daily pastebin goal
40%
SHARE
TWEET

Untitled

a guest Mar 21st, 2018 168 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // Use LANG environment variable to choose locale
  2. pref("intl.locale.requested", "");
  3.  
  4. // Disable default browser checking.
  5. pref("browser.shell.checkDefaultBrowser", false);
  6.  
  7. // Don't disable our bundled extensions in the application directory
  8. pref("extensions.autoDisableScopes", 11);
  9. pref("extensions.shownSelectionUI", true);
  10.  
  11. // Opt all of us into e10s, instead of just 50%
  12. pref("browser.tabs.remote.autostart", true);
  13.  
  14. // Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier
  15. pref("ui.key.menuAccessKeyFocuses", false);
  16.  
  17. // Disable the GeoLocation API for content
  18. pref("geo.enabled", false);
  19.  
  20. // Make sure that the request URL of the GeoLocation backend is empty
  21. pref("geo.wifi.uri", "");
  22.  
  23. // Disable Freedom Violating DRM Feature
  24. pref("browser.eme.ui.enabled", false);
  25. // EME
  26. pref("media.eme.enabled", false);
  27. pref("media.eme.apiVisible", false);
  28.  
  29. // Google Widevine DRM
  30. // https://blog.mozilla.org/futurereleases/2016/04/08/mozilla-to-test-widevine-cdm-in-firefox-nightly/
  31. // https://wiki.mozilla.org/QA/Widevine_CDM
  32. // https://bugzilla.mozilla.org/show_bug.cgi?id=1288580
  33. pref("media.gmp-widevinecdm.visible", false);
  34. pref("media.gmp-widevinecdm.enabled", false);
  35. pref("media.gmp-widevinecdm.autoupdate", false);
  36.  
  37. // Default to classic view for about:newtab
  38. pref("browser.newtabpage.enhanced", false);
  39. pref("browser.newtabpage.activity-stream.enabled", false);
  40.  
  41. // Poodle attack
  42. pref("security.tls.version.min", 1);
  43.  
  44. // Don't call home for blacklisting
  45. pref("extensions.blocklist.enabled", false);
  46.  
  47. // Disable plugin installer
  48. pref("plugins.hide_infobar_for_missing_plugin", true);
  49. pref("plugins.hide_infobar_for_outdated_plugin", true);
  50. pref("plugins.notifyMissingFlash", false);
  51.  
  52. //https://developer.mozilla.org/en-US/docs/Web/API/MediaSource
  53. //pref("media.mediasource.enabled",true);
  54.  
  55. // Speeding it up
  56. pref("network.http.pipelining", true);
  57. pref("network.http.proxy.pipelining", true);
  58. pref("network.http.pipelining.maxrequests", 10);
  59. pref("nglayout.initialpaint.delay", 0);
  60.  
  61. // Disable third party cookies
  62. pref("network.cookie.cookieBehavior", 1);
  63.  
  64. // Prevent EULA dialog to popup on first run
  65. pref("browser.EULA.override", true);
  66.  
  67. // Set useragent to Firefox compatible
  68. //pref("general.useragent.compatMode.firefox", true);
  69. // Spoof the useragent to a generic one
  70. pref("general.useragent.compatMode.firefox", true);
  71. // Spoof the useragent to a generic one
  72. pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:59.0) Gecko/20100101 Firefox/59.0");
  73. pref("general.appname.override", "Netscape");
  74. pref("general.appversion.override", "59.0");
  75. pref("general.buildID.override", "Gecko/20100101");
  76. pref("general.oscpu.override", "Windows NT 6.1");
  77. pref("general.platform.override", "Win32");
  78.  
  79. // Privacy & Freedom Issues
  80. // https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/
  81. // https://panopticlick.eff.org
  82. // http://ip-check.info
  83. // http://browserspy.dk
  84. // https://wiki.mozilla.org/Fingerprinting
  85. // http://www.browserleaks.com
  86. // http://fingerprint.pet-portal.eu
  87. pref("privacy.donottrackheader.enabled", true);
  88. pref("privacy.donottrackheader.value", 1);
  89. pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
  90.  
