From b531f1c053fbf7147b5da6b06438f39f90587464 Mon Sep 17 00:00:00 2001 From: Ryan Reed Date: Mon, 10 Jul 2023 18:00:31 -0400 Subject: [PATCH] Clearing cookies on shutdown (use exceptions in FF instead) and cleaning up comments --- .../user-overrides.js.tmpl | 120 +++++------------- 1 file changed, 31 insertions(+), 89 deletions(-) diff --git a/private_dot_mozilla/private_firefox/private_personal-profile.default/user-overrides.js.tmpl b/private_dot_mozilla/private_firefox/private_personal-profile.default/user-overrides.js.tmpl index 5e5b26b..0d38cb5 100644 --- a/private_dot_mozilla/private_firefox/private_personal-profile.default/user-overrides.js.tmpl +++ b/private_dot_mozilla/private_firefox/private_personal-profile.default/user-overrides.js.tmpl @@ -31,133 +31,75 @@ user_pref("extensions.pocket.enabled", false); {{ if (and (hasKey . "firefox") (hasKey .firefox "bookmarks")) }} // PREF: Export bookmarks to HTML automatically when closing Firefox [HIDDEN PREF] user_pref("browser.bookmarks.autoExportHTML", true); -user_pref("browser.bookmarks.file", {{ .firefox.bookmarks | quote }}); +user_pref("browser.bookmarks.file", {{ .firefox.bookmarks | quote }}); user_pref("browser.bookmarks.max_backups", 5); {{- end }} /*** [SECTION 0100]: STARTUP ***/ -/* 0102: set startup page [SETUP-CHROME] - * 0=blank, 1=home, 2=last visited page, 3=resume previous sessio - * [SETTING] Home>New Windows and Tabs>Homepage and new windows ***/ -// Reason: I prefer loading my previous session of tabs -user_pref("browser.startup.page", 3); +/* 0102: set startup page [SETUP-CHROME] */ +user_pref("browser.startup.page", 3); // Resume previous session -/* 0103: set HOME+NEWWINDOW page - * about:home=Firefox Home (default, see 0105), custom URL, about:blank - * [SETTING] Home>New Windows and Tabs>Homepage and new windows ***/ -// Reason: Prefer firefox home/starter page (except sponsored, pocket, etc) -user_pref("browser.startup.homepage", "about:home"); +/* 0103: set HOME+NEWWINDOW page */ +user_pref("browser.startup.homepage", "about:home"); // Use Firefox Home -/* 0104: set NEWTAB page - * true=Firefox Home (default, see 0105), false=blank page - * [SETTING] Home>New Windows and Tabs>New tabs ***/ -// Reason: Prefer firefox home/starter page (except sponsored, pocket, etc) -user_pref("browser.newtabpage.enabled", true); +/* 0104: set NEWTAB page */ +user_pref("browser.newtabpage.enabled", true); // Use New Tab page (for new tabs) /*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/ -/* 0801: disable location bar using search - * Don't leak URL typos to a search engine, give an error message instead - * Examples: "secretplace,com", "secretplace/com", "secretplace com", "secret place.com" - * [NOTE] This does not affect explicit user action such as using search buttons in the - * dropdown, or using keyword search shortcuts you configure in options (e.g. "d" for DuckDuckGo) - * [SETUP-CHROME] Override this if you trust and use a privacy respecting search engine ***/ -user_pref("keyword.enabled", true); +/* 0801: disable location bar using search */ +user_pref("keyword.enabled", true); // Easier searching in the omnibar /*** [SECTION 1000]: DISK AVOIDANCE ***/ -/* 1006: disable favicons in shortcuts - * URL shortcuts use a cached randomly named .ico file which is stored in your - * profile/shortcutCache directory. The .ico remains after the shortcut is deleted - * If set to false then the shortcuts use a generic Firefox icon ***/ -// Reason: Prefer seeing actual favicons -user_pref("browser.shell.shortcutFavicons", true); +/* 1006: disable favicons in shortcuts */ +user_pref("browser.shell.shortcutFavicons", true); // Store actual favicons instead of using generic firefox icons -/*** [SECTION 1600]: HEADERS / REFERERS - full URI: https://example.com:8888/foo/bar.html?id=1234 - scheme+host+port+path: https://example.com:8888/foo/bar.html - scheme+host+port: https://example.com:8888 - [1] https://feeding.cloud.geek.nz/posts/tweaking-referrer-for-privacy-in-firefox/ -***/ - -/* 1601: control when to send a cross-origin referer - * 0=always (default), 1=only if base domains match, 2=only if hosts match - * [SETUP-WEB] Breakage: older modems/routers and some sites e.g banks, vimeo, icloud, instagram - * If "2" is too strict, then override to "0" and use Smart Referer extension (Strict mode + add exceptions) ***/ -// Reason: Some sites don't work without this, may try 1 -user_pref("network.http.referer.XOriginPolicy", 0); +/*** [SECTION 1600]: HEADERS / REFERERS ***/ +/* 1601: control when to send a cross-origin referer */ +user_pref("network.http.referer.XOriginPolicy", 0); // Breaks some sites, Use default always (may try 1 in the future) /*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/ -/* 2022: disable all DRM content (EME: Encryption Media Extension) - * [SETUP-WEB] e.g. Netflix, Amazon Prime, Hulu, HBO, Disney+, Showtime, Starz, DirectTV - * [SETTING] General>DRM Content>Play DRM-controlled