Last active
August 2, 2024 10:44
-
-
Save brainfucksec/68e79da1c965aeaa4782914afd8f7fa2 to your computer and use it in GitHub Desktop.
user.js - brainfucksec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/********************************************************************* | |
* | |
* Name: user.js | brainfucksec | |
* Descr.: Mozilla Firefox configuration file: `user.js` | |
* Version: 0.22.0 | |
* Date: 2024-08-01 | |
* URL: https://gist.github.com/brainfucksec/68e79da1c965aeaa4782914afd8f7fa2 | |
* Maintainer: brainf+ck | |
* | |
* Info: | |
* Set preferences for the selected profile when Firefox start. | |
* Copy this file on Firefox Profile folder. You should create a new profile | |
* to be used with this file. | |
* | |
* See: | |
* Create, remove or switch Firefox profiles: | |
* https://support.mozilla.org/en-US/kb/profile-manager-create-remove-switch-firefox-profiles?redirectslug=profile-manager-create-and-remove-firefox-profiles&redirectlocale=en-US | |
* | |
* Back up and restore information in Firefox profiles: | |
* https://support.mozilla.org/en-US/kb/back-and-restore-information-firefox-profiles | |
* | |
* For more information how to use this file see: | |
* https://kb.mozillazine.org/User.js_file | |
* https://github.com/arkenfox/user.js/wiki/1.1-Overview | |
* | |
* For "about:config" entries see: | |
* https://searchfox.org/mozilla-release/source/modules/libpref/init/all.js | |
* | |
* Thanks to: | |
* arkenfox/user.js: https://github.com/arkenfox/user.js | |
* LibreWolf: https://librewolf.net/ | |
* | |
**********************************************************************/ | |
/********************************************************************* | |
* | |
* Variable format: | |
* user_pref("<entry>", <boolean> || <number> || "<string>"); | |
* | |
* Keywords used in comments: | |
* - [Windows], [Linux] etc. - The option is valid only for the indicated operating system. | |
* - [Non-Windows] - The option is valid for all operating systems other than Windows | |
* - [HIDDEN PREF] - Option that must be enabled in order to change its default value or to be used. | |
* | |
* NOTE: Settings with default value "false" are not present (with some exceptions for clarity). | |
* | |
* INDEX: | |
* - STARTUP SETTINGS | |
* - GEOLOCATION | |
* - LANGUAGE / LOCALE | |
* - RECOMMENDATIONS | |
* - TELEMETRY | |
* - STUDIES | |
* - CRASH REPORTS | |
* - CAPTIVE PORTAL DETECTION / NETWORK CHECKS | |
* - SAFE BROWSING | |
* - NETWORK: DNS, PROXY, IPV6 | |
* - SEARCH BAR: SUGGESTIONS, AUTOFILL | |
* - PASSWORDS | |
* - DISK CACHE / MEMORY | |
* - HTTPS / SSL/TLS / OSCP / CERTS | |
* - HEADERS / REFERERS | |
* - AUDIO/VIDEO: WEBRTC, WEBGL, DRM | |
* - DOWNLOADS | |
* - COOKIES | |
* - UI FEATURES | |
* - EXTENSIONS | |
* - SHUTDOWN SETTINGS | |
* - FINGERPRINTING (RFP) | |
* | |
*********************************************************************/ | |
/********************************************************************* | |
* STARTUP SETTINGS | |
*********************************************************************/ | |
// Disable about:config warning | |
user_pref("browser.aboutConfig.showWarning", false); | |
// Disable default browser check | |
//user_pref("browser.shell.checkDefaultBrowser", false); | |
/* Set startup home page: | |
* 0 = blank | |
* 1 = home | |
* 2 = last visited page | |
* 3 = resume previous session */ | |
user_pref("browser.startup.page", 1); | |
/* Set Home + New Window page: | |
* about:home = Firefox Home (default) | |
* about:blank = custom URL */ | |
user_pref("browser.startup.homepage", "about:home"); | |
/* Set NEWTAB page: | |
* true = Firefox Home (default), false = blank page */ | |
user_pref("browser.newtabpage.enabled", false); | |
// Disable Firefox Home (Activity Stream) telemetry | |
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); | |
user_pref("browser.newtabpage.activity-stream.telemetry", false); | |
// Disable sponsored content on Firefox Home (Activity Stream) | |
user_pref("browser.newtabpage.activity-stream.showSponsored", false); | |
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); | |
// Sponsored shortcuts: clear default topsites | |
user_pref("browser.newtabpage.activity-stream.default.sites", ""); | |
