAssembly": false, 95 | "extensionUpdateForceReload": false, 96 | "ignoreRedirectFilters": false, 97 | "ignoreScriptInjectFilters": false, 98 | "filterAuthorMode": false, 99 | "loggerPopupType": "popup", 100 | "manualUpdateAssetFetchPeriod": 500, 101 | "popupFontSize": "unset", 102 | "popupPanelDisabledSections": 0, 103 | "popupPanelLockedSections": 0, 104 | "requestJournalProcessPeriod": 1000, 105 | "selfieAfter": 11, 106 | "strictBlockingBypassDuration": 120, 107 | "suspendTabsUntilReady": "unset", 108 | "uiPopupConfig": "undocumented", 109 | "uiFlavor": "unset", 110 | "updateAssetBypassBrowserCache": false, 111 | "userResourcesLocation": "unset" 112 | }, 113 | "whitelist": [ 114 | "addons.mozilla.org", 115 | "chrome-extension-scheme", 116 | "chrome-scheme", 117 | "newtab.about-scheme", 118 | "opera-scheme", 119 | "vivaldi-scheme" 120 | ], 121 | "netWhitelist": "addons.mozilla.org\nchrome-extension-scheme\nchrome-scheme\nnewtab.about-scheme\nopera-scheme\nvivaldi-scheme", 122 | "dynamicFilteringString": "* ajax.aspnetcdn.com * noop\n* ajax.googleapis.com * noop\n* ajax.microsoft.com * noop\n* cdn.jsdelivr.net * noop\n* cdnjs.cloudflare.com * noop\n* code.jquery.com * noop\n* duckduckgo.com * allow\n* lib.sinaapp.com * noop\n* libs.baidu.com * noop\n* upcdn.b0.upaiyun.com * noop\n* yandex.st * noop\n* yastatic.net * noop\nbehind-the-scene * * noop\nbehind-the-scene * inline-script noop\nbehind-the-scene * 1p-script noop\nbehind-the-scene * 3p-script noop\nbehind-the-scene * 3p-frame noop\nbehind-the-scene * image noop\nbehind-the-scene * 3p noop\n* ajax.proxy.ustclug.org * noop\n* sdn.geekzu.org * noop\n* apps.bdimg.com * noop\n* cdn.bootcss.com * noop\n* ajax.cloudflare.com * noop\n* akamai-webcdn.kgstatic.net * noop\n* cdn.staticfile.org * noop\n* lib.baomitu.com * noop\n* mat1.gtimg.com * noop\n* maxcdn.bootstrapcdn.com * noop\n* netdna.bootstrapcdn.com * noop\n* stackpath.bootstrapcdn.com * noop\n* unpkg.com * noop\n* use.fontawesome.com * noop", 123 | "urlFilteringString": "", 124 | "hostnameSwitchesString": "no-large-media: behind-the-scene false\nno-csp-reports: * true", 125 | "userFilters": "@@||$domain=moz-extension-scheme\n" 126 | } -------------------------------------------------------------------------------- /.Archive/my-umatrix-backup.txt: -------------------------------------------------------------------------------- 1 | { 2 | "app": "uMatrix", 3 | "version": "1.4.0", 4 | "when": 1590052502400, 5 | "settings": { 6 | "alwaysDetachLogger": false, 7 | "autoUpdate": true, 8 | "clearBrowserCache": true, 9 | "clearBrowserCacheAfter": 60, 10 | "cloudStorageEnabled": false, 11 | "collapseBlacklisted": true, 12 | "collapseBlocked": false, 13 | "colorBlindFriendly": false, 14 | "deleteCookies": false, 15 | "deleteUnusedSessionCookies": false, 16 | "deleteUnusedSessionCookiesAfter": 15, 17 | "deleteLocalStorage": false, 18 | "displayTextSize": "15px", 19 | "externalHostsFiles": [ 20 | "https://gitlab.com/curben/urlhaus-filter/raw/master/urlhaus-filter-hosts.txt", 21 | "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt", 22 | "https://raw.githubusercontent.com/mitchellkrogza/Badd-Boyz-Hosts/master/hosts", 23 | "https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts", 24 | "https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/malware/domains", 25 | "https://raw.githubusercontent.com/scafroglia93/blocklists/master/blocklists-main.txt", 26 | "https://v.firebog.net/hosts/Cybercrime.txt", 27 | "https://v.firebog.net/hosts/MalImmortal.txt", 28 | "https://v.firebog.net/hosts/Shalla-mal.txt", 29 | "https://zonefiles.io/f/compromised/domains/live/" 30 | ], 31 | "externalRecipeFiles": [], 32 | "iconBadgeEnabled": true, 33 | "maxLoggedRequests": 1000, 34 | "noTooltips": false, 35 | "popupCollapseAllDomains": false, 36 | "popupCollapseBlacklistedDomains": false, 37 | "popupScopeLevel": "site", 38 | "processHyperlinkAuditing": true, 39 | "selectedHostsFiles": [ 40 | "https://gitlab.com/curben/urlhaus-filter/raw/master/urlhaus-filter-hosts.txt", 41 | "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt", 42 | "https://raw.githubusercontent.com/mitchellkrogza/Badd-Boyz-Hosts/master/hosts", 43 | "https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts", 44 | "https://raw.githubusercontent.com/olbat/ut1-blacklists/master/blacklists/malware/domains", 45 | "https://raw.githubusercontent.com/scafroglia93/blocklists/master/blocklists-main.txt", 46 | "https://v.firebog.net/hosts/Cybercrime.txt", 47 | "https://v.firebog.net/hosts/MalImmortal.txt", 48 | "https://v.firebog.net/hosts/Shalla-mal.txt", 49 | "https://zonefiles.io/f/compromised/domains/live/", 50 | "malware-0", 51 | "malware-1" 52 | ], 53 | "selectedRecipeFiles": [], 54 | "userHosts": { 55 | "enabled": false, 56 | "content": "" 57 | }, 58 | "userRecipes": { 59 | "enabled": false, 60 | "content": "" 61 | } 62 | }, 63 | "rules": [ 64 | "* * * allow", 65 | "* 0 * block", 66 | "* 10 * block", 67 | "* 100.100 * block", 68 | "* 100.101 * block", 69 | "* 100.102 * block", 70 | "* 100.103 * block", 71 | "* 100.104 * block", 72 | "* 100.105 * block", 73 | "* 100.106 * block", 74 | "* 100.107 * block", 75 | "* 100.108 * block", 76 | "* 100.109 * block", 77 | "* 100.110 * block", 78 | "* 100.111 * block", 79 | "* 100.112 * block", 80 | "* 100.113 * block", 81 | "* 100.114 * block", 82 | "* 100.115 * block", 83 | "* 100.116 * block", 84 | "* 100.117 * block", 85 | "* 100.118 * block", 86 | "* 100.119 * block", 87 | "* 100.120 * block", 88 | "* 100.121 * block", 89 | "* 100.122 * block", 90 | "* 100.123 * block", 91 | "* 100.124 * block", 92 | "* 100.125 * block", 93 | "* 100.126 * block", 94 | "* 100.127 * block", 95 | "* 100.64 * block", 96 | "* 100.65 * block", 97 | "* 100.66 * block", 98 | "* 100.67 * block", 99 | "* 100.68 * block", 100 | "* 100.69 * block", 101 | "* 100.70 * block", 102 | "* 100.71 * block", 103 | "* 100.72 * block", 104 | "* 100.73 * block", 105 | "* 100.74 * block", 106 | "* 100.75 * block", 107 | "* 100.76 * block", 108 | "* 100.77 * block", 109 | "* 100.78 * block", 110 | "* 100.79 * block", 111 | "* 100.80 * block", 112 | "* 100.81 * block", 113 | "* 100.82 * block", 114 | "* 100.83 * block", 115 | "* 100.84 * block", 116 | "* 100.85 * block", 117 | "* 100.86 * block", 118 | "* 100.87 * block", 119 | "* 100.88 * block", 120 | "* 100.89 * block", 121 | "* 100.90 * block", 122 | "* 100.91 * block", 123 | "* 100.92 * block", 124 | "* 100.93 * block", 125 | "* 100.94 * block", 126 | "* 100.95 * block", 127 | "* 100.96 * block", 128 | "* 100.97 * block", 129 | "* 100.98 * block", 130 | "* 100.99 * block", 131 | "* 127 * block", 132 | "* 169.254 * block", 133 | "* 172.16 * block", 134 | "* 172.17 * block", 135 | "* 172.18 * block", 136 | "* 172.19 * block", 137 | "* 172.20 * block", 138 | "* 172.21 * block", 139 | "* 172.22 * block", 140 | "* 172.23 * block", 141 | "* 172.24 * block", 142 | "* 172.25 * block", 143 | "* 172.26 * block", 144 | "* 172.27 * block", 145 | "* 172.28 * block", 146 | "* 172.29 * block", 147 | "* 172.30 * block", 148 | "* 172.31 * block", 149 | "* 192.0.0 * block", 150 | "* 192.168 * block", 151 | "* 198.18 * block", 152 | "* 198.19 * block", 153 | "* 1st-party cookie allow", 154 | "* 1st-party other allow", 155 | "* 255.255.255.255 * block", 156 | "* [::1] * block", 157 | "* [fc00::] * block", 158 | "* [fd00::] * block", 159 | "* [fe80::1%lo0] * block", 160 | "* [fe80::] * block", 161 | "* [ff02::1] * block", 162 | "* [ff02::2] * block", 163 | "* ajax.aspnetcdn.com script allow", 164 | "* ajax.cloudflare.com script allow", 165 | "* ajax.googleapis.com script allow", 166 | "* ajax.microsoft.com script allow", 167 | "* ajax.proxy.ustclug.org script allow", 168 | "* akamai-webcdn.kgstatic.net script allow", 169 | "* apps.bdimg.com script allow", 170 | "* cdn.bootcss.com script allow", 171 | "* cdn.jsdelivr.net script allow", 172 | "* cdn.staticfile.org script allow", 173 | "* cdnjs.cloudflare.com script allow", 174 | "* code.jquery.com script allow", 175 | "* lib.baomitu.com script allow", 176 | "* lib.sinaapp.com script allow", 177 | "* libs.baidu.com script allow", 178 | "* localhost * block", 179 | "* mat1.gtimg.com script allow", 180 | "* maxcdn.bootstrapcdn.com script allow", 181 | "* netdna.bootstrapcdn.com script allow", 182 | "* sdn.geekzu.org script allow", 183 | "* stackpath.bootstrapcdn.com script allow", 184 | "* unpkg.com script allow", 185 | "* upcdn.b0.upaiyun.com script allow", 186 | "* use.fontawesome.com script allow", 187 | "* yandex.st script allow", 188 | "* yastatic.net script allow", 189 | "10 10 * allow", 190 | "100.100 100.100 * allow", 191 | "100.101 100.101 * allow", 192 | "100.102 100.102 * allow", 193 | "100.103 100.103 * allow", 194 | "100.104 100.104 * allow", 195 | "100.105 100.105 * allow", 196 | "100.106 100.106 * allow", 197 | "100.107 100.107 * allow", 198 | "100.108 100.108 * allow", 199 | "100.109 100.109 * allow", 200 | "100.110 100.110 * allow", 201 | "100.111 100.111 * allow", 202 | "100.112 100.112 * allow", 203 | "100.113 100.113 * allow", 204 | "100.114 100.114 * allow", 205 | "100.115 100.115 * allow", 206 | "100.116 100.116 * allow", 207 | "100.117 100.117 * allow", 208 | "100.118 100.118 * allow", 209 | "100.119 100.119 * allow", 210 | "100.120 100.120 * allow", 211 | "100.121 100.121 * allow", 212 | "100.122 100.122 * allow", 213 | "100.123 100.123 * allow", 214 | "100.124 100.124 * allow", 215 | "100.125 100.125 * allow", 216 | "100.126 100.126 * allow", 217 | "100.127 100.127 * allow", 218 | "100.64 100.64 * allow", 219 | "100.65 100.65 * allow", 220 | "100.66 100.66 * allow", 221 | "100.67 100.67 * allow", 222 | "100.68 100.68 * allow", 223 | "100.69 100.69 * allow", 224 | "100.70 100.70 * allow", 225 | "100.71 100.71 * allow", 226 | "100.72 100.72 * allow", 227 | "100.73 100.73 * allow", 228 | "100.74 100.74 * allow", 229 | "100.75 100.75 * allow", 230 | "100.76 100.76 * allow", 231 | "100.77 100.77 * allow", 232 | "100.78 100.78 * allow", 233 | "100.79 100.79 * allow", 234 | "100.80 100.80 * allow", 235 | "100.81 100.81 * allow", 236 | "100.82 100.82 * allow", 237 | "100.83 100.83 * allow", 238 | "100.84 100.84 * allow", 239 | "100.85 100.85 * allow", 240 | "100.86 100.86 * allow", 241 | "100.87 100.87 * allow", 242 | "100.88 100.88 * allow", 243 | "100.89 100.89 * allow", 244 | "100.90 100.90 * allow", 245 | "100.91 100.91 * allow", 246 | "100.92 100.92 * allow", 247 | "100.93 100.93 * allow", 248 | "100.94 100.94 * allow", 249 | "100.95 100.95 * allow", 250 | "100.96 100.96 * allow", 251 | "100.97 100.97 * allow", 252 | "100.98 100.98 * allow", 253 | "100.99 100.99 * allow", 254 | "127 127 * allow", 255 | "169.254 169.254 * allow", 256 | "172.16 172.16 * allow", 257 | "172.17 172.17 * allow", 258 | "172.18 172.18 * allow", 259 | "172.19 172.19 * allow", 260 | "172.20 172.20 * allow", 261 | "172.21 172.21 * allow", 262 | "172.22 172.22 * allow", 263 | "172.23 172.23 * allow", 264 | "172.24 172.24 * allow", 265 | "172.25 172.25 * allow", 266 | "172.26 172.26 * allow", 267 | "172.27 172.27 * allow", 268 | "172.28 172.28 * allow", 269 | "172.29 172.29 * allow", 270 | "172.30 172.30 * allow", 271 | "172.31 172.31 * allow", 272 | "192.0.0 192.0.0 * allow", 273 | "192.168 192.168 * allow", 274 | "198.18 198.18 * allow", 275 | "198.19 198.19 * allow", 276 | "[::1] [::1] * allow", 277 | "[fc00::] [fc00::] * allow", 278 | "[fd00::] [fd00::] * allow", 279 | "[fe80::1%lo0] [fe80::1%lo0] * allow", 280 | "[fe80::] [fe80::] * allow", 281 | "[ff02::1] [ff02::1] * allow", 282 | "[ff02::2] [ff02::2] * allow", 283 | "https-strict: behind-the-scene false", 284 | "localhost localhost * allow", 285 | "matrix-off: about-scheme true", 286 | "matrix-off: behind-the-scene true", 287 | "matrix-off: chrome-extension-scheme true", 288 | "matrix-off: chrome-scheme true", 289 | "matrix-off: moz-extension-scheme true", 290 | "matrix-off: opera-scheme true", 291 | "matrix-off: wyciwyg-scheme true", 292 | "noscript-spoof: * true", 293 | "referrer-spoof: behind-the-scene false" 294 | ], 295 | "rawSettings": { 296 | "contributorMode": false, 297 | "disableCSPReportInjection": false, 298 | "enforceEscapedFragment": true, 299 | "placeholderBackground": "url(\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAAAAACoWZBhAAAABGdBTUEAALGPC/xhBQAAAAJiS0dEAP+Hj8y/AAAAB3RJTUUH3wwIAAgyL/YaPAAAACJJREFUCFtjfMbOAAQ/gZiFnQPEBAEmGIMIJgtIL8QEgtoAIn4D/96X1KAAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTUtMTItMDhUMDA6MDg6NTArMDM6MDAasuuJAAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE1LTEyLTA4VDAwOjA4OjUwKzAzOjAwa+9TNQAAAABJRU5ErkJggg==\") repeat scroll #fff", 300 | "placeholderBorder": "1px solid rgba(0, 0, 0, 0.1)", 301 | "imagePlaceholder": true, 302 | "imagePlaceholderBackground": "default", 303 | "imagePlaceholderBorder": "default", 304 | "framePlaceholder": true, 305 | "framePlaceholderDocument": "{{url}}", 306 | "framePlaceholderBackground": "default", 307 | "suspendTabsUntilReady": false 308 | } 309 | } -------------------------------------------------------------------------------- /.Archive/profile-update.ps1: -------------------------------------------------------------------------------- 1 | # Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/crssi/Firefox/master/profile-update.ps1')) 2 | 3 | if ($PSVersionTable.PSVersion.Major -le 4) { Exit } 4 | 5 | do { Start-Sleep -Milliseconds 500 } while ((Get-Process -Name 'firefox' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 6 | do { Start-Sleep -Milliseconds 500 } while ((Get-Process -Name 'proxsign' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 7 | 8 | Remove-Item -Path ($tmpFile = New-TemporaryFile) 9 | $tmpFolder = New-Item -Path $tmpFile.DirectoryName -Name $tmpFile.Name -ItemType 'directory' 10 | Remove-Variable -Name tmpFile 11 | 12 | Import-Module -Name BitsTransfer 13 | try { Start-BitsTransfer -Source https://github.com/crssi/Firefox/raw/master/Profile.zip -Destination $tmpFolder -ErrorAction Stop } catch { Exit } 14 | 15 | $timestamp = (Get-Date).ToString('yyyy.MM.dd_HH.mm.ss') 16 | try { Compress-Archive -Path "$($env:APPDATA)\Mozilla\Firefox\*" -DestinationPath "$($env:APPDATA)\Mozilla\Firefox_Profile_Backup-$timestamp.zip" -CompressionLevel Fastest } catch { Remove-Item -Path $tmpFolder -Recurse -Force -Confirm:$false; Exit } 17 | 18 | Expand-Archive -Path "$tmpFolder\profile.zip" -DestinationPath $tmpFolder 19 | Remove-Item -Path "$tmpFolder\profile.zip" -Force 20 | 21 | Get-Content -Path "$tmpFolder\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $newProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 22 | Get-Content -Path "$($env:APPDATA)\Mozilla\Firefox\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $oldProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 23 | $tmpProfilePath = "$tmpFolder\Profiles\$($newProfilePath.split('\')[-1])" 24 | 25 | $userProfileFiles = @('cert9.db','content-prefs.sqlite','favicons.sqlite','handlers.json','key4.db','logins.json','permissions.sqlite','persdict.dat','pkcs11.txt','places.sqlite') 26 | $userProfileFiles | ForEach-Object { Copy-Item -Path "$oldProfilePath\$_" -Destination "$tmpProfilePath\$_" -Force -ErrorAction SilentlyContinue } 27 | 28 | Remove-Item -Path "$($env:APPDATA)\Mozilla\Firefox" -Recurse -Force -Confirm:$false 29 | Move-Item -Path "$tmpFolder" -Destination "$($env:APPDATA)\Mozilla\Firefox" -Force 30 | 31 | $Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $False 32 | $files = @('extensions.json','compatibility.ini','pluginreg.dat') 33 | forEach ($file in $files) { 34 | $content = Get-Content -Encoding UTF8 -Path $newProfilePath\$file 35 | $content = $content.Replace('%appdata%/',"$($env:APPDATA.Replace('\','/').Replace(' ','%20'))/") 36 | $content = $content.Replace('%appdata%\\',"$($env:APPDATA.Replace('\','\\'))\\") 37 | $content = $content.Replace('%programfiles%/',"$($env:ProgramFiles.Replace('\','/').Replace(' ','%20'))/") 38 | $content = $content.Replace('%programfiles%\\',"$($env:ProgramFiles.Replace('\','\\'))\\") 39 | $content = $content.Replace('%programfiles%\',"$($env:ProgramFiles)\") 40 | [System.IO.File]::WriteAllLines("$newProfilePath\$file", $content, $Utf8NoBomEncoding) 41 | } 42 | 43 | Remove-Variable -Name tmpFolder,oldProfilePath,newProfilePath,tmpProfilePath,Utf8NoBomEncoding,files,file,content 44 | 45 | Start-Process -FilePath 'firefox.exe' -ArgumentList 'about:addons' 46 | $firefoxApp = New-Object -ComObject wscript.shell 47 | do { Start-Sleep -Milliseconds 500 } while ($firefoxApp.AppActivate('Firefox') -eq $false) 48 | Start-Sleep -Milliseconds 3000 49 | [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null 50 | [System.Windows.Forms.Messagebox]::Show("IMPORTANT: Enable all addons !","User action required !") 51 | 52 | Exit 53 | -------------------------------------------------------------------------------- /.Archive/temporary_containers_preferences.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "1.9.2", 3 | "date": 1617955724800, 4 | "preferences": { 5 | "automaticMode": { 6 | "active": true, 7 | "newTab": "created" 8 | }, 9 | "notifications": false, 10 | "container": { 11 | "namePrefix": "%domain%", 12 | "color": "red", 13 | "colorRandom": true, 14 | "icon": "circle", 15 | "iconRandom": false, 16 | "numberMode": "hide", 17 | "removal": 900000, 18 | "colorRandomExcluded": [ 19 | "toolbar" 20 | ], 21 | "iconRandomExcluded": [] 22 | }, 23 | "iconColor": "default", 24 | "isolation": { 25 | "global": { 26 | "navigation": { 27 | "action": "never" 28 | }, 29 | "mouseClick": { 30 | "middle": { 31 | "action": "notsamedomain", 32 | "container": "default" 33 | }, 34 | "ctrlleft": { 35 | "action": "never", 36 | "container": "default" 37 | }, 38 | "left": { 39 | "action": "never", 40 | "container": "default" 41 | } 42 | }, 43 | "excluded": {}, 44 | "excludedContainers": [] 45 | }, 46 | "domain": [ 47 | { 48 | "pattern": "duckduckgo.com", 49 | "always": { 50 | "action": "enabled", 51 | "allowedInPermanent": false 52 | }, 53 | "navigation": { 54 | "action": "notsamedomain" 55 | }, 56 | "mouseClick": { 57 | "middle": { 58 | "action": "global" 59 | }, 60 | "ctrlleft": { 61 | "action": "global" 62 | }, 63 | "left": { 64 | "action": "global" 65 | } 66 | }, 67 | "excluded": {}, 68 | "_index": 0 69 | }, 70 | { 71 | "pattern": "/^https?:\\/\\/www\\.google\\..+\\/.*/", 72 | "always": { 73 | "action": "enabled", 74 | "allowedInPermanent": false, 75 | "allowedInTemporary": false 76 | }, 77 | "navigation": { 78 | "action": "notsamedomain" 79 | }, 80 | "mouseClick": { 81 | "middle": { 82 | "action": "global" 83 | }, 84 | "ctrlleft": { 85 | "action": "global" 86 | }, 87 | "left": { 88 | "action": "global" 89 | } 90 | }, 91 | "excluded": {} 92 | }, 93 | { 94 | "pattern": "*", 95 | "always": { 96 | "action": "enabled", 97 | "allowedInPermanent": false, 98 | "allowedInTemporary": false 99 | }, 100 | "navigation": { 101 | "action": "global" 102 | }, 103 | "mouseClick": { 104 | "middle": { 105 | "action": "global" 106 | }, 107 | "ctrlleft": { 108 | "action": "global" 109 | }, 110 | "left": { 111 | "action": "global" 112 | } 113 | }, 114 | "excluded": {} 115 | } 116 | ], 117 | "mac": { 118 | "action": "enabled" 119 | }, 120 | "reactivateDelay": 0 121 | }, 122 | "browserActionPopup": false, 123 | "pageAction": false, 124 | "contextMenu": true, 125 | "keyboardShortcuts": { 126 | "AltC": true, 127 | "AltP": true, 128 | "AltN": false, 129 | "AltShiftC": false, 130 | "AltX": false, 131 | "AltO": false, 132 | "AltI": false 133 | }, 134 | "replaceTabs": false, 135 | "cookies": { 136 | "domain": { 137 | "duckduckgo.com": [ 138 | { 139 | "domain": "duckduckgo.com", 140 | "expirationDate": "", 141 | "firstPartyDomain": "", 142 | "httpOnly": "", 143 | "name": "1", 144 | "path": "", 145 | "sameSite": "", 146 | "secure": "", 147 | "url": "https://duckduckgo.com/", 148 | "value": "-1" 149 | }, 150 | { 151 | "domain": "duckduckgo.com", 152 | "expirationDate": "", 153 | "firstPartyDomain": "", 154 | "httpOnly": "", 155 | "name": "n", 156 | "path": "", 157 | "sameSite": "", 158 | "secure": "", 159 | "url": "https://duckduckgo.com/", 160 | "value": "1" 161 | }, 162 | { 163 | "domain": "duckduckgo.com", 164 | "expirationDate": "", 165 | "firstPartyDomain": "", 166 | "httpOnly": "", 167 | "name": "av", 168 | "path": "", 169 | "sameSite": "", 170 | "secure": "", 171 | "url": "https://duckduckgo.com/", 172 | "value": "1" 173 | }, 174 | { 175 | "domain": "duckduckgo.com", 176 | "expirationDate": "", 177 | "firstPartyDomain": "", 178 | "httpOnly": "", 179 | "name": "5", 180 | "path": "", 181 | "sameSite": "", 182 | "secure": "", 183 | "url": "https://duckduckgo.com/", 184 | "value": "2" 185 | }, 186 | { 187 | "domain": "duckduckgo.com", 188 | "expirationDate": "", 189 | "firstPartyDomain": "", 190 | "httpOnly": "", 191 | "name": "am", 192 | "path": "", 193 | "sameSite": "", 194 | "secure": "", 195 | "url": "https://duckduckgo.com/", 196 | "value": "here-maps" 197 | } 198 | ] 199 | } 200 | }, 201 | "deletesHistory": { 202 | "automaticMode": "never", 203 | "contextMenu": false, 204 | "containerAlwaysPerDomain": "never", 205 | "containerIsolation": "never", 206 | "containerRemoval": 0, 207 | "containerMouseClicks": "never", 208 | "statistics": false, 209 | "active": true, 210 | "contextMenuBookmarks": false 211 | }, 212 | "statistics": false, 213 | "closeRedirectorTabs": { 214 | "active": true, 215 | "delay": 2000, 216 | "domains": [ 217 | "t.co", 218 | "outgoing.prod.mozaws.net", 219 | "slack-redir.net" 220 | ] 221 | }, 222 | "contextMenuBookmarks": false, 223 | "ignoreRequests": [], 224 | "ui": { 225 | "expandPreferences": true, 226 | "popupDefaultTab": "isolation-per-domain" 227 | }, 228 | "ignoreRequestsToAMO": true, 229 | "ignoreRequestsToPocket": true, 230 | "scripts": { 231 | "domain": {}, 232 | "active": true 233 | } 234 | } 235 | } -------------------------------------------------------------------------------- /.Archive/temporary_containers_preferences_demo.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "1.9", 3 | "date": 1596707910500, 4 | "preferences": { 5 | "automaticMode": { 6 | "active": true, 7 | "newTab": "created" 8 | }, 9 | "notifications": false, 10 | "container": { 11 | "namePrefix": "%domain% #", 12 | "color": "red", 13 | "colorRandom": true, 14 | "icon": "circle", 15 | "iconRandom": false, 16 | "numberMode": "keepuntilrestart", 17 | "removal": 900000, 18 | "colorRandomExcluded": [ 19 | "toolbar" 20 | ], 21 | "iconRandomExcluded": [] 22 | }, 23 | "iconColor": "default", 24 | "isolation": { 25 | "global": { 26 | "navigation": { 27 | "action": "never" 28 | }, 29 | "mouseClick": { 30 | "middle": { 31 | "action": "notsamedomain", 32 | "container": "default" 33 | }, 34 | "ctrlleft": { 35 | "action": "never", 36 | "container": "default" 37 | }, 38 | "left": { 39 | "action": "never", 40 | "container": "default" 41 | } 42 | }, 43 | "excluded": {}, 44 | "excludedContainers": [] 45 | }, 46 | "domain": [ 47 | { 48 | "pattern": "/^https?:\\/\\/accounts\\.(google|youtube)\\.com\\/.*/", 49 | "always": { 50 | "action": "enabled", 51 | "allowedInPermanent": true, 52 | "allowedInTemporary": true 53 | }, 54 | "navigation": { 55 | "action": "global" 56 | }, 57 | "mouseClick": { 58 | "middle": { 59 | "action": "global" 60 | }, 61 | "ctrlleft": { 62 | "action": "global" 63 | }, 64 | "left": { 65 | "action": "global" 66 | } 67 | }, 68 | "excluded": { 69 | "*": {} 70 | } 71 | }, 72 | { 73 | "pattern": "/^https?:\\/\\/(login\\.live\\.com|logincdn\\.msauth\\.net)\\/.*/", 74 | "always": { 75 | "action": "enabled", 76 | "allowedInPermanent": true, 77 | "allowedInTemporary": true 78 | }, 79 | "navigation": { 80 | "action": "global" 81 | }, 82 | "mouseClick": { 83 | "middle": { 84 | "action": "global" 85 | }, 86 | "ctrlleft": { 87 | "action": "global" 88 | }, 89 | "left": { 90 | "action": "global" 91 | } 92 | }, 93 | "excluded": { 94 | "*": {} 95 | } 96 | }, 97 | { 98 | "pattern": "*.google.*", 99 | "always": { 100 | "action": "enabled", 101 | "allowedInPermanent": false, 102 | "allowedInTemporary": false 103 | }, 104 | "navigation": { 105 | "action": "notsamedomain" 106 | }, 107 | "mouseClick": { 108 | "middle": { 109 | "action": "global" 110 | }, 111 | "ctrlleft": { 112 | "action": "global" 113 | }, 114 | "left": { 115 | "action": "global" 116 | } 117 | }, 118 | "excluded": { 119 | "*.google.*": {}, 120 | "*.youtube.com": {} 121 | } 122 | }, 123 | { 124 | "pattern": "*.youtube.com", 125 | "always": { 126 | "action": "enabled", 127 | "allowedInPermanent": false, 128 | "allowedInTemporary": false 129 | }, 130 | "navigation": { 131 | "action": "notsamedomain" 132 | }, 133 | "mouseClick": { 134 | "middle": { 135 | "action": "global" 136 | }, 137 | "ctrlleft": { 138 | "action": "global" 139 | }, 140 | "left": { 141 | "action": "global" 142 | } 143 | }, 144 | "excluded": { 145 | "*.google.