API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 21st, 2018
344
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.53 KB | None | 0 0
raw download clone embed print report
  1. // Use LANG environment variable to choose locale
  2. pref("intl.locale.requested", "");
  3.  
  4. // Disable default browser checking.
  5. pref("browser.shell.checkDefaultBrowser", false);
  6.  
  7. // Don't disable our bundled extensions in the application directory
  8. pref("extensions.autoDisableScopes", 11);
  9. pref("extensions.shownSelectionUI", true);
  10.  
  11. // Opt all of us into e10s, instead of just 50%
  12. pref("browser.tabs.remote.autostart", true);
  13.  
  14. // Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier
  15. pref("ui.key.menuAccessKeyFocuses", false);
  16.  
  17. // Disable the GeoLocation API for content
  18. pref("geo.enabled", false);
  19.  
  20. // Make sure that the request URL of the GeoLocation backend is empty
  21. pref("geo.wifi.uri", "");
  22.  
  23. // Disable Freedom Violating DRM Feature
  24. pref("browser.eme.ui.enabled", false);
  25. // EME
  26. pref("media.eme.enabled", false);
  27. pref("media.eme.apiVisible", false);
  28.  
  29. // Google Widevine DRM
  30. // https://blog.mozilla.org/futurereleases/2016/04/08/mozilla-to-test-widevine-cdm-in-firefox-nightly/
  31. // https://wiki.mozilla.org/QA/Widevine_CDM
  32. // https://bugzilla.mozilla.org/show_bug.cgi?id=1288580
  33. pref("media.gmp-widevinecdm.visible", false);
  34. pref("media.gmp-widevinecdm.enabled", false);
  35. pref("media.gmp-widevinecdm.autoupdate", false);
  36.  
  37. // Default to classic view for about:newtab
  38. pref("browser.newtabpage.enhanced", false);
  39. pref("browser.newtabpage.activity-stream.enabled", false);
  40.  
  41. // Poodle attack
  42. pref("security.tls.version.min", 1);
  43.  
  44. // Don't call home for blacklisting
  45. pref("extensions.blocklist.enabled", false);
  46.  
  47. // Disable plugin installer
  48. pref("plugins.hide_infobar_for_missing_plugin", true);
  49. pref("plugins.hide_infobar_for_outdated_plugin", true);
  50. pref("plugins.notifyMissingFlash", false);
  51.  
  52. //https://developer.mozilla.org/en-US/docs/Web/API/MediaSource
  53. //pref("media.mediasource.enabled",true);
  54.  
  55. // Speeding it up
  56. pref("network.http.pipelining", true);
  57. pref("network.http.proxy.pipelining", true);
  58. pref("network.http.pipelining.maxrequests", 10);
  59. pref("nglayout.initialpaint.delay", 0);
  60.  
  61. // Disable third party cookies
  62. pref("network.cookie.cookieBehavior", 1);
  63.  
  64. // Prevent EULA dialog to popup on first run
  65. pref("browser.EULA.override", true);
  66.  
  67. // Set useragent to Firefox compatible
  68. //pref("general.useragent.compatMode.firefox", true);
  69. // Spoof the useragent to a generic one
  70. pref("general.useragent.compatMode.firefox", true);
  71. // Spoof the useragent to a generic one
  72. pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:59.0) Gecko/20100101 Firefox/59.0");
  73. pref("general.appname.override", "Netscape");
  74. pref("general.appversion.override", "59.0");
  75. pref("general.buildID.override", "Gecko/20100101");
  76. pref("general.oscpu.override", "Windows NT 6.1");
  77. pref("general.platform.override", "Win32");
  78.  
  79. // Privacy & Freedom Issues
  80. // https://webdevelopmentaid.wordpress.com/2013/10/21/customize-privacy-settings-in-mozilla-firefox-part-1-aboutconfig/
  81. // https://panopticlick.eff.org
  82. // http://ip-check.info
  83. // http://browserspy.dk
  84. // https://wiki.mozilla.org/Fingerprinting
  85. // http://www.browserleaks.com
  86. // http://fingerprint.pet-portal.eu
  87. pref("privacy.donottrackheader.enabled", true);
  88. pref("privacy.donottrackheader.value", 1);
  89. pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
  90.  