/********************************************************************* | |
* GEOLOCATION | |
*********************************************************************/ | |
// Use Mozilla geolocation service instead of Google if permission is granted | |
user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); | |
// Disable using the OS’s geolocation service | |
//user_pref("geo.provider.ms-windows-location", false); // [Windows] | |
//user_pref("geo.provider.use_corelocation", false); // [macOS] | |
user_pref("geo.provider.use_gpsd", false); // [Linux] [HIDDEN PREF] | |
user_pref("geo.provider.use_geoclue", false); // [Linux] | |
/********************************************************************* | |
* LANGUAGE / LOCALE | |
*********************************************************************/ | |
// Set language for displaying web pages: | |
user_pref("intl.accept_languages", "en-US, en"); | |
user_pref("javascript.use_us_english_locale", true); // [HIDDEN PREF] | |
/********************************************************************* | |
* RECOMMENDATIONS | |
*********************************************************************/ | |
// Disable recommendation pane in about:addons (use Google Analytics) | |
user_pref("extensions.getAddons.showPane", false); // [HIDDEN PREF] | |
// Disable recommendations in about:addons Extensions and Themes panes | |
user_pref("extensions.htmlaboutaddons.recommendations.enabled", false); | |
// Disable personalized Extension Recommendations in about:addons | |
user_pref("browser.discovery.enabled", false); | |
/********************************************************************* | |
* TELEMETRY | |
*********************************************************************/ | |
// Disable new data submission | |
user_pref("datareporting.policy.dataSubmissionEnabled", false); | |
// Disable Health Reports | |
user_pref("datareporting.healthreport.uploadEnabled", false); | |
// Disable telemetry | |
user_pref("toolkit.telemetry.enabled", false); // Default: false | |
user_pref("toolkit.telemetry.unified", false); | |
user_pref("toolkit.telemetry.server", "data:,"); | |
user_pref("toolkit.telemetry.archive.enabled", false); | |
user_pref("toolkit.telemetry.newProfilePing.enabled", false); | |
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false); | |
user_pref("toolkit.telemetry.updatePing.enabled", false); | |
user_pref("toolkit.telemetry.bhrPing.enabled", false); // bhr = Background Hang Reporter | |
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false); | |
user_pref("toolkit.telemetry.coverage.opt-out", true); // [HIDDEN PREF] | |
user_pref("toolkit.coverage.opt-out", true); // [HIDDEN PREF] | |
user_pref("toolkit.coverage.endpoint.base.", ""); | |
// Disable PingCentre telemetry (used in several System Add-ons) | |
user_pref("browser.ping-centre.telemetry", false); | |
/********************************************************************* | |
* STUDIES | |
*********************************************************************/ | |
// Disable studies | |
user_pref("app.shield.optoutstudies.enabled", false); | |
// Disable normandy/shield (telemetry system), https://mozilla.github.io/normandy/ | |
user_pref("app.normandy.enabled", false); | |
user_pref("app.normandy.api_url", ""); | |
/********************************************************************* | |
* CRASH REPORTS | |
*********************************************************************/ | |
// Disable crash reports | |
user_pref("breakpad.reportURL", ""); | |
user_pref("browser.tabs.crashReporting.sendReport", false); | |
/********************************************************************* | |
* CAPTIVE PORTAL DETECTION / NETWORK CHECKS | |
*********************************************************************/ | |
// Disable captive portal detection | |
user_pref("captivedetect.canonicalURL", ""); | |
user_pref("network.captive-portal-service.enabled", false); | |
// Disable network connections checks | |
user_pref("network.connectivity-service.enabled", false); | |
/********************************************************************* | |
* SAFE BROWSING | |
*********************************************************************/ | |
// Disable safe browsing service | |