*": {}, 146 | "*.youtube.com": {} 147 | } 148 | }, 149 | { 150 | "pattern": "*.bing.com", 151 | "always": { 152 | "action": "enabled", 153 | "allowedInPermanent": false, 154 | "allowedInTemporary": false 155 | }, 156 | "navigation": { 157 | "action": "notsamedomain" 158 | }, 159 | "mouseClick": { 160 | "middle": { 161 | "action": "global" 162 | }, 163 | "ctrlleft": { 164 | "action": "global" 165 | }, 166 | "left": { 167 | "action": "global" 168 | } 169 | }, 170 | "excluded": { 171 | "login.live.com": {}, 172 | "logincdn.msauth.net": {} 173 | } 174 | } 175 | ], 176 | "mac": { 177 | "action": "disabled" 178 | }, 179 | "automaticReactivateDelay": 0 180 | }, 181 | "browserActionPopup": false, 182 | "pageAction": false, 183 | "contextMenu": false, 184 | "keyboardShortcuts": { 185 | "AltC": true, 186 | "AltP": true, 187 | "AltN": false, 188 | "AltShiftC": false, 189 | "AltX": false, 190 | "AltO": false, 191 | "AltI": false 192 | }, 193 | "replaceTabs": false, 194 | "cookies": { 195 | "domain": {} 196 | }, 197 | "deletesHistory": { 198 | "automaticMode": "never", 199 | "contextMenu": false, 200 | "containerAlwaysPerDomain": "never", 201 | "containerIsolation": "never", 202 | "containerRemoval": 0, 203 | "containerMouseClicks": "never", 204 | "statistics": false, 205 | "active": false, 206 | "contextMenuBookmarks": false 207 | }, 208 | "statistics": false, 209 | "closeRedirectorTabs": { 210 | "active": true, 211 | "delay": 2000, 212 | "domains": [ 213 | "t.co", 214 | "outgoing.prod.mozaws.net", 215 | "slack-redir.net" 216 | ] 217 | }, 218 | "contextMenuBookmarks": false, 219 | "ignoreRequests": [], 220 | "ui": { 221 | "expandPreferences": true, 222 | "popupDefaultTab": "isolation-per-domain" 223 | }, 224 | "ignoreRequestsToAMO": true, 225 | "ignoreRequestsToPocket": true, 226 | "scripts": { 227 | "domain": { 228 | "*.google.*": [ 229 | { 230 | "code": "/*\n* ClearURLs\n* Copyright (c) 2017-2020 Kevin Röbert\n*\n* This program is free software: you can redistribute it and/or modify\n* it under the terms of the GNU Lesser General Public License as published by\n* the Free Software Foundation, either version 3 of the License, or\n* (at your option) any later version.\n*\n* This program is distributed in the hope that it will be useful,\n* but WITHOUT ANY WARRANTY; without even the implied warranty of\n* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n* GNU Lesser General Public License for more details.\n*\n* You should have received a copy of the GNU Lesser General Public License\n* along with this program. If not, see .\n*\n* Based on:\n* Remove Google Redirection\n* https://github.com/kodango/Remove-Google-Redirection/blob/master/extension/chrome/remove-google-redirection.user.js\n* Copyright (c) 2017 kodango\n* MIT License: https://github.com/kodango/Remove-Google-Redirection/blob/master/LICENSE\n*/\n(function (window) {\n \"use strict\";\n\n function injectFunction() {\n let ele = document.createElement('script');\n let s = document.getElementsByTagName('script')[0];\n\n ele.type = 'text/javascript';\n ele.textContent = \"Object.defineProperty(window, 'rwt', {\" +\n \" value: function() { return true; },\" +\n \" writable: false,\" +\n \" configurable: false\" +\n \"});\";\n\n s.parentNode.insertBefore(ele, s);\n }\n\n /*\n * The main entry\n */\n function main()\n {\n injectFunction();\n\n document.addEventListener('mouseover', function (event) {\n let a = event.target, depth = 1;\n\n while (a && a.tagName !== 'A' && depth-- > 0) {\n a = a.parentNode;\n }\n\n if (a && a.tagName === 'A') {\n try {\n a.removeAttribute('data-cthref');\n delete a.dataset.cthref;\n } catch(e) {\n console.log(e);\n }\n }\n }, true);\n }\n\n main();\n})(window);\n", 231 | "runAt": "document_end" 232 | } 233 | ] 234 | }, 235 | "active": true 236 | } 237 | } 238 | } -------------------------------------------------------------------------------- /.Archive/temporary_containers_preferences_si-sl.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "1.9.2", 3 | "date": 1617955687800, 4 | "preferences": { 5 | "automaticMode": { 6 | "active": true, 7 | "newTab": "created" 8 | }, 9 | "notifications": false, 10 | "container": { 11 | "namePrefix": "%domain%", 12 | "color": "red", 13 | "colorRandom": true, 14 | "icon": "circle", 15 | "iconRandom": false, 16 | "numberMode": "hide", 17 | "removal": 900000, 18 | "colorRandomExcluded": [ 19 | "toolbar" 20 | ], 21 | "iconRandomExcluded": [] 22 | }, 23 | "iconColor": "default", 24 | "isolation": { 25 | "global": { 26 | "navigation": { 27 | "action": "never" 28 | }, 29 | "mouseClick": { 30 | "middle": { 31 | "action": "notsamedomain", 32 | "container": "default" 33 | }, 34 | "ctrlleft": { 35 | "action": "never", 36 | "container": "default" 37 | }, 38 | "left": { 39 | "action": "never", 40 | "container": "default" 41 | } 42 | }, 43 | "excluded": {}, 44 | "excludedContainers": [] 45 | }, 46 | "domain": [ 47 | { 48 | "pattern": "duckduckgo.com", 49 | "always": { 50 | "action": "enabled", 51 | "allowedInPermanent": false 52 | }, 53 | "navigation": { 54 | "action": "notsamedomain" 55 | }, 56 | "mouseClick": { 57 | "middle": { 58 | "action": "global" 59 | }, 60 | "ctrlleft": { 61 | "action": "global" 62 | }, 63 | "left": { 64 | "action": "global" 65 | } 66 | }, 67 | "excluded": {}, 68 | "_index": 0 69 | }, 70 | { 71 | "pattern": "/^https?:\\/\\/www\\.google\\..+\\/.*/", 72 | "always": { 73 | "action": "enabled", 74 | "allowedInPermanent": false, 75 | "allowedInTemporary": false 76 | }, 77 | "navigation": { 78 | "action": "notsamedomain" 79 | }, 80 | "mouseClick": { 81 | "middle": { 82 | "action": "global" 83 | }, 84 | "ctrlleft": { 85 | "action": "global" 86 | }, 87 | "left": { 88 | "action": "global" 89 | } 90 | }, 91 | "excluded": {} 92 | }, 93 | { 94 | "pattern": "*", 95 | "always": { 96 | "action": "enabled", 97 | "allowedInPermanent": false, 98 | "allowedInTemporary": false 99 | }, 100 | "navigation": { 101 | "action": "global" 102 | }, 103 | "mouseClick": { 104 | "middle": { 105 | "action": "global" 106 | }, 107 | "ctrlleft": { 108 | "action": "global" 109 | }, 110 | "left": { 111 | "action": "global" 112 | } 113 | }, 114 | "excluded": {} 115 | } 116 | ], 117 | "mac": { 118 | "action": "enabled" 119 | }, 120 | "reactivateDelay": 0 121 | }, 122 | "browserActionPopup": false, 123 | "pageAction": false, 124 | "contextMenu": true, 125 | "keyboardShortcuts": { 126 | "AltC": true, 127 | "AltP": true, 128 | "AltN": false, 129 | "AltShiftC": false, 130 | "AltX": false, 131 | "AltO": false, 132 | "AltI": false 133 | }, 134 | "replaceTabs": false, 135 | "cookies": { 136 | "domain": { 137 | "duckduckgo.com": [ 138 | { 139 | "domain": "duckduckgo.com", 140 | "expirationDate": "", 141 | "firstPartyDomain": "", 142 | "httpOnly": "", 143 | "name": "l", 144 | "path": "", 145 | "sameSite": "", 146 | "secure": "", 147 | "url": "https://duckduckgo.com/", 148 | "value": "sl-sl" 149 | }, 150 | { 151 | "domain": "duckduckgo.com", 152 | "expirationDate": "", 153 | "firstPartyDomain": "", 154 | "httpOnly": "", 155 | "name": "ah", 156 | "path": "", 157 | "sameSite": "", 158 | "secure": "", 159 | "url": "https://duckduckgo.com/", 160 | "value": "sl-sl" 161 | }, 162 | { 163 | "domain": "duckduckgo.com", 164 | "expirationDate": "", 165 | "firstPartyDomain": "", 166 | "httpOnly": "", 167 | "name": "1", 168 | "path": "", 169 | "sameSite": "", 170 | "secure": "", 171 | "url": "https://duckduckgo.com/", 172 | "value": "-1" 173 | }, 174 | { 175 | "domain": "duckduckgo.com", 176 | "expirationDate": "", 177 | "firstPartyDomain": "", 178 | "httpOnly": "", 179 | "name": "n", 180 | "path": "", 181 | "sameSite": "", 182 | "secure": "", 183 | "url": "https://duckduckgo.com/", 184 | "value": "1" 185 | }, 186 | { 187 | "domain": "duckduckgo.com", 188 | "expirationDate": "", 189 | "firstPartyDomain": "", 190 | "httpOnly": "", 191 | "name": "av", 192 | "path": "", 193 | "sameSite": "", 194 | "secure": "", 195 | "url": "https://duckduckgo.com/", 196 | "value": "1" 197 | }, 198 | { 199 | "domain": "duckduckgo.com", 200 | "expirationDate": "", 201 | "firstPartyDomain": "", 202 | "httpOnly": "", 203 | "name": "5", 204 | "path": "", 205 | "sameSite": "", 206 | "secure": "", 207 | "url": "https://duckduckgo.com/", 208 | "value": "2" 209 | }, 210 | { 211 | "domain": "duckduckgo.com", 212 | "expirationDate": "", 213 | "firstPartyDomain": "", 214 | "httpOnly": "", 215 | "name": "am", 216 | "path": "", 217 | "sameSite": "", 218 | "secure": "", 219 | "url": "https://duckduckgo.com/", 220 | "value": "here-maps" 221 | } 222 | ], 223 | "www.24ur.com": [ 224 | { 225 | "domain": "www.24ur.com", 226 | "expirationDate": "", 227 | "firstPartyDomain": "", 228 | "httpOnly": "", 229 | "name": "cookies_accept", 230 | "path": "", 231 | "sameSite": "lax", 232 | "secure": "true", 233 | "url": "https://www.24ur.com/", 234 | "value": "all" 235 | } 236 | ] 237 | } 238 | }, 239 | "deletesHistory": { 240 | "automaticMode": "never", 241 | "contextMenu": false, 242 | "containerAlwaysPerDomain": "never", 243 | "containerIsolation": "never", 244 | "containerRemoval": 0, 245 | "containerMouseClicks": "never", 246 | "statistics": false, 247 | "active": true, 248 | "contextMenuBookmarks": false 249 | }, 250 | "statistics": false, 251 | "closeRedirectorTabs": { 252 | "active": true, 253 | "delay": 2000, 254 | "domains": [ 255 | "t.co", 256 | "outgoing.prod.mozaws.net", 257 | "slack-redir.net" 258 | ] 259 | }, 260 | "contextMenuBookmarks": false, 261 | "ignoreRequests": [], 262 | "ui": { 263 | "expandPreferences": true, 264 | "popupDefaultTab": "isolation-per-domain" 265 | }, 266 | "ignoreRequestsToAMO": true, 267 | "ignoreRequestsToPocket": true, 268 | "scripts": { 269 | "domain": {}, 270 | "active": true 271 | } 272 | } 273 | } -------------------------------------------------------------------------------- /.Archive/uBO-3rdPartyIFrame.txt: -------------------------------------------------------------------------------- 1 | ! Title: crssi: Deny 3rd-Party iFrames with specific Unbreak 2 | ! Expires: 2 days 3 | ! Homepage: https://github.com/crssi/Firefox 4 | 5 | !||$3p,subdocument 6 | 7 | !CNAME 8 | @@||akamaiedge.net^$3p,subdocument 9 | @@||amazonaws.com^$3p,subdocument 10 | ||amazonaws.com/*banners*$3p,subdocument,important 11 | @@||ebaydesc.com^$3p,subdocument,domain=ebay.com 12 | 13 | !@@||gfycat.com/ifr/*$3p,subdocument 14 | @@*/lwa/WebPages/LwaClient.aspx$3p,subdocument 15 | @@*/saml/*$3p,subdocument 16 | @@$3p,subdocument,domain=times.si 17 | @@||instagram.com/p/$3p,subdocument 18 | @@||accounts.google.*/ServiceLogin$3p,subdocument 19 | @@||alicdn.com^$3p,subdocument,domain=aliexpress.com 20 | @@||appspot.com^$3p,subdocument,domain=cloud.google.com 21 | @@||arkoselabs.com^$3p,subdocument 22 | @@||arte.tv/player/*$3p,subdocument 23 | @@||blogger.com/comment-iframe.$3p,subdocument 24 | @@||braintreegateway.com^$3p,subdocument 25 | @@||cdn.embedly.com/widgets/*$3p,subdocument 26 | @@||checkfront.com/reserve/*$3p,subdocument 27 | @@||checkoutshopper-live.adyen.com^$3p,subdocument 28 | @@||cldmail.ru^$3p,subdocument,domain=mail.ru 29 | @@||comtrade.com^$3p,subdocument 30 | @@||d1ozf2ksnk66sq.cloudfront.net^$3p,subdocument,domain=client-api.arkoselabs.com 31 | @@||docs.google.com^$3p,subdocument,domain=dropbox.com 32 | @@||dropbox.com*^$3p,subdocument,domain=dropboxpayments.com 33 | @@||dropboxcaptcha.com^$3p,subdocument,domain=dropbox.com 34 | @@||dropboxusercontent.com^$3p,subdocument,domain=dropbox.com 35 | @@||e.infogram.com^$3p,subdocument 36 | @@||fiddle.jshell.*^$3p,subdocument,domain=jsfiddle.net 37 | @@||flightstats.com^$3p,subdocument 38 | @@||fncstatic.com^$3p,subdocument,domain=foxnews.com 39 | @@||forms.hsforms.com^$3p,subdocument 40 | @@||gateway.hbogo.eu^$3p,subdocument,domain=hbogo.si 41 | @@||giphy.com/embed/$3p,subdocument 42 | @@||github.*^$3p,subdocument 43 | @@||google.*/maps/*$3p,subdocument 44 | @@||google.*/recaptcha/$3p,subdocument 45 | @@||googleapis.com^$3p,subdocument,domain=google.com|google.si 46 | @@||googleusercontent.com^$3p,subdocument,domain=google.com|google.si|github.com 47 | @@||imgur.com^$3p,subdocument 48 | @@||instagram.com^$3p,subdocument 49 | @@||ishoutbox.com^$3p,subdocument 50 | @@||janraincapture.com/widget/*$3p,subdocument 51 | @@||jetpack.wordpress.com/jetpack-comment/*$3p,subdocument 52 | @@||jsfiddle.net^$3p,subdocument,domain=svgjs.com 53 | @@||jwpsrv.com^$3p,subdocument 54 | @@||live.com^$3p,subdocument,domain=microsoft.com 55 | @@||liveleak.com^$3p,subdocument 56 | @@||maps.arcgis.com^$3p,subdocument 57 | @@||mapsengine.google.com/map/embed$3p,subdocument 58 | @@||mcafeemobilesecurity.com^$3p,subdocument,domain=mcafee.com 59 | @@||microsoftazuread-sso.com^$3p,domain=microsoftonline.com 60 | @@||microsoftonline.com^$3p,subdocument,domain=microsoft.com 61 | @@||microsoftonline.com^$3p,subdocument,domain=office.com 62 | @@||mozilla.*^$3p,subdocument,domain=mozilla.org 63 | @@||mozillademos.org^$3p,subdocument,domain=mozilla.org 64 | @@||office.com^$3p,subdocument,domain=microsoftonline.com 65 | @@||office365.com^$3p,subdocument,domain=office.com 66 | @@||officeapps.live.com^$3p,subdocument,domain=dropbox.com 67 | @@||openspeedtest.com^$3p,subdocument 68 | @@||orbitvu.co^$3p,subdocument 69 | @@||paypal.com^$3p,subdocument,popup 70 | @@||paypalobjects.com^$3p,subdocument,domain=paypal.com 71 | @@||player.theplatform.com^$3p,subdocument 72 | @@||player.vimeo.com^$3p,subdocument 73 | @@||players.brightcove.net^$3p,subdocument 74 | @@||redditmedia.com^$3p,subdocument,domain=reddit.com 75 | @@||reddit.map.fastly.net^$3p,subdocument,domain=reddit.com|redditmedia.com 76 | @@||render.githubusercontent.com^$3p,subdocument,domain=github.com 77 | @@||sharepoint.com^$3p,subdocument,domain=live.com 78 | @@||skype.com^$3p,subdocument,domain=live.com 79 | @@||soundcloud.com/player/*$3p,subdocument 80 | @@||sso.rokus-klett.si^$3p,subdocument,domain=znamzavec.si 81 | @@||stacksnippets.net^$3p,subdocument 82 | @@||stripe.com^$3p,subdocument 83 | @@||stripe.network^$3p,subdocument,domain=stripe.com 84 | @@||tickcounter.com^$3p,subdocument 85 | @@||tumblr.com^$3p,subdocument,domain=instagram.com 86 | @@||twitter.com/i/videos/$3p,subdocument 87 | @@||vice.map.fastly.net^$3p,subdocument,domain=vice.com 88 | @@||vox-cdn.com^$3p,subdocument 89 | @@||wargaming.net^$3p,subdocument,domain=worldoftanks.eu 90 | @@||wavesecure.com^$3p,subdocument,domain=mcafee.com 91 | @@||wsimg.com^$3p,subdocument,domain=godaddy.com 92 | @@||www.zuora.com/apps/PublicHostedPageLite.do$3p,subdocument 93 | @@||yimg.co^$3p,subdocument,domain=yahoo.com 94 | @@||yourshoutbox.com^$3p,subdocument 95 | @@||youtube-nocookie.com/embed/$3p,subdocument 96 | @@||youtube.com/embed/$3p,subdocument 97 | @@||youtube.com^$subdocument,domain=google.com 98 | @@||ypsilon.net^$3p,subdocument 99 | @@||yumpu.com^$3p,subdocument 100 | -------------------------------------------------------------------------------- /.Archive/uBO-3rdPartyScript.txt: -------------------------------------------------------------------------------- 1 | ! Title: crssi: Deny 3rd-Party Script with specific Unbreak 2 | ! Expires: 2 days 3 | ! Homepage: https://github.com/crssi/Firefox 4 | 5 | ||$third-party,script 6 | 7 | @@$third-party,script,domain=player.theplatform.com 8 | @@weather*^$third-party,script 9 | 10 | !@@||content.jwplatform.com^$third-party,script 11 | !@@||fsdn.com^$third-party,script,domain=sourceforge.net 12 | !@@||instagram.com^$third-party,script 13 | @@||account.amazon.com^$third-party,script 14 | @@||account.azureedge.net^$third-party,script,domain=account.live.com 15 | @@||accounts-static.cdn.mozilla.net^$third-party,script,domain=accounts.firefox.com 16 | @@||addons-amo.cdn.mozilla.net^$third-party,script,domain=addons.mozilla.org 17 | @@||akamaihd.net^$third-party,script 18 | @@||akamaized.net^$third-party,script 19 | @@||algolianet.com^$third-party,script,domain=fanatical.com 20 | @@||aliapp.org^$third-party,script,domain=aliexpress.com 21 | @@||alicdn.com^$third-party,script,domain=aliexpress.com 22 | @@||alipay.com^$third-party,script,domain=aliexpress.com 23 | @@||alipayobjects.com^$third-party,script,domain=alipay.com 24 | @@||alipcsec.com:*^$third-party,script,domain=aliexpress.com 25 | @@||alipsec.com^$third-party,script,domain=aliexpress.com 26 | @@||aliyun.com^$third-party,script,domain=aliexpress.com 27 | @@||api.digitalriver.com^$third-party,script 28 | @@||assets.gitlab-static.net^$third-party,script,domain=gitlab.com 29 | @@||blogsmithmedia.com^$third-party,script 30 | @@||bootstrapcdn.com^$third-party,script 31 | @@||bstatic.com^$third-party,script,domain=booking.com 32 | @@||c.s-microsoft.com^$third-party,script,domain=microsoft.com 33 | @@||cbsistatic.com^$third-party,script,domain=cnet.com 34 | @@||cdn.auth0.com^$third-party,script,domain=foxnews.com 35 | @@||checkfront.com/lib/interface*.js$third-party,script 36 | @@||client.hip.live.com/GetHIP/*$third-party,script 37 | @@||cloudfront.net^$third-party,script 38 | @@||cnbcfm.com^$third-party,script,domain=cnbc.com 39 | @@||comcast.com^$third-party,script,domain=xfinity.com 40 | @@||delivery.vidible.tv^$third-party,script 41 | @@||deviantart.net^$third-party,script,domain=deviantart.com 42 | @@||discourse-cdn-sjc1.com^$third-party,script 43 | @@||dohop-blue.global.ssl.fastly.net^$third-party,script,domain=dohop.com 44 | @@||ebaystatic.com^$third-party,script,domain=ebay.com|ebay.de|ebay.co.uk 45 | @@||eu-wotp.wgcdn.co^$third-party,script,domain=worldoftanks.eu 46 | @@||fncstatic.com^$third-party,script,domain=foxnews.com 47 | @@||forbesimg.com^$third-party,script,domain=forbes.com 48 | @@||foxbusiness.com^$third-party,script,domain=foxnews.com 49 | @@||futurecdn.net^$third-party,script,domain=techradar.com 50 | @@||gbtcdn.com^$third-party,script,domain=gearbest.com 51 | @@||gcdn.co^$third-party,script,domain=worldoftanks.eu|wargaming.net 52 | @@||gfx.ms^$third-party,script,domain=live.com|office365.com|microsoft.com|office.com 53 | @@||gstatic.com^$third-party,script,domain=google.com 54 | @@||ignimgs.com^$third-party,script,domain=ign.com 55 | @@||imgsmail.ru^$third-party,script,domain=mail.ru 56 | @@||imgur.com^$third-party,script 57 | @@||inte.searchnode.io^$third-party,script 58 | @@||kinja-static.com^$third-party,script 59 | @@||libs.cdn.renault.com$third-party,script 60 | @@||licdn.com^$third-party,script,domain=linkedin.com 61 | @@||livejournal.net^$third-party,script,subdocument,domain=livejournal.com 62 | @@||maxcdn.bootstrapcdn.com^$third-party,script 63 | @@||media-amazon.com^$third-party,script 64 | @@||medium.com^$third-party,script 65 | @@||microsoft.*^$third-party,script,domain=live.com|office.com 66 | @@||microsoftonline*.com^$third-party,script,domain=microsoftonline.com 67 | @@||msocdn.com^$third-party,script,domain=live.com|office.com 68 | @@||nbcuni.com^$third-party,script,domain=cnbc.com 69 | @@||nflxext.com^$third-party,script,domain=netflix.com 70 | @@||office.net^$third-party,script,domain=live.com 71 | @@||office365.com^$third-party,script,domain=live.com 72 | @@||payments-*.amazon.com^$third-party,script 73 | @@||payments-amazon.com^$third-party,script 74 | @@||paypalobjects.com^$third-party,script 75 | @@||platform.twitter.com/js/*$third-party,script 76 | @@||platform.twitter.com/widgets.js$third-party,script 77 | @@||player.theplatform.com^$third-party,script 78 | @@||players.brightcove.net^$third-party,script 79 | @@||razerzone.com^$third-party,script,domain=razer.com 80 | @@||redditstatic.com^$third-party,script,domain=reddit.com|redditmedia.com 81 | @@||scribdassets.com^$third-party,script,domain=scribd.com 82 | @@||skype.com^$third-party,script,domain=live.com 83 | @@||sndcdn.com^$third-party,script,domain=soundcloud.com 84 | @@||sndimg.com^$third-party,script 85 | @@||sni-dat.com^$third-party,script 86 | @@||snidigital.com^$third-party,script 87 | @@||spiceworksstatic.com^$third-party,script,domain=spiceworks.com 88 | @@||ssl-images-amazon.com^$third-party,script 89 | @@||static.squarespace.com/universal/*$third-party,script 90 | @@||stripe.com^$third-party,script 91 | @@||twimg.com^$third-party,script,domain=twitter.com 92 | @@||twitchcdn.net^$third-party,script,domain=twitch.tv 93 | @@||twitchsvc.net^$third-party,script,domain=twitch.tv 94 | @@||univision.com^$third-party,script 95 | @@||unrealengine.com^$third-party,script 96 | @@||use.typekit.net^$third-party,script 97 | @@||uvnimg.com^$third-party,script 98 | @@||vimeocdn.com^$third-party,script 99 | @@||wgcdn.co^$third-party,script,domain=wargaming.net 100 | @@||wikipedia.org^$third-party,script 101 | @@||wp.com^$third-party,script 102 | @@||wsimg.com^$third-party,script,domain=godaddy.com 103 | @@||yimg.com^$third-party,script 104 | @@||yourshoutbox.com^$third-party,script 105 | @@||ytimg.com^$third-party,script 106 | -------------------------------------------------------------------------------- /.Archive/uBO-3rdPartyXHR.txt: -------------------------------------------------------------------------------- 1 | ! Title: crssi: Deny 3rd-Party XHR with specific Unbreak 2 | ! Expires: 2 days 3 | ! Homepage: https://github.com/crssi/Firefox 4 | 5 | ||$third-party,xmlhttprequest 6 | 7 | ! Allow extensions like uBO/uM to get the filter list updates 8 | @@||$third-party,xmlhttprequest,domain=moz-extension-scheme 9 | 10 | @@weather*^$third-party,xmlhttprequest 11 | 12 | @@||24ur.si^$third-party,xmlhttprequest,domain=24ur.com 13 | @@||akamaihd.net^$third-party,xmlhttprequest 14 | @@||akamaized.net^$third-party,xmlhttprequest 15 | @@||algolia.net^$third-party,xmlhttprequest,domain=fontawesome.com|twitch.tv 16 | @@||algolianet.com^$third-party,xmlhttprequest,domain=fanatical.com 17 | @@||algolianet.com^$third-party,xmlhttprequest,domain=fontawesome.com 18 | @@||aliapp.org^$third-party,xmlhttprequest,domain=aliexpress.com 19 | @@||alicdn.com/ae-login/*$third-party,xmlhttprequest 20 | @@||alicdn.com^$third-party,xmlhttprequest,domain=aliexpress.com 21 | @@||alipay.com^$third-party,xmlhttprequest,domain=aliexpress.com 22 | @@||amazonaws.com^$third-party,xmlhttprequest 23 | @@||amazonaws.com^$third-party,xmlhttprequest,domain=github.com 24 | @@||amgload.net^$third-party,xmlhttprequest,domain=mp3pn.info 25 | @@||api.dohop.com^$third-party,xmlhttprequest 26 | @@||assets.gitlab-static.net^$third-party,xmlhttprequest,domain=gitlab.com 27 | @@||azureedge.net^$third-party,xmlhttprequest,domain=live.com 28 | @@||bbc.co.uk^$third-party,xmlhttprequest,domain=bbc.com 29 | @@||bci.co.uk^$third-party,xmlhttprequest,domain=bbc.com 30 | @@||boltdns.net^$third-party,xmlhttprequest 31 | @@||cloudfront.net^$third-party,xmlhttprequest 32 | @@||discourse-cdn-sjc1.com^$third-party,xmlhttprequest,script,domain=discuss.atom.io 33 | @@||dohop-blue.global.ssl.fastly.net^$third-party,xmlhttprequest,domain=dohop.com 34 | @@||dropboxstatic.com^$third-party,xmlhttprequest,domain=dropbox.com 35 | @@||edge.api.brightcove.com^$third-party,xmlhttprequest 36 | @@||fanatical.cdn.prismic.io^$third-party,xmlhttprequest,domain=fanatical.com 37 | @@||githubusercontent.com^$third-party,xmlhttprequest,domain=github.com 38 | @@||googlevideo.com^$third-party,xmlhttprequest,domain=youtube.com|youtube-nocookie.com 39 | @@||gstatic.com^$third-party,xmlhttprequest 40 | @@||imdb-video.media-imdb.com^$third-party,xmlhttprequest,domain=imdb.com 41 | @@||jsfiddle.net^$third-party,xmlhttprequest 42 | @@||jshell.net^$third-party,xmlhttprequest 43 | @@||licdn.com^$third-party,xmlhttprequest,domain=linkedin.com 44 | @@||live.com^$third-party,xmlhttprequest,domain=office.com 45 | @@||kaspersky.*^$third-party,xmlhttprequest 46 | @@||maps.google.com/maps*$third-party,xmlhttprequest 47 | @@||medium.com^$third-party,xmlhttprequest 48 | @@||mega.co.nz^$third-party,xmlhttprequest,domain=mega.nz 49 | @@||microsoft.*^$third-party,xmlhttprequest,domain=live.com|office.com|office365.com|sharepoint.com 50 | @@||mozilla.