Registry and tweaks howtowindowsguides com
Перейти к навигации
Перейти к поиску
Mozilla firefox, of course , is a web browser that will offer the greatest amount of control to consumers regarding safety and tb. Firefox users find many of these parameters presented in the graphic user interface, but the full control of the browser is provided only in the option if the changes are inscribed in the browser configuration. Abriss page or by placing a user.Js file to the firefox user profile.
The next list is located during use. Firefox is constantly updated and wishes can change themselves because. There may also be additional buns and last wishes and the idea of this leadership is to continue the discussion, which is improving such a project on an ongoing basis. , 2017, firefox 51 is stable. List. Note. If you like to use about: config for manipulating these records, get acquainted with our review of the safety and harmlessness of firefox about: configuration settings, which describe different tastes and values, the client can set them. As well as to promote
When you used the catalog, in 2018, try to start with changes in order to find out what is unusual and changed.
For starters, first read the introduction below, a backup copy of the user.Js file, as indicated below, and go through the list in turn to change the room according to your needs.
Loading the list Is proposed to go through the list, before placing the room in the firefox profile directory, if you can disable the options that you need in the course.
Can edit the catalog, in any simple text editor and apply comments syntax // at the dawn of each line to block the taste - from placement. Video at the end.
1. Type o: help in the address panel firefox. 2. Click the “show the folder” link under the main grounds in order to open the page folder in the computer system. Copy the user.Js file dramatically the profile folders. 4. Reload firefox.
Why backup prefs.Js before? Due to the fact that every taste of the user. This means changes remain, even in the case when you remove it later. Press the following link: user.Js-ghacks-0.11.Zip
As an alternative, you can upload the user version of the html list: user.Js light or user.Js dark and downloading, also directly . Expect that future versions will be less often, since magnificent pants (who is this guy? He is a wizard?) Takes responsibility for any action for his own hobbies and helps comments to be created about a couple of days in one bottle.
Assure what you are examining the change in the changes included in the load, since there are made changes made in new modifications.
/****** *Name: ghacks user.Js *date: february 11, 2017 *version: 0.11 final: [white? ] The house of upward trousers * sewed my new blue trousers " * ff version: 51 (ordinary computer) * authors: â flotus: pants vice president: earth of light by order) secretary: martin brinkmann speaker: tom hawk cabinet: only i, konker, rokin jerry, einatar, parker lewis * url: https://www.Ghacks.Net/2015 /08/18/a-comprehreshy-catalogue of-firefox-sechers and-security-setts/ * reading: http://kb.Mozillazine.Org/user.Js_file
Readme/important:
The final readers of this list/file is expected to guess what these drugs write. This is the author’s settings.
The author does not expect ( or really wants) end users are simply launched with which there is. For their own personal.
Extensive addresses, and reviews were added to contribute. Before using this user.Js, if necessary, you need to change , remove or comment with 2 transition cuts all tastes where a person is not satisfied with you doubt.
The settings of the file (user.Js) rewrite which you have in prefs (prefs.Js - to the equipment in access through: config) when ff is launched. See the required reading above.
First backup:
Backing up your profile again, or at least some prefs.Js. Look into the personal assortment of the pages that prefs.Js copy, rename it, for example, on prefs.Js.Backup). Excessively, if there are problems in the tablet to restore ff in the country where it remained in advance, close ff, delete prefs. Js, rename your back -a copy of prefs back to prefs.Js, rename the user. T again rewritten everything, then start ff.If you have any difficulties in stock, you can also ask questions in reviews in ghacks. /Security in a different situation, it would be huge). It is more likely to be a list of settings, which, as usual, favorably differ from their knowledge by default and are focused on the increase in the lack of risks and anonymity, on the production of “more quiet” ff, and to reduce the “fingers” and monitoring; in case of proceedings on functionality. Of these, there will be compromises and incidents. For example, you personally have misunderstandings with the selection of “warning:” in such a norm, especially they are listed a little more modest. The author prefers safety and anonymity to competitors functionality - this may be the ability to place fb, loaded fonts and industrial insignificant inconvenience]. You were warned. - 1208: security.Cert_pinning.Enforments_level - 1209: tls min and max - 1210: disconnect 1024-dh encryption - 1211: disage the sha-1 - 1212: disable the tracking of the ssl - 1401
0100: startup
User_pref ("ghacks_user.Js.Parrot", "0100 syntax error: the parrot's dead!");
//// 0101: disconnect the parameters of the "slow launch" // warning, the history of the discs, greetings, the introduction, eula, browser check user_pref ("browser.Slowstartup. Notificationdisabled ", true); user_pref ("browser. Slowstartup.Maxsamples", 0); user_pref ("browser.Slowstartup.Samples", 0); user_pref ("browser.Rights.3.Shown", true); user_pref ("brower.Rights.3.Shown", true); user_pref (".Startup.Homepage_override.Mstone", "ignore"); user_pref ("startup.Homepage_welcome_url", ""); user_pref ("startup.Homepage_welcome_url.Additional", ");" startup.Homepage_override_url "); user_pref (" browser.Laterrun.Enable ", false); user_pref ("browser. Shell.Checkdefaultbrowser, false); user_pref ("browser. Used onwindows10.Introurl");
// 0102: set the start page (0 = blank, 1 = 1 = 1 = home, 2 = last visit of the page, 3 = resume previous session) // home = browser.Startup.Homepage preference // you can install all this from the options> general> startup // user_pref ("browser.Startup.Page", 0);
0200: geolocation
User_pref ("ghacks_user.Js.Parrot", "0200 syntax error : the parrot definitely died! ”);
// 0201: disconnect the location a-a https://127.0.0.1"); user_pref ("geo.Wifi.Loging.Enabled", false); // (hidden pref) user_pref ("browser.Search.Geoip.Url", ""); user_pref ("geo.Wifi.Xhr.Timeout", 1); user_pref ("browser.Search.Geoip.Timeout ", 1);
/// // 0202: disable the search results based on geoika // note: it cannot be hidden if mozilla has changed your settings due to your localizer /16254 user_pref ("browser.Search.Countrycode", "us"); // (hidden pref) user_pref ("browser.Search.Region", "us"); // (hidden pref)
// 0203: disable using os locale, force app locale user_pref ("intl.Locale.Matchos", false);
// /// 0204: install the local user_pref application ("general.Useragent.Locale", "en-sus");
// 0206: disage geographically specific results/search engines, for example: "browser .Search.*. Us " // i.E. I ignore all the numerous mozilla transactions with several engines at several locals user_pref (" browser.Search.Geopcixdefaults ", false); user_pref (" browser.Search. Efaults .Url "," ");
// 0207: set the tongue in line // warning: drop it by default if you do not want english user_pref (" intl .Accept_languages "," en -us, en ");
// 0208: provides an american english location, regardless of the location of the system // https: // bugzilla .Mozilla.Org/ show_bug.Cgi? Id = 867501 user_pref ("javascript.Use_us_english_locale", true); // (hidden pref)
0300: a quiet fox [part 1]
@> There are no automatic phoning houses for something. You can still do manual updates. It is still important to make updates for security reasons. If you do not update, make sure that you do it manually.
There are many legal reasons for turning off automatic updates, including hijacking monetized extensions, temporary restrictions, outdated problems and fear of breakdowns/errors
User_pref ("ghacks_user.Js.Parrot", "0300 syntax error: the parrot is not kicking for the fjords! ”);
// 0301: disconnect brower auto update // options> advanced> update> never check for updates
User_pref ( "app.Update.Enabled", false); // parameters> advanced> update> use the background service to install updates user_pref ("app.Update.Service.Enabled", false); // make sure that the information about the update is not suppressed user_pref ("app.Update.Silent", false); // disable the setting of the background update user_pref ("app.Update.Staging.Enabled", false);
// 0302: disconnect the update of the browser auto update when you perform manual check user_pref ("app.Update.Auto", false);
// 0303: disable the search update (parameters> advanced> automatic update: search engines) user_pref ("browser.Search.Update", false);
// 0304: disable an automatic inspection of the superstructure for new versions user_pref ("extensions.Update.Enabled", false);
// 0305: disconnect the addon-anto updation user_pref ("extensions.Update.Autouupdatefault", false); /+> // 0306: disconnect the update of the additives of metadata // sends daily pings to mozilla about extensions and recent startups user_pref ("extensions.Getaddddons.Cache.Enable", lie) ;
// 0307: disconnect the automatic renewal of characters (themes) user_pref ("loolweightthemes.Update.Enabled", false);
// 0309: disconnect the reports of the flash -akatia user_pref ("dom.Ipc.Plugins.Flash.Subprocesshreporter.Enable", false);
// 0310: disable the sending of the url -address website where the plugin broke user_pref ("dom.Iplugins.Reportcrashurl", false);
// 0320: disable extension discovery // selected extensions for display in the get addons user_pref ("extensions.Webservice.Discoverurl", "http: //127.0. 0.1 ");
// 0330a: disconnect the telemaria // https://gecko.Readthedocs.Org/en/latest/toolkit/components/telemetry/telemetry/preferences.Html // pref (.Unified) affects the behavior of pref (. @> // if unified = false, then .Enalbed controls the telemetry module // if unified = true, then. Enalbead controls whether expanded data should be recorded //, so make sure that both have installed as false user_pref ("toolkit.Telemetry.Unifiefie", false); user_pref ("toolkit.Telemetry.Enabled", false);
// 0330b: install unifiedisoptin to make sure that telemetry respects the choice of optin and that telemetry // is included only for people who have chosen it, even if the unified telemetry user_pref ("toolkit .Telemetry.Unififysoptin, true); // (hidden pref)
// 0331: delete the url -adaples of server television meteries // 0332: disconnect archiving pings locally - implevant if toolkit.Telemetry.Unified is false user_pref ("toolkit.Telemetry.Archive.Enabled", false);
// 0333a: disconnect the health report user_pref ("datareporting.Healtherport.Uploadenabled ", false); user_pref (" datareporting.Healtherport.Documenterveri "," "); // (hidden pref) user_pref (" datareporting.Healt.Service.Enaenab led ", false); // ( hidden pref)
// 0333b: disconnect: the healthreport page (which connects to mozilla for locale/css+js+json) // if you have turned off health reports, then this is it is useless about the page - disconnect it // if you want to see what health data is present, then they must be installed by default user_pref ("datareporting .Healthreport.Reporturl", "data: text/plain , ");
// 0334a: disable the new presentation of the data, master kill switch (ff41+) // if disconnected, the policy is not displayed or does not happen when -liba // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=11195552 user_pref ("dataareporting.Policy.Datasubmissionenable", false);/+> // 0335: remove telemetry clientid // if you do not, be proactive and install it now for the future check user_pref ("toolkit.Telemetry.Cachedclientid" "");
// 0336: disconnect "halist" (mozilla user rating telemetry) // https://trac.Torproject.Org/projects/tor/ticket/18738 user_pref ("browser.Selfsupport.Enabled", false); // (hidden pref) user_pref ("browser.Selfsupport.Url", "");
// 0340: disconnect the experiments // https: // wiki. Mozilla.Org/telemetry/experments user_pref ("experiments.Enabled", false); user_pref ("experents.Manifest.Uri", "" "); user_pref ("experments.Supperted", false); user_pref ("experents.Activeexperiment", false);
// 0341: disconnect the resolution of mozilla to silently bring you to the tests user_pref ("network.Allow-experents", false);
// 0350: disconnect reports on the failures: disable the sending of reports on failures (ff44+) user_pref ("browser.Tabs.Crashreporting.Sendreport", false);
// 0360: disconnect new advertisements and preliminary loads and marketing. Junk user_pref ("browser.Newtab.Peload", false); user_pref ("browser.Newtabpage.Directory.Ping", "data: text/plain"); user_pref ("browser. Newtabpage.Directory.Source", "data: text/plain,"); user_pref ("browser.Newtabpage.Enabled", false); user_pref ("browser.Newtabpage.Enhanded", false); @> user_pref ("browser.Newtabpage.Introshown", true);
// 0370: disconnect “fragments” (mozilla content shown on the main screen) // https: //wiki.Mozilla.Org/firefox/profox/firefox_start/snipet_service // i should use https - industrial content entered into this page via http, opens the attacks by mitm user_pref ("browser.Abouthomesnippets.Updaturl https://127.0.0.1");
// 0373: disconnect the "pocket" (the third party "to save for the subsequent" service) and delete the url -adresa for a good measure // note: important: remove your pocket icon from your first toolbars // https://www.Gnu.Gl/blog/posts/multiple-vulnerabilites-in-pocket/ user_pref ("extensions.Pocket.Enabled", false); user_pref ("extensions.Pocket.Api", "" "); user_pref ("extensions.Pocket.Site", ""); user_pref ("extensions.Pocket.Oauthconsumerkey");
// 0374: disconnect the "social" integration // https://developer.Mozilla.Org/en-us/docs/mozilla/projects/social_api user_pref ( "social.Whitelist", ""); user_pref ("social.Toast-notifications.Enabled", false); user_pref ("social.Sharedirectory", "" "); user_pref ("socual.Remote-install.Enabled", false); user_pref ("social.Directories", "" "); user_pref ("social.Share.Activationpanelenbled", false); user_pref ("social.Enabled", false); // (hidden pref)
// 0375: disconnect the "representer of the reader" user_pref ("reader.Parse-on-load.Enable", false);
// 0376: disconnect flyweb, a set of api for advertising and detecting local-rea // https://wiki.Mozilla.Org/flyweb // https: // www.Ghacks.Net/2016/07/26/firefox-flyweb/ user_pref ("dom.Flyweb.Enabled", false);
// 0380: disable synchronization user_pref ("services.Sync.Enabled", false); // (hidden pref)
0400: a quiet fox [part 2]
In this section there are consequences for protecting safety and tracking compared to confidentiality problems.