  91. // CIS 2.1.1 Disable Auto Update / Balrog
  92. pref("app.update.auto", false);
  93. pref("app.update.checkInstallTime", false);
  94. pref("app.update.enabled", false);
  95. pref("app.update.staging.enabled", false);
  96. pref("app.update.url", "about:blank");
  97. pref("media.gmp-manager.certs.1.commonName", "");
  98. pref("media.gmp-manager.certs.2.commonName", "");
  99. // Disable Gecko media plugins: https://wiki.mozilla.org/GeckoMediaPlugins
  100. pref("media.gmp-manager.url", "http://127.0.0.1/");
  101. pref("media.gmp-manager.url.override", "data:text/plain,");
  102. pref("media.gmp-provider.enabled", false);
  103. // Don't install openh264 codec
  104. pref("media.gmp-gmpopenh264.enabled", false);
  105. pref("media.gmp-eme-adobe.enabled", false);
  106. pref("media.peerconnection.video.h264_enabled", false);
  107.  
  108. // CIS 2.3.4 Block Reported Web Forgeries
  109. // http://kb.mozillazine.org/Browser.safebrowsing.enabled
  110. // http://kb.mozillazine.org/Safe_browsing
  111. // https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
  112. // http://forums.mozillazine.org/viewtopic.php?f=39&t=2711237&p=12896849#p12896849
  113. pref("browser.safebrowsing.enabled", false);
  114.  
  115. // CIS 2.3.5 Block Reported Attack Sites
  116. // http://kb.mozillazine.org/Browser.safebrowsing.malware.enabled
  117. pref("browser.safebrowsing.malware.enabled", false);
  118.  
  119. // Disable safe browsing remote lookups for downloaded files.
  120. // This leaks information to google.
  121. // https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
  122. // https://wiki.mozilla.org/Security/Application_Reputation
  123. pref("browser.safebrowsing.downloads.remote.enabled", false);
  124. pref("browser.safebrowsing.appRepURL", "about:blank");
  125. pref("browser.safebrowsing.provider.mozilla.gethashURL", "about:blank");
  126. pref("browser.safebrowsing.provider.mozilla.updateURL", "about:blank");
  127. pref("browser.safebrowsing.downloads.remote.block_dangerous", false);
  128. pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
  129. pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
  130. pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
  131. pref("browser.safebrowsing.downloads.remote.enabled", false);
  132. pref("browser.safebrowsing.downloads.remote.url", "about:blank");
  133. pref("browser.safebrowsing.provider.google.gethashURL", "about:blank");
  134. pref("browser.safebrowsing.provider.google.updateURL", "about:blank");
  135. pref("browser.safebrowsing.provider.google.lists", "about:blank");
  136.  
  137. // https://bugzilla.mozilla.org/show_bug.cgi?id=1025965
  138. pref("browser.safebrowsing.phishing.enabled", false);
  139. pref("browser.safebrowsing.provider.google4.lists", "about:blank");
  140. pref("browser.safebrowsing.provider.google4.updateURL", "about:blank");
  141. pref("browser.safebrowsing.provider.google4.gethashURL", "about:blank");
  142. pref("browser.safebrowsing.provider.google4.reportURL", "about:blank");
  143. pref("browser.safebrowsing.provider.mozilla.lists", "about:blank");
  144.  
  145. // Disable Microsoft Family Safety MiTM support
  146. // https://bugzilla.mozilla.org/show_bug.cgi?id=1239166
  147. // https://wiki.mozilla.org/SecurityEngineering/Untrusted_Certificates_in_Windows_Child_Mode
  148. // https://hg.mozilla.org/releases/mozilla-release/file/ddb37c386bb2ffa180117b4d30ca3b41a8af233c/security/manager/ssl/nsNSSComponent.cpp#l782
  149. pref("security.family_safety.mode", 0);
  150. // https://bugzilla.mozilla.org/show_bug.cgi?id=1265113
  151. // https://hg.mozilla.org/releases/mozilla-release/rev/d9659c22b3c5
  152. // https://bugzilla.mozilla.org/show_bug.cgi?id=1298883
  153. pref("security.enterprise_roots.enabled", false);
  154.  