*^$third-party,xmlhttprequest,domain=mozilla.org 51 | @@||netdna.bootstrapcdn.com^$third-party,script,domain=gsmarena.com 52 | @@||nflxext.com^$third-party,xmlhttprequest,domain=netflix.com 53 | @@||office.com^$third-party,xmlhttprequest,domain=live.com 54 | @@||office365.com^$third-party,xmlhttprequest,domain=live.com 55 | @@||olsvc.com^$third-party,xmlhttprequest,domain=live.com 56 | @@||payments-*.amazon.com^$third-party,xmlhttprequest 57 | @@||paypalobjects.com^$third-party,xmlhttprequest 58 | @@||piguiqproxy.com^$third-party,xmlhttprequest,domain=mp3pn.info 59 | @@||player.vimeo.com/external/*$third-party,xmlhttprequest 60 | @@||royalmail.net^$xmlhttprequest,domain=royalmail.com 61 | @@||runkitcdn.com^$third-party,xmlhttprequest 62 | @@||sa.searchnode.net^$third-party,xmlhttprequest 63 | @@||skype.com^$third-party,xmlhttprequest,domain=live.com 64 | @@||skypeassets.com^$third-party,xmlhttprequest,domain=live.com 65 | @@||sndcdn.com^$third-party,xmlhttprequest,domain=soundcloud.com 66 | @@||sourcegraph.com^$third-party,xmlhttprequest,domain=github.com 67 | @@||streamlock.net^$third-party,xmlhttprequest 68 | @@||stripe.com^$third-party,xmlhttprequest,domain=stripe.network 69 | @@||stripensrq.global.ssl.fastly.net^$third-party,xmlhttprequest,domain=stripe.network 70 | @@||tech26.de^$third-party,xmlhttprequest,domain=n26.com 71 | @@||ttvnw.net^$third-party,xmlhttprequest 72 | @@||twitchcdn.net^$third-party,xmlhttprequest 73 | @@||twitchsvc.net^$third-party,xmlhttprequest 74 | @@||univision.com^$third-party,xmlhttprequest 75 | @@||use.typekit.net^$third-party,xmlhttprequest 76 | @@||video.twimg.com^$third-party,xmlhttprequest 77 | @@||videos.news.co.uk^$third-party,xmlhttprequest 78 | @@||vimeocdn.com^$third-party,xmlhttprequest 79 | @@||wikimedia.org^$third-party,xmlhttprequest,domain=wikipedia.org 80 | @@||wordpress.com^$third-party,xmlhttprequest 81 | @@||yimg.com^$third-party,xmlhttprequest,domain=yahoo.com 82 | @@||youtube.com^$third-party,xmlhttprequest 83 | @@||ytimg.com^$third-party,xmlhttprequest,domain=youtube.com 84 | -------------------------------------------------------------------------------- /.Archive/user-overrides.js: -------------------------------------------------------------------------------- 1 | /****** 2 | HOME: https://github.com/crssi/Firefox 3 | INFO: Supplement for ghacks-user.js; 7.5.2020 (commit: bb1e5bf); https://github.com/ghacksuserjs/ghacks-user.js 4 | NOTE: Before proceeding further, make a backup of your current profile 5 | PROFILE: https://github.com/crssi/Firefox/raw/master/Profile.zip 6 | 7 | 1. Download user.js from https://raw.githubusercontent.com/ghacksuserjs/ghacks-user.js/master/user.js and place it into "profile folder" 8 | NOTE: To find location of the "profile folder" enter "about:support" into url bar, click "Open Folder" button under "Application Basics" section on "Profile Folder" 9 | 2. Append this file to user.js that was downloaded in the previous step 10 | 3. Go to "profile folder", remove file "SiteSecurityServiceState.txt" and create folder with the same name; https://nakedsecurity.sophos.com/2015/02/02/anatomy-of-a-browser-dilemma-how-hsts-supercookies-make-you-choose-between-privacy-or-security/ 11 | 4. In the "profile folder" create a folder "chrome" and copy in userChrome.css and userContent.css from https://raw.githubusercontent.com/crssi/Firefox/master/userChrome.css 12 | 5. Firefox -> Options -> General -> General -> Tabs -> Settings... 13 | Remove all containers 14 | Firefox -> Options -> Search 15 | Default Search Engine: duckduckgo 16 | One-Click Search Engines: delete all except DuckDuckGo 17 | 6. To enable SSO within specific realm/domain (enterprise), enter domain list (comma separated without spaces) (about:config) into preferences network.negotiate-auth.trusted-uris and network.automatic-ntlm-auth.trusted-uris 18 | 7. Install extensions (see Extensions section) and setup by instructions 19 | NOTE: all changes are addition to default 20 | 8. Migrate your personal stuff from previous profile by copying appropriate files from backup (see https://support.mozilla.org/kb/profiles-where-firefox-stores-user-data/): 21 | cert9.db - Certificates 22 | content-prefs.sqlite - Site-specific preferences 23 | favicons.sqlite - Bookmarks icons 24 | handlers.json - Download actions 25 | key4.db - Passwords 26 | logins.json - Passwords 27 | permissions.sqlite - Site-specific preferences 28 | persdict.dat - Personal dictionary 29 | pkcs11.txt - Security device settings 30 | places.sqlite - Bookmarks 31 | 32 | ESSENTIAL EXTENSIONS: 33 | CanvasBlocker; https://addons.mozilla.org/firefox/addon/canvasblocker/ (https://github.com/kkapsner/CanvasBlocker/) 34 | On install page click apply for Convenient and Stealth settings 35 | General -> Expert mode: Check 36 | APIs -> Screen API -> Protect screen API: Uncheck 37 | Misc -> Misc -> Block data URL pages: Uncheck 38 | ClearURLs; https://addons.mozilla.org/firefox/addon/clearurls/ (https://gitlab.com/KevinRoebert/ClearUrls/) 39 | CSS Exfil Protection; https://addons.mozilla.org/firefox/addon/css-exfil-protection/ (https://www.mike-gualtieri.com/css-exfil-vulnerability-tester) 40 | Google search link fix; https://addons.mozilla.org/firefox/addon/google-search-link-fix/ (https://github.com/palant/searchlinkfix/) 41 | HTTPZ; https://addons.mozilla.org/firefox/addon/httpz/ (https://github.com/claustromaniac/httpz/) 42 | LocalCDN (fork of Decentraleyes); https://addons.mozilla.org/firefox/addon/localcdn-fork-of-decentraleyes/ (https://gitlab.com/nobody42/localcdn/) 43 | Privacy-Oriented Origin Policy; https://addons.mozilla.org/firefox/addon/privacy-oriented-origin-policy/ (https://github.com/claustromaniac/poop/) 44 | Type filters 45 | script: Check 46 | xmlhttprequest (XHR): Check 47 | Exclusions 48 | Exclusions: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/POOP-Exclusions.txt 49 | Click [Save] 50 | Redirect AMP to HTML; https://addons.mozilla.org/firefox/addon/amp2html/ (https://github.com/da2x/amp2html/) 51 | Skip Redirect; https://addons.mozilla.org/firefox/addon/skip-redirect/ (https://github.com/sblask/webextension-skip-redirect/) 52 | Blacklist: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/Skip_Redirect-Blacklist.txt 53 | Notifications 54 | Enable popup: Uncheck 55 | Smart Referer; https://addons.mozilla.org/firefox/addon/smart-referer/ (https://gitlab.com/smart-referer/smart-referer/) 56 | Whiteliste Sources: 57 | Add: https://raw.githubusercontent.com/crssi/Firefox/master/Smart_Referer-Whitelist.txt 58 | Temporary Containers; https://addons.mozilla.org/firefox/addon/temporary-containers/ (https://github.com/stoically/temporary-containers/) 59 | Export/Import 60 | Import Preferences 61 | Click [Import from local file]: Download from https://raw.githubusercontent.com/crssi/Firefox/master/temporary_containers_preferences.json 62 | uBlock Origin; https://addons.mozilla.org/firefox/addon/ublock-origin/ (https://github.com/uBlockOrigin/uBlock-issues/); https://git.synz.io/Synzvato/decentraleyes/wikis/Frequently-Asked-Questions 63 | Settings 64 | Click [Restore from file...]: https://raw.githubusercontent.com/crssi/Firefox/master/my-ublock-backup.txt 65 | uMatrix; https://addons.mozilla.org/firefox/addon/umatrix/ (https://github.com/uBlockOrigin/uMatrix-issues/); https://git.synz.io/Synzvato/decentraleyes/wikis/Frequently-Asked-Questions 66 | About 67 | Click [Restore from file...]: https://raw.githubusercontent.com/crssi/Firefox/master/my-umatrix-backup.txt 68 | 69 | ADDITIONAL EXTENSIONS THAT I AM USING: 70 | Close unused blank tabs Plus; https://addons.mozilla.org/firefox/addon/close-unused-blank-tabs-plus/ (https://github.com/crssi/Close-unused-blank-tabs-Plus/) 71 | Containerise; https://addons.mozilla.org/firefox/addon/containerise/ (https://github.com/kintesh/containerise/) 72 | I don't care about cookies; https://addons.mozilla.org/firefox/addon/i-dont-care-about-cookies/ (https://www.i-dont-care-about-cookies.eu/) 73 | Maximize All Windows (Minimalist Version); https://addons.mozilla.org/firefox/addon/maximize-all-windows-minimal/ (https://github.com/ericchase/maximize-all-windows/tree/master-minimal/) 74 | URLs List; https://addons.mozilla.org/firefox/addon/urls-list/ (https://github.com/moritz-h/urls-list/) 75 | 76 | USEFUL/INTERESTING EXTENSIONS: 77 | Bitwarden - Free Password Manager; https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/ (https://github.com/bitwarden/, https://bitwarden.com/) 78 | Certainly Something (Certificate Viewer); https://addons.mozilla.org/firefox/addon/certainly-something/ (https://github.com/april/certainly-something/) 79 | Cookie Quick Manager; https://addons.mozilla.org/firefox/addon/cookie-quick-manager/ (https://github.com/ysard/cookie-quick-manager/) 80 | Extension source viewer; https://addons.mozilla.org/firefox/addon/crxviewer/ (https://github.com/Rob--W/crxviewer/) 81 | Farsight DNSDB Scout; https://addons.mozilla.org/firefox/addon/farsight-dnsdb-scout/ (https://www.farsightsecurity.com/tools/dnsdb-scout/) 82 | IndicateTLS; https://addons.mozilla.org/firefox/addon/indicatetls/ (https://github.com/jannispinter/indicatetls/) 83 | Pasa password generator; https://addons.mozilla.org/firefox/addon/pasa-password-generator/ (https://github.com/alexhenrie/pasa/) 84 | Save Screenshot; https://addons.mozilla.org/firefox/addon/savescreenshot/ (https://github.com/M-Reimer/savescreenshot/) 85 | SixIndicator; https://addons.mozilla.org/firefox/addon/sixindicator/ (https://github.com/HostedDinner/SixIndicator/) 86 | Switch Container Plus; https://addons.mozilla.org/firefox/addon/switch-container-plus/ (https://github.com/stoically/switch-container-plus/) 87 | Undo Close Tab; https://addons.mozilla.org/firefox/addon/undoclosetabbutton/ (https://github.com/M-Reimer/undoclosetab/) 88 | xBrowserSync; https://www.xbrowsersync.org/ (https://github.com/xbrowsersync/) 89 | 90 | EXTERNAL APPLICATIONS: 91 | FF Password Exporter; https://github.com/kspearrin/ff-password-exporter/ 92 | PasswordFox; http://www.nirsoft.net/utils/passwordfox.html 93 | 94 | ******/ 95 | 96 | /*** PERSONAL AND ANNOYANCES TWEAKS ***/ 97 | /* 0800x */ user_pref("browser.urlbar.matchBuckets", "general:15,suggestion:Infinity"); // this resets 0801 and must be applied before 98 | /* 0801 */ user_pref("keyword.enabled", true); // enable location bar using search 99 | /* 0807 */ user_pref("browser.search.suggest.enabled", true); // enable live search suggestions 100 | /* 0808 */ user_pref("browser.urlbar.suggest.searches", true); // show search suggestions in address bar results 101 | /* 0850c */ user_pref("browser.urlbar.maxRichResults", 16); // number of urlbar search results 102 | /* 0850d */ user_pref("browser.urlbar.autoFill", false); // disable location bar autofill /* 0862 */ user_pref("places.history.enabled", false); // disable history 103 | /* 1401 */ user_pref("browser.display.use_document_fonts", 1); // I just <3 fonts 104 | /* 2031 */ user_pref("media.autoplay.enabled.user-gestures-needed", true); // Enable autoplay of HTML5 media if interacted with the site 105 | /* 2203 */ user_pref("browser.link.open_newwindow.restriction", 2); // don't like that a new window is forcibly opened fullsize 106 | /* 2651 */ user_pref("browser.download.useDownloadDir", true); // force save downloads to download folder 107 | // /* 2654 */ user_pref("browser.download.forbid_open_with", true); // disable "open with" in download dialog 108 | /* 5000 */ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); // disable CFR 109 | /* 5000 */ user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); // disable CFR 110 | /* 5000 */ user_pref("browser.tabs.closeWindowWithLastTab", false); // do not close FF with the last tab 111 | /* 5000 */ user_pref("browser.tabs.loadBookmarksInTabs", true); // open bookmark in a new tab 112 | /* 5000 */ user_pref("browser.urlbar.decodeURLsOnCopy", true); // see Bugzilla 1320061 113 | /* 5000 */ user_pref("browser.urlbar.openViewOnFocus", false); // close urlbar dropdown when empty 114 | /* 5000 */ user_pref("full-screen-api.warning.timeout", 0); // remove fullscreen message annoyance 115 | /* 5000 */ user_pref("general.autoScroll", false); // disable mouse middle-click scroll annoyance 116 | /* 5000 */ user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar 117 | /* 5000x */ user_pref("browser.tabs.selectOwnerOnClose", false); // set tab first to the left of closed tab as active 118 | /* 5000x */ user_pref("extensions.pocket.enabled", false); // disable and hide Pocket 119 | /* 5000x */ user_pref("findbar.highlightAll", true); // hihglight all hits on search 120 | 121 | /*** BREAKAGE AND SECURITY TWEAKS ***/ 122 | /* 0001 */ user_pref("browser.privatebrowsing.autostart", false); // disable PB 123 | /* 0302a */ user_pref("app.update.auto", true); // enable auto-installing Firefox updates 124 | /* 1201 */ user_pref("security.ssl.require_safe_negotiation", false); // do not force require_safe_negotiation 125 | /* 1204 */ user_pref("security.ssl.disable_session_identifiers", false); // breaks client certificate secure token, TC Automode needed 126 | /* 1212 */ user_pref("security.OCSP.require", false); // allow connection when OCSP not reacheable 127 | /* 1223 */ user_pref("security.cert_pinning.enforcement_level", 1); // Set to default to avoid AV breakage 128 | /* 1241 */ user_pref("security.mixed_content.block_display_content", false); // allow non-secure passive content 129 | // /* 1242 */ user_pref("security.mixed_content.upgrade_display_content", true); // upgrade non-secure passive content 130 | // /* 1244 */ user_pref("dom.security.https_only_mode", true); // enable https-only-mode 131 | /* 1603 */ user_pref("network.http.referer.XOriginPolicy", 0); // should be 1, except when spoofing by 3rd-party WE, like Smart Referer 132 | /* 1825 */ user_pref("media.gmp-widevinecdm.enabled", true); // enable widevine CDM; Netflix, Amazon Prime, Hulu... 133 | /* 1825 */ user_pref("media.gmp-widevinecdm.visible", true); // enable widevine CDM; Netflix, Amazon Prime, Hulu... 134 | /* 1830 */ user_pref("media.eme.enabled", true); // enable DRM content (EME: Encryption Media Extension); Netflix, Amazon Prime, Hulu... 135 | /* 2001 */ user_pref("media.peerconnection.enabled", true); // enable WebRTC, but do not leak local IP 136 | /* 2010 */ user_pref("webgl.disabled", false); // enable WebGL, high entropy FP vector; should be true, except if using WE CanvasBlocker 137 | /* 2010 */ user_pref("webgl.enable-webgl2", true); // enable WebGL 138 | /* 2012 */ user_pref("webgl.min_capability_mode", false); // enable WebGL full capability mode 139 | /* 2022 */ user_pref("media.getusermedia.screensharing.enabled", true); // enable screensharing 140 | /* 2403 */ user_pref("dom.allow_cut_copy", true); // allow cut/copy by JS 141 | /* 2422 */ user_pref("javascript.options.wasm", true); // enable WebAssembly 142 | /* 2510 */ user_pref("dom.webaudio.enabled", true); // should be false, except if using WE CanvasBlocker 143 | /* 2621 */ user_pref("network.protocol-handler.external.ms-windows-store", true); // enable MS Windows Store 144 | /* 2701 */ user_pref("browser.contentblocking.category", "standard"); // do we need 3rd party cookies blocked when TC Automode? 145 | /* 4001 */ user_pref("privacy.firstparty.isolate", false); // true breaks cross-domain logins and site functionality, TC covers FPI just fine 146 | /* 4503 */ user_pref("privacy.resistFingerprinting.block_mozAddonManager", false); // enable AMO to work as intended, 2662 must be default 147 | /* 5000 */ user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true); // support for userChrome.css (FF 68+) 148 | /* 5000e */ user_pref("network.automatic-ntlm-auth.allow-non-fqdn", true); // enable SSO for hostnames 149 | /* 5000e */ user_pref("security.enterprise_roots.enabled", true); // use OS certificates store, Firefox 68+ 150 | 151 | user_pref("_user.js.parrot", "Eagle has landed."); 152 | -------------------------------------------------------------------------------- /.Archive/userChrome.css: -------------------------------------------------------------------------------- 1 | /* 2 | https://www.reddit.com/r/FirefoxCSS/ 3 | https://www.reddit.com/r/FirefoxCSS/comments/7dkhuh/color_your_url_bar_based_on_website_security/ 4 | https://fosspost.org/tutorials/how-to-customize-firefox-57-user-interface 5 | https://github.com/Aris-t2/CustomCSSforFx 6 | https://github.com/FirefoxBar/userChrome.js-Collections- 7 | https://github.com/overdodactyl/ShadowFox 8 | https://developer.mozilla.org/en-US/docs/tag/XUL_Tutorial 9 | https://github.com/Timvde/UserChrome-Tweaks 10 | https://github.com/bogachenko/freefox/blob/master/firefox/chrome/userChrome.css 11 | https://github.com/Izheil/Quantum-Nox-Firefox-Dark-Full-Theme/blob/master/Theme%20features/userChrome.css 12 | https://www.howtogeek.com/334716/how-to-customize-firefoxs-user-interface-with-userchrome.css/ 13 | https://www.reddit.com/r/firefox/comments/7dvtw0/guide_how_to_edit_your_context_menu/ 14 | https://imgur.com/e9AaMx3 15 | https://imgur.com/b5gEfUy 16 | https://support.mozilla.org/en-US/questions/1214459 17 | https://github.com/Izheil/Quantum-Nox-Firefox-Dark-Full-Theme 18 | https://www.reddit.com/r/FirefoxCSS/comments/ayjagi/firefox_white_flash_on_opening_new_window_and/ 19 | https://www.userchrome.org/megabar-styling-firefox-address-bar.html 20 | */ 21 | 22 | /* letterbox color */ 23 | #tabbrowser-tabpanels { 24 | background-color: rgb(46,54,69) !important; 25 | } 26 | 27 | /* Removed space before the first tab */ 28 | .titlebar-spacer[type="pre-tabs"] { 29 | display: none !important; 30 | } 31 | 32 | /* Menu customization */ 33 | #appMenu-private-window-button, 34 | #appMenuRestoreLastSession, 35 | #context_bookmarkTab, 36 | #context_closeTab, 37 | #context_moveTabOptions, 38 | #context_selectAllTabs, 39 | #context-openlink, 40 | #context-openlinkincontainertab, 41 | #context-openlinkincurrent, 42 | #context-openlinkprivate, 43 | #placesContext_open\:newprivatewindow { 44 | display: none !important; 45 | } 46 | 47 | /* only show close buttons on tabs when hovering */ 48 | .tabbrowser-tab .tab-close-button { 49 | display: none !important; 50 | } 51 | .tabbrowser-tab:hover .tab-close-button { 52 | display: block !important; 53 | } 54 | 55 | 56 | /* urlbar colorization */ 57 | #urlbar { 58 | position: relative; 59 | z-index: 1; 60 | } 61 | 62 | #identity-box:after { 63 | content: ''; 64 | position: absolute; 65 | height: 100%; 66 | width: 100%; 67 | top: 0; 68 | left: 0; 69 | pointer-events: none; 70 | opacity: .3; 71 | } 72 | 73 | @keyframes blinker { 74 | 50% { opacity: .1; } 75 | } 76 | 77 | /* about:about */ 78 | #urlbar[pageproxystate='valid'] #identity-box.localResource:after { 79 | background: #0a84ff; 80 | } 81 | 82 | /* about:config and moz-extension:* */ 83 | #urlbar[pageproxystate='valid'] #identity-box.chromeUI:after, 84 | #urlbar[pageproxystate='valid'] #identity-box.extensionPage:after { 85 | background: #0a84ff; 86 | } 87 | 88 | /* https://self-signed.badssl.com/ but add certificate exception */ 89 | #urlbar[pageproxystate='valid'] #identity-box.certUserOverridden:after { 90 | background: #f0dc00; 91 | } 92 | 93 | /* notSecure */ 94 | #urlbar[pageproxystate='valid'] #identity-box.insecureLoginForms:after, 95 | #urlbar[pageproxystate='valid'] #identity-box.weakCipher:after, 96 | #urlbar[pageproxystate='valid'] #identity-box.notSecure:after { 97 | background: #ff0011; 98 | opacity: .4; 99 | animation: blinker 2s linear infinite; 100 | } 101 | -------------------------------------------------------------------------------- /.Archive/userContent.css: -------------------------------------------------------------------------------- 1 | /* https://www.reddit.com/r/FirefoxCSS/comments/ayjagi/firefox_white_flash_on_opening_new_window_and/ */ 2 | /* prevent white_flash on opening new tab/window */ 3 | @-moz-document url("about:home"),url("about:blank"),url("about:newtab"),url("about:privatebrowsing") { 4 | body{ background-color: rgb(46,54,69) } 5 | } 6 | -------------------------------------------------------------------------------- /.Tools/README.md: -------------------------------------------------------------------------------- 1 | ## Tools 2 | Thanks to author @avih and contributors for [jsonlz4](https://github.com/avih/dejsonlz4/tree/master/src/ref_compress) and [dejsonlz4](https://github.com/avih/dejsonlz4) 3 | -------------------------------------------------------------------------------- /.Tools/create-profile.ps1: -------------------------------------------------------------------------------- 1 | # https://github.com/avih/dejsonlz4 2 | Get-Content -Path "$($env:APPDATA)\Mozilla\Firefox\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $profilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 3 | 4 | & "$env:UserProfile\Documents\GitHub\Firefox\.Tools\dejsonlz4.exe" @("$profilePath\addonStartup.json.lz4","$profilePath\addonStartup.json") 5 | Copy-Item "$([Environment]::GetFolderPath("MyDocuments"))\GitHub\Firefox\.Tools\jsonlz4.exe" $profilePath -Force 6 | 7 | forEach ($file in @('cert9.db','content-prefs.sqlite','favicons.sqlite','handlers.json','key4.db','logins.json','permissions.sqlite','persdict.dat','pkcs11.txt','places.sqlite')) { if (Test-Path -Path $profilePath\$file) { Remove-Item -Path $profilePath\$file -Force -ErrorAction SilentlyContinue } } 8 | 9 | forEach ($file in @('extensions.json','compatibility.ini','addonStartup.json')) { 10 | $content = Get-Content -Encoding UTF8 -Path $profilePath\$file 11 | $content = $content.Replace($env:APPDATA.Replace('\','/').Replace(' ','%20'),'%appdata%') 12 | $content = $content.Replace($env:APPDATA.Replace('\','\\'),'%appdata%') 13 | $content = $content.Replace($env:ProgramFiles.Replace('\','/').Replace(' ','%20'),'%programfiles%') 14 | $content = $content.Replace($env:ProgramFiles.Replace('\','\\'),'%programfiles%') 15 | $content = $content.Replace($env:ProgramFiles,'%programfiles%') 16 | [System.IO.File]::WriteAllLines("$profilePath\$file", $content, $(New-Object System.Text.UTF8Encoding $False)) 17 | } 18 | 19 | Get-ChildItem $profilePath\storage\default | where { $_.name -notmatch '\^userContextId' } | Remove-Item -Recurse -Force -Confirm:$false 20 | if (Test-Path -Path $profilePath\addonStartup.json.lz4) { Remove-Item -Path $profilePath\addonStartup.json.lz4 -Force } 21 | if (Test-Path -Path $profilePath\pkcs11.txt) { Remove-Item -Path $profilePath\pkcs11.txt -Force } 22 | 23 | Compress-Archive -Path "$($env:APPDATA)\Mozilla\Firefox\*" -DestinationPath "$env:UserProfile\Documents\GitHub\Firefox\Profile.zip" -CompressionLevel Optimal -Force 24 | -------------------------------------------------------------------------------- /.Tools/dejsonlz4.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/crssi/Firefox/6177efea647402315f7faa6449d514357b8acc76/.Tools/dejsonlz4.exe -------------------------------------------------------------------------------- /.Tools/jsonlz4.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/crssi/Firefox/6177efea647402315f7faa6449d514357b8acc76/.Tools/jsonlz4.exe -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /CanvasBlocker-settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "logLevel": 0, 3 | "urlSettings": [ 4 | { 5 | "url": "mail.google.com", 6 | "protectDOMRect": false 7 | }, 8 | { 9 | "url": "onedrive.live.com", 10 | "protectDOMRect": false 11 | } 12 | ], 13 | "hiddenSettings": {}, 14 | "expandStatus": { 15 | "section_faking": true, 16 | "blockMode": true 17 | }, 18 | "displayHiddenSettings": false, 19 | "whiteList": "paypal.com", 20 | "sessionWhiteList": "", 21 | "blackList": "", 22 | "blockMode": "fake", 23 | "protectedCanvasPart": "input", 24 | "minFakeSize": 10, 25 | "maxFakeSize": 1000000, 26 | "rng": "persistent", 27 | "protectedAPIFeatures": { 28 | "length @ history": false, 29 | "getContext @ canvas": false, 30 | "toDataURL @ canvas": false, 31 | "toBlob @ canvas": false, 32 | "convertToBlob @ canvas": false, 33 | "mozGetAsFile @ canvas": false, 34 | "getImageData @ canvas": false, 35 | "isPointInPath @ canvas": false, 36 | "isPointInStroke @ canvas": false, 37 | "fillText @ canvas": false, 38 | "strokeText @ canvas": false 39 | }, 40 | "useCanvasCache": true, 41 | "ignoreFrequentColors": 3, 42 | "minColors": 3, 43 | "fakeAlphaChannel": false, 44 | "webGLVendor": "", 45 | "webGLRenderer": "", 46 | "webGLUnmaskedVendor": "", 47 | "webGLUnmaskedRenderer": "", 48 | "persistentRndStorage": "{}", 49 | "persistentIncognitoRndStorage": "{}", 50 | "storePersistentRnd": false, 51 | "persistentRndClearIntervalValue": 15, 52 | "persistentRndClearIntervalUnit": "minutes", 53 | "lastPersistentRndClearing": 1622058570900, 54 | "sharePersistentRndBetweenDomains": false, 55 | "askOnlyOnce": "individual", 56 | "askDenyMode": "block", 57 | "showCanvasWhileAsking": true, 58 | "showNotifications": true, 59 | "highlightPageAction": "none", 60 | "highlightBrowserAction": "color", 61 | "displayBadge": true, 62 | "storeNotificationData": false, 63 | "storeImageForInspection": false, 64 | "ignoreList": "", 65 | "ignoredAPIs": {}, 66 | "showCallingFile": false, 67 | "showCompleteCallingStack": false, 68 | "enableStackList": false, 69 | "stackList": "", 70 | "protectAudio": true, 71 | "audioFakeRate": "100", 72 | "audioNoiseLevel": "minimal", 73 | "useAudioCache": true, 74 | "audioUseFixedIndices": true, 75 | "audioFixedIndices": "24", 76 | "historyLengthThreshold": 2, 77 | "protectWindow": false, 78 | "allowWindowNameInFrames": true, 79 | "protectDOMRect": true, 80 | "domRectIntegerFactor": 4, 81 | "protectTextMetrics": true, 82 | "blockDataURLs": true, 83 | "protectNavigator": false, 84 | "navigatorDetails": {}, 85 | "protectScreen": false, 86 | "screenSize": "", 87 | "fakeMinimalScreenSize": false, 88 | "displayAdvancedSettings": true, 89 | "displayDescriptions": false, 90 | "theme": "auto", 91 | "dontShowOptionsOnUpdate": false, 92 | "isStillDefault": false, 93 | "storageVersion": 1 94 | } -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 crssi 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /POOP-Exclusions.txt: -------------------------------------------------------------------------------- 1 | * *.akamaihd.net 2 | * *.azure.net 3 | * *.braintreegateway.com 4 | * *.crisp.chat 5 | * *.launchdarkly.com 6 | * *.live.com 7 | * *.lync.com 8 | * *.microsoft*.com 9 | * *.msedge.net 10 | * *.msftauth.net 11 | * *.msocdn.com 12 | * *.office*.