These settings are designed to make ff “quiet” and private. I do not advocate protection. The entire section is quite controversial. Safebrowsing is designed to protect users from malicious sites. Tracking protection is intended to reduce the influence of third parties on sites in order to reduce tracking and speed up your viewing experience. These are both very good functions provided by mozilla. They rely on third parties: google for a safe and shutdown to protect tracking (someone should provide information).
In addition, the ssl error report helps to make the internet safer for everyone. If you do not understand the consequences of the disconnection of all this, then it is recommended that you turn on them, commenting on preferences and preserving the changes, and then in: set up each recording and click with the right mouse button and drop the value of the preference.
// 0401: do not turn off the extension, but disinfect the url -address blocklist -security // it now turn on the updates for the “recalled certificates” -security trumps privacy here // https://blog.Mozilla.Org/security/2015/03/03/revoking-intermediate- centixtics introducrl // https: //trac.Torproject.Org/projects/tic/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor/tor ket/16931 user_pref device reviews ("extensions.Blocklist.Enabled", true); user_pref ("extensions.Blocklist.Url", "https: // blockklist.Addons.Mozilla.Org/blocklist/%app_id%/%app_version%/"uce > // 0402: disconnect/enable various blocklist updates (ff50+) // what is kinto?: Https://wiki.Mozilla.Org/firefox/kinto#specification // how ff transitions to kinto, the locks were broken (more can be added). They contain // block of records for canceling cert, added additions and plugins, and gfx environment, which // cause problems or failures. Here you can delete the collection name to prevent updating each specific list user_pref ("services.Blocklist.Update_enabled", true); user_pref ("services.Blocklist.Signing.Enforced", true); user_pref ("services.Blocklist.Onecrl.Collection", "certificates"); // certificates revoked user_pref ("services.Blocklist.Addons.Collection", "addons"); user_pref ("services.Blocklist.Plugins.Collection", ""); // i have no plugins user_pref ("services.Blocklist.Gfx.Collection", ""); // i have turned off the acceleration of gfx hw
// 0410: disable the safe viewing // i recalculated this subsection to distinguish "in real time"/"user initiated". // Data is sent to google from all other settings, such as the use of local blocks/white lists // and updating these lists. There should be no confidentiality problems here. Even * if * url was sent // google, they swear that it is anonimen and is used only for placement of malicious sites/activities. Firefox // also takes measures such as separating the identification of parameters and storage of safe viewing // cookie in a separate bank. (#Turn on browser.Safebrowsing.Debug to monitor this action) // to use safebrowsing, but not a “leak”, binary information about downloading in google, use only 0410e and 0410f // #rrequred reading: https: ////feding.Cloud.Geek.Nz/posts/how-safe-browsing-works-in-firefox/ // https://wiki.Mozilla.Org/security/safe_browsing
+> // 0410a: disable "block dangerous and deceptive content." This setting is under the parameters> security // in ff47, and this was called “block reports about web forces” // this covers deceptive sites such as phishing and social engineering user_pref ( "browser.Safebrowsing.Malware.Enabled", false); user_pref ("browser.Safebrowsing.Phishing.Enabled", false); // (ff50+)
// 0410b: disconnect the "block of dangerous loads". This setting is under the parameters> security // in ff47, and under it was called “block sites attack sites” // this covers malicious software and puppies (potentially unwanted programs) parameters> security (ff48+) user_pref ("browser.Safebrowsing.Downloads.Remote.Block_potentials_unwanted", false); user_pref ("browser.Safebrows / more preferences are added (ff49+) user_pref (" browser.Safebrowsing.Downloads.Remote.Block_dangens ", false); user_pref (" " wser.Safebrows +> // 0410c: disconnect google safebrowsing, updates user_pref ("browser.Safebrowsing.Gouogle.Updateurl", "") . Safebrowsing.Provider.Google.Gethashurb "," "); // list of the hash check user_pref (" browser.Safebrowsing.Gouogle4.Updateurl "," "); // (ff50+) user_pref ( " browser.Safebrowsing.Provider.Google4.Gethashurl "); // (ff50+)
// 0410d: disconnect downloads with a safe nose, updates // note: these two prefs are also used to protect tracking (see 0420) user_pref ("browser.Safebrowsing.Provider.Mozilla.Gethashurl"); // allows hash conflicts user_pref ("brwowser.Safebrowning.Provevid er. Mozilla.Updateurl, ""); // updating of the lists ff
// 0410e: disconnect the binary files, not in the local lists checked by google (in real time) ", false); user_pref ("browser.Safebrowsing.Downloads.Remote.Url", "");
// 0410f: disconnect the url -address user_pref ("broup .Safebrowsing.Provider.Google.Reporturl, ""); user_pref ("browser.Safebrowsing.Reportmalwaremistakeurl"); user_pref ("browser.Safebrowsing. L ","); > user_pref ("browser.Safebrow.Reportphhishurl", "" "); user_pref ("browser.Safebrowsing.Provider.Google4.Reporturl", ""); // (ff50+)
// 0410g: show = true or hide = false 'ignore this warning "in warnings about safe viewing, which // when the block is bypassed for this session . This is a tool for administrators for providing sb // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1226490 // tests: see appendix a: test sites - section 06 / / user_pref ("browser.Safebrowsing.Allowoverride", true);
// 0420: disable protection against tracking // should not be confidentiality problems, but you better use the extension, such as // ublock origin, which is not determined by the third the side (turn off) and much more efficiently // (with proper use). Note: there are two prefs (see 0410d), common with safe viewing // https://wiki.Mozilla.Org/security/tracking_protection // https://support.Mozilla.Org/en- us/ kb/ tracking-protection-firefox user_pref ("privacy.Trackingprotection.Enabled", false); // all windows pref (not just private) user_pref ("privacy.Trackingprotection.Pbmode.Enable", false); // private viewing pref
// 0421: include more protection against tracking in the "parameters"> "confidentiality"> "use tracking protection user_pref (" privacy.Trackingprotection .Ui.Enabled ", true);
// 0430: disconnect the error report ssl - privacy // https://gecko.Readthedocs.Org/en/browser/base/sslerorreport/preferences.Html user_pref ("security.Ssl.Errorureporting.Automatic", false); user_pref ("security.Ssl.Errorureporting.Enabled", false); user_pref ("security.Ssl.Ssl.Errorureporting.Url", "" ");
// 0440: disconnect the mozilla block for the well -known tracking of flash/fingerprints (48+ ) // if you do not have a flash, then you do not need this inclusive // note: if turned on, you will need to check which prefs (url address safebrowsing, etc.) Uses this to update // https://www.Ghacks.Net/2016/07/18/firefox- 48-blocklist-gainst-lugin-fingerprinting/ // https://bugzilla.Mozilla.Org/show_bug. Cgi? Id = 1237198 user_pref ("browser.Safebrowsing.Blockeduris.Enabled", false);
0600: block an implicit outgoing [not clearly asks - for example, pressed]
// 0601: disconnect the preliminary seaglet link_prefetching_faq user_pref ("network.Prefetch-next", false);
// 0602: disconnect the preliminary receipt of dns // https://www.Ghacks.Net/2013/04 /27/firefox-prefetching-what-no-need-to-skence/ // https://developer.Mozilla.Org/en-us/docs/http/controlling_dns_prefetching user_pre f ("network .Dns.Disableprefetch ", true); user_pref ("network.Dns.Disableprefetchfromhttps", true); // (hidden pref)
// 0603: disable seer/necko // https://developer.Mozilla.Org/en-us/docs/mozilla/projects/necko user_pref ("network.Predictor.Enabled", false);
// 0603a: disconnect more checo/captive portal // https://en.Wikipedia.Org/wiki/captive_portal // https: //wiki.Mozilla .Org/necko/captiveportal user_pref ("captivedetect.Canonicalurl", "" "); user_pref ("network.Captive-portal-service .Enable", false); // (ff52+?)
// 0604: disconnect the search offers user_pref ("browser.Search.Suggest.Enabled", false);
// 0605: disable the opening of the link-mouseover connection with a connected server // http://news.Slashdot.Org/story/15/08/14/2321202/how -to- quash-firefoxs-silent-requests // https://www.Ghacks.Net/2015/08/16/block-firefox-from-connective-to-sites-when--links user_pref ("network. Http.Speculative-parallel-limit", 0);
// 0606: turn off the ping (but use the same host in case) // http://kb.Mozillazine.Org. /Browser.Send_pings // http://kb.Mozillazine.Org/browser.Send_pings.Requre_host user_pref ("brouser.Send_pings" , false); user_pref ("browser.Send_pings.Require_same_same_same_host_host_host_host_host_host_host, true);
// 0607: link stops launch windows store at windows 8/8.1/10 // https://www.Ghacks.Net/2016/25/block-firefox -chrome-windows store/ user_pref ("network.Protocol-handler.External.Ms-windows-store", false);
// 0608: disable predictor / prefetching (ff48+) user_pref ("network.Predictor.Enable-prefetch", false);
0800: bar / search / search / auto sentences / history / form, etc.