  91. // CIS 2.1.1 Disable Auto Update / Balrog
  92. pref("app.update.auto", false);
  93. pref("app.update.checkInstallTime", false);
  94. pref("app.update.enabled", false);
  95. pref("app.update.staging.enabled", false);
  96. pref("app.update.url", "about:blank");
  97. pref("media.gmp-manager.certs.1.commonName", "");
  98. pref("media.gmp-manager.certs.2.commonName", "");
  99. // Disable Gecko media plugins: https://wiki.mozilla.org/GeckoMediaPlugins
  100. pref("media.gmp-manager.url", "http://127.0.0.1/");
  101. pref("media.gmp-manager.url.override", "data:text/plain,");
  102. pref("media.gmp-provider.enabled", false);
  103. // Don't install openh264 codec
  104. pref("media.gmp-gmpopenh264.enabled", false);
  105. pref("media.gmp-eme-adobe.enabled", false);
  106. pref("media.peerconnection.video.h264_enabled", false);
  107.  
  108. // CIS 2.3.4 Block Reported Web Forgeries
  109. // http://kb.mozillazine.org/Browser.safebrowsing.enabled
  110. // http://kb.mozillazine.org/Safe_browsing
  111. // https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
  112. // http://forums.mozillazine.org/viewtopic.php?f=39&t=2711237&p=12896849#p12896849
  113. pref("browser.safebrowsing.enabled", false);
  114.  
  115. // CIS 2.3.5 Block Reported Attack Sites
  116. // http://kb.mozillazine.org/Browser.safebrowsing.malware.enabled
  117. pref("browser.safebrowsing.malware.enabled", false);
  118.  
  119. // Disable safe browsing remote lookups for downloaded files.
  120. // This leaks information to google.
  121. // https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
  122. // https://wiki.mozilla.org/Security/Application_Reputation
  123. pref("browser.safebrowsing.downloads.remote.enabled", false);
  124. pref("browser.safebrowsing.appRepURL", "about:blank");
  125. pref("browser.safebrowsing.provider.mozilla.gethashURL", "about:blank");
  126. pref("browser.safebrowsing.provider.mozilla.updateURL", "about:blank");
  127. pref("browser.safebrowsing.downloads.remote.block_dangerous", false);
  128. pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
  129. pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
  130. pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
  131. pref("browser.safebrowsing.downloads.remote.enabled", false);
  132. pref("browser.safebrowsing.downloads.remote.url", "about:blank");
  133. pref("browser.safebrowsing.provider.google.gethashURL", "about:blank");
  134. pref("browser.safebrowsing.provider.google.updateURL", "about:blank");
  135. pref("browser.safebrowsing.provider.google.lists", "about:blank");
  136.  
  137. // https://bugzilla.mozilla.org/show_bug.cgi?id=1025965
  138. pref("browser.safebrowsing.phishing.enabled", false);
  139. pref("browser.safebrowsing.provider.google4.lists", "about:blank");
  140. pref("browser.safebrowsing.provider.google4.updateURL", "about:blank");
  141. pref("browser.safebrowsing.provider.google4.gethashURL", "about:blank");
  142. pref("browser.safebrowsing.provider.google4.reportURL", "about:blank");
  143. pref("browser.safebrowsing.provider.mozilla.lists", "about:blank");
  144.  
  145. // Disable Microsoft Family Safety MiTM support
  146. // https://bugzilla.mozilla.org/show_bug.cgi?id=1239166
  147. // https://wiki.mozilla.org/SecurityEngineering/Untrusted_Certificates_in_Windows_Child_Mode
  148. // https://hg.mozilla.org/releases/mozilla-release/file/ddb37c386bb2ffa180117b4d30ca3b41a8af233c/security/manager/ssl/nsNSSComponent.cpp#l782
  149. pref("security.family_safety.mode", 0);
  150. // https://bugzilla.mozilla.org/show_bug.cgi?id=1265113
  151. // https://hg.mozilla.org/releases/mozilla-release/rev/d9659c22b3c5
  152. // https://bugzilla.mozilla.org/show_bug.cgi?id=1298883
  153. pref("security.enterprise_roots.enabled", false);
  154.  