content - * [TEST] https://bitmovin.com/demos/drm - * [1] https://www.eff.org/deeplinks/2017/10/drms-dead-canary-how-we-just-lost-web-what-we-learned-it-and-what-we-need-do-next ***/ -// Reason: Breaks various streaming sites -user_pref("media.eme.enabled", true); +/* 2022: disable all DRM content (EME: Encryption Media Extension) */ +user_pref("media.eme.enabled", true); // Enable for DRM streaming site, such as Netflix, YoutubeTV, etc. /*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/ /** SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS ***/ -/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME] - * [NOTE] If "history" is true, downloads will also be cleared - * [NOTE] "sessions": Active Logins: refers to HTTP Basic Authentication [1], not logins via cookies - * [1] https://en.wikipedia.org/wiki/Basic_access_authentication ***/ -// Reason: Prefer to not clear cache -user_pref("privacy.clearOnShutdown.cache", false); // [DEFAULT: true] -// Reason: Prefer not to clear my history -user_pref("privacy.clearOnShutdown.history", false); // [DEFAULT: true] -// Reason: Prefer to have my sessions restored -user_pref("privacy.clearOnShutdown.sessions", false); // [DEFAULT: true] - +/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME] */ +// user_pref("privacy.clearOnShutdown.cache", false); // [DEFAULT: true] +user_pref("privacy.clearOnShutdown.history", false); // [DEFAULT: true] // Keep history between sessions +user_pref("privacy.clearOnShutdown.sessions", false); // [DEFAULT: true] // Keep session (for restore) /** SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ ***/ -/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME] - * [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note below). - * serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for - * both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on) - * [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache) - * [WARNING] Be selective with what sites you "Allow", as they also disable partitioning (1767271) - * [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question) - * [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/ -user_pref("privacy.clearOnShutdown.cookies", false); // Cookies +/* 2815: set "Cookies" and "Site Data" to clear on shutdown (if 2810 is true) [SETUP-CHROME] */ +// user_pref("privacy.clearOnShutdown.cookies", false); // Cookies /** SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS ***/ -/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME] - * This dialog can also be accessed from the menu History>Clear Recent History - * Firefox remembers your last choices. This will reset them when you start Firefox - * [NOTE] Regardless of what you set "downloads" to, as soon as the dialog - * for "Clear Recent History" is opened, it is synced to the same as "history" ***/ +/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME] */ // user_pref("privacy.cpd.cache", false); // [DEFAULT: true] // user_pref("privacy.cpd.history", false); // [DEFAULT: true] // user_pref("privacy.cpd.sessions", false); // [DEFAULT: true] // user_pref("privacy.cpd.cookies", false); -/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING) -/* 4501: enable privacy.resistFingerprinting [FF41+] - * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a site exception via the urlbar - * RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme - * [1] https://bugzilla.mozilla.org/418986 ***/ -// Reason: Still using the arkenfox setting, causes sites to be unable to detect system theme (dark vs light) +/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING) ***/ + +/* 4501: enable privacy.resistFingerprinting [FF41+] */ +// Still using the arkenfox setting - causes sites to be unable to detect system theme (dark vs light) and timezone // user_pref("privacy.resistFingerprinting", false); -/* 4504: enable RFP letterboxing [FF67+] - * Dynamically resizes the inner window by applying margins in stepped ranges [2] - * If you use the dimension pref, then it will only apply those resolutions. - * The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000") - * [SETUP-WEB] This is independent of RFP (4501). If you're not using RFP, or you are but - * dislike the margins, then flip this pref, keeping in mind that it is effectively fingerprintable - * [WARNING] DO NOT USE: the dimension pref is only meant for testing - * [1] https://bugzilla.mozilla.org/1407366 - * [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/ +/* 4504: enable RFP letterboxing [FF67+] */ // Reason: Disabled as this really makes video players and sites take up much less space // This is likely due to privacy.window.maxInnerWidth and Height needing to be manually set based on resolution user_pref("privacy.resistFingerprinting.letterboxing", false); // [HIDDEN PREF] + +/* 4520: disable WebGL (Web Graphics Library) */ +user_pref("webgl.disabled", false); // Web games may require webgl (e.g. itch.io games)