Not all of them are strictly necessary, some for a really paranoid, but are included for a more complete list (see comments on each)
User_pref ("ghacks_user. Js.Parrot, "0800 syntax error: the parrot stopped being!");
// 0801: disconnect the line of location using the search - privacy // do not leak typos in the search engine, instead give an error message user_pref ("keyword.Enabled" , false);
// 0802: disable the domain of the location pairs - confidentiality/safety // the domain guesses the dns "name of the host of the hosts" and sends the request // (for example, adding www or .Com). This is the contradictory use (for example, fqdns), does not work // through proxy servers (different errors), is it erroneous to use dns (tlds: why contact .Com // how 411 for errors dns?), Privacy problems (why connect to sites that you are not // intended) can be used to the confidential data (for example, princeton attacks), // is a risk safety (for example, general typos and malware set to use this) user_pref ("browser.Fixup.Alternate.Enabled", false);
// 0803: to turn off the location - privacy (the shoulder of the surfers, the forensic medical examination/unattended) user_pref ("browser.Urlbar.Maxrichresults", 0);
// 0804: display all parts of the url // why rely only on a visual hint - the security user_pref ("browser.Urlbar.Trimurb", false) helps;
// 0805: disconnect the urlbar autofill - privacy (surfers, forensics/untededed browser) // http://kb.Mozillazine.Org/inline_autocomplete user_ ref ("browser .Urlbar.Autofill ", false); user_pref ("browser.Urlbar.Autofill.Typed", false);
// 0806: disable auto -replenishment - confidentiality (shoulders, forensics/unattended) // 0808: disconnect proposals for history - confidentiality (surfers on the shoulders, criminalistics/without visiting) user_pref ("browser.Urlbar.Suggest.History", false);
// 0809: a leak of restriction of history through the listing (for the tab: back/forward) - confidentiality // this is the history of the session for the tab. You still have a complete story stored in the entire history // default = 50, minimum = 1 = currentpage, 2 is the recommended minimum, like some pages // use it as a means of direction (for example , hot communication), 4 or 6 can be more practical user_pref ("browser.Sessionhistory.Max_entries", 4);
// 0810: dischard the css -call of the story of the page -> // note: it has never been completely “allowed”: in mozilla/docs it is announced that this is only in / /“certain circumstances”, also see the last comments in the link to the error // https://dbaron.Org/mozilla/visited-privacy // https://bugzilla.Mozilla.Org/show_bug. Cgi enabled ", false);
// 0811: disabling the javascript display in history - safety> user_pref ("browser.Urlbar.Filter.Javascript", true);
// 0812: disconnect the search and history of the form // under the parameters> if you installed firefox on firefox "use user settings." There will be a setting // called "remember the story of the search and forms." Formfill.Enable ", false);
// 0813: disconnect the data of the conservation forms on safe web sites - confidentiality (surfer, etc.) By default true. // You can clean the formdata when firefox output (see 2803) // user_pref ("browser.Formfill.Savehtpsforms", false);
/// 0815: disage the search offers to search for search proposals live on the air on urlbar and switch the hint (ff41+) // setting: parameters> privacy> bar location panel> related searches from the default search system user_pref ("browser.Urlbar. False); user_pref ("browser.Urlbar.Usermadesearchsugggeschoice", true);
// 0816: turn off the history of partitions and loading // group> confidentiality> if you install firefox in “using user settlements”, there will be a setup // called “remember my viewing and download the story” // you can clear the story and download when firefox (see 2803) // user_pref ("place.History.Enabled", false);
// 0817: disable jumplist (windows7+) user_pref ("browser.Taskbar.Lists. Enabled", false); user_pref ("browser.Taskbar.Lists.Frequent.Enabled", false); user_pref ("browser.Taskbar.Lists.Recent.Enabled", false); user_pref ("browser.Taskbar.Lists.Tasks.Enabled ", false);
// 0818: disconnect the preliminary viewing of the tasks user_pref (" browser.Taskbar.Previews.Enable ", false);
// 0819: disconnect one-time searches from addressbar (ff51+) // https://www.Ghacks.Net/2016/08/09/firefox-off-searches-address-bar/ user_pref ("browser.Urlbar.Oneoffsearches", false);
// 0820: disconnect the search for the search (o: searchreset) (ff51+) // https: //wwww.Ghackks .Net/2016/08/19/firefox-51-search-restore-feature/ user_pref ("browser.Search.Reset.Enable"); @> user_pref ("browser.Search.Reset.Whitelist "," ");
0900: passwords
User_pref (" ghacks_user.Js.Parrot "," syntax error: the parish service life expired! " Passwords already preserved // user_pref ("signon.Remambersignons", false);
// 0902: use the main password (it is recommended if you save passwords) // there are no preferences for this. All this is processed inside. // Https: //support.Mozilla.Org/en-us/kb/use-master-password-protect-vogant
// 0903: install how often mozilla should request a master parole // 0 = for the first time, 1 = every time it is necessary, 2 = every n minutes (according to the next pref) // warning: by default 0, the author changed his settings user_pref ("secret.Ask_fors_password", 2);
// 0904: how often in minutes the mosilla should request the main password (see above) security.Password_lifetime, 5);
// 0905 : disconnect the fields of the user and password with automatic filling-secury // can be used in the forms of the transverse site and be prepared // http://kb.Mozillazine.Org/signon.Autofillforms // password all the same, it will still be automatically filled after the user name is manually entered by user_pref ("signon.Autofillforrs", false); /+> // 0906: ignore the web sites' autocomplete = " off "(ff30+) user_pref (" signon.Storewhenautocompleteoff ", true);
//// 0907: warnings about the power for entering the system on the pages of unsafe (not https) // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1217156 user_pref ("security.Insecure_password.Eanced.Enabled.Eanced", true); @ > // 0908: when trying to correct the introduced url -address, do not correct the entered password with it // i. Do not turn ~ http: // user: password@foo in ~ http: // user: password@(prefix) foo (suffix) // but instead of ~ http: // user@(prefix) foo (suffix)) user_pref ("" browser.Fixup.Hide_user_pass ", true);
// 0909: disconnect now (ff51+) user_pref ("signon.Formlesscapture.Enable", false);
1000: cache
User_pref ("ghacks_user.Js.Parrot", "1000 syntax error: the parrot went to the meeting 'maker!");
// 1001: disable the cache of the disc user_pref ("browser.Cache.Disk.Enable", false); user_pref ("browser.Cache.Disk.Capacy", 0); user_pref ("browser.Cache.Disk.Smart_size.Enabled", false); user_pref ("browser.Cache.Disk.Smart_size.First_run", false);
///1002: disconnect the disk caching on the pages of ssl // http://kb.Mozillazine.Org/browser.Disk_cache_ssl user_pref ("browser.Cache .Disk_cache_ssl ", false);
@> // 1003: disconnect the memory cache if you are really paranoid // i have not tried it, but i'm sure you will get hit -production/ traffic // user_pref ( "browser.Cache.Memory.Enable", false);
// 1004: disable the cache-offine user_pref ("browser.Cache.Offline.Enable", false);
// 1005: disconnect the storage of data of the additional session 0 = all 1 = http-only 2 = none // additional data data contains the contents of the forms, scrolling positions, cookie and post data data. User_pref ("browser.Sessionstore.Privacy_level", 2);
// 1006: disconnecting pages stored in memory. This is not the same as kesh memory. This increases productivity when pressing back/other positive integer // http://kb.Mozillazine.Org/browser.Sessionhistory.Max_total_viewers // user_pref ("browser.Sessionhistory.Max_total_viewers", 0); > // 1007: ("browser.Sessionstore.Max_tabs_undo", 0); user_pref ("browser.Sessionstore.Max_windows_undo", 0);
// 1008: if you use the restoration of the session (see 1007 above), an increase in the minimum interval between // two sessions can be helped on old machines and some websites. // By default 15000 (15 s). Try 30000 (30sec), 60000 (1 min), etc. - Your choice. Quick tab open/close will not be captured // this longer interval * can affect the story, but i cannot repeat any story not recorded // user_pref ("browser.Sessionstore.Interval ", 30000); /+> // 1009: cache and the expiration time dns (by default 400 and 60 is the same as tbb) // user_pref (" "" network.Dnscachentries, 400); // user_pref ("network.Dnscacheexpiration", 60);
// 1010: disage the randomized ff htttp cache explorerces of decay // https://trac.Torproject.Org/projects/tor/ ticket/13575 user_pref ("browser.Cache.Frecency_experiment" -1);
// 1011: disable the dispenser permits from the record to the disk (rebupped) https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=967812 // user_pref ("permissions.Memory_only", true); // (hidden pref) // 1012: disconnect the renewal of the session from crash user_pref ("browser.Sessionstore.Resme_from_crash", false);
1200: ssl/ ocsp/ certs / incryption/ hsts/ hpkp/ https
Place that your cipher and other settings can be used on the server side as a fingerprint attack vector: see https: // www.Securityartwork.Es /2017/02/02/tls-client-fingerprinting-with-bro/.
You can either strengthen your encryption/slate set and protocols (safety), or save them by default and let mozilla process them (drag the legs out of fear to break outdated sites)
User_pref ("ghacks_user.Js.Parrot", "1200 syntax error: a parrot hard!");
// 1201: block rc4 swarkback (by default, it is now false at least ff45) user_pref ("security.Tls.Unrestricted_rc4_fallback", false);
// 1203: turn on ocsp stapling // https://blog.Mozilla.Org/security/2013/07/29/ocsp-stapling-in-firefox/ user_pref ("secret.Ssl.Ssl.Enable_ocsp_stapling/ User_pref (" security tls - vulnerable to the attack by mitm // https://wiki.Mozilla.Org/security: renegotiation // warning: tested january 2017 - it still breaks too many sites // user_pref ("" security.Ssl.Require_safe_negotiation ", true);
// 1205: display of warning (red castle) for" broken security " // https://wiki.Mozilla.Org/ security: renegotiation user_pref ("security checks of certificate reviews through the ocsp // this leak information about the sites that you visit on ca (authority sert) // this is a compromise between safety (check) and confidentiality (leaking information in ca) // warning: since ff44 is incorrect by default. If you install on true, it can/can cause a certain breakdown of the site. Some users previously mentioned the problems with youtube, microsoft, etc. D. // User_pref ("security.Ocsp.Require", true);
// 1207: query responder servers to confirm the current. The reliability of certificates (by default = 1) // 0 = disable, 1 = confirm only certificates that indicate the url ocsp // 2 = enable and use values in security.Ocsp.Url and secret.Ocsp . Signing user_pref ("security.Ocsp.Enabled", 1);
// 1208: ensuring strict consolidation // https://trac.Torproject.Org/projects/torket/16206 // pkp (pend pinning) 0 -disabled 1 = allow the user mitm (for example, your antivirus), 2 = strict // warning: if you rely on av (antivirus) to protect your web view //, examining all your web -web - traffic, then leave at the current default = 1 user_pref ("security.Cert_pinning.Enforement_level", 2);
// 1209: control versions of tls with min and max // 1 = min version of tls 1.0, 2-minute version of tls 1.1, 3 = min version of tls 1.2, etc. . // Warning: ff/ chrome currently allows tls 1.0 by default, so this is your call. /How-to/suff-ssl-3-0-tls-1-0-iour-browser/ // user_pref ("security.Tls.Version.Min", 2); // user_pref ("security.Tls.Version.Fallback-limit", 3); // user_pref ("security.Tls.Version.Max", 4); // allow bc and turn on tls 1.3
// 1210: disable 1024 -dh encryption // https://www.Ex.Org/deeplinks/2015/10/! Preaming-youurself-from-nsa-ttacks-1024 -by-dh // warning: could break unclear sites, but not the main sites that should support ecdh over dhe user_pref ("security.Ssl3 .Dhe_rsa_aes_128_sha" , false); user_pref ("secret.Ssl3.Dhe_rsa_aes_256_sha", false);