  155. //pref("services.sync.privacyURL", "https://www.gnu.org/software/gnuzilla/");
  156. pref("social.enabled", false);
  157. pref("social.remote-install.enabled", false);
  158. pref("datareporting.healthreport.uploadEnabled", false);
  159. pref("datareporting.healthreport.about.reportUrl", "127.0.0.1");
  160. pref("datareporting.healthreport.documentServerURI", "127.0.0.1");
  161. pref("healthreport.uploadEnabled", false);
  162. pref("social.toast-notifications.enabled", false);
  163. pref("datareporting.policy.dataSubmissionEnabled", false);
  164. pref("datareporting.healthreport.service.enabled", false);
  165. pref("browser.slowStartup.notificationDisabled", true);
  166. pref("network.http.sendRefererHeader", 2);
  167. //pref("network.http.referer.spoofSource", true);
  168. //http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy/
  169. //pref("dom.storage.enabled", false);
  170. pref("dom.event.clipboardevents.enabled",false);
  171. pref("network.prefetch-next", false);
  172. pref("network.dns.disablePrefetch", true);
  173. pref("network.http.sendSecureXSiteReferrer", false);
  174. pref("toolkit.telemetry.archive.enabled", false);
  175. pref("toolkit.telemetry.bhrPing.enabled", false);
  176. pref("toolkit.telemetry.enabled", false);
  177. pref("toolkit.telemetry.unified", false);
  178. pref("toolkit.telemetry.newProfilePing.enabled", false);
  179. pref("toolkit.telemetry.firstShutdownPing.enabled", false);
  180. pref("toolkit.telemetry.server", "127.0.0.1");
  181. pref("app.shield.optoutstudies.enabled", false);
  182. pref("experiments.enabled", false);
  183. pref("experiments.manifest.uri", "127.0.0.1");
  184. pref("extensions.pocket.enabled" : false);
  185. pref("extensions.pocket.api", "127.0.0.1");
  186. // Do not tell what plugins do we have enabled: https://mail.mozilla.org/pipermail/firefox-dev/2013-November/001186.html
  187. pref("plugins.enumerable_names", "");
  188. pref("plugin.state.flash", 0);
  189. // Do not autoupdate search engines
  190. pref("browser.search.update", false);
  191. // Warn when the page tries to redirect or refresh
  192. //pref("accessibility.blockautorefresh", true);
  193. pref("dom.battery.enabled", false);
  194. pref("device.sensors.enabled", false);
  195. pref("camera.control.face_detection.enabled", false);
  196. pref("camera.control.autofocus_moving_callback.enabled", false);
  197. pref("network.http.speculative-parallel-limit", 0);
  198. // No search suggestions
  199. pref("browser.urlbar.userMadeSearchSuggestionsChoice", true);
  200. pref("browser.search.suggest.enabled", false);
  201.  
  202. // Crypto hardening
  203. // https://gist.github.com/haasn/69e19fc2fe0e25f3cff5
  204. // General settings
  205. //pref("security.tls.unrestricted_rc4_fallback", false);
  206. //pref("security.tls.insecure_fallback_hosts.use_static_list", false);
  207. //pref("security.tls.version.min", 1);
  208. //pref("security.ssl.require_safe_negotiation", true);
  209. //pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
  210. //pref("security.ssl3.rsa_seed_sha", true);
  211. //pref("security.OCSP.enabled", 1);
  212. //pref("security.OCSP.require", true);
  213.  
  214.  
  215. // WebRTC
  216. pref("media.peerconnection.enabled", false);
  217. pref("media.peerconnection.ice.default_address_only", true);
  218.  
  219. pref("font.default.x-western", "sans-serif");
  220.  
  221. // Preferences for the Get Add-ons panel and search engines
  222. pref("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/GNU_IceCat");
  223. pref("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/GNU_IceCat");
  224. pref("browser.search.searchEnginesURL", "https://directory.fsf.org/wiki/GNU_IceCat");
  225.  