user_pref("browser.safebrowsing.malware.enabled", false); | |
user_pref("browser.safebrowsing.phishing.enabled", false); | |
// Disable list of blocked URI | |
user_pref("browser.safebrowsing.blockedURIs.enabled", false); | |
// Disable fetch of updates | |
user_pref("browser.safebrowsing.provider.google4.gethashURL", ""); | |
user_pref("browser.safebrowsing.provider.google4.updateURL", ""); | |
user_pref("browser.safebrowsing.provider.google.gethashURL", ""); | |
user_pref("browser.safebrowsing.provider.google.updateURL", ""); | |
user_pref("browser.safebrowsing.provider.google4.dataSharingURL", ""); | |
// Disable checks for downloads | |
user_pref("browser.safebrowsing.downloads.enabled", false); | |
user_pref("browser.safebrowsing.downloads.remote.enabled", false); | |
user_pref("browser.safebrowsing.downloads.remote.url", ""); | |
// Disable checks for unwanted software | |
user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false); | |
user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); | |
// Disable bypasses the block of safe browsing with a click for current session | |
user_pref("browser.safebrowsing.allowOverride", false); | |
/********************************************************************* | |
* NETWORK: DNS, PROXY, IPv6 | |
*********************************************************************/ | |
// Disable link prefetching | |
user_pref("network.prefetch-next", false); | |
// Disable DNS prefetching | |
user_pref("network.dns.disablePrefetch", true); | |
// Disable predictor | |
user_pref("network.predictor.enabled", false); | |
// Disable link-mouseover opening connection to linked server | |
user_pref("network.http.speculative-parallel-limit", 0); | |
// Disable mousedown speculative connections on bookmarks and history | |
user_pref("browser.places.speculativeConnect.enabled", false); | |
// Disable IPv6 | |
user_pref("network.dns.disableIPv6", true); | |
/* Disable "GIO" protocols as a potential proxy bypass vectors | |
* https://en.wikipedia.org/wiki/GVfs | |
* https://en.wikipedia.org/wiki/GIO_(software) */ | |
user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] | |
// Disable using UNC (Uniform Naming Convention) paths (prevent proxy bypass) | |
user_pref("network.file.disable_unc_paths", true); // [HIDDEN PREF] | |
// Remove special permissions for certain mozilla domains | |
user_pref("permissions.manager.defaultsUrl", ""); | |
// Use Punycode in Internationalized Domain Names to eliminate possible spoofing | |
user_pref("network.IDN_show_punycode", true); | |
/********************************************************************* | |
* SEARCH BAR: SUGGESTIONS, AUTOFILL | |
*********************************************************************/ | |
// Disable search suggestions | |
user_pref("browser.search.suggest.enabled", false); | |
user_pref("browser.urlbar.suggest.searches", false); | |
// Disable urlbar trending search suggestions | |
user_pref("browser.urlbar.trending.featureGate", false); | |
// Disable urlbar suggestions | |
user_pref("browser.urlbar.addons.featureGate", false); | |
user_pref("browser.urlbar.mdn.featureGate", false); // [HIDDEN PREF] | |
// Disable location bar making speculative connections | |
user_pref("browser.urlbar.speculativeConnect.enabled", false); | |
// Disable search and form history | |
user_pref("browser.formfill.enable", false); | |
// Disable Form Autofill | |
user_pref("extensions.formautofill.addresses.enabled", false); | |
user_pref("extensions.formautofill.creditCards.enabled", false); | |
/********************************************************************* | |
* PASSWORDS | |
*********************************************************************/ | |
// Disable saving passwords | |
user_pref("signon.rememberSignons", false); | |
// Disable autofill login and passwords | |
user_pref("signon.autofillForms", false); | |
// Disable formless login capture for Password Manager | |
user_pref("signon.formlessCapture.enabled", false); | |
/* Hardens against potential credentials phishing: | |
* 0 = don't allow sub-resources to open HTTP authentication credentials dialogs | |
* 1 = don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs | |
* 2 = allow sub-resources to open HTTP authentication credentials dialogs (default) */ | |