* 13 | * *.sharepoint*.com 14 | * *.shopify*.com 15 | * *.sportshop.com 16 | * *.svc.ms 17 | * *.windows.net 18 | * api.spectrumcustomizer.com 19 | * api.woosmap.com 20 | * edge.api.brightcove.com 21 | * firestore.googleapis.com 22 | * mcapi.us 23 | * shopify-chat.shopifycloud.com 24 | * v.redd.it 25 | *.*inn.com *.*inn.com 26 | *.24live*.com *.24live*.com 27 | *.airbnb.com *.muscache.com 28 | *.ali*.com *.ali*.com 29 | *.amazon.* *amazon*.com 30 | *.azure.com * 31 | *.azureedge.net *.omnichannelengagementhub.com 32 | *.cnet.com cnetvideo.cbsistatic.com 33 | *.dm.* *.services.dmtech.com 34 | *.driftt.com *.drift*.com 35 | *.dropbox.com *.dropbox*.com 36 | *.ebay*.* *.ebay*.* 37 | *.expedia.com *.expedia*.com 38 | *.facebook.com *.fbcdn.net 39 | *.google*.* * 40 | *.icloud.com *.apple*.com 41 | *.imdb.com *.imdb*.com 42 | *.imdb.com *amazon*.com 43 | *.lidl.* www.bing.com 44 | *.live.com * 45 | *.microsoft*.com * 46 | *.minecraft.net *.mojang.com 47 | *.netflix.* *.nflx*.net 48 | *.notabug.io oauth.reddit.com 49 | *.nytimes.com *.nyt.com 50 | *.office.com * 51 | *.paypal*.com *.paypal*.com 52 | *.powerbi.com * 53 | *.reddit.com *.redd.it 54 | *.reddit.com *.reddit*.com 55 | *.telemach.* *.united.cloud 56 | *.twitter.com *.twimg.com 57 | *.ubisoft.com *ubi* 58 | *.youtube*.com * 59 | *vimeo.com * 60 | disqus.com *.disqus.com 61 | f.vision *.dnsf.vision 62 | fast.com *.nflx*.net 63 | forms.medifit.si app.eambulanta.si 64 | github.com *.github*.com 65 | slack.com *.slack*.com 66 | tunein.com *.radiotime.com 67 | twitter.com *.twimg.com 68 | yastatic.net *.yandex.* 69 | -------------------------------------------------------------------------------- /Profile.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/crssi/Firefox/6177efea647402315f7faa6449d514357b8acc76/Profile.zip -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Firefox not overly tightened profile 2 | This is supplement for [ghacks-user.js](https://github.com/ghacksuserjs/ghacks-user.js) 3 | 4 | Download [user-overrides.js](https://raw.githubusercontent.com/crssi/Firefox/master/user-overrides.js) and follow the instructions in it. 5 | -------------------------------------------------------------------------------- /Skip_Redirect-Blacklist.txt: -------------------------------------------------------------------------------- 1 | _sso= 2 | .encReferrer= 3 | /_login 4 | //12ft.io/ 5 | //archive.fo/ 6 | //archive.is/ 7 | //archive.li/ 8 | //archive.md/ 9 | //archive.ph/ 10 | //archive.today/ 11 | //archive.vn/ 12 | //azure.microsoft.com/email/\?destination=https%3A%2F%2Fportal.azure.com%2F 13 | //cas.setcce. 14 | //consent.google. 15 | //disq.us/ 16 | //dns.nextdns.io/ 17 | //domain.glass/ 18 | //go.redirectingat.com/ 19 | //htmlpreview.github.io/ 20 | //info.addr.tools/ 21 | //myaccount.google.com/age-verification 22 | //oisd.nl/ 23 | //sites.google.com/ 24 | //slack-redir.net/link 25 | //statics.teams.cdn.office.net/ 26 | //testtls.com/ 27 | //web.archive.org/ 28 | //webbkoll.dataskydd.net/ 29 | //whois. 30 | //www.addevent.com/ 31 | //www.bing.com/ 32 | //www.saferpay.com/ 33 | /abp 34 | /account 35 | /adfs/ls/ 36 | /auth 37 | /cookie 38 | /cred_submit 39 | /download 40 | /IdP 41 | /login 42 | /logoff 43 | /logon 44 | /logout 45 | /oauth 46 | /openid/ 47 | /owa/ 48 | /preferences 49 | /profile 50 | /ProxiedProxiedWebspace 51 | /register 52 | /safe-browsing/ 53 | /safebrowsing/ 54 | /saml/ 55 | /SAML2/ 56 | /searchbyimage 57 | /signin 58 | /signoff 59 | /signon 60 | /signout 61 | /signup 62 | /sso/ 63 | /subscribe 64 | /tmui/locallb 65 | /unauthenticated 66 | /verification 67 | /websso/ 68 | /wsfederation 69 | &openid. 70 | %2Fauth%2F 71 | 9inchurl.com/ 72 | aa419.org/ 73 | access/jwt 74 | action=login 75 | alipay.com 76 | chart.googleapis.com/chart 77 | docs.google.com/ 78 | duckduckgo.com/ 79 | github.io/ 80 | googleusercontent.com/ 81 | hideproxy.me/ 82 | hosts-file.net/ 83 | i-dont-care-about-cookies.eu/ 84 | icloud.com/ 85 | logout= 86 | malc0de.com/ 87 | malwaredomainlist.com/ 88 | mandrillapp.com/track/ 89 | medium.com/ 90 | microsofttranslator.com/ 91 | on.crisp.email/ 92 | paypal.com/ 93 | phish-report.mozilla.com/ 94 | reddit.com/ 95 | reviewmeta.com/ 96 | rover.ebay.co 97 | safelinks.protection.outlook.com 98 | safelinks.protection.outlook.com/ 99 | securityheaders.com/ 100 | soundestlink.com/transactional/ 101 | ssllabs.com/ 102 | statics.teams.cdn.office.net 103 | t.umblr.com/redirect 104 | threatcrowd.org/ 105 | translate.google.com/ 106 | translatetheweb.com/ 107 | twitter.com/ 108 | ubi.com/ 109 | virustotal.com/ 110 | wego.here.com/ 111 | www.google.com/url?q= 112 | www.saferpay.com 113 | xboxlive.com/connect/ 114 | youtube.com/embed/ 115 | -------------------------------------------------------------------------------- /Smart_Referer-Whitelist.txt: -------------------------------------------------------------------------------- 1 | .apple.com>.*apple*.* .google*.*>.google*.* .google*.*>.gstatic.com .google*.*>.ytimg.com .icloud.com>.*apple*.* .paloaltonetworks.com>.cloudfront.net .travelriskmap.com>* hitrinakup.com>.tus.si www.instagram.com>instagram.*.fna.fbcdn.net .instagram.com>.cdninstagram.com .*>vidstreamz.online .adobe.com>.adobelogin.com id.atlassian.com>.atlassian.net login.microsoftonline.com>.sso.azurewebsites.net .sso.azurewebsites.net>.scm.azurewebsites.net .binance.com>api.geetest.com .bing.com>login.live.com biqle.ru>daxab.com codepen.io>cdpn.io .dm5.com>.cdndm5.com tv.disney.de>.akamaihd.net .engadget.com>.spot.im filmow.com>api.pontamedia.net .gmx.net>deref-gmx.net .google.*>.google.com .google.com.*>.google.com .google.co.*>.google.com .google.*>.gstatic.com .google.com.*>.gstatic.com .google.co.*>.gstatic.com .google.*>.googleapis.com .google.com.*>.googleapis.com .google.co.*>.googleapis.com .huaban.com>.huabanimg.com *>api.mapbox.com messages.android.com>instantmessaging-pa.googleapis.com news.ebc.net.tw>www.youtube.com .facebook.com>.fbcdn.net .fanatical.com>w2m9492ddv-*.algolianet.com .fanfiction.net>ffcdn2012t-fictionpressllc.netdna-ssl.com .icloud.com>.apple.com .itch.io>v6p9d9t4.ssl.hwcdn.net .itch.io>.itch.zone login.live.com>* .pixiv.net>.pximg.net *>.postfinance.ch .tiktok.com>.tiktokcdn.com .twist.moe>.twistcdn.bunny.sh streamcomplet.me>media.vimple.me streamcomplet.me>vdp.mycdn.me *>api.solvemedia.com *>api-secure.solvemedia.com *>player.vimeo.com *>.vivocha.com .visa.com.hk>.visa.com .weebly.com>.editmysite.com openload.co>oload.win removeddit.com>elastic.pushshift.io revddit.com>elastic.pushshift.io .mp4upload.com>.mp4upload.com:* *.mangapill.com>*.readdetectiveconan.com 2 | -------------------------------------------------------------------------------- /get-profile.ps1: -------------------------------------------------------------------------------- 1 | # Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/crssi/Firefox/master/get-profile.ps1')) 2 | 3 | [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null 4 | if ($PSVersionTable.PSVersion.Major -le 4) { [Windows.Forms.MessageBox]::Show("ERROR:`nPowershell version 4 or greater is needed!", "GITHUB/CRSSI/FIREFOX/PROFILE", [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information) | Out-Null;Exit } 5 | 6 | do { Start-Sleep -Milliseconds 1000 } while ((Get-Process -Name 'firefox' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 7 | do { Start-Sleep -Milliseconds 1000 } while ((Get-Process -Name 'proxsign' -ErrorAction SilentlyContinue | Stop-Process) -ne $null) 8 | 9 | try { Compress-Archive -Path "$($env:APPDATA)\Mozilla\Firefox" -DestinationPath "$($env:APPDATA)\Mozilla\Firefox_Profile_Backup-$((Get-Date).ToString('yyyy.MM.dd_HH.mm.ss')).zip" -CompressionLevel Fastest } catch { [Windows.Forms.MessageBox]::Show("ERROR:`nNo active Firefox profile found!", "GITHUB/CRSSI/FIREFOX/PROFILE", [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information) | Out-Null; Exit } 10 | 11 | $tmpFolder = "$($env:USERPROFILE)\CRSSI" 12 | Remove-Item -Path $tmpFolder -Recurse -Force -Confirm:$false -ErrorAction SilentlyContinue 13 | New-Item -ItemType Directory -Force -Path $tmpFolder | Out-Null 14 | 15 | Import-Module -Name BitsTransfer 16 | try { Start-BitsTransfer -Source https://github.com/crssi/Firefox/raw/master/Profile.zip -Destination $tmpFolder -ErrorAction Stop } catch { Remove-Item -Path $tmpFolder -Recurse -Force -Confirm:$false; [Windows.Forms.MessageBox]::Show("ERROR:`nCheck your Internet connectivity and try again.", "GITHUB/CRSSI/FIREFOX/PROFILE", [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information) | Out-Null; Exit } 17 | Expand-Archive -Path "$tmpFolder\profile.zip" -DestinationPath $tmpFolder 18 | Remove-Item -Path "$tmpFolder\profile.zip" -Force 19 | 20 | Get-Content -Path "$tmpFolder\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $tmpProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 21 | $tmpProfilePath = "$tmpFolder\Profiles\$($tmpProfilePath.split('\')[-1])" 22 | Get-Content -Path "$($env:APPDATA)\Mozilla\Firefox\installs.ini" | ForEach-Object { if ($_.StartsWith('Default=Profiles/')) { $oldProfilePath = "$($env:APPDATA)\Mozilla\Firefox\Profiles\$($_.Replace('Default=Profiles/', ''))" } } 23 | 24 | $oldProfileFirefoxVersion = [Int]((Get-Content $oldProfilePath\prefs.js | where { $_ -like "*distribution.iniFile.exists.appversion*" }).Split('"')[3].Split(".")[0]) 25 | $newProfileFirefoxVersion = [Int]((Get-Content $tmpProfilePath\prefs.js | where { $_ -like "*distribution.iniFile.exists.appversion*" }).Split('"')[3].Split(".")[0]) 26 | if ($newProfileFirefoxVersion -gt $oldProfileFirefoxVersion) { Remove-Item -Path "$tmpFolder" -Recurse -Force -Confirm:$false; [Windows.Forms.MessageBox]::Show("ERROR:`nUpgrade Firefox to latest version and try again!`n`nStart Firefox > ☰ menu > Help > About.", "GITHUB/CRSSI/FIREFOX/PROFILE", [Windows.Forms.MessageBoxButtons]::OK, [Windows.Forms.MessageBoxIcon]::Information) | Out-Null; Exit } 27 | 28 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*browser.urlbar.placeholderName*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 29 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*network.automatic-ntlm-auth.trusted-uris*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 30 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*network.negotiate-auth.trusted-uris*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 31 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*network.trr.mode*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 32 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*network.trr.uri*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 33 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*privacy.resistFingerprinting.letterboxing" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 34 | Get-Content $oldProfilePath\prefs.js | where { $_ -like "*services.sync.username*" } | Out-File -FilePath $tmpProfilePath\prefs.js -Append -Encoding utf8 35 | 36 | @('cert9.db','content-prefs.sqlite','favicons.sqlite','handlers.json','key4.db','logins.json','permissions.sqlite','persdict.dat','pkcs11.txt','places.sqlite') | ForEach-Object { Copy-Item -Path "$oldProfilePath\$_" -Destination "$tmpProfilePath\$_" -Force -ErrorAction SilentlyContinue } 37 | 38 | forEach ($file in @('extensions.json','compatibility.ini','addonStartup.json')) { 39 | $content = Get-Content -Encoding UTF8 -Path $tmpProfilePath\$file 40 | $content = $content.Replace('%appdata%/',"$($env:APPDATA.Replace('\','/').Replace(' ','%20'))/") 41 | $content = $content.Replace('%appdata%\\',"$($env:APPDATA.Replace('\','\\'))\\") 42 | $content = $content.Replace('%programfiles%/',"$($env:ProgramFiles.Replace('\','/').Replace(' ','%20'))/") 43 | $content = $content.Replace('%programfiles%\\',"$($env:ProgramFiles.Replace('\','\\'))\\") 44 | $content = $content.Replace('%programfiles%\',"$($env:ProgramFiles)\") 45 | [System.IO.File]::WriteAllLines("$tmpProfilePath\$file", $content, $(New-Object System.Text.UTF8Encoding $False)) 46 | } 47 | 48 | & "$tmpProfilePath\jsonlz4.exe" @("$tmpProfilePath\addonStartup.json","$tmpProfilePath\addonStartup.json.lz4") 49 | Start-Sleep -Milliseconds 1000 50 | #Remove-Item -Path "$tmpProfilePath\addonStartup.json" -Force 51 | #Remove-Item -Path "$tmpProfilePath\jsonlz4.exe" -Force 52 | 53 | Remove-Item -Path "$($env:APPDATA)\Mozilla\Firefox" -Recurse -Force -Confirm:$false 54 | Move-Item -Path "$tmpFolder" -Destination "$($env:APPDATA)\Mozilla\Firefox" -Force 55 | Remove-Item -Path $tmpFolder -Recurse -Force -Confirm:$false -ErrorAction SilentlyContinue 56 | 57 | Start-Process -FilePath 'firefox.exe' 58 | 59 | Exit 60 | -------------------------------------------------------------------------------- /my-ublock-backup.txt: -------------------------------------------------------------------------------- 1 | { 2 | "timeStamp": 1745320140073, 3 | "version": "1.63.2", 4 | "userSettings": { 5 | "advancedUserEnabled": true, 6 | "externalLists": "https://abp.oisd.nl//\nhttps://badmojr.github.io/1Hosts/Lite/adblock.txt\nhttps://filters.adtidy.org/extension/ublock/filters/6.txt\nhttps://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=bpc-paywall-filter.txt\nhttps://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener-AffiliateTagAllowlist.txt\nhttps://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt\nhttps://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Cosmetic.txt\nhttps://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Deny.txt\nhttps://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Unbreak.txt\nhttps://www.fanboy.co.nz/enhancedstats.txt", 7 | "firewallPaneMinimized": false, 8 | "importedLists": [ 9 | "https://abp.oisd.nl//", 10 | "https://badmojr.github.io/1Hosts/Lite/adblock.txt", 11 | "https://filters.adtidy.org/extension/ublock/filters/6.txt", 12 | "https://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=bpc-paywall-filter.txt", 13 | "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener-AffiliateTagAllowlist.txt", 14 | "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt", 15 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Cosmetic.txt", 16 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Deny.txt", 17 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Unbreak.txt", 18 | "https://www.fanboy.co.nz/enhancedstats.txt" 19 | ], 20 | "popupPanelSections": 63, 21 | "webrtcIPAddressHidden": true 22 | }, 23 | "selectedFilterLists": [ 24 | "user-filters", 25 | "ublock-filters", 26 | "ublock-badware", 27 | "ublock-privacy", 28 | "ublock-quick-fixes", 29 | "ublock-unbreak", 30 | "adguard-generic", 31 | "adguard-spyware-url", 32 | "block-lan", 33 | "urlhaus-1", 34 | "DEU-0", 35 | "SVN-0", 36 | "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt", 37 | "https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener-AffiliateTagAllowlist.txt", 38 | "https://filters.adtidy.org/extension/ublock/filters/6.txt", 39 | "https://gitflic.ru/project/magnolia1234/bypass-paywalls-clean-filters/blob/raw?file=bpc-paywall-filter.txt", 40 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Cosmetic.txt", 41 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Deny.txt", 42 | "https://raw.githubusercontent.com/crssi/BlockLists/main/uBO-Unbreak.txt", 43 | "https://www.fanboy.co.nz/enhancedstats.txt", 44 | "https://badmojr.github.io/1Hosts/Lite/adblock.txt", 45 | "https://abp.oisd.nl//" 46 | ], 47 | "hiddenSettings": { 48 | "filterAuthorMode": true 49 | }, 50 | "whitelist": [ 51 | "# about-scheme", 52 | "chrome-extension-scheme", 53 | "chrome-scheme", 54 | "edge-scheme", 55 | "moz-extension-scheme", 56 | "opera-scheme", 57 | "outlook.office365.com", 58 | "vivaldi-scheme", 59 | "wyciwyg-scheme" 60 | ], 61 | "dynamicFilteringString": "behind-the-scene * * noop\nbehind-the-scene * inline-script noop\nbehind-the-scene * 1p-script noop\nbehind-the-scene * 3p-script noop\nbehind-the-scene * 3p-frame noop\nbehind-the-scene * image noop\nbehind-the-scene * 3p noop\n* 0 * block\n* 10 * block\n* 100.100 * block\n* 100.101 * block\n* 100.102 * block\n* 100.103 * block\n* 100.104 * block\n* 100.105 * block\n* 100.106 * block\n* 100.107 * block\n* 100.108 * block\n* 100.109 * block\n* 100.110 * block\n* 100.111 * block\n* 100.112 * block\n* 100.113 * block\n* 100.114 * block\n* 100.115 * block\n* 100.116 * block\n* 100.117 * block\n* 100.118 * block\n* 100.119 * block\n* 100.120 * block\n* 100.121 * block\n* 100.122 * block\n* 100.123 * block\n* 100.124 * block\n* 100.125 * block\n* 100.126 * block\n* 100.127 * block\n* 100.64 * block\n* 100.65 * block\n* 100.66 * block\n* 100.67 * block\n* 100.68 * block\n* 100.69 * block\n* 100.70 * block\n* 100.71 * block\n* 100.72 * block\n* 100.73 * block\n* 100.74 * block\n* 100.75 * block\n* 100.76 * block\n* 100.77 * block\n* 100.78 * block\n* 100.79 * block\n* 100.80 * block\n* 100.81 * block\n* 100.82 * block\n* 100.83 * block\n* 100.84 * block\n* 100.85 * block\n* 100.86 * block\n* 100.87 * block\n* 100.88 * block\n* 100.89 * block\n* 100.90 * block\n* 100.91 * block\n* 100.92 * block\n* 100.93 * block\n* 100.94 * block\n* 100.95 * block\n* 100.96 * block\n* 100.97 * block\n* 100.98 * block\n* 100.99 * block\n* 127 * block\n* 169.254 * block\n* 172.16 * block\n* 172.17 * block\n* 172.18 * block\n* 172.19 * block\n* 172.20 * block\n* 172.21 * block\n* 172.22 * block\n* 172.23 * block\n* 172.24 * block\n* 172.25 * block\n* 172.26 * block\n* 172.27 * block\n* 172.28 * block\n* 172.29 * block\n* 172.30 * block\n* 172.31 * block\n* 192.0.0 * block\n* 192.168 * block\n* 198.18 * block\n* 198.19 * block\n* 255.255.255.255 * block\n* localhost * block\n10 10 * allow\n100.100 100.100 * allow\n100.101 100.101 * allow\n100.102 100.102 * allow\n100.103 100.103 * allow\n100.104 100.104 * allow\n100.105 100.105 * allow\n100.106 100.106 * allow\n100.107 100.107 * allow\n100.108 100.108 * allow\n100.109 100.109 * allow\n100.110 100.110 * allow\n100.111 100.111 * allow\n100.112 100.112 * allow\n100.113 100.113 * allow\n100.114 100.114 * allow\n100.115 100.115 * allow\n100.116 100.116 * allow\n100.117 100.117 * allow\n100.118 100.118 * allow\n100.119 100.119 * allow\n100.120 100.120 * allow\n100.121 100.121 * allow\n100.122 100.122 * allow\n100.123 100.123 * allow\n100.124 100.124 * allow\n100.125 100.125 * allow\n100.126 100.126 * allow\n100.127 100.127 * allow\n100.64 100.64 * allow\n100.65 100.65 * allow\n100.66 100.66 * allow\n100.67 100.67 * allow\n100.68 100.68 * allow\n100.69 100.69 * allow\n100.70 100.70 * allow\n100.71 100.71 * allow\n100.72 100.72 * allow\n100.73 100.73 * allow\n100.74 100.74 * allow\n100.75 100.75 * allow\n100.76 100.76 * allow\n100.77 100.77 * allow\n100.78 100.78 * allow\n100.79 100.79 * allow\n100.80 100.80 * allow\n100.81 100.81 * allow\n100.82 100.82 * allow\n100.83 100.83 * allow\n100.84 100.84 * allow\n100.85 100.85 * allow\n100.86 100.86 * allow\n100.87 100.87 * allow\n100.88 100.88 * allow\n100.89 100.89 * allow\n100.90 100.90 * allow\n100.91 100.91 * allow\n100.92 100.92 * allow\n100.93 100.93 * allow\n100.94 100.94 * allow\n100.95 100.95 * allow\n100.96 100.96 * allow\n100.97 100.97 * allow\n100.98 100.98 * allow\n100.99 100.99 * allow\n169.254 169.254 * allow\n172.16 172.16 * allow\n172.17 172.17 * allow\n172.18 172.18 * allow\n172.19 172.19 * allow\n172.20 172.20 * allow\n172.21 172.21 * allow\n172.22 172.22 * allow\n172.23 172.23 * allow\n172.24 172.24 * allow\n172.25 172.25 * allow\n172.26 172.26 * allow\n172.27 172.27 * allow\n172.28 172.28 * allow\n172.29 172.29 * allow\n172.30 172.30 * allow\n172.31 172.31 * allow\n192.0.0 192.0.0 * allow\n192.168 192.168 * allow\n198.18 198.18 * allow\n198.19 198.19 * allow\nlocalhost localhost * allow\n* broadcasthost * block\n* local * block\nlocal local * allow\n* lan * block\n* localdomain * block\nlan lan * allow\nlocaldomain localdomain * allow\nwww.intel.com 127.0.0.1 * allow", 62 | "urlFilteringString": "", 63 | "hostnameSwitchesString": "no-csp-reports: * true\nno-large-media: behind-the-scene false\nno-strict-blocking: login.microsoftonline.com true", 64 | "userFilters": "# *##+js(set, Worker, noopFunc)\n# *##+js(set, ServiceWorker, noopFunc)\n# *##+js(set, SharedWorker, noopFunc)\n\n! 27 Jan 2025 https://dailyreport.comtrade.com\n@@||comtrade.com^$xhr,domain=comtrade.com" 65 | } -------------------------------------------------------------------------------- /temporary_containers_preferences.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "1.0.3", 3 | "date": 1744364901801, 4 | "preferences": { 5 | "automaticMode": { 6 | "active": true, 7 | "newTab": "created" 8 | }, 9 | "notifications": false, 10 | "container": { 11 | "namePrefix": "%domain%", 12 | "color": "toolbar", 13 | "colorRandom": true, 14 | "colorRandomExcluded": [ 15 | "toolbar" 16 | ], 17 | "icon": "circle", 18 | "iconRandom": false, 19 | "iconRandomExcluded": [], 20 | "numberMode": "hide", 21 | "removal": 900000 22 | }, 23 | "iconColor": "default", 24 | "isolation": { 25 | "reactivateDelay": 0, 26 | "global": { 27 | "navigation": { 28 | "action": "never" 29 | }, 30 | "mouseClick": { 31 | "middle": { 32 | "action": "notsamedomain", 33 | "container": "default" 34 | }, 35 | "ctrlleft": { 36 | "action": "never", 37 | "container": "default" 38 | }, 39 | "left": { 40 | "action": "never", 41 | "container": "default" 42 | } 43 | }, 44 | "excluded": {}, 45 | "excludedContainers": [] 46 | }, 47 | "domain": [ 48 | { 49 | "pattern": "duckduckgo.com", 50 | "always": { 51 | "action": "enabled", 52 | "allowedInPermanent": true, 53 | "allowedInTemporary": false 54 | }, 55 | "navigation": { 56 | "action": "notsamedomainexact" 57 | }, 58 | "mouseClick": { 59 | "middle": { 60 | "action": "global" 61 | }, 62 | "ctrlleft": { 63 | "action": "global" 64 | }, 65 | "left": { 66 | "action": "global" 67 | } 68 | }, 69 | "excluded": {} 70 | }, 71 | { 72 | "pattern": "/^https?:\\\\/\\\\/www\\\\.google\\\\..+\\\\/.