  226. // Mobile
  227. pref("privacy.announcements.enabled", false);
  228. pref("browser.snippets.enabled", false);
  229. pref("browser.snippets.syncPromo.enabled", false);
  230. pref("identity.mobilepromo.android", "https://f-droid.org/repository/browse/?fdid=org.gnu.icecat&");
  231. pref("browser.snippets.geoUrl", "http://127.0.0.1/");
  232. pref("browser.snippets.updateUrl", "http://127.0.0.1/");
  233. pref("browser.snippets.statsUrl", "http://127.0.0.1/");
  234. pref("datareporting.policy.firstRunTime", 0);
  235. pref("datareporting.policy.dataSubmissionPolicyVersion", 2);
  236. pref("browser.webapps.checkForUpdates", 0);
  237. pref("browser.webapps.updateCheckUrl", "http://127.0.0.1/");
  238. pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ");
  239.  
  240. // PFS url
  241. pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");
  242. pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%");
  243.  
  244. // Geolocation depends on third party services
  245. pref("geo.enabled", false);
  246. pref("geo.wifi.uri", "");
  247.  
  248. // Disable heartbeat
  249. pref("browser.selfsupport.url", "");
  250.  
  251. // Disable Link to FireFox Marketplace, currently loaded with non-free "apps"
  252. pref("browser.apps.URL", "");
  253.  
  254. // Use old style preferences, that allow javascript to be disabled
  255. pref("browser.preferences.inContent",false);
  256.  
  257. // Don't download ads for the newtab page
  258. pref("browser.newtabpage.directory.source", "");
  259. pref("browser.newtabpage.directory.ping", "");
  260. pref("browser.newtabpage.introShown", true);
  261.  
  262. // Disable home snippets
  263. pref("browser.aboutHomeSnippets.updateUrl", "data:text/html");
  264.  
  265. // Disable hardware acceleration and WebGL
  266. //pref("layers.acceleration.disabled", false);
  267. pref("webgl.disabled", false);
  268.  
  269. // Disable SSDP
  270. pref("browser.casting.enabled", false);
  271.  
  272. // Disable directory service
  273. pref("social.directories", "");
  274. pref("social.whitelist", "");
  275. pref("social.shareDirectory", "");
  276.  
  277. // Disable Pocket integration
  278. pref("browser.pocket.api", "about:blank");
  279. pref("browser.pocket.enabled", false);
  280. pref("browser.pocket.enabledLocales", "about:blank");
  281. pref("browser.pocket.oAuthConsumerKey", "about:blank");
  282. pref("browser.pocket.site", "about:blank");
  283. pref("browser.pocket.useLocaleList", false);
  284. pref("extensions.pocket.enabled", false);
  285.  
  286. // Do not require xpi extensions to be signed by Mozilla
  287. pref("xpinstall.signatures.required", false);
  288.  
  289. // Disable File and Directory Entries API (Imported from Edge/Chromium)
  290. // https://developer.mozilla.org/en-US/Firefox/Releases/50#Files_and_directories
  291. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API
  292. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Introduction
  293. // https://developer.mozilla.org/en-US/docs/Web/API/File_and_Directory_Entries_API/Firefox_support
  294. // https://bugzilla.mozilla.org/show_bug.cgi?id=1265767
  295. pref("dom.webkitBlink.filesystem.enabled", false);
  296. // https://developer.mozilla.org/en-US/docs/Web/API/HTMLInputElement/webkitdirectory
  297. // https://bugzilla.mozilla.org/show_bug.cgi?id=1258489
  298. // https://hg.mozilla.org/releases/mozilla-release/rev/133af19777be
  299. pref("dom.webkitBlink.dirPicker.enabled", false);
  300.  
  301. // Directory Upload API, webkitdirectory
  302. // https://bugzilla.mozilla.org/show_bug.cgi?id=1188880
  303. // https://bugzilla.mozilla.org/show_bug.cgi?id=907707
  304. // https://wicg.github.io/directory-upload/proposal.html
  305. pref("dom.input.dirpicker", false);
  306.  
  307. // fix alsa sound sandbox issue for iceweasel-58
  308. // https://labs.parabola.nu/issues/1628
  309. pref("security.sandbox.content.syscall_whitelist", "16");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!