// 1211: disconnect or limit sha-1 // 0 =.All sha1 certificates are allowed // 1 = all cha1 certificates are blocked (including completely valid from 2015 and earlier) // 2 = an outdated version, which is now displayed up to 1 // 3 = only allowed for locally added roots (for example, antivirus) // 4 = only allowed for locally added roots or for device certificates (for example, security scanners and antivirus //, are not connected to https. Sha-1 sites ultimately out to./18/phasing-ut sha-1-o-the-public-web/ // https://github.Com/pyllyukko/user.Js/194#issuecomment-2565098 user_pref ("security.Pki.Sha1_enforment_level", 1);
// 1212: disconnect the tracking of the ssl session (36+) // ssl session identifiers accelerate the connection https (do not need reenegotiate) and the latter within 48 hours. If you install on true, // this disables sending the ssl3 session identifiers and tls session tickets to prevent tracking of the // warning: this will slow down tls connection (i personally do not notice at all) // https://tools.Ietf.Org/html/rfc5077 // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=967977 user_pref ("security.Ssl. Disable_session_idedifiers ", true); // (hidden pref)
// 1213: disconnect 3des (effective key size // https://en.Wikipedia.Org/wiki/3des#security // http://en.Citizendium.Org/wiki/meet-in-the-midle_attack // http://wwww- archive.Mozilla.Org/projects/security/ssl/sl/sl/ fips-ssl-ciphersuers.Html user_pref ("security.Ssl3.Rsa_des_ede3_sha", false);
// 1214: disconnect 128 bits user_pref ("security.Ssl3.Ecdhe_ecdsa_aes_128_sha", false); user_pref ("secret.Ssl3.Ecdhe_rsa_aes_128_sha", false);
// 1215: disconnect the certification of the microsoft family (windows 8.1) // // 1215: disconnect the family certification of microsoft (windows 8.1) // 0: disconnect the definition of the definition family safety regimes and import the root // 1: just an attempt to detect the family safety regime (do not import the root) // 2: detection of the family safety regime and import the root user_pref ("security.Family_safuty.Mode" , 0);
// 1216: disconnect the unsafe active content on https pages - mixed content user_pref ("security.Mixed_content.Block_content", true);
// 1217: disconnect the unsafe passive content (for example, images) on https page - mixed context // current default = false, leave it so much sites burst visually // user_pref ("security.Mixed_content.Block_display_content", true);
// 1218: disable hsts priming (ff51+) // risks: previously blocked. Mixed content can be loaded, it can cause noticeable delays, for example, requests // â €/â-and-pen, requests may not process servers, you can remove fingers // https://bugzilla.Mozilla.Org/show_bugg/show_bug .Cgi? 1219: disconnect the list of preliminary loads hsts // recommended on if you do not understand the risks and compromises // user_pref ("network.Strictransportsecurity.Peloadlist", false);
// 1220: disconnect the caching of an intermediate certificate (fingerprint attack vector) afaik the only effect - all active inputs to the system begin to re - // for the session. This can be better processed in accordance with the fpi (ticket 1323644, part tor uplift) // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=13334485 // related error // https: // /bugzilla.Mozilla.Org/show_bug.Cgi?Id=1216882 // related error (see comment 9) // user_pref ("security.Nocertdb", true); // (hidden pref)
1400: fonts
User_pref ("ghacks_user.Js.Parrot", "1400 syntax error: lack of life!");
// 1401: disconnect the web sites that load their own fonts (0 = block, 1 = resolution) // this settings is under the parameters> content> font
// 1403: disconnect the rendering of svg opentype fonts // https://wiki.Mozilla.Org/svgopentypefonts - isecpartnersreport recommends turning off this user_pref ("gfx.Fontt _rendering. Opentype_svg.Enabled ", false);
// 1404: use more selective default fonts // warning: these are the author’s settings, comment if you do not need //, using it for more than a year, this is really the user_pref ("font.Name.Serif.X-unicode", "georgia") is growing; user_pref ("font.Name.Serif.X-western", "georgia"); // times by default new roman user_pref ("font.Name.Sans-serif.X-unicode", "arial"); user_pref ("font.Name.Sans-serif.X-western "," arial "); â // by default arial user_pref (" font.Name.Monospace.X-ulinicode "," console "lucida"); user_pref ("font.Name.Monospace.X-western", "console lucida"); // courier courier by default new
// 1405: disconnect woff2 user_pref ("gfx.Download_fonts.Woff2.Nable", false);
////1406: disable the api api css loads font // warning: the font shutdown can be accumulated on the internet. > // 1407: delete a special emphasized processing for several fonts that you probably will never use. Restart is required. // 1408: disconnect the graphite, which ff49 turned on the default // in the past, he had safety problems - you need a quote user_pref ("gfx.Font_rendering.Graphite.Enabled", false);
1600: headlines/referers
With the exception of 1601 and 1602, all this can be best processed by extension to block/fake everything and then the white list , if necessary, otherwise there is too much spray on the internet.
improve confidentiality on the internet, controlling the information of the referral
Reading: https://feding.Cloud.Geek.Nz/posts/tweake-referr-for-for-for-for -privacy-in-firefox/
User_pref ("ghacks_user.Js.Parrot", "1600 syntax error: the parrot remains in the world!"); //// 1601: disconnect the essay from the website ssl // to be outdated in ff52+? - Https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1308725 user_pref ("network.Http.Sendecurexsitereferr", false);
// 1602: dnt http title - essentially useless - is turned off by default. I recommend leaving. // Note: “parameters> privacy> tracking> request so that the sites do not track you” // if you use noscript, be sure to set your noscript.Donottrack.Enabled to comply with // http: // /kb.Mozillazine.Org/privacy.Donottrackheader.Value (pref is required from the moment ff21+) // user_pref ("privacy.Donottraader.Enabled", true); // user_pref ("privacy.Donottrackhead.Value", 1); // (hidden pref)
// 1603: an essay when send // 0 = never, 1 = send only when clicking links, 2 = for links and images (by default ) // user_pref ("network.Http.Sendreferheader", 2);
// 1604: abstract, fake or not (default = false) // user_pref ("network.Http.Rerar.Spoofsource", false);
// 1605: an abstract, how to process the origin of cross // 0 = always (by default), 1 = only if the basic domains coincide, 2 = only if the hosts coincide // user_pref ("network.Http.Referr.Xoriginpolcy", 0);
// 1606: abstract, what to send (limit information) // 0 = send the full uri (default), 1 = scheme+host+port, 2 = scheme +host+port // user_pref ("network.Http.Rerar. Trummpolcy", 0);
1800: plugins
User_pref ("ghacks_user.Js.Parrot", "1800 syntax error: a parrot pushing daisies!");
// 1801: establish the state of the plugin by default (that is, new plugins on detection) so as to never activate // 0 = disconnected, 1 = ask to activate, 2 = active - you can reduce individual plugins
User_pref ("plugin.Default.State", 0); user_pref ("plugin.Defaultxpi.State", 0);
// 1802: turn on, click to reproduce and install on 0 minutes user_pref ("plugins.Click_to_play", true); user_pref ("plugin.Sessionpermisssionnow.Intervalinminutes", 0);
// 1802a: make sure that the plugin is in a certain state: 0 = deactivated 1 = ask 2 = enabled (example flash) // you can install all these plugins. Ons> plugins or search plugin.State in: conchag // note: you can still overestimate individual sites, for example, on youtube through permission to the site // https://www.Ghacks.Net/ 2013/07/09/how-make-sure-that-a-firefox-plugin-never-activate/ // user_pref ("plagin.State.Flash", 0);
// 1804: disconnect the plugins using external/unreliable scenarios using xpcom or xpconnect user_pref ("security.Xpconnect.Plugin.Unrestrict: disconnect scanning for plugins / /http://kb.Mozillazine.Org/plugin_scanning // plid.All = scan the catalogs specified in the windows register for plids // inclusion: realplayer, java next generation, adobe flash, antivirus and t . D. You are not very missing. // The line refers to the resolution of the version of the version of the min user_pref ("plugin.Scan.Acrobat", "99999"); user_pref ("plugin.Scan.Quicktime" "99999");@> user_pref ("plugin.Scan.Windowsmediaplayer", "99999");
// 1807: disconnect the automatic game html5 media // warning: this can break the video youtube playing (and probably other sites).If you block // autoplay, but sometimes you would like the switch button, try the following adding // https://addons.Mozilla.Org/en-us/firefox/addon/autoplay-toggle user_pref ("media.Autoplay.Enabled", false);
// 1808: disable the audio-game on inactive tabs (ff51+) // https://www.Ghacks.Net/2016/11/14/firefox-51-blocks -automatic-audio-playback-in-non-active-tabs/ user_pref ("media.Block-autoplay-in-offoreground", true);
// 1820: disconnect all gmp (gekko media plugins) // https://wiki.Mozilla.Org/geccomediaplugins user_pref ("media .Gmp-provider .Enabled ", false); user_pref ("media.Gmp.Trial-create.Enabled", false);
// 1825: disable cdm widevine user_pref ("media.Gmp-widevinecdm.Visible", false); user_pref ("media.Gmp-widevinecdm.Enabled", false); user_pref ("media.Gmp-widevinecdm.Autouupdate", false);
// 1830: disconnect the entire contents of the drm (eme: emention media extension) user_pref ("media.Eme.Enabled", false); // parameters> content> reproduction drm content user_pref ("browser.Eme.Ui.Enabled", false); // hides the "play drm content" check box, restart is required user_pref ("media.Eme.Apisible", false); // blocks drm detection drm disparition dechable
// 1840: disconnect the video codes openh264 from cisco to "never activate" // this is a package codec used for video chat in webrtc // disconnect the ping on the external update/download server user_pref ("media.Gmp-gmpopenh264.Anabled", false); // (hidden pref) user_pref ("media.Gmp-gmpopenh264.Autupdate", false); user_pref ("media.Gmp-manager.Url", "data: text/plain,"); /+> // 1850: disable adobe eme "primetime cdm" (module for decoding content)> user_pref ("media.Gmp-eme-adobe.Enable", false); user_pref ("media.Gmp-eme-adobe.Visible", false); user_pref ("media.Gmp-em- salad.Autouupdate", false);
2000: media / camera / mike
User_pref ("ghacks_user.Js.Parrot", "2000 syntax error: the parrot is tempered!");
// 2001: disconnect webrtc // https://www.Privacytools.Io/#webrtc user_pref ("media.Perconnection", false); user_pref ("media.Peerconnection.Use_document_icesers", false); user_pref ("media.Peerconnection.Video.Enabled", false); user_pref ("media.Peerconnection.Identity. .Enabled", false); user_pref ("media.Peerconnection.Identity.Timeout", 1); user_pref ("media.Peerconnection.Turn.Disable", true); // disconnect the video of the possibilities for webrtc user_pref ("media.Navigator.Video.Enabled", false);
// 2001a: pref, which improves the problem of ip webrtc ips, unlike the completely // disabling webrtc. You still need to enable webrtc for this applicable (ff42+) // https://wiki.Mozilla.Org/media/webrtc/privacy user_pref ("media.Pheroconnement. , True); // (ff41-ff50) user_pref ("media.Pherconnection.Ice.No_host", true); // (ff51+)
// 2010: disconnect webgl, a set of minimum functions, using a minimum set of functions if webgl // http: //www.Contextis is used and disconnect. Com/resources/blog/webgl-new-dimension-browser-exploitation/ // https://security.Stackexchaange.Com/quewestions/13799/is-webgl-a-security-conern user_pref (" webgl.Disabled ", true); user_pref ("pdfjs.Enablewebgl", false); user_pref ("webgl.Min_capability_mode", true); user_pref ("webgl.Disable-extensions", true); > user_pref ("webgl.Disable-fail-major-prformance-caveat", true);
// 2011: do not make information from debugging webgl, available for websites // /https://bugzilla.Mozilla.Org/show_bugi?Id=1171228 // https://developer.Mozilla.Org/en-us/docs/web/api/webgl_debug_render_info webgl.Enable-rebug-rendere-info ", false);
// 2012: two more preferences of webgl (ff51+) user_pref ("webgl.Dxgl.Enabled", false); user_pref ("webgl.Enable-wbgl2", false);