*/", 73 | "always": { 74 | "action": "enabled", 75 | "allowedInPermanent": true, 76 | "allowedInTemporary": true 77 | }, 78 | "navigation": { 79 | "action": "notsamedomainexact" 80 | }, 81 | "mouseClick": { 82 | "middle": { 83 | "action": "global" 84 | }, 85 | "ctrlleft": { 86 | "action": "global" 87 | }, 88 | "left": { 89 | "action": "global" 90 | } 91 | }, 92 | "excluded": {} 93 | }, 94 | { 95 | "pattern": "*", 96 | "always": { 97 | "action": "enabled", 98 | "allowedInPermanent": true, 99 | "allowedInTemporary": true 100 | }, 101 | "navigation": { 102 | "action": "global" 103 | }, 104 | "mouseClick": { 105 | "middle": { 106 | "action": "global" 107 | }, 108 | "ctrlleft": { 109 | "action": "global" 110 | }, 111 | "left": { 112 | "action": "global" 113 | } 114 | }, 115 | "excluded": {} 116 | } 117 | ], 118 | "mac": { 119 | "action": "disabled" 120 | } 121 | }, 122 | "browserActionPopup": false, 123 | "pageAction": false, 124 | "contextMenu": true, 125 | "contextMenuBookmarks": false, 126 | "keyboardShortcuts": { 127 | "AltC": true, 128 | "AltP": true, 129 | "AltN": false, 130 | "AltShiftC": false, 131 | "AltX": false, 132 | "AltO": false, 133 | "AltI": false 134 | }, 135 | "replaceTabs": false, 136 | "closeRedirectorTabs": { 137 | "active": false, 138 | "delay": 2000, 139 | "domains": [ 140 | "t.co", 141 | "outgoing.prod.mozaws.net", 142 | "slack-redir.net", 143 | "slack-redir.net" 144 | ] 145 | }, 146 | "ignoreRequests": [ 147 | "getpocket.com", 148 | "addons.mozilla.org" 149 | ], 150 | "cookies": { 151 | "domain": { 152 | "duckduckgo.com": [ 153 | { 154 | "domain": "", 155 | "expirationDate": "", 156 | "firstPartyDomain": "", 157 | "httpOnly": "", 158 | "name": "am", 159 | "path": "", 160 | "sameSite": "", 161 | "secure": "", 162 | "url": "https://duckduckgo.com/", 163 | "value": "here-maps" 164 | }, 165 | { 166 | "domain": "", 167 | "expirationDate": "", 168 | "firstPartyDomain": "", 169 | "httpOnly": "", 170 | "name": "5", 171 | "path": "", 172 | "sameSite": "", 173 | "secure": "", 174 | "url": "https://duckduckgo.com/", 175 | "value": "2" 176 | }, 177 | { 178 | "domain": "", 179 | "expirationDate": "", 180 | "firstPartyDomain": "", 181 | "httpOnly": "", 182 | "name": "av", 183 | "path": "", 184 | "sameSite": "", 185 | "secure": "", 186 | "url": "https://duckduckgo.com/", 187 | "value": "1" 188 | }, 189 | { 190 | "domain": "", 191 | "expirationDate": "", 192 | "firstPartyDomain": "", 193 | "httpOnly": "", 194 | "name": "n", 195 | "path": "", 196 | "sameSite": "", 197 | "secure": "", 198 | "url": "https://duckduckgo.com/", 199 | "value": "1" 200 | }, 201 | { 202 | "domain": "", 203 | "expirationDate": "", 204 | "firstPartyDomain": "", 205 | "httpOnly": "", 206 | "name": "1", 207 | "path": "", 208 | "sameSite": "", 209 | "secure": "", 210 | "url": "https://duckduckgo.com/", 211 | "value": "-1" 212 | } 213 | ] 214 | } 215 | }, 216 | "scripts": { 217 | "active": false, 218 | "domain": {} 219 | }, 220 | "deletesHistory": { 221 | "active": false, 222 | "automaticMode": "never", 223 | "contextMenu": false, 224 | "contextMenuBookmarks": false, 225 | "containerAlwaysPerDomain": "never", 226 | "containerIsolation": "never", 227 | "containerRemoval": 0, 228 | "containerMouseClicks": "never", 229 | "statistics": false 230 | }, 231 | "statistics": false, 232 | "ui": { 233 | "expandPreferences": true, 234 | "popupDefaultTab": "isolation-global" 235 | } 236 | } 237 | } -------------------------------------------------------------------------------- /user-overrides.js: -------------------------------------------------------------------------------- 1 | /****** 2 | HOME: https://github.com/crssi/Firefox 3 | INFO: Supplement for arkenfox user.js; https://github.com/arkenfox/user.js; inline with commit 3d76c74 on 6.3.2025 4 | NOTE: Before proceeding further, make a backup of your current profile 5 | 6 | 1. Download user.js from https://raw.githubusercontent.com/arkenfox/user.js/master/user.js, append this file and place it into "profile folder" 7 | NOTE: To find "profile folder" location, enter "about:support" into urlbar and on "Profile Folder" row click "Open Folder" button 8 | 2. Firefox -> Hamburger menu -> Settings -> General -> General -> Tabs -> Settings... 9 | Remove all containers 10 | Firefox -> Options -> Search 11 | Default Search Engine: duckduckgo 12 | Show search suggestions ahead of browsing history in address bar results: Uncheck 13 | 3. Install extensions (see Extensions section) and setup by instructions 14 | NOTE: all changes are addition to default settings, so you can use them as a reference for your own settings 15 | 4. To enable SSO for enterprise specific realm/domain enter domain list (comma separated without spaces) into preferences (about:config) network.negotiate-auth.trusted-uris and network.automatic-ntlm-auth.trusted-uris 16 | 17 | ESSENTIAL EXTENSIONS: 18 | Privacy-Oriented Origin Policy; https://addons.mozilla.org/firefox/addon/privacy-oriented-origin-policy/ (https://github.com/claustromaniac/poop/) 19 | Type filters 20 | script: Check 21 | xmlhttprequest (XHR): Check 22 | Exclusions 23 | Exclusions: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/POOP-Exclusions.txt 24 | Click [Save] 25 | Skip Redirect; https://addons.mozilla.org/firefox/addon/skip-redirect/ (https://github.com/sblask/webextension-skip-redirect/) 26 | No-skip-urls-list: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/Skip_Redirect-Blacklist.txt 27 | Notifications 28 | Enable popup: Uncheck 29 | Temporary Containers Plus; https://addons.mozilla.org/firefox/addon/temporary-containers-plus/ (https://github.com/GodKratos/temporary-containers/) 30 | Export/Import 31 | Import Preferences 32 | Click [Import from local file]: Download from https://raw.githubusercontent.com/crssi/Firefox/master/temporary_containers_preferences.json 33 | uBlock Origin; https://addons.mozilla.org/firefox/addon/ublock-origin/ (https://github.com/uBlockOrigin/uBlock-issues/) 34 | Settings 35 | Click [Restore from file...]: https://raw.githubusercontent.com/crssi/Firefox/master/my-ublock-backup.txt 36 | 37 | USEFUL/INTERESTING EXTENSIONS: 38 | IMDb Search (Internet Movie Database); https://addons.mozilla.org/firefox/addon/imdb-search-all/ (https://github.com/docmalkovich/firefox-imdb-search) 39 | Keepa.com - Amazon Price Tracker; https://addons.mozilla.org/firefox/addon/keepa/ 40 | Maximize All Windows (Minimalist Version); https://addons.mozilla.org/firefox/addon/maximize-all-windows-minimal/ (https://github.com/ericchase/maximize-all-windows/tree/master-minimal/) 41 | URLs List; https://addons.mozilla.org/firefox/addon/urls-list/ (https://github.com/moritz-h/urls-list/) 42 | Simple Translate (https://addons.mozilla.org/firefox/addon/simple-translate/) 43 | Switch Container Plus (https://addons.mozilla.org/firefox/addon/switch-container-plus/) 44 | 45 | ARCHIVED/INTERESTING EXTENSIONS: 46 | Bitwarden - Free Password Manager; https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/ (https://github.com/bitwarden/, https://bitwarden.com/) 47 | Certainly Something (Certificate Viewer); https://addons.mozilla.org/firefox/addon/certainly-something/ (https://github.com/april/certainly-something/) 48 | Cookie Quick Manager; https://addons.mozilla.org/firefox/addon/cookie-quick-manager/ (https://github.com/ysard/cookie-quick-manager/) 49 | I still don't care about cookies; https://addons.mozilla.org/firefox/addon/istilldontcareaboutcookies/ (https://github.com/OhMyGuus/I-Dont-Care-About-Cookies/) 50 | IndicateTLS; https://addons.mozilla.org/firefox/addon/indicatetls/ (https://github.com/jannispinter/indicatetls/) 51 | SixIndicator; https://addons.mozilla.org/firefox/addon/sixindicator/ (https://github.com/HostedDinner/SixIndicator/) 52 | Smart Referer; https://addons.mozilla.org/firefox/addon/smart-referer/ (https://gitlab.com/smart-referer/smart-referer/) 53 | Whitelist Sources: Add https://raw.githubusercontent.com/crssi/Firefox/master/Smart_Referer-Whitelist.txt 54 | 55 | 56 | ******/ 57 | 58 | /*** PERSONAL AND ANNOYANCES TWEAKS ***/ 59 | /* 0800x */ user_pref("browser.urlbar.matchBuckets", "general:15,suggestion:Infinity"); // resets 0801 and must be applied before 60 | /* 0804 */ user_pref("browser.search.suggest.enabled", true); // enable live search suggestions 61 | /* 0804 */ user_pref("browser.urlbar.suggest.searches", true); // show search suggestions in address bar results 62 | /* 4513 */ user_pref("browser.link.open_newwindow.restriction", 2); // don't like that a new window is forcibly opened fullsize 63 | /* 5011 */ user_pref("browser.urlbar.maxRichResults", 16); // number of urlbar search results 64 | /* 5012 */ user_pref("browser.urlbar.autoFill", false); // disable location bar autofill 65 | /* 9000x */ user_pref("browser.tabs.closeWindowWithLastTab", false); // do not close FF with the last tab 66 | /* 9000x */ user_pref("browser.tabs.loadBookmarksInTabs", true); // open bookmark in a new tab 67 | /* 9000x */ user_pref("browser.urlbar.decodeURLsOnCopy", true); // see Bugzilla 1320061 68 | /* 9000x */ user_pref("full-screen-api.warning.timeout", 0); // remove fullscreen message annoyance 69 | /* 9000x */ user_pref("general.autoScroll", false); // disable mouse middle-click scroll annoyance 70 | /* 9000x */ user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar 71 | /* 9000x */ user_pref("browser.tabs.selectOwnerOnClose", false); // set tab first to the left of closed tab as active 72 | /* 9000x */ user_pref("browser.translations.automaticallyPopup", false); // do not show translation popup 73 | /* 9000x */ user_pref("browser.urlbar.showSearchSuggestionsFirst", false) // Show search suggestions ahead of browsing history in address bar results 74 | /* 9000x */ user_pref("browser.urlbar.suggest.topsites", false); // don't show top sites suggestion in url bar 75 | /* 9000x */ user_pref("findbar.highlightAll", true); // highlight all hits on search 76 | 77 | /*** BREAKAGE AND SECURITY TWEAKS ***/ 78 | /* 0701 */ user_pref("network.dns.disableIPv6", true); //disable IPv6 79 | /* 1201 */ user_pref("security.ssl.require_safe_negotiation", false); // do not force require_safe_negotiation 80 | /* 1212 ?*/ user_pref("security.OCSP.require", false); // allow connection if OCSP not reacheable; when OCSP is enabled 81 | /* 1223 */ user_pref("security.cert_pinning.enforcement_level", 1); // set to default to avoid AntiVirus breakage 82 | /* 4503 */ user_pref("privacy.resistFingerprinting.block_mozAddonManager", false); // enable AMO to work as intended, 2662 must be default 83 | /* 5001 */ user_pref("browser.privatebrowsing.autostart", false); // disable PB 84 | /* 9000e */ user_pref("network.automatic-ntlm-auth.allow-non-fqdn", true); // enable SSO for hostnames 85 | 86 | user_pref("_user.js.parrot", "Eagle has landed!"); 87 | -------------------------------------------------------------------------------- /user.js: -------------------------------------------------------------------------------- 1 | /****** 2 | * name: arkenfox user.js 3 | * date: 6 March 2025 4 | * version: 135 5 | * urls: https://github.com/arkenfox/user.js [repo] 6 | * : https://arkenfox.github.io/gui/ [interactive] 7 | * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt 8 | 9 | * README: 10 | 11 | 1. Consider using Tor Browser if it meets your needs or fits your threat model 12 | * https://2019.www.torproject.org/about/torusers.html 13 | 2. Read the entire wiki 14 | * https://github.com/arkenfox/user.js/wiki 15 | 3. If you skipped step 2, return to step 2 16 | 4. Make changes in a user-overrides.js 17 | * There are often trade-offs and conflicts between security vs privacy vs anti-tracking 18 | and these need to be balanced against functionality & convenience & breakage 19 | * Some site breakage and unintended consequences will happen. Everyone's experience will differ 20 | e.g. some user data is erased on exit (section 2800), change this to suit your needs 21 | * While not 100% definitive, search for "[SETUP" tags 22 | 5. Some tag info 23 | [SETUP-SECURITY] it's one item, read it 24 | [SETUP-WEB] can cause some websites to break 25 | [SETUP-CHROME] changes how Firefox itself behaves (i.e. not directly website related) 26 | 6. Override Recipes: https://github.com/arkenfox/user.js/issues/1080 27 | 28 | * RELEASES: https://github.com/arkenfox/user.js/releases 29 | 30 | * Use the arkenfox release that matches your Firefox version 31 | - DON'T wait for arkenfox to update Firefox, nothing major changes these days 32 | * Each release 33 | - run prefsCleaner to reset prefs made inactive, including deprecated (9999) 34 | * ESR 35 | - It is recommended to not use the updater, or you will get a later version which may cause issues. 36 | So you should manually append your overrides (and keep a copy), and manually update when you 37 | change ESR releases (arkenfox is already past that release) 38 | - If you decide to keep updating, then the onus is on you - also see section 9999 39 | 40 | * INDEX: 41 | 42 | 0100: STARTUP 43 | 0200: GEOLOCATION 44 | 0300: QUIETER FOX 45 | 0400: SAFE BROWSING 46 | 0600: BLOCK IMPLICIT OUTBOUND 47 | 0700: DNS / DoH / PROXY / SOCKS 48 | 0800: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS 49 | 0900: PASSWORDS 50 | 1000: DISK AVOIDANCE 51 | 1200: HTTPS (SSL/TLS / OCSP / CERTS / HPKP) 52 | 1600: REFERERS 53 | 1700: CONTAINERS 54 | 2000: PLUGINS / MEDIA / WEBRTC 55 | 2400: DOM (DOCUMENT OBJECT MODEL) 56 | 2600: MISCELLANEOUS 57 | 2700: ETP (ENHANCED TRACKING PROTECTION) 58 | 2800: SHUTDOWN & SANITIZING 59 | 4000: FPP (fingerprintingProtection) 60 | 4500: OPTIONAL RFP (resistFingerprinting) 61 | 5000: OPTIONAL OPSEC 62 | 5500: OPTIONAL HARDENING 63 | 6000: DON'T TOUCH 64 | 7000: DON'T BOTHER 65 | 8000: DON'T BOTHER: FINGERPRINTING 66 | 8500: TELEMETRY 67 | 9000: NON-PROJECT RELATED 68 | 9999: DEPRECATED / RENAMED 69 | 70 | ******/ 71 | 72 | /* START: internal custom pref to test for syntax errors 73 | * [NOTE] Not all syntax errors cause parsing to abort i.e. reaching the last debug pref 74 | * no longer necessarily means that all prefs have been applied. Check the console right 75 | * after startup for any warnings/error messages related to non-applied prefs 76 | * [1] https://blog.mozilla.org/nnethercote/2018/03/09/a-new-preferences-parser-for-firefox/ ***/ 77 | user_pref("_user.js.parrot", "START: Oh yes, the Norwegian Blue... what's wrong with it?"); 78 | 79 | /* 0000: disable about:config warning ***/ 80 | user_pref("browser.aboutConfig.showWarning", false); 81 | 82 | /*** [SECTION 0100]: STARTUP ***/ 83 | user_pref("_user.js.parrot", "0100 syntax error: the parrot's dead!"); 84 | /* 0102: set startup page [SETUP-CHROME] 85 | * 0=blank, 1=home, 2=last visited page, 3=resume previous session 86 | * [NOTE] Session Restore is cleared with history (2811+), and not used in Private Browsing mode 87 | * [SETTING] General>Startup>Restore previous session ***/ 88 | user_pref("browser.startup.page", 0); 89 | /* 0103: set HOME+NEWWINDOW page 90 | * about:home=Firefox Home (default, see 0105), custom URL, about:blank 91 | * [SETTING] Home>New Windows and Tabs>Homepage and new windows ***/ 92 | user_pref("browser.startup.homepage", "about:blank"); 93 | /* 0104: set NEWTAB page 94 | * true=Firefox Home (default, see 0105), false=blank page 95 | * [SETTING] Home>New Windows and Tabs>New tabs ***/ 96 | user_pref("browser.newtabpage.enabled", false); 97 | /* 0105: disable sponsored content on Firefox Home (Activity Stream) 98 | * [SETTING] Home>Firefox Home Content ***/ 99 | user_pref("browser.newtabpage.activity-stream.showSponsored", false); // [FF58+] 100 | user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // [FF83+] Shortcuts>Sponsored shortcuts 101 | /* 0106: clear default topsites 102 | * [NOTE] This does not block you from adding your own ***/ 103 | user_pref("browser.newtabpage.activity-stream.default.sites", ""); 104 | 105 | /*** [SECTION 0200]: GEOLOCATION ***/ 106 | user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!"); 107 | /* 0202: disable using the OS's geolocation service ***/ 108 | user_pref("geo.provider.ms-windows-location", false); // [WINDOWS] 109 | user_pref("geo.provider.use_corelocation", false); // [MAC] 110 | user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX] 111 | 112 | /*** [SECTION 0300]: QUIETER FOX ***/ 113 | user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!"); 114 | /** RECOMMENDATIONS ***/ 115 | /* 0320: disable recommendation pane in about:addons (uses Google Analytics) ***/ 116 | user_pref("extensions.getAddons.showPane", false); // [HIDDEN PREF] 117 | /* 0321: disable recommendations in about:addons' Extensions and Themes panes [FF68+] ***/ 118 | user_pref("extensions.htmlaboutaddons.recommendations.enabled", false); 119 | /* 0322: disable personalized Extension Recommendations in about:addons and AMO [FF65+] 120 | * [NOTE] This pref has no effect when Health Reports (8501) are disabled 121 | * [SETTING] Privacy & Security>Firefox Data Collection and Use>Allow personalized extension recommendations 122 | * [1] https://support.mozilla.org/kb/personalized-extension-recommendations ***/ 123 | user_pref("browser.discovery.enabled", false); 124 | /* 0323: disable shopping experience [FF116+] 125 | * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0 ***/ 126 | user_pref("browser.shopping.experience2023.enabled", false); // [DEFAULT: false] 127 | 128 | /** TELEMETRY ***/ 129 | /* 0335: disable Firefox Home (Activity Stream) telemetry ***/ 130 | user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); 131 | user_pref("browser.newtabpage.activity-stream.telemetry", false); 132 | 133 | /** STUDIES ***/ 134 | /* 0340: disable Studies 135 | * [SETTING] Privacy & Security>Firefox Data Collection and Use>Install and run studies ***/ 136 | user_pref("app.shield.optoutstudies.enabled", false); 137 | /* 0341: disable Normandy/Shield [FF60+] 138 | * Shield is a telemetry system that can push and test "recipes" 139 | * [1] https://mozilla.github.io/normandy/ ***/ 140 | user_pref("app.normandy.enabled", false); 141 | user_pref("app.normandy.api_url", ""); 142 | 143 | /** CRASH REPORTS ***/ 144 | /* 0350: disable Crash Reports ***/ 145 | user_pref("breakpad.reportURL", ""); 146 | user_pref("browser.tabs.crashReporting.sendReport", false); // [FF44+] 147 | // user_pref("browser.crashReports.unsubmittedCheck.enabled", false); // [FF51+] [DEFAULT: false] 148 | /* 0351: enforce no submission of backlogged Crash Reports [FF58+] 149 | * [SETTING] Privacy & Security>Firefox Data Collection and Use>Send backlogged crash reports ***/ 150 | user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false); // [DEFAULT: false] 151 | 152 | /** OTHER ***/ 153 | /* 0360: disable Captive Portal detection 154 | * [1] https://www.eff.org/deeplinks/2017/08/how-captive-portals-interfere-wireless-security-and-privacy ***/ 155 | user_pref("captivedetect.canonicalURL", ""); 156 | user_pref("network.captive-portal-service.enabled", false); // [FF52+] 157 | /* 0361: disable Network Connectivity checks [FF65+] 158 | * [1] https://bugzilla.mozilla.org/1460537 ***/ 159 | user_pref("network.connectivity-service.enabled", false); 160 | 161 | /*** [SECTION 0400]: SAFE BROWSING (SB) 162 | SB has taken many steps to preserve privacy. If required, a full url is never sent 163 | to Google, only a part-hash of the prefix, hidden with noise of other real part-hashes. 164 | Firefox takes measures such as stripping out identifying parameters and since SBv4 (FF57+) 165 | doesn't even use cookies. (#Turn on browser.safebrowsing.debug to monitor this activity) 166 | 167 | [1] https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/ 168 | [2] https://wiki.mozilla.org/Security/Safe_Browsing 169 | [3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work 170 | [4] https://educatedguesswork.org/posts/safe-browsing-privacy/ 171 | ***/ 172 | user_pref("_user.js.parrot", "0400 syntax error: the parrot's passed on!"); 173 | /* 0401: disable SB (Safe Browsing) 174 | * [WARNING] Do this at your own risk! These are the master switches 175 | * [SETTING] Privacy & Security>Security>... Block dangerous and deceptive content ***/ 176 | // user_pref("browser.safebrowsing.malware.enabled", false); 177 | // user_pref("browser.safebrowsing.phishing.enabled", false); 178 | /* 0402: disable SB checks for downloads (both local lookups + remote) 179 | * This is the master switch for the safebrowsing.downloads* prefs (0403, 0404) 180 | * [SETTING] Privacy & Security>Security>... "Block dangerous downloads" ***/ 181 | // user_pref("browser.safebrowsing.downloads.enabled", false); 182 | /* 0403: disable SB checks for downloads (remote) 183 | * To verify the safety of certain executable files, Firefox may submit some information about the 184 | * file, including the name, origin, size and a cryptographic hash of the contents, to the Google 185 | * Safe Browsing service which helps Firefox determine whether or not the file should be blocked 186 | * [SETUP-SECURITY] If you do not understand this, or you want this protection, then override this ***/ 187 | user_pref("browser.safebrowsing.downloads.remote.enabled", false); 188 | // user_pref("browser.safebrowsing.downloads.remote.url", ""); // Defense-in-depth 189 | /* 0404: disable SB checks for unwanted software 190 | * [SETTING] Privacy & Security>Security>... "Warn you about unwanted and uncommon software" ***/ 191 | // user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); 192 | // user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); 193 | /* 0405: disable "ignore this warning" on SB warnings [FF45+] 194 | * If clicked, it bypasses the block for that session. This is a means for admins to enforce SB 195 | * [TEST] see https://github.com/arkenfox/user.js/wiki/Appendix-A-Test-Sites#-mozilla 196 | * [1] https://bugzilla.mozilla.org/1226490 ***/ 197 | // user_pref("browser.safebrowsing.allowOverride", false); 198 | 199 | /*** [SECTION 0600]: BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/ 200 | user_pref("_user.js.parrot", "0600 syntax error: the parrot's no more!"); 201 | /* 0601: disable link prefetching 202 | * [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/ 203 | user_pref("network.prefetch-next", false); 204 | /* 0602: disable DNS prefetching 205 | * [1] https://developer.mozilla.org/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control ***/ 206 | user_pref("network.dns.disablePrefetch", true); 207 | user_pref("network.dns.disablePrefetchFromHTTPS", true); 208 | /* 0603: disable predictor / prefetching ***/ 209 | user_pref("network.predictor.enabled", false); 210 | user_pref("network.predictor.enable-prefetch", false); // [FF48+] [DEFAULT: false] 211 | /* 0604: disable link-mouseover opening connection to linked server 212 | * [1] https://news.slashdot.org/story/15/08/14/2321202/how-to-quash-firefoxs-silent-requests ***/ 213 | user_pref("network.http.speculative-parallel-limit", 0); 214 | /* 0605: disable mousedown speculative connections on bookmarks and history [FF98+] ***/ 215 | user_pref("browser.places.speculativeConnect.enabled", false); 216 | /* 0610: enforce no "Hyperlink Auditing" (click tracking) 217 | * [1] https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/ ***/ 218 | // user_pref("browser.send_pings", false); // [DEFAULT: false] 219 | 220 | /*** [SECTION 0700]: DNS / DoH / PROXY / SOCKS ***/ 221 | user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost!"); 222 | /* 0702: set the proxy server to do any DNS lookups when using SOCKS 223 | * e.g. in Tor, this stops your local DNS server from knowing your Tor destination 224 | * as a remote Tor node will handle the DNS request 225 | * [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers ***/ 226 | user_pref("network.proxy.socks_remote_dns", true); 227 | /* 0703: disable using UNC (Uniform Naming Convention) paths [FF61+] 228 | * [SETUP-CHROME] Can break extensions for profiles on network shares 229 | * [1] https://bugzilla.mozilla.org/1413868 ***/ 230 | user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF] 231 | /* 0704: disable GIO as a potential proxy bypass vector 232 | * Gvfs/GIO has a set of supported protocols like obex, network, archive, computer, 233 | * dav, cdda, gphoto2, trash, etc. From FF87-117, by default only sftp was accepted 234 | * [1] https://bugzilla.mozilla.org/1433507 235 | * [2] https://en.wikipedia.org/wiki/GVfs 236 | * [3] https://en.wikipedia.org/wiki/GIO_(software) ***/ 237 | user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] [DEFAULT: ""] 238 | /* 0705: disable proxy direct failover for system requests [FF91+] 239 | * [WARNING] Default true is a security feature against malicious extensions [1] 240 | * [SETUP-CHROME] If you use a proxy and you trust your extensions 241 | * [1] https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/ ***/ 242 | // user_pref("network.proxy.failover_direct", false); 243 | /* 0706: disable proxy bypass for system request failures [FF95+] 244 | * RemoteSettings, UpdateService, Telemetry [1] 245 | * [WARNING] If false, this will break the fallback for some security features 246 | * [SETUP-CHROME] If you use a proxy and you understand the security impact 247 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1732792,1733994,1733481 ***/ 248 | // user_pref("network.proxy.allow_bypass", false); 249 | /* 0710: enable DNS-over-HTTPS (DoH) [FF60+] 250 | * 0=default, 2=increased (TRR (Trusted Recursive Resolver) first), 3=max (TRR only), 5=off (no rollout) 251 | * see "doh-rollout.home-region": USA 2019, Canada 2021, Russia/Ukraine 2022 [3] 252 | * [SETTING] Privacy & Security>DNS over HTTPS 253 | * [1] https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/ 254 | * [2] https://wiki.mozilla.org/Security/DOH-resolver-policy 255 | * [3] https://support.mozilla.org/kb/firefox-dns-over-https 256 | * [4] https://www.eff.org/deeplinks/2020/12/dns-doh-and-odoh-oh-my-year-review-2020 ***/ 257 | // user_pref("network.trr.mode", 3); 258 | /* 0712: set DoH provider 259 | * The custom uri is the value shown when you "Choose provider>Custom>" 260 | * [NOTE] If you USE custom then "network.trr.uri" should be set the same 261 | * [SETTING] Privacy & Security>DNS