user_pref("network.auth.subresource-http-auth-allow", 1); | |
/********************************************************************* | |
* DISK CACHE / MEMORY | |
*********************************************************************/ | |
// Disable disk cache | |
user_pref("browser.cache.disk.enable", false); | |
// Disable media cache from writing to disk in Private Browsing | |
user_pref("browser.privatebrowsing.forceMediaMemoryCache", true); | |
user_pref("media.memory_cache_max_size", 65536); | |
/* Disable storing extra session data (cookies, POST data, etc.): | |
* 0 = everywhere | |
* 1 = unencrypted sites | |
* 2 = nowhere */ | |
user_pref("browser.sessionstore.privacy_level", 2); | |
// Disable resuming session from crash | |
user_pref("browser.sessionstore.resume_from_crash", false); | |
// Disable automatic Firefox start and session restore after reboot [Windows] | |
user_pref("toolkit.winRegisterApplicationRestart", false); | |
// Disable page thumbnail collection | |
user_pref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF] | |
// Disable favicons in shortcuts [Windows] | |
user_pref("browser.shell.shortcutFavicons", false); | |
// Delete temporary files opened from non-Private Browsing windows with external apps | |
user_pref("browser.download.start_downloads_in_tmp_dir", true); | |
user_pref("browser.helperApps.deleteTempFileOnExit", true); | |
/********************************************************************* | |
* HTTPS (SSL/TLS, OSC, CERTS) | |
*********************************************************************/ | |
// Enable HTTPS-Only mode in all windows | |
user_pref("dom.security.https_only_mode", true); | |
// Disable sending HTTP request for checking HTTPS support by the server | |
user_pref("dom.security.https_only_mode_send_http_background_request", false); | |
// Display advanced information on Insecure Connection warning pages | |
user_pref("browser.xul.error_pages.expert_bad_cert", true); | |
// Disable TLS 1.3 0-RTT (round-trip time) | |
user_pref("security.tls.enable_0rtt_data", false); | |
// Set OCSP to terminate the connection when a CA isn't validate | |
user_pref("security.OCSP.require", true); | |
/* Enable strict PKP (Public Key Pinning): | |
* 0 = disabled | |
* 1 = allow user MiTM (i.e. your Antivirus) | |
* 2 = strict */ | |
user_pref("security.cert_pinning.enforcement_level", 2); | |
/* Enable CRLite | |
* 0 = disabled | |
* 1 = consult CRLite but only collect telemetry | |
* 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results | |
* 3 = consult CRLite and enforce "Not Revoked" results, but defer to OCSP for "Revoked" (default) */ | |
user_pref("security.remote_settings.crlite_filters.enabled", true); | |
user_pref("security.pki.crlite_mode", 2); | |
/********************************************************************* | |
* HEADERS / REFERERS | |
*********************************************************************/ | |
/* Control when to send a cross-origin referer: | |
* 0 = always (default) | |
* 1 = only if base domains match | |
* 2 = only if hosts match */ | |
user_pref("network.http.referer.XOriginPolicy", 2); | |
/* Control amount of cross-origin information to send: | |
* 0 = send full URI (default): https://example.com:8888/foo/bar.html?id=1234 | |
* 1 = scheme+host+port+path: https://example.com:8888/foo/bar.html | |
* 2 = scheme+host+port: https://example.com:8888 */ | |
user_pref("network.http.referer.XOriginTrimmingPolicy", 2); | |
/********************************************************************* | |
* AUDIO/VIDEO: WebRTC, WebGL | |
*********************************************************************/ | |
// Force WebRTC inside the proxy | |
user_pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); | |
/* Force a single network interface for ICE candidates generation | |
* https://wiki.mozilla.org/Media/WebRTC/Privacy */ | |
user_pref("media.peerconnection.ice.default_address_only", true); | |
// Force exclusion of private IPs from ICE candidates | |
user_pref("media.peerconnection.ice.no_host", true); | |
// Disable WebGL (Web Graphics Library): | |
user_pref("webgl.disabled", true); | |
// Disable DRM Content | |
user_pref("media.eme.enabled", false); | |