  155. //pref("services.sync.privacyURL", "https://www.gnu.org/software/gnuzilla/");
  156. pref("social.enabled", false);
  157. pref("social.remote-install.enabled", false);
  158. pref("datareporting.healthreport.uploadEnabled", false);
  159. pref("datareporting.healthreport.about.reportUrl", "127.0.0.1");
  160. pref("datareporting.healthreport.documentServerURI", "127.0.0.1");
  161. pref("healthreport.uploadEnabled", false);
  162. pref("social.toast-notifications.enabled", false);
  163. pref("datareporting.policy.dataSubmissionEnabled", false);
  164. pref("datareporting.healthreport.service.enabled", false);
  165. pref("browser.slowStartup.notificationDisabled", true);
  166. pref("network.http.sendRefererHeader", 2);
  167. //pref("network.http.referer.spoofSource", true);
  168. //http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy/
  169. //pref("dom.storage.enabled", false);
  170. pref("dom.event.clipboardevents.enabled",false);
  171. pref("network.prefetch-next", false);
  172. pref("network.dns.disablePrefetch", true);
  173. pref("network.http.sendSecureXSiteReferrer", false);
  174. pref("toolkit.telemetry.archive.enabled", false);
  175. pref("toolkit.telemetry.bhrPing.enabled", false);
  176. pref("toolkit.telemetry.enabled", false);
  177. pref("toolkit.telemetry.unified", false);
  178. pref("toolkit.telemetry.newProfilePing.enabled", false);
  179. pref("toolkit.telemetry.firstShutdownPing.enabled", false);
  180. pref("toolkit.telemetry.server", "127.0.0.1");
  181. pref("app.shield.optoutstudies.enabled", false);
  182. pref("experiments.enabled", false);
  183. pref("experiments.manifest.uri", "127.0.0.1");
  184. pref("extensions.pocket.enabled" : false);
  185. pref("extensions.pocket.api", "127.0.0.1");
  186. // Do not tell what plugins do we have enabled: https://mail.mozilla.org/pipermail/firefox-dev/2013-November/001186.html
  187. pref("plugins.enumerable_names", "");
  188. pref("plugin.state.flash", 0);
  189. // Do not autoupdate search engines
  190. pref("browser.search.update", false);
  191. // Warn when the page tries to redirect or refresh
  192. //pref("accessibility.blockautorefresh", true);
  193. pref("dom.battery.enabled", false);
  194. pref("device.sensors.enabled", false);
  195. pref("camera.control.face_detection.enabled", false);
  196. pref("camera.control.autofocus_moving_callback.enabled", false);
  197. pref("network.http.speculative-parallel-limit", 0);
  198. // No search suggestions
  199. pref("browser.urlbar.userMadeSearchSuggestionsChoice", true);
  200. pref("browser.search.suggest.enabled", false);
  201.  
  202. // Crypto hardening
  203. // https://gist.github.com/haasn/69e19fc2fe0e25f3cff5
  204. // General settings
  205. //pref("security.tls.unrestricted_rc4_fallback", false);
  206. //pref("security.tls.insecure_fallback_hosts.use_static_list", false);
  207. //pref("security.tls.version.min", 1);
  208. //pref("security.ssl.require_safe_negotiation", true);
  209. //pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
  210. //pref("security.ssl3.rsa_seed_sha", true);
  211. //pref("security.OCSP.enabled", 1);
  212. //pref("security.OCSP.require", true);
  213.  
  214.  
  215. // WebRTC
  216. pref("media.peerconnection.enabled", false);
  217. pref("media.peerconnection.ice.default_address_only", true);
  218.  
  219. pref("font.default.x-western", "sans-serif");
  220.  
  221. // Preferences for the Get Add-ons panel and search engines
  222. pref("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/GNU_IceCat");
  223. pref("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/GNU_IceCat");
  224. pref("browser.search.searchEnginesURL", "https://directory.fsf.org/wiki/GNU_IceCat");
  225.  