over HTTPS>Increased/Max>Choose provider ***/ 262 | // user_pref("network.trr.uri", "https://example.dns"); 263 | // user_pref("network.trr.custom_uri", "https://example.dns"); 264 | 265 | /*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/ 266 | user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!"); 267 | /* 0801: disable location bar making speculative connections [FF56+] 268 | * [1] https://bugzilla.mozilla.org/1348275 ***/ 269 | user_pref("browser.urlbar.speculativeConnect.enabled", false); 270 | /* 0802: disable location bar contextual suggestions 271 | * [NOTE] The UI is controlled by the .enabled pref 272 | * [SETTING] Search>Address Bar>Suggestions from... 273 | * [1] https://blog.mozilla.org/data/2021/09/15/data-and-firefox-suggest/ ***/ 274 | user_pref("browser.urlbar.quicksuggest.enabled", false); // [FF92+] 275 | user_pref("browser.urlbar.suggest.quicksuggest.nonsponsored", false); // [FF95+] 276 | user_pref("browser.urlbar.suggest.quicksuggest.sponsored", false); // [FF92+] 277 | /* 0803: disable live search suggestions 278 | * [NOTE] Both must be true for live search to work in the location bar 279 | * [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine 280 | * [SETTING] Search>Show search suggestions | Show search suggestions in address bar results ***/ 281 | user_pref("browser.search.suggest.enabled", false); 282 | user_pref("browser.urlbar.suggest.searches", false); 283 | /* 0805: disable urlbar trending search suggestions [FF118+] 284 | * [SETTING] Search>Search Suggestions>Show trending search suggestions (FF119) ***/ 285 | user_pref("browser.urlbar.trending.featureGate", false); 286 | /* 0806: disable urlbar suggestions ***/ 287 | user_pref("browser.urlbar.addons.featureGate", false); // [FF115+] 288 | user_pref("browser.urlbar.fakespot.featureGate", false); // [FF130+] [DEFAULT: false] 289 | user_pref("browser.urlbar.mdn.featureGate", false); // [FF117+] [HIDDEN PREF] 290 | user_pref("browser.urlbar.pocket.featureGate", false); // [FF116+] [DEFAULT: false] 291 | user_pref("browser.urlbar.weather.featureGate", false); // [FF108+] [DEFAULT: false] 292 | user_pref("browser.urlbar.yelp.featureGate", false); // [FF124+] 293 | /* 0807: disable urlbar clipboard suggestions [FF118+] ***/ 294 | // user_pref("browser.urlbar.clipboard.featureGate", false); 295 | /* 0808: disable recent searches [FF120+] 296 | * [NOTE] Recent searches are cleared with history (2811+) 297 | * [1] https://support.mozilla.org/kb/search-suggestions-firefox ***/ 298 | // user_pref("browser.urlbar.recentsearches.featureGate", false); 299 | /* 0810: disable search and form history 300 | * [NOTE] We also clear formdata on exit (2811+) 301 | * [SETUP-WEB] Be aware that autocomplete form data can be read by third parties [1][2] 302 | * [SETTING] Privacy & Security>History>Custom Settings>Remember search and form history 303 | * [1] https://blog.mindedsecurity.com/2011/10/autocompleteagain.html 304 | * [2] https://bugzilla.mozilla.org/381681 ***/ 305 | user_pref("browser.formfill.enable", false); 306 | /* 0815: disable tab-to-search [FF85+] 307 | * Alternatively, you can exclude on a per-engine basis by unchecking them in Options>Search 308 | * [SETTING] Search>Address Bar>When using the address bar, suggest>Search engines ***/ 309 | // user_pref("browser.urlbar.suggest.engines", false); 310 | /* 0820: disable coloring of visited links 311 | * [SETUP-HARDEN] Bulk rapid history sniffing was mitigated in 2010 [1][2]. Slower and more expensive 312 | * redraw timing attacks were largely mitigated in FF77+ [3]. Using RFP (4501) further hampers timing 313 | * attacks. Don't forget clearing history on exit (2811+). However, social engineering [2#limits][4][5] 314 | * and advanced targeted timing attacks could still produce usable results 315 | * [1] https://developer.mozilla.org/docs/Web/CSS/Privacy_and_the_:visited_selector 316 | * [2] https://dbaron.org/mozilla/visited-privacy 317 | * [3] https://bugzilla.mozilla.org/1632765 318 | * [4] https://earthlng.github.io/testpages/visited_links.html (see github wiki APPENDIX A on how to use) 319 | * [5] https://lcamtuf.blogspot.com/2016/08/css-mix-blend-mode-is-bad-for-keeping.html ***/ 320 | // user_pref("layout.css.visited_links_enabled", false); 321 | /* 0830: enable separate default search engine in Private Windows and its UI setting 322 | * [SETTING] Search>Default Search Engine>Choose a different default search engine for Private Windows only ***/ 323 | user_pref("browser.search.separatePrivateDefault", true); // [FF70+] 324 | user_pref("browser.search.separatePrivateDefault.ui.enabled", true); // [FF71+] 325 | 326 | /*** [SECTION 0900]: PASSWORDS 327 | [1] https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas 328 | ***/ 329 | user_pref("_user.js.parrot", "0900 syntax error: the parrot's expired!"); 330 | /* 0903: disable auto-filling username & password form fields 331 | * can leak in cross-site forms *and* be spoofed 332 | * [NOTE] Username & password is still available when you enter the field 333 | * [SETTING] Privacy & Security>Logins and Passwords>Autofill logins and passwords 334 | * [1] https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/ 335 | * [2] https://homes.esat.kuleuven.be/~asenol/leaky-forms/ ***/ 336 | user_pref("signon.autofillForms", false); 337 | /* 0904: disable formless login capture for Password Manager [FF51+] ***/ 338 | user_pref("signon.formlessCapture.enabled", false); 339 | /* 0905: limit (or disable) HTTP authentication credentials dialogs triggered by sub-resources [FF41+] 340 | * hardens against potential credentials phishing 341 | * 0 = don't allow sub-resources to open HTTP authentication credentials dialogs 342 | * 1 = don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs 343 | * 2 = allow sub-resources to open HTTP authentication credentials dialogs (default) ***/ 344 | user_pref("network.auth.subresource-http-auth-allow", 1); 345 | /* 0906: enforce no automatic authentication on Microsoft sites [FF91+] [WINDOWS 10+] 346 | * [SETTING] Privacy & Security>Logins and Passwords>Allow Windows single sign-on for... 347 | * [1] https://support.mozilla.org/kb/windows-sso ***/ 348 | // user_pref("network.http.windows-sso.enabled", false); // [DEFAULT: false] 349 | /* 0907: enforce no automatic authentication on Microsoft sites [FF131+] [MAC] 350 | * On macOS, SSO only works on corporate devices ***/ 351 | // user_pref("network.http.microsoft-entra-sso.enabled", false); // [DEFAULT: false] 352 | 353 | /*** [SECTION 1000]: DISK AVOIDANCE ***/ 354 | user_pref("_user.js.parrot", "1000 syntax error: the parrot's gone to meet 'is maker!"); 355 | /* 1001: disable disk cache 356 | * [NOTE] We also clear cache on exit (2811+) 357 | * [SETUP-CHROME] If you think disk cache helps perf, then feel free to override this ***/ 358 | user_pref("browser.cache.disk.enable", false); 359 | /* 1002: set media cache in Private Browsing to in-memory and increase its maximum size 360 | * [NOTE] MSE (Media Source Extensions) are already stored in-memory in PB ***/ 361 | user_pref("browser.privatebrowsing.forceMediaMemoryCache", true); // [FF75+] 362 | user_pref("media.memory_cache_max_size", 65536); 363 | /* 1003: disable storing extra session data [SETUP-CHROME] 364 | * define on which sites to save extra session data such as form content, cookies and POST data 365 | * 0=everywhere, 1=unencrypted sites, 2=nowhere ***/ 366 | user_pref("browser.sessionstore.privacy_level", 2); 367 | /* 1005: disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS] 368 | * [1] https://bugzilla.mozilla.org/603903 ***/ 369 | user_pref("toolkit.winRegisterApplicationRestart", false); 370 | /* 1006: disable favicons in shortcuts [WINDOWS] 371 | * URL shortcuts use a cached randomly named .ico file which is stored in your 372 | * profile/shortcutCache directory. The .ico remains after the shortcut is deleted 373 | * If set to false then the shortcuts use a generic Firefox icon ***/ 374 | user_pref("browser.shell.shortcutFavicons", false); 375 | 376 | /*** [SECTION 1200]: HTTPS (SSL/TLS / OCSP / CERTS / HPKP) 377 | Your cipher and other settings can be used in server side fingerprinting 378 | [TEST] https://www.ssllabs.com/ssltest/viewMyClient.html 379 | [TEST] https://browserleaks.com/ssl 380 | [TEST] https://ja3er.com/ 381 | [1] https://www.securityartwork.es/2017/02/02/tls-client-fingerprinting-with-bro/ 382 | ***/ 383 | user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!"); 384 | /** SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/ 385 | /* 1201: require safe negotiation 386 | * Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a 387 | * MiTM attack [3]. A server without RFC 5746 can be safe from the attack if it disables renegotiations 388 | * but the problem is that the browser can't know that. Setting this pref to true is the only way for the 389 | * browser to ensure there will be no unsafe renegotiations on the channel between the browser and the server 390 | * [SETUP-WEB] SSL_ERROR_UNSAFE_NEGOTIATION: is it worth overriding this for that one site? 391 | * [STATS] SSL Labs (May 2024) reports over 99.7% of top sites have secure renegotiation [4] 392 | * [1] https://wiki.mozilla.org/Security:Renegotiation 393 | * [2] https://datatracker.ietf.org/doc/html/rfc5746 394 | * [3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 395 | * [4] https://www.ssllabs.com/ssl-pulse/ ***/ 396 | user_pref("security.ssl.require_safe_negotiation", true); 397 | /* 1206: disable TLS1.3 0-RTT (round-trip time) [FF51+] 398 | * This data is not forward secret, as it is encrypted solely under keys derived using 399 | * the offered PSK. There are no guarantees of non-replay between connections 400 | * [1] https://github.com/tlswg/tls13-spec/issues/1001 401 | * [2] https://www.rfc-editor.org/rfc/rfc9001.html#name-replay-attacks-with-0-rtt 402 | * [3] https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/ ***/ 403 | user_pref("security.tls.enable_0rtt_data", false); 404 | 405 | /** OCSP (Online Certificate Status Protocol) 406 | [1] https://scotthelme.co.uk/revocation-is-broken/ 407 | [2] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ 408 | ***/ 409 | /* 1211: enforce OCSP fetching to confirm current validity of certificates 410 | * 0=disabled, 1=enabled (default), 2=enabled for EV certificates only 411 | * OCSP (non-stapled) leaks information about the sites you visit to the CA (cert authority) 412 | * It's a trade-off between security (checking) and privacy (leaking info to the CA) 413 | * [NOTE] This pref only controls OCSP fetching and does not affect OCSP stapling 414 | * [SETTING] Privacy & Security>Security>Certificates>Query OCSP responder servers... 415 | * [1] https://en.wikipedia.org/wiki/Ocsp ***/ 416 | user_pref("security.OCSP.enabled", 1); // [DEFAULT: 1] 417 | /* 1212: set OCSP fetch failures (non-stapled, see 1211) to hard-fail 418 | * [SETUP-WEB] SEC_ERROR_OCSP_SERVER_ERROR | SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST 419 | * When a CA cannot be reached to validate a cert, Firefox just continues the connection (=soft-fail) 420 | * Setting this pref to true tells Firefox to instead terminate the connection (=hard-fail) 421 | * It is pointless to soft-fail when an OCSP fetch fails: you cannot confirm a cert is still valid (it 422 | * could have been revoked) and/or you could be under attack (e.g. malicious blocking of OCSP servers) 423 | * [1] https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ 424 | * [2] https://www.imperialviolet.org/2014/04/19/revchecking.html 425 | * [3] https://letsencrypt.org/2024/12/05/ending-ocsp/ ***/ 426 | user_pref("security.OCSP.require", true); 427 | 428 | /** CERTS / HPKP (HTTP Public Key Pinning) ***/ 429 | /* 1223: enable strict PKP (Public Key Pinning) 430 | * 0=disabled, 1=allow user MiTM (default; such as your antivirus), 2=strict 431 | * [SETUP-WEB] MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE ***/ 432 | user_pref("security.cert_pinning.enforcement_level", 2); 433 | /* 1224: enable CRLite [FF73+] 434 | * 0 = disabled 435 | * 1 = consult CRLite but only collect telemetry 436 | * 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results 437 | * 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default) 438 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1429800,1670985,1753071 439 | * [2] https://blog.mozilla.org/security/tag/crlite/ ***/ 440 | user_pref("security.remote_settings.crlite_filters.enabled", true); // [DEFAULT: true FF137+] 441 | user_pref("security.pki.crlite_mode", 2); 442 | 443 | /** MIXED CONTENT ***/ 444 | /* 1241: disable insecure passive content (such as images) on https pages ***/ 445 | // user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see 1244) 446 | /* 1244: enable HTTPS-Only mode in all windows 447 | * When the top-level is HTTPS, insecure subresources are also upgraded (silent fail) 448 | * [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site") 449 | * [SETTING] Privacy & Security>HTTPS-Only Mode (and manage exceptions) 450 | * [TEST] http://example.com [upgrade] 451 | * [TEST] http://httpforever.com/ | http://http.rip [no upgrade] ***/ 452 | user_pref("dom.security.https_only_mode", true); // [FF76+] 453 | // user_pref("dom.security.https_only_mode_pbm", true); // [FF80+] 454 | /* 1245: enable HTTPS-Only mode for local resources [FF77+] ***/ 455 | // user_pref("dom.security.https_only_mode.upgrade_local", true); 456 | /* 1246: disable HTTP background requests [FF82+] 457 | * When attempting to upgrade, if the server doesn't respond within 3 seconds, Firefox sends 458 | * a top-level HTTP request without path in order to check if the server supports HTTPS or not 459 | * This is done to avoid waiting for a timeout which takes 90 seconds 460 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1642387,1660945 ***/ 461 | user_pref("dom.security.https_only_mode_send_http_background_request", false); 462 | 463 | /** UI (User Interface) ***/ 464 | /* 1270: display warning on the padlock for "broken security" (if 1201 is false) 465 | * Bug: warning padlock not indicated for subresources on a secure page! [2] 466 | * [1] https://wiki.mozilla.org/Security:Renegotiation 467 | * [2] https://bugzilla.mozilla.org/1353705 ***/ 468 | user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); 469 | /* 1272: display advanced information on Insecure Connection warning pages 470 | * only works when it's possible to add an exception 471 | * i.e. it doesn't work for HSTS discrepancies (https://subdomain.preloaded-hsts.badssl.com/) 472 | * [TEST] https://expired.badssl.com/ ***/ 473 | user_pref("browser.xul.error_pages.expert_bad_cert", true); 474 | 475 | /*** [SECTION 1600]: REFERERS 476 | full URI: https://example.com:8888/foo/bar.html?id=1234 477 | scheme+host+port+path: https://example.com:8888/foo/bar.html 478 | scheme+host+port: https://example.com:8888 479 | [1] https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/ 480 | ***/ 481 | user_pref("_user.js.parrot", "1600 syntax error: the parrot rests in peace!"); 482 | /* 1602: control the amount of cross-origin information to send [FF52+] 483 | * 0=send full URI (default), 1=scheme+host+port+path, 2=scheme+host+port ***/ 484 | user_pref("network.http.referer.XOriginTrimmingPolicy", 2); 485 | 486 | /*** [SECTION 1700]: CONTAINERS ***/ 487 | user_pref("_user.js.parrot", "1700 syntax error: the parrot's bit the dust!"); 488 | /* 1701: enable Container Tabs and its UI setting [FF50+] 489 | * [SETTING] General>Tabs>Enable Container Tabs 490 | * https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers ***/ 491 | user_pref("privacy.userContext.enabled", true); 492 | user_pref("privacy.userContext.ui.enabled", true); 493 | /* 1702: set behavior on "+ Tab" button to display container menu on left click [FF74+] 494 | * [NOTE] The menu is always shown on long press and right click 495 | * [SETTING] General>Tabs>Enable Container Tabs>Settings>Select a container for each new tab ***/ 496 | // user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true); 497 | /* 1703: set external links to open in site-specific containers [FF123+] 498 | * [SETUP-WEB] Depending on your container extension(s) and their settings 499 | * true=Firefox will not choose a container (so your extension can) 500 | * false=Firefox will choose the container/no-container (default) 501 | * [1] https://bugzilla.mozilla.org/1874599 ***/ 502 | // user_pref("browser.link.force_default_user_context_id_for_external_opens", true); 503 | 504 | /*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/ 505 | user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!"); 506 | /* 2002: force WebRTC inside the proxy [FF70+] ***/ 507 | user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); 508 | /* 2003: force a single network interface for ICE candidates generation [FF42+] 509 | * When using a system-wide proxy, it uses the proxy interface 510 | * [1] https://developer.mozilla.org/docs/Web/API/RTCIceCandidate 511 | * [2] https://wiki.mozilla.org/Media/WebRTC/Privacy ***/ 512 | user_pref("media.peerconnection.ice.default_address_only", true); 513 | /* 2004: force exclusion of private IPs from ICE candidates [FF51+] 514 | * [SETUP-HARDEN] This will protect your private IP even in TRUSTED scenarios after you 515 | * grant device access, but often results in breakage on video-conferencing platforms ***/ 516 | // user_pref("media.peerconnection.ice.no_host", true); 517 | /* 2020: disable GMP (Gecko Media Plugins) 518 | * [1] https://wiki.mozilla.org/GeckoMediaPlugins ***/ 519 | // user_pref("media.gmp-provider.enabled", false); 520 | 521 | /*** [SECTION 2400]: DOM (DOCUMENT OBJECT MODEL) ***/ 522 | user_pref("_user.js.parrot", "2400 syntax error: the parrot's kicked the bucket!"); 523 | /* 2402: prevent scripts from moving and resizing open windows ***/ 524 | user_pref("dom.disable_window_move_resize", true); 525 | 526 | /*** [SECTION 2600]: MISCELLANEOUS ***/ 527 | user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!"); 528 | /* 2603: remove temp files opened from non-PB windows with an external application 529 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=302433,1738574 ***/ 530 | user_pref("browser.download.start_downloads_in_tmp_dir", true); // [FF102+] 531 | user_pref("browser.helperApps.deleteTempFileOnExit", true); 532 | /* 2606: disable UITour backend so there is no chance that a remote page can use it ***/ 533 | user_pref("browser.uitour.enabled", false); 534 | // user_pref("browser.uitour.url", ""); // Defense-in-depth 535 | /* 2608: reset remote debugging to disabled 536 | * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16222 ***/ 537 | user_pref("devtools.debugger.remote-enabled", false); // [DEFAULT: false] 538 | /* 2615: disable websites overriding Firefox's keyboard shortcuts [FF58+] 539 | * 0 (default) or 1=allow, 2=block 540 | * [SETTING] to add site exceptions: Ctrl+I>Permissions>Override Keyboard Shortcuts ***/ 541 | // user_pref("permissions.default.shortcuts", 2); 542 | /* 2616: remove special permissions for certain mozilla domains [FF35+] 543 | * [1] resource://app/defaults/permissions ***/ 544 | user_pref("permissions.manager.defaultsUrl", ""); 545 | /* 2619: use Punycode in Internationalized Domain Names to eliminate possible spoofing 546 | * [SETUP-WEB] Might be undesirable for non-latin alphabet users since legitimate IDN's are also punycoded 547 | * [TEST] https://www.xn--80ak6aa92e.com/ (www.apple.com) 548 | * [1] https://wiki.mozilla.org/IDN_Display_Algorithm 549 | * [2] https://en.wikipedia.org/wiki/IDN_homograph_attack 550 | * [3] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=punycode+firefox 551 | * [4] https://www.xudongz.com/blog/2017/idn-phishing/ ***/ 552 | user_pref("network.IDN_show_punycode", true); 553 | /* 2620: enforce PDFJS, disable PDFJS scripting 554 | * This setting controls if the option "Display in Firefox" is available in the setting below 555 | * and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With") 556 | * [WHY] pdfjs is lightweight, open source, and secure: the last exploit was June 2015 [1] 557 | * It doesn't break "state separation" of browser content (by not sharing with OS, independent apps). 558 | * It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk. 559 | * [NOTE] JS can still force a pdf to open in-browser by bundling its own code 560 | * [SETUP-CHROME] You may prefer a different pdf reader for security/workflow reasons 561 | * [SETTING] General>Applications>Portable Document Format (PDF) 562 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf.js+firefox ***/ 563 | user_pref("pdfjs.disabled", false); // [DEFAULT: false] 564 | user_pref("pdfjs.enableScripting", false); // [FF86+] 565 | /* 2624: disable middle click on new tab button opening URLs or searches using clipboard [FF115+] */ 566 | user_pref("browser.tabs.searchclipboardfor.middleclick", false); // [DEFAULT: false NON-LINUX] 567 | /* 2630: disable content analysis by DLP (Data Loss Prevention) agents 568 | * DLP agents are background processes on managed computers that allow enterprises to monitor locally running 569 | * applications for data exfiltration events, which they can allow/block based on customer defined DLP policies. 