// 2021: disconnect speech recognition user_pref ("media.Webspeech.Recognition.Enable", false); user_pref ("media.Getusermedia.Screensharing.Allowed_domain "," "); user_pref (" media.Getusermedia.Screensharing.Ally_on_old_platforms ", false); user_pref (" media.Getusermed .Browser.Enable ", false); user_pref (" " edia.Getusermedia.Audiocapture .Enabled ", false);
// 2023: disconnect the camera user_pref (" camera.Control.Face_detection.Enabled ", false);
// 2024: enable/disable mse (expansion of the carrier source) // https://www.Ghacks.Net/ 2014/05/10/enable-media-source-extensions-firefox/ user_pref ( "media.Mediasource.Enabled", true); user_pref ("media.Mediasource.Mp4.Enabled", true); user_pref ("media.Mediasource.Webm.Audio.Enabled", true); user_pref ("media.Mediasource.Webm.Enabled ", true);
// 2025: turn on/disable various types of carriers - personal choice of the final user // warning: these are the author's settings, select your own user_pref ( "media.Mp4.Enabled", true); user_pref ("media.Flac.Enabled", true); // (ff51+) user_pref ("media.Ogg.Enabled", false); user_pref ("media.Ogg.Flac.Enabled", false); // (ff51+) user_pref ("media.Opus.Enabled", false); user_pref ("media.Rw.Enable" false); user_pref ("media.Wave.Enabled", false); user_pref ("media.Webm.Enabled", true); user_pref ("media.Wmf.Enabled", trou) ; // https://www.Youtube.Com/html5 - for two notes h.264
// 2026: turn off the capture flow canvas // https: // developer. Mozilla.Org/en-us/docs/web/api/htmlcanvaselement/capturestream user_pref ("canvas.Capturem.Enabled", false);
// 2027: disable camera image ", false);
// 2027: capture // https://trac.Torproject.Org/projects/tor/ticket/16339 user_pref ("dom.Imagecapture.Enabled", false);
///2028: disconnect the canval outside the screen // https://developer.Mozilla.Org/en/docs/web/api/offscreencanvas user_pref ( "gfx.Offscreencanvas.Abledanceb+> Ui meddling
 see http://kb.Mozillazine.Org/prevent_from_disabling_new_window_feature s
@> User_pref ("ghacks_user.Js. Parrot", "2200 syntax error: isstory's paarrot ');
// 2201: turn off the control of web sites on the context with the right button, for example, dropbox, google docs ? Gmail? User_pref ("dom.Disable_window_open_feature.Location", true); user_pref ("dom.Disable_window_open_feature.Menubar", true); user_pref ("dom.Disable down_open_feature.Resizable ", rue.@> ; "dom.Disable_window_open_feature.Status", true); user_pref ("dom.Disable_window_open_feature", trial);
// Popup windows - prevent or resolve javas cript ui intervention user_pref ("dom.Disable_window_flip", true); // window z -rder user_pref ("dom.Disable_window_move_resize", true); user_pref ("dom.Disable_window_open_feature.Close", true); user_pref ("dom.Disable_window_open_feature.Minimizable", true); "dom.Disable_window_open_feature.Personalbar", true); // bookmarks on the toolbar user_pref ("dom.Disable_window_open_feature.Tlebar", true); user_pref ("dom.Disable_window_status_change", user_pref ("dom.Disable_window_status_change", ; "dom.Allay_scripts_to_close_windows", false); > // 2204: disconnect links opened in the new window // https://trac.Torproject.Org/projects/tor/ticket/9881 // test url: https://people.Torproproject.Org/~ /entire_desktop.Html // you can still click the right // it is to stop the malicious sizes of the window and leakage on the screen, etc. 2418 full -time api.Enabled = false // user_pref ("browser.Link. Open_newwindow.Restrication ", 0);
2300: service
// 2301: disable the api employees and service workers api // https://developer.Mozilla.Org/en-us/docs/web/api/api/worker // https://developer.Mozilla.Org/en-us/docs/web/api/ serviceworker_api // https://www.Ghacks.Net/2016/02/manage-service -workers-in-firefox-and-chrome/ // warning: it will break sites, as it gains traction: for example, mega.Nz requires employees user_pref ("dom.Workers.Enabled", false); user_pref ("dom.Serviceworkers.Enabled", false);
/// 2302: disconnect the cache and the cache -the cache of the cache user_pref ("dom.Caches.Enabled", false);
// 2303: disconnect notifications about push (ff44+) [requires service workers to be included] // web applications can receive messages advanced with them from the server, regardless of them, regardless togo, or // not a web application is in the foreground or even currently downloaded // https: // developer .Mozilla.Org/en/doc/web/api/push_api / / warning: can affect social networks, such as twitter user_pref ("dom.Push.Enabled", false); user_pref ("dom.Push.Connection.Enabled", false); user_pref ("dom.Push.Serverurl", "" "); user_pref ("dom.Push.Useragentid", "" ");
// 2304: disconnect web/push notifications // https://developer.Mozilla.Org/en-us/docs/web/api/notification // / note: you can still reduce individual domains in accordance with the site permits (ff44+) // warning: can affect social networks, such as twitter user_pref ("dom.Webnotifications.Enable", false) ; user_pref ("dom.Webnotifications. Serviceworker.Enabled", false);
2400: dom
// 2402: disconnect access to the web site to the events of the buffer/content // https://www.Ghacks.Net/2014/01/08/ block -websites-releg-modify -clipboard-contents-firefox/ // warning: this will break the functionality of some sites, such as the insert on facebook // this applies to oncotics, oncopi, it is paste-t. We will have to interact with // a web site to look at the exchange buffer user_pref ("dom.Event.Clipboardevents.Enabled", false);
// 2403: disconnect the commands of the exchange buffer (cut/copy) from the “not prepared” contents // this disables document.Execimmand ("cut"/"copy") to protect your exchange buffer // https: // bugzilla. Mozilla. .Org/show_bug.Cgi? Id = 1170911 user_pref ("dom.Ally_cut_copy", false); // (hidden pref)
// 2404: disage the data js, forever storage of data // if you block indexeddb, but you would like the switch button, try the following addition // https://addons.Mozilla.Org/en-us/firefox/adisable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/disable/ // this setting was under: permits> all sites> supporting the autonomous storage // note: o: resolutions are no longer available with ff46, but you can still reduce // separate domains: use the information icon in urlbar, etc. Or click with the right button (disabled), this will break some [old] additions and breaks the function of many sites. It applies to websites, additions and data from the session. User_pref ("dom.Indexedb.Enabled", false);
// 2405: https://wiki.Mozilla.Org/webapi/security/webtelephony user_pref ("dom.Telephony.Enabled", false);
// 2410: disconnect the user api // https: // trac .Torproproject.Org/projects/tor/ticket/16336 user_pref ("dom.Enable_user_timing" , false);
// 2411: disconnect the time of the resource/navigation user_pref ("dom.Enable_resource_timing", false);
// 2412: disconnect the attacks from the line - javascript finger performance performent // https://wiki.Mozilla.Org/security/reviews/firefox/navigatimingapi user_prefi user_pref ( "dom.Enable_performance", false);
// 2414: disconnect the shaking of the screen user_pref ("dom.Vibrator.
// 2415: the maximum pop -up windows from one is not click - by default 20! User_pref ("dom.Popup_maximum", 3); +> // 2415b: to limit events that can cause a pop -up window // by default "change the click dblclick mousep notification reset to send touchen" // county: the author killed all methods, but it does this with the help of a pop -up locksman ultimate // in strict mode with a white list. Or you can resolve everything except the black list. In any case, // popup blocker ultimate rewrites this pref empty (or allows everything!). // Http://kb.Mozillazine.Org/dom.Popup_allowed_events user_pref ("dom.Popup_allowed_events", "press dblclick");
// 2416: determination of downtime user_pref ("dom.Idle-observers-opi.Enabled", false);
// 2418: disconnect the full -screen api //> all sites> fullscreen // note: o: o: resolutions no longer available with ff46, but you are all you can equally reduce // separate domains: use the information icon in urlbar, etc. Or with the right mouse button on the web page> view the viewing page info // install on false = block, install it on true = ask user_pref ("full -time api.Enabled", false);
// 2420: disable support asm.Js (http://asmjs.Org/) // https://www.Mozilla.Org/en-us/security/ advisories/mfsa2015-29/ // https: ///wwww.Mozilla.Org/en-us/security/advisories/mfsa2015-50/ // https://cve.Mitreg/ cgi-bin/cvename.Cgi? Name = cve-2015-2712 user_pref ("javascript.Options.Asmjs", false);
// 2421: in addition to 2420, these settings will help to withstand js against such exploits as cve-2015-0817 // https://cve.Mitre.Org/cgi -bin/cvename.Cgi? Name = cve-2015-0817 // warning: causes an odd site problem, and also has a loss of performance // update: january 2017: commented at the moment, since increasing performance is increased outweigns additional safety // user_pref ("javascript.Options.Ion", false); // user_pref ("javascript.Options. Baselinejit", false);
// 2425: disconnect archiveapi, that is, reading the content of archives, such as zip files, directly // in a browser, through dom file objects. By default, not fals@> // https://support.Mozilla.Org/en-us/questions/1098540 // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=959985 user_pref ("-apps.Allay_by_default", false); // options> advanced> network> tell me when the website asks to save data for autonomous use user_pref ("browser.Offline-apps.Notify ", true); // changing the size of the quota warning for an autonomous cache (by default 51200) // offline –kash is used only in rare cases for storing data. Ff will store small amounts / / /(by default 2500: hardware opening of the fingers
User_pref ("ghacks_user.Js. Parrot "," 2500 syntax error: blurred parrot 'is a mortal coil! ");
// 2501: disable the api gamepad - usb identifier of the device identifier // https:/// /trac.Torproject.Org/projects/tor/ticket/13023 user_pref ("dom.Gamepad.Enabled", false);
// 2502: disconnect the api of the battery. Linux problem (high read accuracy), which is now corrected. The charging status, the charging level, the time remains, etc. //Www.W3.Org/tr/batty-status/ // https: // www. Theguardian.Com/technology/2016/aug/02/batty-status-indicators-tracking-online // note: from ff52+ api of the battery is available only in chromium/privileged code. // Https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1313580 user_pref ("dom.Batty.Enable", false);
// 2503: disconnect information about the network // for example, bluetooth, cellular, ethernet, wifi, wimax, others, mixed, unknown, no // https:// /developer.Mozilla.Org/en-us/docs/web/api/network_information_api // https://wicg.Github.Io/netinfo/ //bugzilla.Mozilla.Org/ show_bug.Cgi? Id = 960426 user_pref ("dom.Netinfo.Edabled", false);
// 2504: disable virtual reality devices // https://developer.Mozilla.Org/en/docs/web/api/webvr_api user_pref (" dom.Vr.Enabled ", false); user_pref ("dom.Vr.Oculus.Enabled", false); user_pref ("dom.Vr.Osvr.Enabled", false); // (ff49+) user_pref ("dom.Vr.Openvr.Enabled", false); // (ff51+)
// 2505: disconnecting of the listing of the media device (ff29+) // note: media.Peurconnection.Enabled should also be installed on false (see 2001) // 2506: disable video tutorials - js performance performrrint> user_pref ("media.Video_stats.Enabled", false);
// 2507: disable the removal of the keyboard fingers (ff38+) (physical keyboards) // keyboard api allows you to track "read the parameter" pressed keys in forms on web page / / these parameters vary between the types of keyboard layouts, such as qwerty, // azeri, the yard and between different languages, for example, german against english. // Warning: do not use, if android + physical keyboard // update: it can be better included in the tor rise project (see 2699) // https://developer.Mozilla.Org/ en-us/docs/web/api/keybodenent/code // https://www.Privacy-handbuch.De/handbuch_21v.Htm user_pref ("dom.Keyboardevent.Enabled", false); user_pref ("dom.Beforeafterkeybo ardevent.Enabled ", false) ; user_pref ("dom.Keyboardevent.Dispatch_doring_composition", false);
// 2508: disconnection of graphics (loss of hardware acceleration is insignificant) //wiki.Mozilla.Org/platform/gfxil /hardwarecceleration // warning: it changes text rendering (fonts will look different) // if you watch a lot of video, this will affect the performance of > user_pref ("gfx.Direct.Disabled" , true); user_pref ("layers.Cceleration.Disabled", true);