/********************************************************************* | |
* DOWNLOADS | |
*********************************************************************/ | |
// Always ask you where to save files: | |
user_pref("browser.download.useDownloadDir", false); | |
// Disable adding downloads to system's "recent documents" list | |
user_pref("browser.download.manager.addToRecentDocs", false); | |
/********************************************************************* | |
* COOKIES | |
*********************************************************************/ | |
/* | |
* Enable ETP (Enhanced Tracking Protection) | |
* ETP strict mode enables Total Cookie Protection (TCP) | |
*/ | |
user_pref("browser.contentblocking.category", "strict"); | |
/********************************************************************* | |
* UI FEATURES | |
*********************************************************************/ | |
// Limit events that can cause a popup | |
user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); | |
// Disable Pocket extension | |
user_pref("extensions.pocket.enabled", false); | |
// Disable PDFJS scripting | |
user_pref("pdfjs.enableScripting", false); | |
/* Enable Containers and show the UI settings | |
* https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers */ | |
user_pref("privacy.userContext.enabled", true); | |
user_pref("privacy.userContext.ui.enabled", true); | |
/********************************************************************* | |
* EXTENSIONS | |
*********************************************************************/ | |
/* Limit allowed extension directories: | |
* 1 = profile | |
* 2 = user | |
* 4 = application | |
* 8 = system | |
* 16 = temporary | |
* 31 = all | |
* The pref value represents the sum: e.g. 5 would be profile and application directories. */ | |
user_pref("extensions.enabledScopes", 5); // [HIDDEN PREF] | |
// Display always the installation prompt | |
user_pref("extensions.postDownloadThirdPartyPrompt", false); | |
/********************************************************************* | |
* SHUTDOWN SETTINGS | |
*********************************************************************/ | |
// Clear history, cookies and site data when Firefox closes | |
user_pref("privacy.sanitize.sanitizeOnShutdown", true); | |
user_pref("privacy.clearOnShutdown.cookies", true); // Cookies | |
user_pref("privacy.clearOnShutdown.offlineApps", true); // Site data | |
/* Set Time range to clear for "Clear Data" and "Clear History" | |
* 0 = everything | |
* 1 = last hour | |
* 2 = last two hours | |
* 3 = last four hours | |
* 4 = today | |
* NOTE: Values 5 (last 5 minutes) and 6 (last 24 hours) are not listed in the dropdown */ | |
user_pref("privacy.sanitize.timeSpan", 0); | |
/********************************************************************* | |
* FINGERPRINTING (RFP) | |
*********************************************************************/ | |
/* RFP (Resist Fingerprinting): | |
* RFP can cause some website breakage: mainly canvas, use a site exception via | |
* the urlbar. | |
* | |
* RFP also has a few side effects: mainly timezone is UTC0, and websites will | |
* prefer light theme. | |
* See: https://bugzilla.mozilla.org/418986 | |
* https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting */ | |
// Enable RFP | |
user_pref("privacy.resistFingerprinting", true); | |
// Increase the size of new RFP windows for better usability | |
user_pref("privacy.window.maxInnerWidth", 1600); | |
user_pref("privacy.window.maxInnerHeight", 900); | |
user_pref("privacy.resistFingerprinting.letterboxing", false); | |
// Disable mozAddonManager Web API | |
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); | |
// Disable using system colors | |
user_pref("browser.display.use_system_colors", false); // [Default: false] [Non-Windows] | |
// Set all open window methods to abide by "browser.link.open_newwindow" | |
user_pref("browser.link.open_newwindow.restriction", 0); |
"privacy.clearOnShutdown.sitesettings" does not match the website
Hi @Gerenuk the entries are all correct.
Hi! With these settings, websites can no longer be loaded in dark mode.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
"privacy.clearOnShutdown.sitesettings" does not match the website