570 | * 0=Block all requests, 1=Warn on all requests (which lets the user decide), 2=Allow all requests 571 | * [1] https://github.com/chromium/content_analysis_sdk */ 572 | user_pref("browser.contentanalysis.enabled", false); // [FF121+] [DEFAULT: false] 573 | user_pref("browser.contentanalysis.default_result", 0); // [FF127+] [DEFAULT: 0] 574 | 575 | /** DOWNLOADS ***/ 576 | /* 2651: enable user interaction for security by always asking where to download 577 | * [SETUP-CHROME] On Android this blocks longtapping and saving images 578 | * [SETTING] General>Downloads>Always ask you where to save files ***/ 579 | user_pref("browser.download.useDownloadDir", false); 580 | /* 2652: disable downloads panel opening on every download [FF96+] ***/ 581 | user_pref("browser.download.alwaysOpenPanel", false); 582 | /* 2653: disable adding downloads to the system's "recent documents" list ***/ 583 | user_pref("browser.download.manager.addToRecentDocs", false); 584 | /* 2654: enable user interaction for security by always asking how to handle new mimetypes [FF101+] 585 | * [SETTING] General>Files and Applications>What should Firefox do with other files ***/ 586 | user_pref("browser.download.always_ask_before_handling_new_types", true); 587 | 588 | /** EXTENSIONS ***/ 589 | /* 2660: limit allowed extension directories 590 | * 1=profile, 2=user, 4=application, 8=system, 16=temporary, 31=all 591 | * The pref value represents the sum: e.g. 5 would be profile and application directories 592 | * [SETUP-CHROME] Breaks usage of files which are installed outside allowed directories 593 | * [1] https://archive.is/DYjAM ***/ 594 | user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF] 595 | // user_pref("extensions.autoDisableScopes", 15); // [DEFAULT: 15] 596 | /* 2661: disable bypassing 3rd party extension install prompts [FF82+] 597 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1659530,1681331 ***/ 598 | user_pref("extensions.postDownloadThirdPartyPrompt", false); 599 | /* 2662: disable webextension restrictions on certain mozilla domains (you also need 4503) [FF60+] 600 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/ 601 | // user_pref("extensions.webextensions.restrictedDomains", ""); 602 | 603 | /*** [SECTION 2700]: ETP (ENHANCED TRACKING PROTECTION) ***/ 604 | user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!"); 605 | /* 2701: enable ETP Strict Mode [FF86+] 606 | * ETP Strict Mode enables Total Cookie Protection (TCP) 607 | * [NOTE] Adding site exceptions disables all ETP protections for that site and increases the risk of 608 | * cross-site state tracking e.g. exceptions for SiteA and SiteB means PartyC on both sites is shared 609 | * [1] https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ 610 | * [SETTING] to add site exceptions: Urlbar>ETP Shield 611 | * [SETTING] to manage site exceptions: Options>Privacy & Security>Enhanced Tracking Protection>Manage Exceptions ***/ 612 | user_pref("browser.contentblocking.category", "strict"); // [HIDDEN PREF] 613 | /* 2702: disable ETP web compat features [FF93+] 614 | * [SETUP-HARDEN] Includes skip lists, heuristics (SmartBlock) and automatic grants 615 | * Opener and redirect heuristics are granted for 30 days, see [3] 616 | * [1] https://blog.mozilla.org/security/2021/07/13/smartblock-v2/ 617 | * [2] https://hg.mozilla.org/mozilla-central/rev/e5483fd469ab#l4.12 618 | * [3] https://developer.mozilla.org/docs/Web/Privacy/State_Partitioning#storage_access_heuristics ***/ 619 | // user_pref("privacy.antitracking.enableWebcompat", false); 620 | 621 | /*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/ 622 | user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!"); 623 | /* 2810: enable Firefox to clear items on shutdown 624 | * [NOTE] In FF129+ clearing "siteSettings" on shutdown (2811+), or manually via site data (2820+) and 625 | * via history (2830), will no longer remove sanitize on shutdown "cookie and site data" site exceptions (2815) 626 | * [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes | Settings ***/ 627 | user_pref("privacy.sanitize.sanitizeOnShutdown", true); 628 | 629 | /** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS ***/ 630 | /* 2811: set/enforce clearOnShutdown items (if 2810 is true) [SETUP-CHROME] [FF128+] ***/ 631 | user_pref("privacy.clearOnShutdown_v2.cache", true); // [DEFAULT: true] 632 | user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", true); // [DEFAULT: true] 633 | // user_pref("privacy.clearOnShutdown_v2.siteSettings", false); // [DEFAULT: false] 634 | /* 2812: set/enforce clearOnShutdown items [FF136+] ***/ 635 | user_pref("privacy.clearOnShutdown_v2.browsingHistoryAndDownloads", true); // [DEFAULT: true] 636 | user_pref("privacy.clearOnShutdown_v2.downloads", true); 637 | user_pref("privacy.clearOnShutdown_v2.formdata", true); 638 | /* 2813: set Session Restore to clear on shutdown (if 2810 is true) [FF34+] 639 | * [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811+) 640 | * [NOTE] If true, this prevents resuming from crashes (also see 5008) ***/ 641 | // user_pref("privacy.clearOnShutdown.openWindows", true); 642 | 643 | /** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS ***/ 644 | /* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME] [FF128+] 645 | * [NOTE] Exceptions: For cross-domain logins, add exceptions for both sites 646 | * e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on) 647 | * [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271) 648 | * [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question) 649 | * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/ 650 | user_pref("privacy.clearOnShutdown_v2.cookiesAndStorage", true); 651 | 652 | /** SANITIZE SITE DATA: IGNORES "ALLOW" SITE EXCEPTIONS ***/ 653 | /* 2820: set manual "Clear Data" items [SETUP-CHROME] [FF128+] 654 | * Firefox remembers your last choices. This will reset them when you start Firefox 655 | * [SETTING] Privacy & Security>Browser Privacy>Cookies and Site Data>Clear Data ***/ 656 | user_pref("privacy.clearSiteData.cache", true); 657 | user_pref("privacy.clearSiteData.cookiesAndStorage", false); // keep false until it respects "allow" site exceptions 658 | user_pref("privacy.clearSiteData.historyFormDataAndDownloads", true); 659 | // user_pref("privacy.clearSiteData.siteSettings", false); 660 | /* 2821: set manual "Clear Data" items [FF136+] ***/ 661 | user_pref("privacy.clearSiteData.browsingHistoryAndDownloads", true); 662 | user_pref("privacy.clearSiteData.formdata", true); 663 | 664 | /** SANITIZE HISTORY: IGNORES "ALLOW" SITE EXCEPTIONS ***/ 665 | /* 2830: set manual "Clear History" items, also via Ctrl-Shift-Del [SETUP-CHROME] [FF128+] 666 | * Firefox remembers your last choices. This will reset them when you start Firefox 667 | * [SETTING] Privacy & Security>History>Custom Settings>Clear History ***/ 668 | user_pref("privacy.clearHistory.cache", true); // [DEFAULT: true] 669 | user_pref("privacy.clearHistory.cookiesAndStorage", false); 670 | user_pref("privacy.clearHistory.historyFormDataAndDownloads", true); // [DEFAULT: true] 671 | // user_pref("privacy.clearHistory.siteSettings", false); // [DEFAULT: false] 672 | /* 2831: set manual "Clear History" items [FF136+] ***/ 673 | user_pref("privacy.clearHistory.browsingHistoryAndDownloads", true); // [DEFAULT: true] 674 | user_pref("privacy.clearHistory.formdata", true); 675 | 676 | /** SANITIZE MANUAL: TIMERANGE ***/ 677 | /* 2840: set "Time range to clear" for "Clear Data" (2820+) and "Clear History" (2830+) 678 | * Firefox remembers your last choice. This will reset the value when you start Firefox 679 | * 0=everything, 1=last hour, 2=last two hours, 3=last four hours, 4=today 680 | * [NOTE] Values 5 (last 5 minutes) and 6 (last 24 hours) are not listed in the dropdown, 681 | * which will display a blank value, and are not guaranteed to work ***/ 682 | user_pref("privacy.sanitize.timeSpan", 0); 683 | 684 | /*** [SECTION 4000]: FPP (fingerprintingProtection) 685 | RFP (4501) overrides FPP 686 | 687 | In FF118+ FPP is on by default in private windows (4001) and in FF119+ is controlled 688 | by ETP (2701). FPP will also use Remote Services in future to relax FPP protections 689 | on a per site basis for compatibility (4004). 690 | 691 | https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargetsDefault.inc 692 | 693 | [NOTE] RFPTargets + granular overrides are somewhat experimental and may produce unexpected results 694 | - e.g. FrameRate can only be controlled per process, not per origin 695 | 696 | 1826408 - restrict fonts to system (kBaseFonts + kLangPackFonts) (Windows, Mac, some Linux) 697 | https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc 698 | 1858181 - subtly randomize canvas per eTLD+1, per session and per window-mode (FF120+) 699 | ***/ 700 | user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!"); 701 | /* 4001: enable FPP in PB mode [FF114+] 702 | * [NOTE] In FF119+, FPP for all modes (7016) is enabled with ETP Strict (2701) ***/ 703 | // user_pref("privacy.fingerprintingProtection.pbmode", true); // [DEFAULT: true] 704 | /* 4002: set global FPP overrides [FF114+] 705 | * uses "RFPTargets" [1] which despite the name these are not used by RFP 706 | * e.g. "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC" = all targets but allow prefers-color-scheme and do not change timezone 707 | * e.g. "-AllTargets,+CanvasRandomization,+JSDateTimeUTC" = no targets but do use FPP canvas and change timezone 708 | * [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults 709 | * [1] https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc ***/ 710 | // user_pref("privacy.fingerprintingProtection.overrides", ""); 711 | /* 4003: set granular FPP overrides 712 | * JSON format: e.g."[{\"firstPartyDomain\": \"netflix.com\", \"overrides\": \"-CanvasRandomization,-FrameRate,\"}]" 713 | * [NOTE] Not supported by arkenfox. Either use RFP or FPP at defaults ***/ 714 | // user_pref("privacy.fingerprintingProtection.granularOverrides", ""); 715 | /* 4004: disable remote FPP overrides [FF127+] ***/ 716 | // user_pref("privacy.fingerprintingProtection.remoteOverrides.enabled", false); 717 | 718 | /*** [SECTION 4500]: OPTIONAL RFP (resistFingerprinting) 719 | RFP overrides FPP (4000) 720 | 721 | FF128+ Arkenfox by default uses FPP (automatically enabled with ETP Strict). For most people 722 | this is all you need. To use RFP instead, add RFP (4501) to your overrides, and optionally 723 | add letterboxing (4504), spoof_english (4506), and webgl (4520). 724 | 725 | RFP is an all-or-nothing buy in: you cannot pick and choose what parts you want 726 | 727 | [WARNING] DO NOT USE extensions to alter RFP protected metrics 728 | 729 | 418986 - limit window.screen & CSS media queries (FF41) 730 | 1360039 - spoof navigator.hardwareConcurrency as 2 (FF55) 731 | FF56 732 | 1333651 - spoof User Agent & Navigator API 733 | JS: spoofed as Windows 10, OS 10.15, Android 10, or Linux 734 | HTTP Header: spoofed as Windows 10 or Android 10.15 until FF136 then matches JS spoof 735 | 1369319 - disable device sensor API 736 | 1369357 - disable site specific zoom 737 | 1337161 - hide gamepads from content 738 | 1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true 739 | 1333641 - reduce fingerprinting in WebSpeech API 740 | FF57 741 | 1369309 - spoof media statistics 742 | 1382499 - reduce screen co-ordinate fingerprinting in Touch API 743 | 1217290 & 1409677 - enable some fingerprinting resistance for WebGL 744 | 1354633 - limit MediaError.message to a whitelist 745 | FF58+ 746 | 1372073 - spoof/block fingerprinting in MediaDevices API (FF59) 747 | Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone" 748 | Block: suppresses the ondevicechange event 749 | 1039069 - warn when language prefs are not set to "en*" (FF59) 750 | 1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59) 751 | Spoofing mimics the content language of the document. Currently it only supports en-US. 752 | Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected. 753 | 1337157 - disable WebGL debug renderer info (FF60) 754 | 1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62) 755 | 1479239 - return "no-preference" with prefers-reduced-motion (FF63) 756 | 1363508 & 1826051 - spoof/suppress Pointer Events (FF64, FF132) 757 | 1492766 - spoof pointerEvent.pointerid (FF65) 758 | 1485266 - disable exposure of system colors to CSS or canvas (FF67) 759 | 1494034 - return "light" with prefers-color-scheme (FF67) 760 | 1564422 - spoof audioContext outputLatency (FF70) 761 | 1595823 - return audioContext sampleRate as 44100 (FF72) 762 | 1607316 - spoof pointer as coarse and hover as none (ANDROID) (FF74) 763 | 1621433 - randomize canvas (previously FF58+ returned an all-white canvas) (FF78) 764 | 1506364 - return "no-preference" with prefers-contrast (FF80) 765 | 1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80) 766 | 1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82) 767 | 531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1) 768 | 1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100-115) 769 | 1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102) 770 | 1422237 - return "srgb" with color-gamut (FF110) 771 | 1794628 - return "none" with inverted-colors (FF114) 772 | 1787790 - normalize system fonts (FF128) 773 | 1835987 - spoof timezone as Atlantic/Reykjavik (previously FF55+ was UTC) (FF128) 774 | 1834307 - always use smooth scrolling (FF132) 775 | 1918202 - spoof screen orientation based on spoofed screen size and platform (FF132) 776 | previously it always returned landscape-primary and an angle of 0 (FF50+) 777 | 1390465 - load all subtitles in WebVTT (Video Text Tracks) (FF133) 778 | 1873382 - make spoofed devicePixelRatio and CSS media queries match (FF133) 779 | previously FF41+ devicePixelRatio was hardcoded as 1 and FF127+ as 2 780 | previously FF41+ CSS media queries were spoofed as zoom level at a devicePixelRatio of 1 781 | ***/ 782 | user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs"); 783 | /* 4501: enable RFP 784 | * [NOTE] pbmode applies if true and the original pref is false 785 | * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a canvas site exception via the urlbar. 786 | * RFP also has a few side effects: mainly that timezone is GMT, and websites will prefer light theme ***/ 787 | // user_pref("privacy.resistFingerprinting", true); // [FF41+] 788 | // user_pref("privacy.resistFingerprinting.pbmode", true); // [FF114+] 789 | /* 4502: set RFP new window size max rounded values [FF55+] 790 | * [SETUP-CHROME] sizes round down in hundreds: width to 200s and height to 100s, to fit your screen 791 | * [1] https://bugzilla.mozilla.org/1330882 ***/ 792 | user_pref("privacy.window.maxInnerWidth", 1600); 793 | user_pref("privacy.window.maxInnerHeight", 900); 794 | /* 4503: disable mozAddonManager Web API [FF57+] 795 | * [NOTE] To allow extensions to work on AMO, you also need 2662 796 | * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/ 797 | user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); 798 | /* 4504: enable letterboxing [FF67+] 799 | * Dynamically resizes the inner window by applying margins in stepped ranges [2] 800 | * If you use the dimension pref, then it will only apply those resolutions. 801 | * The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000") 802 | * [SETUP-WEB] This is independent of RFP (4501). If you're not using RFP, or you are but 803 | * dislike the margins, then flip this pref, keeping in mind that it is effectively fingerprintable 804 | * [WARNING] DO NOT USE: the dimension pref is only meant for testing 805 | * [1] https://bugzilla.mozilla.org/1407366 806 | * [2] https://hg.mozilla.org/mozilla-central/rev/7211cb4f58ff#l5.13 ***/ 807 | // user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF] 808 | // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF] 809 | /* 4505: disable RFP by domain [FF91+] 810 | * [NOTE] Working examples: "arkenfox.github.io", "*github.io" 811 | * Non-working examples: "https://arkenfox.github.io", "github.io", "*arkenfox.github.io" ***/ 812 | // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid"); 813 | /* 4506: disable RFP spoof english prompt [FF59+] 814 | * 0=prompt, 1=disabled, 2=enabled 815 | * [NOTE] When changing from value 2, preferred languages ('intl.accept_languages') is not reset. 816 | * [SETUP-WEB] when enabled, sets 'en-US, en' for displaying pages and 'en-US' as locale. 817 | * [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English... ***/ 818 | user_pref("privacy.spoof_english", 1); 819 | /* 4510: disable using system colors 820 | * [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/ 821 | user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS] 822 | /* 4511: disable using system accent colors ***/ 823 | user_pref("widget.non-native-theme.use-theme-accent", false); // [DEFAULT: false WINDOWS] 824 | /* 4512: enforce links targeting new windows to open in a new tab instead 825 | * 1=most recent window or tab, 2=new window, 3=new tab 826 | * Stops malicious window sizes and some screen resolution leaks. 827 | * You can still right-click a link and open in a new window 828 | * [SETTING] General>Tabs>Open links in tabs instead of new windows 829 | * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881 ***/ 830 | user_pref("browser.link.open_newwindow", 3); // [DEFAULT: 3] 831 | /* 4513: set all open window methods to abide by "browser.link.open_newwindow" (4512) 832 | * [1] https://searchfox.org/mozilla-central/source/dom/tests/browser/browser_test_new_window_from_content.js ***/ 833 | user_pref("browser.link.open_newwindow.restriction", 0); 834 | /* 4520: disable WebGL (Web Graphics Library) ***/ 835 | // user_pref("webgl.disabled", true); 836 | 837 | /*** [SECTION 5000]: OPTIONAL OPSEC 838 | Disk avoidance, application data isolation, eyeballs... 839 | ***/ 840 | user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow"); 841 | /* 5001: start Firefox in PB (Private Browsing) mode 842 | * [NOTE] In this mode all windows are "private windows" and the PB mode icon is not displayed 843 | * [NOTE] The P in PB mode can be misleading: it means no "persistent" disk state such as history, 844 | * caches, searches, cookies, localStorage, IndexedDB etc (which you can achieve in normal mode). 845 | * In fact, PB mode limits or removes the ability to control some of these, and you need to quit 846 | * Firefox to clear them. PB is best used as a one off window (Menu>New Private Window) to provide 847 | * a temporary self-contained new session. Close all private windows to clear the PB session. 848 | * [SETTING] Privacy & Security>History>Custom Settings>Always use private browsing mode 849 | * [1] https://wiki.mozilla.org/Private_Browsing 850 | * [2] https://support.mozilla.org/kb/common-myths-about-private-browsing ***/ 851 | // user_pref("browser.privatebrowsing.autostart", true); 852 | /* 5002: disable memory cache 853 | * capacity: -1=determine dynamically (default), 0=none, n=memory capacity in kibibytes ***/ 854 | // user_pref("browser.cache.memory.enable", false); 855 | // user_pref("browser.cache.memory.capacity", 0); 856 | /* 5003: disable saving passwords 857 | * [NOTE] This does not clear any passwords already saved 858 | * [SETTING] Privacy & Security>Logins and Passwords>Ask to save logins and passwords for websites ***/ 859 | // user_pref("signon.rememberSignons", false); 860 | /* 5004: disable permissions manager from writing to disk [FF41+] [RESTART] 861 | * [NOTE] This means any permission changes are session only 862 | * [1] https://bugzilla.mozilla.org/967812 ***/ 863 | // user_pref("permissions.memory_only", true); // [HIDDEN PREF] 864 | /* 5005: disable intermediate certificate caching [FF41+] [RESTART] 865 | * [NOTE] This affects login/cert/key dbs. The effect is all credentials are session-only. 866 | * Saved logins and passwords are not available. Reset the pref and restart to return them ***/ 867 | // user_pref("security.nocertdb", true); 868 | /* 5006: disable favicons in history and bookmarks 869 | * [NOTE] Stored as data blobs in favicons.sqlite, these don't reveal anything that your 870 | * actual history (and bookmarks) already do. Your history is more detailed, so 871 | * control that instead; e.g. disable history, clear history on exit, use PB mode 872 | * [NOTE] favicons.sqlite is sanitized on Firefox close ***/ 873 | // user_pref("browser.chrome.site_icons", false); 874 | /* 5007: exclude "Undo Closed Tabs" in Session Restore ***/ 875 | // user_pref("browser.sessionstore.max_tabs_undo", 0); 876 | /* 5008: disable resuming session from crash 877 | * [TEST] about:crashparent ***/ 878 | // user_pref("browser.sessionstore.resume_from_crash", false); 879 | /* 5009: disable "open with" in download dialog [FF50+] 880 | * Application data isolation [1] 881 | * [1] https://bugzilla.mozilla.org/1281959 ***/ 882 | // user_pref("browser.download.forbid_open_with", true); 883 | /* 5010: disable location bar suggestion types 884 | * [SETTING] Search>Address Bar>When using the address bar, suggest ***/ 885 | // user_pref("browser.urlbar.suggest.history", false); 886 | // user_pref("browser.urlbar.suggest.bookmark", false); 887 | // user_pref("browser.urlbar.suggest.openpage", false); 888 | // user_pref("browser.urlbar.suggest.topsites", false); // [FF78+] 889 | /* 5011: disable location bar dropdown 890 | * This value controls the total number of entries to appear in the location bar dropdown ***/ 891 | // user_pref("browser.urlbar.maxRichResults", 0); 892 | /* 5012: disable location bar autofill 893 | * [1] https://support.mozilla.org/kb/address-bar-autocomplete-firefox#w_url-autocomplete ***/ 894 | // user_pref("browser.urlbar.autoFill", false); 895 | /* 5013: disable browsing and download history 896 | * [NOTE] We also clear history and downloads on exit (2811+) 897 | * [SETTING] Privacy & Security>History>Custom Settings>Remember browsing and download history ***/ 898 | // user_pref("places.history.enabled", false); 899 | /* 5014: disable Windows jumplist [WINDOWS] ***/ 900 | // user_pref("browser.taskbar.lists.enabled", false); 901 | // user_pref("browser.taskbar.lists.frequent.enabled", false); 902 | // user_pref("browser.taskbar.lists.recent.enabled", false); 903 | // user_pref("browser.taskbar.lists.tasks.enabled", false); 904 | /* 5016: discourage downloading to desktop 905 | * 0=desktop, 1=downloads (default), 2=custom 906 | * [SETTING] To set your custom default "downloads": General>Downloads>Save files to ***/ 907 | // user_pref("browser.download.folderList", 2); 908 | /* 5017: disable Form Autofill 909 | * If .supportedCountries includes your region (browser.search.region) and .supported 910 | * is "detect" (default), then the UI will show. Stored data is not secure, uses JSON 911 | * [SETTING] Privacy & Security>Forms and Autofill>Autofill addresses 912 | * [1] https://wiki.mozilla.org/Firefox/Features/Form_Autofill ***/ 913 | // user_pref("extensions.formautofill.addresses.enabled", false); // [FF55+] 914 | // user_pref("extensions.formautofill.creditCards.enabled", false); // [FF56+] 915 | /* 5018: limit events that can cause a pop-up ***/ 916 | // user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); 917 | /* 5019: disable page thumbnail collection ***/ 918 | // user_pref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF] 919 | /* 5020: disable Windows native notifications and use app notications instead [FF111+] [WINDOWS] ***/ 920 | // user_pref("alerts.useSystemBackend.windows.notificationserver.enabled", false); 921 | /* 5021: disable location bar using search 922 | * Don't leak URL typos to a search engine, give an error message instead 923 | * Examples: "secretplace,com", "secretplace/com", "secretplace com", "secret place.com" 924 | * [NOTE] This does not affect explicit user action such as using search buttons in the 925 | * dropdown, or using keyword search shortcuts you configure in options (e.g. "d" for DuckDuckGo) ***/ 926 | // user_pref("keyword.enabled", false); 927 | 928 | /*** [SECTION 5500]: OPTIONAL HARDENING 929 | Not recommended. Overriding these can cause breakage and performance issues, 930 | they are mostly fingerprintable, and the threat model is practically nonexistent 931 | ***/ 932 | user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!"); 933 | /* 5501: disable MathML (Mathematical Markup Language) [FF51+] 934 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mathml ***/ 935 | // user_pref("mathml.disabled", true); // 1173199 936 | /* 5502: disable in-content SVG (Scalable Vector Graphics) [FF53+] 937 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+svg ***/ 938 | // user_pref("svg.disabled", true); // 1216893 939 | /* 5503: disable graphite 940 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+graphite 941 | * [2] https://en.wikipedia.org/wiki/Graphite_(SIL) ***/ 942 | // user_pref("gfx.font_rendering.graphite.enabled", false); 943 | /* 5504: disable asm.js [FF22+] 944 | * [1] http://asmjs.org/ 945 | * [2] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=asm.js 946 | * [3] https://rh0dev.github.io/blog/2017/the-return-of-the-jit/ ***/ 947 | // user_pref("javascript.options.asmjs", false); 948 | /* 5505: disable Ion and baseline JIT to harden against JS exploits [RESTART] 949 | * [NOTE] When both Ion and JIT are disabled, and trustedprincipals 950 | * is enabled, then Ion can still be used by extensions (1599226) 951 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox+jit 952 | * [2] https://microsoftedge.github.io/edgevr/posts/Super-Duper-Secure-Mode/ ***/ 953 | // user_pref("javascript.options.ion", false); 954 | // user_pref("javascript.options.baselinejit", false); 955 | // user_pref("javascript.options.jit_trustedprincipals", true); // [FF75+] [HIDDEN PREF] 956 | /* 5506: disable WebAssembly [FF52+] 957 | * Vulnerabilities [1] have increasingly been found, including those known and fixed 958 | * in native programs years ago [2]. WASM has powerful low-level access, making 959 | * certain attacks (brute-force) and vulnerabilities more possible 960 | * [STATS] ~0.2% of websites, about half of which are for cryptomining / malvertising [2][3] 961 | * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wasm 962 | * [2] https://spectrum.ieee.org/tech-talk/telecom/security/more-worries-over-the-security-of-web-assembly 963 | * [3] https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes ***/ 964 | // user_pref("javascript.options.wasm", false); 965 | /* 5507: disable rendering of SVG OpenType fonts ***/ 966 | // user_pref("gfx.font_rendering.opentype_svg.enabled", false); 967 | /* 5508: disable all DRM content (EME: Encryption Media Extension) 968 | * Optionally hide the UI setting which also disables the DRM prompt 969 | * [SETTING] General>DRM Content>Play DRM-controlled content 970 | * [TEST] https://bitmovin.com/demos/drm 971 | * [1] https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next ***/ 972 | // user_pref("media.eme.enabled", false); 973 | // user_pref("browser.eme.ui.enabled", false); 974 | /* 5509: disable IPv6 if using a VPN 975 | * This is an application level fallback. Disabling IPv6 is best done at an OS/network 976 | * level, and/or configured properly in system wide VPN setups. 977 | * [NOTE] PHP defaults to IPv6 with "localhost". Use "php -S 127.0.0.1:PORT" 978 | * [SETUP-WEB] PR_CONNECT_RESET_ERROR 979 | * [TEST] https://ipleak.org/ 980 | * [1] https://www.internetsociety.org/tag/ipv6-security/ (Myths 2,4,5,6) ***/ 981 | // user_pref("network.dns.disableIPv6", true); 982 | /* 5510: control when to send a cross-origin referer 983 | * 0=always (default), 1=only if base domains match, 2=only if hosts match 984 | * [NOTE] Will cause breakage: older modems/routers and some sites e.g banks, vimeo, icloud, instagram ***/ 985 | // user_pref("network.http.referer.XOriginPolicy", 2); 986 | /* 5511: set DoH bootstrap address [FF89+] 987 | * Firefox uses the system DNS to initially resolve the IP address of your DoH server. 