// 2509: disconnect the events of the touch // /https://developer.Mozilla.Org/en/docs/web/api/touch_events // https : //trac.Torproject.Org/projects/tor/ticket/10286 // attack vector - leakage screen and actual coordinates of the screen // warning: if you use touch eg win8/10 metro/smartphone, drop it by default user_pref ("dom.W3c_touch_events.Enabled", 0);
// 2510: disable the api web audio (ff51+) // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1288359 user_pref ("dom .Webaudio .Enabled ", false);
// 2511: disconnect the detection of the change mediadevices (ff51+) (on by default ff52+) // https://developer.Mozilla.Org/ en-us/doc/web/web/web/web/web/web events/devichange // https://developer.Mozilla.Org/en-us/docs/web/api/mediadevice/ondevicechechange user_pref ("media.Ondevicechechechaange. Bleding.Ableder ", false);
2600: misc - leakage / removal of fingers / confidentiality / safety
User_pref ("ghacks_user.Js.Parrot", "2600 syntax error: the parrot descends along curtain! ");
// 2601: disconnect the sending of additional analytics to the web servers // https: //developer.Mozilla.Org/en-use /docs/web/api/navigator.Sendbeacon user_pref ("beacon.Enabled", false);
// 2602: cis 2.3.2 disconnect the download on desktop user_pref ("browser.Download.Folderlist", 2);
// 2603: always ask the user, where to download - ensure interaction with the user for safety ", false);
// 2604: https: //// bugzil.La/238789#c19 user_pref ("browser.Helpepps.Deletampfileonexit", true);
// 2605: do not integrate the latest documents in windows user_pref ("" " browser.Download.Manager.Addtorecentdocs ", false);
// 2606: disconnect the type of shelter (parameters> applications) not related to the plugin user_pref (" browser.Download. Hide_plugins_without_extensions ", false);
// 2607: disable page thumbnail collection // view in the profile/reference to minimums - you can clear this user_pref (" breowser.Paer.Par gethumbnails .Captoring_disabled ", true); // (hidden pref)
// 2608: disable jar from the opening of unsafe types of files user_pref (" network.Jar.Open-unsafe-types " false);
// 2611: disconnect the website to prevent remote debugging and adding the download // https://trac.Torproproject.Org/projects/tor/taketkets /16222 user_pref ("devtools.Webide.Autoinstalladbhelper", false); user_pref ("devtools.Webide.Autoinstallfxdtadapters", false); user_pref ("devtools.Debugger.Remote-dabled", false); devtools.Webide.Enabled ", false);
// 2612: disconnect simpleserviceediscover - which can bypass the proxy settings - for example, roku // https://trac.Torproject.Org /projects/tor/ticke/16222 user_pref ("browser.Casting.Enabled", false); user_pref ("gfx.Layerscope.Enable", false);
///2613: disconnect the api of the device sensor - the vector of finger removal // https://trac.Torproject.Org/projects/tor/ticket/15758 user_pref ("device.Sens.Enabled", false) ; // 2614: disconnect spdy, because it can contain the identifiers // https://www.Torproject.Org/projects/torbrowser/design/#identifier-linkability ( no. 10). // 2615: disable http2 and at the moment user_pref ("network.Http.Spdy.Enabled.Http2", false);
// 2617: disconnect pdf.Js as an option for pre -viewing pdf files in firefox // see mime types in the "parameters"> "applications") -risk exploitation // open with // what kind of external pdf reader. " This does not necessarily prevent the use of pdf.Js through // other means, this only removes the option. I think this should be left by default. // 1. This will not stop js to go around it. 2. Depending on the external spectators, pdf is the same as // big risk or more (acrobat). 3. Mozilla very quickly correct these types of exploits, // they treat them as severe/critical and 4. For convenience user_pref ("pdfjs.Disabled", false);
// 2618: when using the socks of the proxy server do dns lookup - dns leak // http://kb.Mozillazine.Org/network.Proxy.Socks_remote_dns // https: //trac.Torproject.Org/projects/tor/wiki/doc/torify skoto/webbrowsers // for example, in tor it prevents your local dns server to know your destination // how tor remote unit will be processed by dns -)
User_pref ("network.Proxy.Socks_remote_dns", true);
// 2619: limit http redirecting (this does not control redirections. With html or js meta-tags) // warning: low settings 5 or lower, probably, will break some sites ( for example, gmail inputs) // is redirected html meta tag and js, use the addition (for example, ninedirect). By default, 20 user_pref ("network.Http.Redirection-limit", 10);
// 2620: disconnect the average links to the click of the mouse from the clipboard // https: //trac.Torproject.Org/projects/tor/ticket/10089 //> // http://kb.Mozillazine.Org/middlemouse.Contientloadurl user_pref ("middlemouse.Contientloadurl", false);
// 2621: disconnect ipv6 (it is included only for knowledge - it is not recommended) // this is all about hidden channels, such as mac -address, included/abused in the ipv6 ipv6 protocol for tracking. If you want to mask your ip -address, this is not like //. This is 2016, ipv6 here. Here are a few old links // 2010: https://www.Christopher-parsons.Com/ipv6-and-the-future-of-privacy/ // 2011: https://iapp.Org/ news/a/2011-09-09-ascing-the-the-privacy-omplications-of-ipv6 // 2012: http://www.Zdnet.Com/article/security-versus-privacy-with-ipv6- deployment/ // note: this is the myth that the shutdown of ipv6 will speed up your connection to the internet // http://www.Howtogeek.Com/195062/no-disabling-ipv6-pboble-wont- speed -up-youur-internet-connection // user_pref ("network.Dns.Disableipv6", true); // user_pref ("network.Http.Fast-fallback-to-ipv4 ", true);
// 2622: make sure that you have a safety delay when installing a superstructure (milliseconds) // default = 1000, this is it also covers the delay in “save” on file download. // Http://kb.Mozillazine.Org/disable_extance_install_delay_-_firefox // http://www.Squarefree.Com/2004/01/01/race/race -n-secution-dialogs/ user_pref ("security.Dialog_enable_delay", 1000);
// 2623: make sure that a strict policy of the origin of files in local files // by default, it is true. Included for the completeness // http://kb.Mozillazine.Org/security.Fileuri.Strict_origin_polacy user_pref ("security.Fileuri.Strict_origin_policy", true); > ////2624: ensuring the integrity of subresource (sri) (ff43+) // by default correctly. It is included for completeness // https://developer.Mozilla.Org/en-us/docs /web/security/subresource_integrity // https://wiki.Mozilla.Org/security/subresource_integrity user_pref ("security.Sri.Enable", true);
// 2625: applications [not tor protocol] should generate an error // when using .Onion and should not be searched for dns. // Https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1228457 user_pref ("network.Dns.Blockdotion", true);
// 2626: the optional token of the user agent, by default, is incorrect for the completeness // https://developer.Mozilla.Org/en-us/docs/web/ http/gecko_user_agent_string_reference user_pref ("general.Useragent.Compatmode.Firefox", false);
// 2627: ua underwater by default and the corresponding (navigator) parts (also see 0204 for the ua language) /// note: it can be better processed by expansion (for example, whitelisitng ), try not to face him // note. This is not a complete solution (detection of functions, some navigator objects, leakage, resource, etc.) // Aim: compare the latest tbb settings: windows, esr, os, etc. Browser.Php // php // == start == // a: navigator.Useragent leaks in js, it also seems to be broken by ua extension whitelisting // user_pref ("general.Usoragent.Overrid", "mozilala /5.0 (windows nt 6.1; rv: 45.0) gecko/20100101 firefox/45.0 "); // (hidden prof) // b: navigator.Buildid (see gecko.Buildid in about: config) reveals the assembly time // to the second, which defends the user fake and can be threatened with os and t. . D. User_pref ("general.Buildid.Override", "20100101"); // (hidden pref)
// C: navigator.Appname user_pref ("general.Appname.Override", "netscape"); // (hidden pref)
// D: navigator.Apperversion user_pref ("general.Approversion.Override", "5.0 (windows)"); // (hidden pref)
// E: navigator.Platform leaks in js user_pref ("general.Platform.Override", "win32"); // (hidden pref)
// F: navigator.Occpu user_pref ("general.Oscpu.Override", "windows nt 6.1"); // (hidden pref)
// 2628: disconnect the uitour bacand, so there is no chance that the remote page can use its user_pref ("browser.Yaitur.Enabled", false) ; user_pref ("browser.Uitur.Url", "" ");
// 2629: disconnect the files of remote jar, regardless of the type of content // https: //bugzilla.Mozilla.Org/show_bug.Cgi?Id=1215235 user_pref ( "network.Jar.Block-remote-files", true);
// 2650: starting a browser in e10s mode (48+) // after the browser restarts, you can check if it is included by visiting // o: support and verification the fact that the “multiprocess windows” = 1 // using force-enable and extensions.E10sblocksenabling, if you have superstructures // user_pref ("browser.Tabs.Remote.Autostart", true); // user_pref ("browser.Tabs.Remote.Autostart.2", true); // (ff49+) // user_pref ("browser.Tabs.Remote.Force-enable", true); // (hidden pref) // user_pref ("extensions.E10sblocksenabling", false);
// 2651: control e10s the number of container processes // https: // //wwww.Ghacks.Net/2016/02/15/change-how-many-proceses- multi-process-firefox-uses/ // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id= 1207306 // user_pref ("dom.Ipc.Proocesscount", 4);
// 2652: turn on the shim console warnings for extensions that do not have a flag ///'multiprocesscompatible' set to true user_pref ("dom.Ipc.Shims. Enabledwarnings ", true);
// 2660: apply a separate content process for the file: // urls (ff53+?) // Https://bugzilla.Mozilla.Org/show_bugi?Id=11479911 // https://www.Ghacks.Net/2016/11/27/firefox-53- exclusive content-process-for-local-files/ user_pref ("browser.Tabs.Remote , true);
// 2662: disconnect "open with" in download the dialog box (ff50+) // this is very useful for turning on when the browser is in the sandbox (for example, through apparmor) // thus as to run external applications. //: This can interfere with the working process or the methods of some users // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1281959 user_pref ("browser.Download_open_open_with", true); /+> // 2663: disable mathml (ff51+) // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1173199 // test: http: http: http: http: http: http: http //browserspy.Dk/mathml.Php user_pref ("mathml.Disabled", true);
// 2664: disconnect the api devicestorage // https: // wiki. Mozilla.Org/webapi/devicestorageapi user_pref ("device.Storage.Enabled", false);
// 2665: disinfect the white phone webchannel user_pref ("webchannel.Allobject. Urlwhitelist", "");
// 2666: disconnect alternative services http // https://www.Ghacks.Net/2015/08/18/a-comphange- list of firefox-privacy and security- settings/#comment-3970881 user_pref ("network.Http.Altsvc.Enabled", false); user_pref ("network.Http.Altsvc.Oe", false);
// 2667: disable the various tools of the developer in the context of the browser // devtools> extended settings> enable the chrome browser and additional debugging: //github.Com/pyllyukko/user. Js/issues/179#issuecomment-246468676 user_pref ("devtools.Chrome.Enabled", false);
// 2668: block the permitted extensions catalogs // https://mike.Kaply.Com/2012/02/21/undarstanding-add-on-copes/ // archved: http://archive.Is/dyjam user_pref ("extensions.Enabledscopes", 1); // (hidden pref) user_pref ("extensions.Autodisablescopes", 15);
// 2669: strips when sending the url cve-2017-5384: disclosure of information through proxy auto-config (pac) // https://bugzila.Mozilla.Org/ show_bug.Cgi? Id = 1255474 user_pref ("network.Proxy.Autoconfig_url. Include_path", false);
// 2670: a close bypass of csp through the types of image mime (ff51+) // https://bugzilla.Mozilla.Org/show_bug.Cgi? Id = 1288361 user_pref ("secret.Block_script_with_wrong_mime", true);
// 2671: disconnect svg (ff53+) // https://bugzilla.Mozilla.Org. /Show_bug.Cgi?Id=1216893 user_pref ("svg.Disabled", true);
2698: the first side of isolation (pfi)