  226. // Mobile
  227. pref("privacy.announcements.enabled", false);
  228. pref("browser.snippets.enabled", false);
  229. pref("browser.snippets.syncPromo.enabled", false);
  230. pref("identity.mobilepromo.android", "https://f-droid.org/repository/browse/?fdid=org.gnu.icecat&");
  231. pref("browser.snippets.geoUrl", "http://127.0.0.1/");
  232. pref("browser.snippets.updateUrl", "http://127.0.0.1/");
  233. pref("browser.snippets.statsUrl", "http://127.0.0.1/");
  234. pref("datareporting.policy.firstRunTime", 0);
  235. pref("datareporting.policy.dataSubmissionPolicyVersion", 2);
  236. pref("browser.webapps.checkForUpdates", 0);
  237. pref("browser.webapps.updateCheckUrl", "http://127.0.0.1/");
  238. pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ");
  239.  
  240. // PFS url
  241. pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");
  242. pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");
  243.  
  244. // Geolocation depends on third party services
  245. pref("geo.enabled", false);
  246. pref("geo.wifi.uri", "");
  247.  
  248. // Disable heartbeat
  249. pref("browser.selfsupport.url", "");
  250.  
  251. // Disable Link to FireFox Marketplace, currently loaded with non-free "apps"
  252. pref("browser.apps.URL", "");
  253.  
  254. // Use old style preferences, that allow javascript to be disabled
  255. pref("browser.preferences.inContent",false);
  256.  
  257. // Don't download ads for the newtab page
  258. pref("browser.newtabpage.directory.source", "");
  259. pref("browser.newtabpage.directory.ping", "");
  260. pref("browser.newtabpage.introShown", true);
  261.  
  262. // Disable home snippets
  263. pref("browser.aboutHomeSnippets.updateUrl", "data:text/html");
  264.  
  265. // Disable hardware acceleration and WebGL
  266. //pref("layers.acceleration.disabled", false);
  267. pref("webgl.disabled", false);
  268.  
  269. // Disable SSDP
  270. pref("browser.casting.enabled", false);
  271.  
  272. // Disable directory service
  273. pref("social.directories", "");
  274. pref("social.whitelist", "");
  275. pref("social.shareDirectory", "");
  276.  
  277. // Disable Pocket integration
  278. pref("browser.pocket.api", "about:blank");
  279. pref("browser.pocket.enabled", false);
  280. pref("browser.pocket.enabledLocales", "about:blank");
  281. pref("browser.pocket.oAuthConsumerKey", "about:blank");
  282. pref("browser.pocket.site", "about:blank");
  283. pref("browser.pocket.useLocaleList", false);
  284. pref("extensions.pocket.enabled", false);
  285.  
  286. // Do not require xpi extensions to be signed by Mozilla
  287. pref("xpinstall.signatures.required", false);
  288.  
  289. // Disable File and Directory Entries API (Imported from Edge/Chromium)
  290. // https://developer.mozilla.org/en-US/Firefox/Releases/50#Files_and_directories
  291. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API
  292. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Introduction
  293. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Firefox_support
  294. // https://bugzilla.mozilla.org/show_bug.cgi?id=1265767
  295. pref("dom.webkitBlink.filesystem.enabled", false);
  296. // https://developer.mozilla.org/en-US/docs/Web/API/HTMLInputElement/webkitdirectory
  297. // https://bugzilla.mozilla.org/show_bug.cgi?id=1258489
  298. // https://hg.mozilla.org/releases/mozilla-release/rev/133af19777be
  299. pref("dom.webkitBlink.dirPicker.enabled", false);
  300.  
  301. // Directory Upload API, webkitdirectory
  302. // https://bugzilla.mozilla.org/show_bug.cgi?id=1188880
  303. // https://bugzilla.mozilla.org/show_bug.cgi?id=907707
  304. // https://wicg.github.io/directory-upload/proposal.html
  305. pref("dom.input.dirpicker", false);
  306.  
  307. // fix alsa sound sandbox issue for iceweasel-58
  308. // https://labs.parabola.nu/issues/1628
  309. pref("security.sandbox.content.syscall_whitelist", "16");
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top