988 | * When set to a valid, working value that matches your "network.trr.uri" (0712) Firefox 989 | * won't use the system DNS. If the IP doesn't match then DoH won't work ***/ 990 | // user_pref("network.trr.bootstrapAddr", "10.0.0.1"); // [HIDDEN PREF] 991 | 992 | /*** [SECTION 6000]: DON'T TOUCH ***/ 993 | user_pref("_user.js.parrot", "6000 syntax error: the parrot's 'istory!"); 994 | /* 6001: enforce Firefox blocklist 995 | * [WHY] It includes updates for "revoked certificates" 996 | * [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/ 997 | user_pref("extensions.blocklist.enabled", true); // [DEFAULT: true] 998 | /* 6002: enforce no referer spoofing 999 | * [WHY] Spoofing can affect CSRF (Cross-Site Request Forgery) protections ***/ 1000 | user_pref("network.http.referer.spoofSource", false); // [DEFAULT: false] 1001 | /* 6004: enforce a security delay on some confirmation dialogs such as install, open/save 1002 | * [1] https://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/ ***/ 1003 | user_pref("security.dialog_enable_delay", 1000); // [DEFAULT: 1000] 1004 | /* 6008: enforce no First Party Isolation [FF51+] 1005 | * [WARNING] Replaced with network partitioning (FF85+) and TCP (2701), and enabling FPI 1006 | * disables those. FPI is no longer maintained except at Tor Project for Tor Browser's config ***/ 1007 | user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false] 1008 | /* 6009: enforce SmartBlock shims (about:compat) [FF81+] 1009 | * [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/ 1010 | user_pref("extensions.webcompat.enable_shims", true); // [HIDDEN PREF] [DEFAULT: true] 1011 | /* 6010: enforce no TLS 1.0/1.1 downgrades 1012 | * [TEST] https://tls-v1-1.badssl.com:1010/ ***/ 1013 | user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false] 1014 | /* 6011: enforce disabling of Web Compatibility Reporter [FF56+] 1015 | * Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla 1016 | * [WHY] To prevent wasting Mozilla's time with a custom setup ***/ 1017 | user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false] 1018 | /* 6012: enforce Quarantined Domains [FF115+] 1019 | * [WHY] https://support.mozilla.org/kb/quarantined-domains */ 1020 | user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true] 1021 | /* 6050: prefsCleaner: reset previously active items removed from arkenfox FF128+ ***/ 1022 | // user_pref("privacy.clearOnShutdown.cache", ""); 1023 | // user_pref("privacy.clearOnShutdown.cookies", ""); 1024 | // user_pref("privacy.clearOnShutdown.downloads", ""); 1025 | // user_pref("privacy.clearOnShutdown.formdata", ""); 1026 | // user_pref("privacy.clearOnShutdown.history", ""); 1027 | // user_pref("privacy.clearOnShutdown.offlineApps", ""); 1028 | // user_pref("privacy.clearOnShutdown.sessions", ""); 1029 | // user_pref("privacy.cpd.cache", ""); 1030 | // user_pref("privacy.cpd.cookies", ""); 1031 | // user_pref("privacy.cpd.formdata", ""); 1032 | // user_pref("privacy.cpd.history", ""); 1033 | // user_pref("privacy.cpd.offlineApps", ""); 1034 | // user_pref("privacy.cpd.sessions", ""); 1035 | 1036 | /*** [SECTION 7000]: DON'T BOTHER ***/ 1037 | user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!"); 1038 | /* 7001: disable APIs 1039 | * Location-Aware Browsing, Full Screen 1040 | * [WHY] The API state is easily fingerprintable. 1041 | * Geo is behind a prompt (7002). Full screen requires user interaction ***/ 1042 | // user_pref("geo.enabled", false); 1043 | // user_pref("full-screen-api.enabled", false); 1044 | /* 7002: set default permissions 1045 | * Location, Camera, Microphone, Notifications [FF58+] Virtual Reality [FF73+] 1046 | * 0=always ask (default), 1=allow, 2=block 1047 | * [WHY] These are fingerprintable via Permissions API, except VR. Just add site 1048 | * exceptions as allow/block for frequently visited/annoying sites: i.e. not global 1049 | * [SETTING] to add site exceptions: Ctrl+I>Permissions> 1050 | * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/ 1051 | // user_pref("permissions.default.geo", 0); 1052 | // user_pref("permissions.default.camera", 0); 1053 | // user_pref("permissions.default.microphone", 0); 1054 | // user_pref("permissions.default.desktop-notification", 0); 1055 | // user_pref("permissions.default.xr", 0); // Virtual Reality 1056 | /* 7003: disable non-modern cipher suites [1] 1057 | * [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks 1058 | * [1] https://browserleaks.com/ssl ***/ 1059 | // user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); 1060 | // user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); 1061 | // user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false); 1062 | // user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false); 1063 | // user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS 1064 | // user_pref("security.ssl3.rsa_aes_256_gcm_sha384", false); // no PFS 1065 | // user_pref("security.ssl3.rsa_aes_128_sha", false); // no PFS 1066 | // user_pref("security.ssl3.rsa_aes_256_sha", false); // no PFS 1067 | /* 7004: control TLS versions 1068 | * [WHY] Passive fingerprinting and security ***/ 1069 | // user_pref("security.tls.version.min", 3); // [DEFAULT: 3] 1070 | // user_pref("security.tls.version.max", 4); 1071 | /* 7005: disable SSL session IDs [FF36+] 1072 | * [WHY] Passive fingerprinting and perf costs. These are session-only 1073 | * and isolated with network partitioning (FF85+) and/or containers ***/ 1074 | // user_pref("security.ssl.disable_session_identifiers", true); 1075 | /* 7007: referers 1076 | * [WHY] Only cross-origin referers (1602, 5510) matter ***/ 1077 | // user_pref("network.http.sendRefererHeader", 2); 1078 | // user_pref("network.http.referer.trimmingPolicy", 0); 1079 | /* 7008: set the default Referrer Policy [FF59+] 1080 | * 0=no-referer, 1=same-origin, 2=strict-origin-when-cross-origin, 3=no-referrer-when-downgrade 1081 | * [WHY] Defaults are fine. They can be overridden by a site-controlled Referrer Policy ***/ 1082 | // user_pref("network.http.referer.defaultPolicy", 2); // [DEFAULT: 2] 1083 | // user_pref("network.http.referer.defaultPolicy.pbmode", 2); // [DEFAULT: 2] 1084 | /* 7010: disable HTTP Alternative Services [FF37+] 1085 | * [WHY] Already isolated with network partitioning (FF85+) ***/ 1086 | // user_pref("network.http.altsvc.enabled", false); 1087 | /* 7011: disable website control over browser right-click context menu 1088 | * [WHY] Just use Shift-Right-Click ***/ 1089 | // user_pref("dom.event.contextmenu.enabled", false); 1090 | /* 7012: disable icon fonts (glyphs) and local fallback rendering 1091 | * [WHY] Breakage, font fallback is equivalency, also RFP 1092 | * [1] https://bugzilla.mozilla.org/789788 1093 | * [2] https://gitlab.torproject.org/legacy/trac/-/issues/8455 ***/ 1094 | // user_pref("gfx.downloadable_fonts.enabled", false); // [FF41+] 1095 | // user_pref("gfx.downloadable_fonts.fallback_delay", -1); 1096 | /* 7013: disable Clipboard API 1097 | * [WHY] Fingerprintable. Breakage. Cut/copy/paste require user 1098 | * interaction, and paste is limited to focused editable fields ***/ 1099 | // user_pref("dom.event.clipboardevents.enabled", false); 1100 | /* 7014: disable System Add-on updates 1101 | * [WHY] It can compromise security. System addons ship with prefs, use those ***/ 1102 | // user_pref("extensions.systemAddon.update.enabled", false); // [FF62+] 1103 | // user_pref("extensions.systemAddon.update.url", ""); // [FF44+] 1104 | /* 7015: enable the DNT (Do Not Track) HTTP header 1105 | * [WHY] DNT is enforced with Tracking Protection which is used in ETP Strict (2701) ***/ 1106 | // user_pref("privacy.donottrackheader.enabled", true); 1107 | /* 7016: customize ETP settings 1108 | * [NOTE] FPP (fingerprintingProtection) is ignored when RFP (4501) is enabled 1109 | * [WHY] Arkenfox only supports strict (2701) which sets these at runtime ***/ 1110 | // user_pref("network.cookie.cookieBehavior", 5); // [DEFAULT: 5] 1111 | // user_pref("network.cookie.cookieBehavior.optInPartitioning", true); // [ETP FF132+] 1112 | // user_pref("network.http.referer.disallowCrossSiteRelaxingDefault", true); 1113 | // user_pref("network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", true); // [FF100+] 1114 | // user_pref("privacy.bounceTrackingProtection.mode", 1); // [FF131+] [ETP FF133+] 1115 | // user_pref("privacy.fingerprintingProtection", true); // [FF114+] [ETP FF119+] 1116 | // user_pref("privacy.partition.network_state.ocsp_cache", true); // [DEFAULT: true] 1117 | // user_pref("privacy.query_stripping.enabled", true); // [FF101+] 1118 | // user_pref("privacy.trackingprotection.enabled", true); 1119 | // user_pref("privacy.trackingprotection.socialtracking.enabled", true); 1120 | // user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true] 1121 | // user_pref("privacy.trackingprotection.fingerprinting.enabled", true); // [DEFAULT: true] 1122 | /* 7017: disable service workers 1123 | * [WHY] Already isolated with TCP (2701) behind a pref (2710) ***/ 1124 | // user_pref("dom.serviceWorkers.enabled", false); 1125 | /* 7018: disable Web Notifications [FF22+] 1126 | * [WHY] Web Notifications are behind a prompt (7002) 1127 | * [1] https://blog.mozilla.org/en/products/firefox/block-notification-requests/ ***/ 1128 | // user_pref("dom.webnotifications.enabled", false); 1129 | /* 7019: disable Push Notifications [FF44+] 1130 | * [WHY] Website "push" requires subscription, and the API is required for CRLite (1224) 1131 | * [NOTE] To remove all subscriptions, reset "dom.push.userAgentID" 1132 | * [1] https://support.mozilla.org/kb/push-notifications-firefox ***/ 1133 | // user_pref("dom.push.enabled", false); 1134 | /* 7020: disable WebRTC (Web Real-Time Communication) 1135 | * [WHY] Firefox desktop uses mDNS hostname obfuscation and the private IP is never exposed until 1136 | * required in TRUSTED scenarios; i.e. after you grant device (microphone or camera) access 1137 | * [TEST] https://browserleaks.com/webrtc 1138 | * [1] https://groups.google.com/g/discuss-webrtc/c/6stQXi72BEU/m/2FwZd24UAQAJ 1139 | * [2] https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-mdns-ice-candidates#section-3.1.1 ***/ 1140 | // user_pref("media.peerconnection.enabled", false); 1141 | /* 7021: enable GPC (Global Privacy Control) in non-PB windows 1142 | * [WHY] Passive and active fingerprinting. Mostly redundant with Tracking Protection 1143 | * in ETP Strict (2701) and sanitizing on close (2800s) ***/ 1144 | // user_pref("privacy.globalprivacycontrol.enabled", true); 1145 | 1146 | /*** [SECTION 8000]: DON'T BOTHER: FINGERPRINTING 1147 | [WHY] They are insufficient to help anti-fingerprinting and do more harm than good 1148 | [WARNING] DO NOT USE with RFP. RFP already covers these and they can interfere 1149 | ***/ 1150 | user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan"); 1151 | /* 8001: prefsCleaner: reset items useless for anti-fingerprinting ***/ 1152 | // user_pref("browser.display.use_document_fonts", ""); 1153 | // user_pref("browser.zoom.siteSpecific", ""); 1154 | // user_pref("device.sensors.enabled", ""); 1155 | // user_pref("dom.enable_performance", ""); 1156 | // user_pref("dom.enable_resource_timing", ""); 1157 | // user_pref("dom.gamepad.enabled", ""); 1158 | // user_pref("dom.maxHardwareConcurrency", ""); 1159 | // user_pref("dom.w3c_touch_events.enabled", ""); 1160 | // user_pref("dom.webaudio.enabled", ""); 1161 | // user_pref("font.system.whitelist", ""); 1162 | // user_pref("general.appname.override", ""); 1163 | // user_pref("general.appversion.override", ""); 1164 | // user_pref("general.buildID.override", ""); 1165 | // user_pref("general.oscpu.override", ""); 1166 | // user_pref("general.platform.override", ""); 1167 | // user_pref("general.useragent.override", ""); 1168 | // user_pref("media.navigator.enabled", ""); 1169 | // user_pref("media.ondevicechange.enabled", ""); 1170 | // user_pref("media.video_stats.enabled", ""); 1171 | // user_pref("media.webspeech.synth.enabled", ""); 1172 | // user_pref("ui.use_standins_for_native_colors", ""); 1173 | // user_pref("webgl.enable-debug-renderer-info", ""); 1174 | 1175 | /*** [SECTION 8500]: TELEMETRY 1176 | Arkenfox does not consider Firefox telemetry to be a privacy or security concern - comments below. 1177 | But since most arkenfox users prefer it disabled, we'll do that rather than cause overrides. 1178 | 1179 | Opt-out 1180 | - Telemetry is essential: a browser engine is a _very_ large complex beast costing billions to maintain 1181 | - Opt-in telemetry _does not_ work and results in data that is unrepresentative and may be misleading 1182 | Choice 1183 | - Every new profile on first use provides data collection/use policy and the abillty to opt-out 1184 | - It can be disabled at any time (Settings>Privacy & Security>Data Collection and Use) 1185 | Data 1186 | - no PII (Personally Identifiable Information) 1187 | - can be viewed in about:telemetry 1188 | - uses Prio [1][2][3], Glean [4], Oblivious HTTP [5][6] 1189 | 1190 | [1] https://crypto.stanford.edu/prio/ 1191 | [2] https://hacks.mozilla.org/2018/10/testing-privacy-preserving-telemetry-with-prio/ 1192 | [3] https://blog.mozilla.org/security/2019/06/06/next-steps-in-privacy-preserving-telemetry-with-prio/ 1193 | [4] https://firefox-source-docs.mozilla.org/toolkit/components/glean/index.html 1194 | [5] https://firefox-source-docs.mozilla.org/toolkit/components/glean/user/ohttp.html 1195 | [6] https://blog.mozilla.org/en/tag/oblivious-http/ 1196 | ***/ 1197 | user_pref("_user.js.parrot", "8500 syntax error: the parrot's off the twig!"); 1198 | /* 8500: disable new data submission [FF41+] 1199 | * If disabled, no policy is shown or upload takes place, ever 1200 | * [1] https://bugzilla.mozilla.org/1195552 ***/ 1201 | user_pref("datareporting.policy.dataSubmissionEnabled", false); 1202 | /* 8501: disable Health Reports 1203 | * [SETTING] Privacy & Security>Firefox Data Collection and Use>Send technical... data ***/ 1204 | user_pref("datareporting.healthreport.uploadEnabled", false); 1205 | /* 0802: disable telemetry 1206 | * The "unified" pref affects the behavior of the "enabled" pref 1207 | * - If "unified" is false then "enabled" controls the telemetry module 1208 | * - If "unified" is true then "enabled" only controls whether to record extended data 1209 | * [NOTE] "toolkit.telemetry.enabled" is now LOCKED to reflect prerelease (true) or release builds (false) [2] 1210 | * [1] https://firefox-source-docs.mozilla.org/toolkit/components/telemetry/telemetry/internals/preferences.html 1211 | * [2] https://medium.com/georg-fritzsche/data-preference-changes-in-firefox-58-2d5df9c428b5 ***/ 1212 | user_pref("toolkit.telemetry.unified", false); 1213 | user_pref("toolkit.telemetry.enabled", false); // see [NOTE] 1214 | user_pref("toolkit.telemetry.server", "data:,"); 1215 | user_pref("toolkit.telemetry.archive.enabled", false); 1216 | user_pref("toolkit.telemetry.newProfilePing.enabled", false); // [FF55+] 1217 | user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); // [FF55+] 1218 | user_pref("toolkit.telemetry.updatePing.enabled", false); // [FF56+] 1219 | user_pref("toolkit.telemetry.bhrPing.enabled", false); // [FF57+] Background Hang Reporter 1220 | user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); // [FF57+] 1221 | /* 8503: disable Telemetry Coverage 1222 | * [1] https://blog.mozilla.org/data/2018/08/20/effectively-measuring-search-in-firefox/ ***/ 1223 | user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF] 1224 | user_pref("toolkit.coverage.opt-out", true); // [FF64+] [HIDDEN PREF] 1225 | user_pref("toolkit.coverage.endpoint.base", ""); 1226 | 1227 | /*** [SECTION 9000]: NON-PROJECT RELATED ***/ 1228 | user_pref("_user.js.parrot", "9000 syntax error: the parrot's cashed in 'is chips!"); 1229 | /* 9001: disable welcome notices ***/ 1230 | user_pref("browser.startup.homepage_override.mstone", "ignore"); // [HIDDEN PREF] 1231 | /* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/ 1232 | user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false); 1233 | user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false); 1234 | /* 9004: disable search terms [FF110+] 1235 | * [SETTING] Search>Search Bar>Use the address bar for search and navigation>Show search terms instead of URL... ***/ 1236 | user_pref("browser.urlbar.showSearchTerms.enabled", false); 1237 | 1238 | /*** [SECTION 9999]: DEPRECATED / RENAMED ***/ 1239 | user_pref("_user.js.parrot", "9999 syntax error: the parrot's shuffled off 'is mortal coil!"); 1240 | /* ESR128.x still uses all the following prefs 1241 | // [NOTE] replace the * with a slash in the line above to re-enable active ones 1242 | // FF132 1243 | /* 2617: remove webchannel whitelist 1244 | // [-] https://bugzilla.mozilla.org/1275612 1245 | // user_pref("webchannel.allowObject.urlWhitelist", ""); 1246 | // ***/ 1247 | 1248 | /* END: internal custom pref to test for syntax errors ***/ 1249 | user_pref("_user.js.parrot", "SUCCESS: No no he's not dead, he's, he's restin'!"); 1250 | 1251 | /****** 1252 | HOME: https://github.com/crssi/Firefox 1253 | INFO: Supplement for arkenfox user.js; https://github.com/arkenfox/user.js; inline with commit 3d76c74 on 6.3.2025 1254 | NOTE: Before proceeding further, make a backup of your current profile 1255 | 1256 | 1. Download user.js from https://raw.githubusercontent.com/arkenfox/user.js/master/user.js, append this file and place it into "profile folder" 1257 | NOTE: To find "profile folder" location, enter "about:support" into urlbar and on "Profile Folder" row click "Open Folder" button 1258 | 2. Firefox -> Hamburger menu -> Settings -> General -> General -> Tabs -> Settings... 1259 | Remove all containers 1260 | Firefox -> Options -> Search 1261 | Default Search Engine: duckduckgo 1262 | Show search suggestions ahead of browsing history in address bar results: Uncheck 1263 | 3. Install extensions (see Extensions section) and setup by instructions 1264 | NOTE: all changes are addition to default settings, so you can use them as a reference for your own settings 1265 | 4. To enable SSO for enterprise specific realm/domain enter domain list (comma separated without spaces) into preferences (about:config) network.negotiate-auth.trusted-uris and network.automatic-ntlm-auth.trusted-uris 1266 | 1267 | ESSENTIAL EXTENSIONS: 1268 | Privacy-Oriented Origin Policy; https://addons.mozilla.org/firefox/addon/privacy-oriented-origin-policy/ (https://github.com/claustromaniac/poop/) 1269 | Type filters 1270 | script: Check 1271 | xmlhttprequest (XHR): Check 1272 | Exclusions 1273 | Exclusions: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/POOP-Exclusions.txt 1274 | Click [Save] 1275 | Skip Redirect; https://addons.mozilla.org/firefox/addon/skip-redirect/ (https://github.com/sblask/webextension-skip-redirect/) 1276 | No-skip-urls-list: Copy/Paste from https://raw.githubusercontent.com/crssi/Firefox/master/Skip_Redirect-Blacklist.txt 1277 | Notifications 1278 | Enable popup: Uncheck 1279 | Temporary Containers Plus; https://addons.mozilla.org/firefox/addon/temporary-containers-plus/ (https://github.com/GodKratos/temporary-containers/) 1280 | Export/Import 1281 | Import Preferences 1282 | Click [Import from local file]: Download from https://raw.githubusercontent.com/crssi/Firefox/master/temporary_containers_preferences.json 1283 | uBlock Origin; https://addons.mozilla.org/firefox/addon/ublock-origin/ (https://github.com/uBlockOrigin/uBlock-issues/) 1284 | Settings 1285 | Click [Restore from file...]: https://raw.githubusercontent.com/crssi/Firefox/master/my-ublock-backup.txt 1286 | 1287 | USEFUL/INTERESTING EXTENSIONS: 1288 | IMDb Search (Internet Movie Database); https://addons.mozilla.org/firefox/addon/imdb-search-all/ (https://github.com/docmalkovich/firefox-imdb-search) 1289 | Keepa.com - Amazon Price Tracker; https://addons.mozilla.org/firefox/addon/keepa/ 1290 | Maximize All Windows (Minimalist Version); https://addons.mozilla.org/firefox/addon/maximize-all-windows-minimal/ (https://github.com/ericchase/maximize-all-windows/tree/master-minimal/) 1291 | URLs List; https://addons.mozilla.org/firefox/addon/urls-list/ (https://github.com/moritz-h/urls-list/) 1292 | Simple Translate (https://addons.mozilla.org/firefox/addon/simple-translate/) 1293 | Switch Container Plus (https://addons.mozilla.org/firefox/addon/switch-container-plus/) 1294 | 1295 | ARCHIVED/INTERESTING EXTENSIONS: 1296 | Bitwarden - Free Password Manager; https://addons.mozilla.org/firefox/addon/bitwarden-password-manager/ (https://github.com/bitwarden/, https://bitwarden.com/) 1297 | Certainly Something (Certificate Viewer); https://addons.mozilla.org/firefox/addon/certainly-something/ (https://github.com/april/certainly-something/) 1298 | Cookie Quick Manager; https://addons.mozilla.org/firefox/addon/cookie-quick-manager/ (https://github.com/ysard/cookie-quick-manager/) 1299 | I still don't care about cookies; https://addons.mozilla.org/firefox/addon/istilldontcareaboutcookies/ (https://github.com/OhMyGuus/I-Dont-Care-About-Cookies/) 1300 | IndicateTLS; https://addons.mozilla.org/firefox/addon/indicatetls/ (https://github.com/jannispinter/indicatetls/) 1301 | SixIndicator; https://addons.mozilla.org/firefox/addon/sixindicator/ (https://github.com/HostedDinner/SixIndicator/) 1302 | Smart Referer; https://addons.mozilla.org/firefox/addon/smart-referer/ (https://gitlab.com/smart-referer/smart-referer/) 1303 | Whitelist Sources: Add https://raw.githubusercontent.com/crssi/Firefox/master/Smart_Referer-Whitelist.txt 1304 | 1305 | 1306 | ******/ 1307 | 1308 | /*** PERSONAL AND ANNOYANCES TWEAKS ***/ 1309 | /* 0800x */ user_pref("browser.urlbar.matchBuckets", "general:15,suggestion:Infinity"); // resets 0801 and must be applied before 1310 | /* 0804 */ user_pref("browser.search.suggest.enabled", true); // enable live search suggestions 1311 | /* 0804 */ user_pref("browser.urlbar.suggest.searches", true); // show search suggestions in address bar results 1312 | /* 4513 */ user_pref("browser.link.open_newwindow.restriction", 2); // don't like that a new window is forcibly opened fullsize 1313 | /* 5011 */ user_pref("browser.urlbar.maxRichResults", 16); // number of urlbar search results 1314 | /* 5012 */ user_pref("browser.urlbar.autoFill", false); // disable location bar autofill 1315 | /* 9000x */ user_pref("browser.tabs.closeWindowWithLastTab", false); // do not close FF with the last tab 1316 | /* 9000x */ user_pref("browser.tabs.loadBookmarksInTabs", true); // open bookmark in a new tab 1317 | /* 9000x */ user_pref("browser.urlbar.decodeURLsOnCopy", true); // see Bugzilla 1320061 1318 | /* 9000x */ user_pref("full-screen-api.warning.timeout", 0); // remove fullscreen message annoyance 1319 | /* 9000x */ user_pref("general.autoScroll", false); // disable mouse middle-click scroll annoyance 1320 | /* 9000x */ user_pref("ui.key.menuAccessKey", 0); // disable alt key toggling the menu bar 1321 | /* 9000x */ user_pref("browser.tabs.selectOwnerOnClose", false); // set tab first to the left of closed tab as active 1322 | /* 9000x */ user_pref("browser.translations.automaticallyPopup", false); // do not show translation popup 1323 | /* 9000x */ user_pref("browser.urlbar.showSearchSuggestionsFirst", false) // Show search suggestions ahead of browsing history in address bar results 1324 | /* 9000x */ user_pref("browser.urlbar.suggest.topsites", false); // don't show top sites suggestion in url bar 1325 | /* 9000x */ user_pref("findbar.highlightAll", true); // highlight all hits on search 1326 | 1327 | /*** BREAKAGE AND SECURITY TWEAKS ***/ 1328 | /* 0701 */ user_pref("network.dns.disableIPv6", true); //disable IPv6 1329 | /* 1201 */ user_pref("security.ssl.require_safe_negotiation", false); // do not force require_safe_negotiation 1330 | /* 1212 ?*/ user_pref("security.OCSP.require", false); // allow connection if OCSP not reacheable; when OCSP is enabled 1331 | /* 1223 */ user_pref("security.cert_pinning.enforcement_level", 1); // set to default to avoid AntiVirus breakage 1332 | /* 4503 */ user_pref("privacy.resistFingerprinting.block_mozAddonManager", false); // enable AMO to work as intended, 2662 must be default 1333 | /* 5001 */ user_pref("browser.privatebrowsing.autostart", false); // disable PB 1334 | /* 9000e */ user_pref("network.automatic-ntlm-auth.allow-non-fqdn", true); // enable SSO for hostnames 1335 | 1336 | user_pref("_user.js.parrot", "Eagle has landed!"); 1337 | --------------------------------------------------------------------------------