// 2698a: turn on the first party insulation pref and originattribute (ff51+) // courage: breaks up: breaks a lot of login on the cross domain and functionality of the site to perfection // https://bugzilla.Mozilla.Org/show_bug. Cgi? Id = 1260931 // 2698b: it also isolates ocsp requests from the first side of the domain // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id = 1264562 // user_pref ("privacy .Firstparty.Isolate ", true);
2699: tor uplift: private . Screen // (hidden pref)
2700: cookies
// 2703: establish a life policy cookie // 0 = until they expire (by default), 2 = until you close firefox, 3 = for n days (see next pref) / / @> // user_pref ("network.Cookie.Lifetimepolacy", 0); // 2704: set the life time of cookies in days (see above pref) - by default 90 days // user_pref ("network.Cookie.Lifetime.Days", 90);
// 2705: disconnect the dom storage // warning: this will break the functionality of many sites. // User_pref ("dom.Storage.Enabled", false);
// 2706: disconnect the api storage (ff51+), which gives the site code the ability to find out how much space is // they can use how much they already use, and even control whether they need to be a warning before the user agent gets rid of the site data in order to free up space for other things. // Https://developer.Mozilla.Org/en-us/docs/web/api/storagemanager // https://developer.Mozilla.Org/en-us/docs/docs/web/api /storage_api user_pref ("dom.Storagemanager.Enabled", false);
// 2707: clean the local strate is the same // https://developer.Mozilla.Org/en-us/add-on/webextension/api/storage/local @> // https://bugzilla.Mozilla.Org/show_bug.Cgi? Id = 1213990 user_pref ("extensions.Webextensions.Keeptorageonininstall", false); user_pref ("extensions.Webextensions.Keeuuiidonunnstall", false);
2800: urtdown+> “privacy”> “cleaned history” when firefox closes user_pref ("privacy.Sanitize.Sanitizeonshutdown", trial);
// 2803: what to clean when turning off // these settings are under the parameters> privacy> clean the story when firefox closes> settings // these are the author of this user.Js, they chose their own user_pref ("privacy.Clearonshutdown. Cache ", true); user_pref (" privacy.Clearonshutdown.Cookies ", false); user_pref (" privacy.Clearonshutdown.Downloads ", trivacy.Clearonshutdown. Formdata ", true); user_pref ("privacy.Clearonshutdown.History", true); user_pref ("privacy.Clearonshutdown.Offlineapps", true); user_pref n.Sessions ", false); // active logins user_pref ("privacy.Clearonshutdown
// 2803a: turn on all open tabs windows /// user_pref ("privacy.Clearonshutdown.Openwindows", true);
// 2804: (in accordance with the above) -a-automatic choice of elements for deletion using ctrl-shift-del user_pref ("privacy.Cpd.Cache", true); user_pref ("privacy.Cpd.Cookies", false); user_pref ("privacy.Cpd.Downloads", true); user_pref ("privacy.Cpd.Formdata", true); user_pref ("privacy.Cpd.History", true); user_pref ("privacy.Cpd.Offlineapps", true); user_pref ("privacy.Cpd.Passwords", false); user_pref ("privacy.Cpd.Sessions", false); user_pref ("privacy.Cpd.Sitesettings", false);
// 2804a: turn on all the open windows /tabs when starting the “cleaned recent history” // user_pref ("privacy.Cpd.Openwindows", true);
// 2805: reset the default time range to clear 'for' for 'recent history' (see 2804 above) // firefox remembers your last choice. This will drop the meaning when you start ff. // 0 = all 1 = last hour, 2 = last 2 hours, 3 = last 4 hours, 4 = today user_pref ("privacy.Sanitize.Timespan", 0);
3000: personal settings
It is convenient to migrate and/or not in the parameter interface. Users can place their own non -safe/confidentiality/removing fingerprints/tracking here
User_pref ("ghacks_user.Js.Parrot", "3000 syntax error: this is a former transfer!");
// 3001: disable the annoying warnings user_pref ("general.Warnonaboutconfig", false); user_pref ("browser.Tabs.Warnonclose", false); user_pref ("browser.Tabs.Warnoncloseotharthartharta", false); user_pref ("browser.Tabs.Warnonopen", false);
// 3001a: disconnect a warning when the domain asks for a full screen // https://developer.Mozilla.Org/en-us/docs/web/guide/api/dom/domi /using_full_screen_mode // user_pref ("fullly, 0); // user_pref (" fullflow ("browser.Tabs.Closewindowwithlastab", false);
// 3004: 3004: disconnect backspace (0 = previous page, 1 = scroll up, 2 = do nothing) user_pref ("browser.Backspace_action, 2);
// 3005: disconnect the default autocopy (use the extensions autocopy 2
// 3007: open new windows on a new tab instead of // this parameter is under the parameters> general> tabs // 1 = current window, 2 = new window 3 = last window user_pref ("browser.Link.Open_newwindow", 3);
// 3008: disconnect "you really want to leave this site?" Popups / / /https://support.Mozilla.Org/en-us/questions/1043508 user_pref ("dom.Disable_beforeunload", trrue);
// 3009: enable apz (asyncinc pan/zoom) -tigs e10s // https://wwww.Ghacks.Net/2015/07/28/scrolling-in-get-get-a-lot-better- thank // user_pref ("layers.Async-pan-zoom.Enabled", true);
// 3010: turn on preliminary views of ctrl-tab user_pref ("browser .Ctrltab.Previews ", true);
// 3011: do not open the" page/source of choice "on the tab. Instead, a window is used, cleaner than // and easier to use and move (for example, developers/multi -screen). User_pref ("viev_source.Tab", false);
// 3012: spellchecking: 0 = none, 1-multi-line controls, 2 = multi-line
// 3013: disconnect the automatic "work in autonomous mode." En-su/docs/online_and_affline_events user_pref ("network.Manage-offline-status", false);
// 3015: disconnect the animation of the tabs, slightly accelerate the things user_pref ("browser.Tabs.Animate", false);
// 3016: disconnect the full -screen animation. Test using f11. // Animation is stupid, but irritatingly slow, while animation cannot be amazing user_pref ("browser.Fullscreen.Animate", false);
////3017: i substitute in milliseconds. 0 = instant, while a small number allows // mouse to go through the menu elements without any substitution, anxiously shoot user_pref ("ui.Submenudely", 75); // (hidden pref)
// 3018: the maximum number of casual backups of the bookmark (by default - 15) user_pref ("browser.Bookmarks.Max_backups", 2); /+> // 3020: to your information: urlbar click beef (using the default) user_pref ("browser.Urlbar.Clickselectsall", true); user_pref ("browser.Urlbar.Dubleclickselectalsall", false);
// 3021: to your information: the behavior of the tabs (with the default) // open links on the new tab immediately to the right of the parent tab, not the right user_pref ("browser .Tabs.Insertrelatrededaftercurrent ", true); // switching to the parent tab (if it has) at the closure, and not on the next right tab, if // adjacent left tab, if not. Note. Required browser.Link.Open_newwindow // install 3 (see pref 3007). Note. It is not applied to the links to the average click or ctrl click. Link in the new tab, immediately switch to it // by default is not uncontrolled = do not switch to it = true user_pref ("browser.Tabs.Loadinbackground", true);
// Install the behavior of pages usually intended for opening in a new window (for example, target = "_ blank" // or from the external program), but instead it was loaded by new tab. On the current tab. User_pref ("browser.Tabs.Loadededinbackground", false);
// 3022: to hide the items recently bookmarks (you still have original bookmarks) (ff49+)) user_pref ("browser.Bookmarks.Showreclybookmarked", false);
// 3023: disconnect automigrate, the current defiles information, but block at the moment user_pref ("browser.Migrate.Automigrate.Enabled", false);
// End: internal user pref for testing syntactic errors user_pref ("ghacks_user.Js.Parrot", "no, he is not dead, he leaves! Wonderful bird, norwegian blue ");
9996: palumon is specific (https :: //www.Palemoon.Org/)
> if you have problems or questions about any of these, use the palemoon note: this section is no longer supported [after version 10]
// 9996-1: (v25.6+) disage the removal of fingers on the canvas // user_pref ("canvas.Poisondata", true);
// 9996-2: (v25.2+) control hsts // if editing this about: config pm should be completely closed, and then rebooted // note : this is a compromise between confidentiality and safety. Hsts was developed to increase // security to stop the mitm attacks, but it can also be incorrectly used as a fingerprint vector using // abandoning previously visited sites. Recommended: safety over confidentiality. Your choice. // User_pref ("network.Stricttransportsecurity.Enabled", true);
// 9996-3: (v25.0+) controls whether the state has expired from the stitched answers ocsp // if installed in true, gaps with rfc6066 (for example , firefox) and ignore the fact that the sewn // ocsp answers can be expired. If false (the default) will interrupt the connection. // User_pref ("security.Ssl.Allow_unsafe_ocsp_response", false);
// 9996-4: (v25.6+) controls whether to completely ignore "autocomplete = off" on the entrance fields to the // user_pref system ("signon.Ignoreautocomplete" false);
// 9996-5: (v26.0+) read the description of moonchild in the flow of the palemoon forum, connected above // user_pref ("dom.Disable_beforeunload", true);
 9997: umir. > â â € â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â €, it was about v23, and not 100% sure when // this preference was replaced by a browser. +> // 2408: (31+) disable the network api - the vector of the fingers // user_pref ("dom.Network.Enabled", false);
// 2620: (35+) disable the web-education // https://developer.Mozilla.Org/en-us/firefox/releases/35 / / user_pref ("network.Websocket.Enabled", false);
// 2023: (37+) disable the reverse call with the autofocus of the camera (was at 36, and not in 37) // not part of which specifications, the api will be replaced by capture webrtc // and api flow (http://w3c.Github.Io/mediacapture-main/getusermedia.Html) // https://developer.Mozillag/en-us/docs/ mozilla/firefox_os/api/cameracontrol/ // user_pref ("camera.Control.Autofocus_callback.Enabled", false);
// 1804: (41+) disable the plugin enumeration // user_pref ("plugins.Enumurable_names", "");
// 0420: (42+) disable protection against tracking // this particular preliminary v42+because it is when landing from tracking protection // user_pref ("browser. Polaris.Enabled ", false);
// 2803: (42+) what to clean when turning off // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1102184#c23 // / user_pref ("privacy.Clearonshutdown.Passwords", false);
// 0411: (43+) disable the urls safebrowsing urls // user_pref ("browser.Safebrowsing.Malware.Reporturl", ""); // user_pref ("browser.Safebrowsing.Provider.Google.Apperl", "" "); // user_pref ("browser.Safebrowsing.Reporterroororul", ""); user_pref ("browser.Safebrowsing.Reportgenericurl", ""); // user_pref ("browser.Safebrowsing.Reportmalwareerororl", ""); // user_pref ("browser.Safebrowsing.Reportmalwareurl" "" "" "" ""); // user_pref ("browser.Safebrow.Reporturl", ""); // user_pref ("browser.Safeabrowsin g.Updateurl " , "");
// 0420: (43+) disage the tracking protection. Ff43+url are now part of the safebrowsing // https://wiki.Mozilla.Org/security /tracking_protection (look at the prefs) // note: getupdateurl = wrong/never was. Updateurl = correctly and was added on your part // user_pref ("browser.Trackkingprotection.Gethashurl", ""); // user_pref ("browser.Trackingprotection.Getupdateurl", ""); // user_pref ("browser.Trackingprotation.Updateurl");@> // 1803: (43 +) delete the plug -in search service // http://kb.Mozillazine.Org/pfs.Datasource.Url // user_pref ("pfs.Datasource.Url", "");
// 2403: (43+) disable the scenarios of images change - test link below // http://www.W3schools.Com/jsref/tryit .Asp? Filename = tryjsref_img_src2 // warning: will break some sites such as google cards and many web applications // user_pref ("dom.Disable_image_src_set", true);
// 2615: (43+) disable http2, as well as // user_pref ("network.Http.Spdy.Enabled.Http2draft", false);
////3001a: (43+) disconnect the warning when the domain requests a full screen // replaced by installing a full -screen api.Warning.Timeout to zero // user_pref ("fullly api.Appi- required", false);
// 3003: (43+) disable the new search panel [classical thematic restorer can restore the old search] .Showoneoffbuttons ", false);
// 1201: (44+) block rc4 whitelist // https://developer.Mozilla.Org/en-us/firefox/releases/44#security // user_pref ("security _hosts.Use_static_list ", false);
// 2417: (44+) disable the joint work that allow the exchange of data between iframes, which // are open in different tabs, even if sites do not belong to one domain. -Viskay (no. 8). Sharedworkers.Enabled ", false);
// 1005: (45+) disable the defined level of storage of the additional data of the session 0 = all 1 = http-up 2 = none // user_pref ("browser.Sessionstore.Privacy_level_deferred ", 2);
// 0334b: (46+) disable fhr (report firefox health) v2, sent to the servers mozilla // user_pref (" datareporting.Policy.Datasubmsionen abled .V2 ", false);
// 0373: (46+) disable" pocket ". Ff46 replaced them with extensions.Poctet. / User_pref (" browser.Pocket.Site "," "); // user_pref (" browser.Pocket.Oauthconsumerky "," ");
// 0410e: (46+) safebrowsing // user_pref (" browser .Safebrowsing.Apprepurl, ""); // google appendix check text/plain, ");
// 0807: (47+) disable the manipulation of the history // https://developer.Mozilla.Org/en-us/docs/web/guide/dom/dom/dom/dom/dom/dom/dom/dom/dom manipulation_the_browser_history // warning: if installed on false, it breaks the possibility of some sites (youtube) to correctly show // url in the location panel and for the history of the forward/backward tabs for work // user_pref ( "browser.History.Allowpopstate", false); // user_pref ("browser.History.Allowpushstate", false); // user_pref ("browser.History.Alloplacestate", false);
// 0806: (48+) disable 'unified complete': 'search using the search engine [by default]' // this function was added back to the classic theme restorer // http://techdows.Com/2016/05/firefox-unified-complete-boutconfig-preference-removed.Html // user_pref ("browser.Urlbar.Unifiedcomplete",, false);
// 3006: (48+) disable the forced addition to overtake // note: preference is still in ff48+, but this is an outdated code and does not work in a stable / / user_pref ("xpinstall.Signatures.Requird", false);
// 0372: (49+) disable "hello" (tokbox/telefonica webrtc voice // user_pref ("loop.Server", ""); // user_pref ("loop.Feedback.Formurl", ""); // user_pref ("loop.Feedbeck.Manualformurl" "" "" "" "" "" "" "" "" "" "" "additional settings of the cycle facebook // user_pref (" loop.Facebook.Appid "," "); // user_pref ("loop.Facebook.Enabled", false); // user_pref ("lo /d/topic/mozilla.Dev.Platform/nyvkcx-_sfw/discussion // user_pref (" looop .Logdomains ", false);
// 2202: (49+) one of the new window ui prefs // user_pref (" dom.Disable_window_open_feature.Scrollbars ", true); /+> // 2431: (49+) disable one of the preliminary notifications push push prefs // user_pref ("dom.Push.Wakeupenable", false);
// 0308: (50+) disable the notifications of the renewal of the plugin // if flash flash/java/silverlight, it is best to enable your own automatic update mechanisms. Update.Notifyuser ", false);
// 0410a: (50+) "block the dangerous and deceptive content" change of the name pref // user_pref ("browser.Safebrowsing.Enabled", false); // ff49 and earlier
// 1202: (50+) disable rc4 ciphers // https://www.Fxsitecompat.Com/en-ca/docs/2016/2016/2016/2016/2016/2016/2016/2016/2016/2016/2016/20 complolyly-removed/ // https://trac.Torproject.Org/projects/tor/ticket/17369 // user_pref ("security ); // user_pref ("security.Ssl3.Ecdhe_rsa_rc4_128_sha", false); // user_pref ("security.Ssl3.Rsa_rc4_128_md5", false); .Rsa_rc4_128_sha ", false);
// 1809: (50+) delete the url -reflash of the mozilla // user_pref (" plugins.Update.Url ","); /+> // 1851: (51+) video delay until they are visible // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1180563 // user_pref ("media.Block-play-util-visible", true);
// 2504: (51+) disable the virtual reality devices // user_pref ("dom.Vr.Oculus050.Enabled", false);
// 2614: (51+) disable spdy // user_pref ("network.Http.Spdy.Enabled.V3- 1", false);
9998: explore - tor uplift
 https://wiki.Mozilla.Org/security/tor_uplift/trackking
// Solution // 1400: install only the fonts of the system in the white list (ff52+) // if the white list is empty, then the white list is considered disconnected, and all the fonts are allowed. @> // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1121643 // user_pref ("font.System.Whitelist", "" ");
// 2698-applend: privacy.Firstparty.Isolate >> // active // 1200: isolate the hsts cache and hpkp from the first side of the domain // https://bugzilla.Mozilla.Org/show_bugi?Id=13236444 : reduce the accuracy of the time discovered by javascript // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1217238 // user_pref ("javascript.Options.Privacy.Reduce_precision ", true);
// 2699-append: resource: // uris leak // https://trac.Torproproject.Org/projects/ticket/87225 // https: //bugzilla.Mozilla.Org/show_bug.Cgi? Id = 863246 // test: https://www.Brosserleaks.Com/firefox
@> 3./ /// Assigned // 2001: preference to completely disconnect webrtc js api // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1314443
? Stability to webgl prints // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1217290
>@>+> // 2699-append: flaboration in preferences#privacy.Resistfingerpring // when it is landed, add a note to 2699 // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1308340
2699-applend: utc timezone (spoof as utc 0 ) // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1330890
@>> // 2699-ppressend: new sizes of the window to hundreds // note. You // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1330882 // user_pref ("privacy.Window.Maxinnerwidth", 1366); // user_pref (".Window.Maxinnerheight", 768);
// Backlog // 1400: prevent the local font transference // https://bugzilla.Mozilla.Org/show_bug. Cgi? Id = 732096
// 1800: disable "this plugin is disconnected" overlay // https://bugzilla.Mozilla.Org/show_bugi?Id=967979 // user_pref ("privacy.Plugin_disabled_barrier.Enabled", false);
// 2500's: disable/mitate canvas printing // https://bugzilla.Mozilla.Org /show_bug.Cgi?Id=1041818
Letters@> 3 .// 2500's: enable (resolution to the site) before allowing the extraction of data canvas // https://bugzilla.Mozilla.Org/show_bug. Cgi? Id = 967895
// 2600's: window.Name // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=4444222,> // 2698-append: the “observability#privacy.Firstparty.Isolate // when it lands”, add a note to 2611 // https://bugzilla.Mozilla.Org. /Show_bug.Cgi?Id=13126555
Written address @>>> // 2698-append: fpi and http alternative services (see 2666) // https: //bugzilla.Mozilla. Org/show_bug. Cgi? Id = 1334690
// 2698-append: fpi and spdy/http2 // https://bugzilla.Mozillag/show_bug.Cgi?Id=134693
// 2699-append: disconnect the keyboard perfrinting // test: https://w3c.Github.Io/ueivents/tools/key-event-viewer.Html ///// tools/key-event-viewer.Html // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=12222855> /show_bugi?Id=1333641 // see also see also : web -reach experses tts // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1233846
// 2699-append: spoof navigator api // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1333651
? Install and provides various prefs with privacy.Resistfingerprinting // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1333933
@>+> // 2699-ppressise: back and whitelistic fonts with confidentiality.Reposfingerprinting // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1336208
@>> 9999: to explore - other
////1600: limit the contents of the abstracts attached to the requests of cross origin (ff52+) // 0- 1-2-scheme+hostname+port // user_pref (" network.Http.Referr.Xorigintrumpolcy "," 2);
// 1600: overwhelming the default reserve by default? (Ff52+?) // 0-no-referra 1-same-origin 2-strict-when-when-cross-origin // 3-n-referr-when-downgrade (default) // https://bugzilla.Mozilla.Org/ show_bug.Cgi? Id = 1304623 // user_pref ("network.Http.Reraer.Usercontrolpolcy", 3);
///3000: show the superstructures of the about: addons system (so you can turn it on/disable them) - has not yet landed // https://bugzilla.Mozilla.Org/show_bug.Cgi?Id=1231202 // user_pref ("extensions.Hidesystemaddons", false ); // (hidden pref) // ^^ follow the extensions. Use a private container for the load on miniatures (ff51+) // user_pref ("privacy.Usercontext.About_newtab_segration.Enable", urue); // browser.Newtabpage.Remote* // user_pref ("browser. .Formfill.Expire_days", 1); // user_pref ("javascript.Options.Shared_memory", false); // user_pref ("plugin.Disable_full_page_plugin_for_types", "application/pdf"); what firefox sets it) // https://www.Ghacks.Net/2017/01/23/how-to-change-firefoxs-sandbox-security level/ // security.Sandbox .Content. Level
Appendix a: test sites
Here are an exhaustive list of various websites on which you can check your browser. You must turn on js on these sites for tests to present the scenario of the worst.In fact, you must control js and xss (cross-site scenarios) on sites with superstructures such as noscript, umatrix, ublock origin, among other things, to reduce the likelihood of fingerprint attacks.
Url: https://www.Ghacks.Net/2015/12/28/the-ultimate-online-privacy-test- rape-list/
Letters @> > 01: removing your fingers
I'm unique? Numerous tests [single page]
- Whirâ â â â â â â â â â â â â â € http://5who.Net/?Type=extend- ip/dns leak http://ipduh.Com/anonymy-check/
>@>> 03: several tests [multi-page]
-Browserspy.Dkâ â â â http:// /browserspy.Dk/- browserleaksâ â â â â â € https://www.Browserleaks.Com/- html security flink - Badsslâ â â â â â â € â â € â € â € â € â € â â .De/- qualys ssl labsâ € https://wwww.Ssllabs.Com/ssltest/viewmyclient.Html=@>- seta installed sslcheck.Html - like my sslâ â â â â â â € â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â € â â â â â â â € : //pstadadler.Sh/batty.Js/ - dns com/dns/dns.Htm - evercookieâ â â â â â â € â â â € â € € â € € â € â â â â â â â â â â â â â â ™ - localstorageâ â â â â â â € â € http://www.Filldisk.Com/ hsts supercookieh http://www.Radicalresearch.Co.Co.Uk/lab /hstssupercookies - hsts [syffly] //zyan.Scripts.Mit.Edu/sniffly/@>- html5â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â @> - rel = noopenerâ â â â â € https://mathiasbynens.Github.Io/rel-nopener/- popup killerâ â â â âhhttp://www.Kephyr.Com/popupkillertest/ - popup testâ â â â â â â â â â ek ™ http://www.Popuptest.Com/- â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â who @> https/300/overview.Html . Â https://www.Browserleaks.Com/firefox- webrtc attakehtml - blocked â â â â â â â â â â â â â â â â â âfirefox/undesirable. Html -phishingâ â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â â //itisatrap.Org/firefox/its-a-tracker. Html
>@>+> appendix b: add -ons firefox
Many thanks to all the developers and online communities that provide and support them.
Sometimes only preferences are not enough. Here is a list of some important additions for security, confidentiality and fingerprint protection. This is not a discussion, it is just a list covering js, xss, arblocking, cookies, dom storage, utm, redirections and other items. Some of them are global, others allow granular control. Although i believe that most of them are the best of the best, this may be subjective depending on your needs. Some of them can become obsolete with the upcoming ff changes (canvas, in resource: // uri), some of them are controversial (we must be prepared?), Some i am still looking for the best solution, and i don’t know some, but they will come up many users. Us/firefox/addon/noscript/-ublock origin â â â â â â â â â â â â â â â â â â â â https://addons.Mozilla.Org/en-us/firefox/ addon/cookie-controller/ * * self-destruction of cookies https://addons.Mozilla.Org/en-us/firefox/addon/self-destruction cookies/-https everywhere everywhere. Â € â â â â â â â â â â â â â â â âus/firefox/adon/no-report-uri-hleak/ Note. At the time of publication, the following are not compatible with e10s: google privacy, noredirect, uacontrol, a user js-fixer, a pop-up block of ultimate
Now you: please leave the comments below, offering new records and changes. Feel free to add other information such as compatibility, links to resources or proposals on how to organize the list better. Get additional information regarding the registry and settings (https://howtowindowsguides.com/) please go to the internet site.
