diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:54:15 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:54:15 +0000 |
commit | efb091f3a9dd65d11ef918c6407a82a03e2bfbc0 (patch) | |
tree | b54637e5c49634fc0ba6fa9efe9a43ad47226ce9 /debian/local | |
parent | user.js: Setting default timespan to 'last hour' for manual clear. (diff) | |
download | firefox-esr-efb091f3a9dd65d11ef918c6407a82a03e2bfbc0.tar.xz firefox-esr-efb091f3a9dd65d11ef918c6407a82a03e2bfbc0.zip |
user.js: Disabling resist fingerprinting.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/local')
-rw-r--r-- | debian/local/pref/user.js | 114 |
1 files changed, 0 insertions, 114 deletions
diff --git a/debian/local/pref/user.js b/debian/local/pref/user.js index 3c3b3b0861..899f5adb5e 100644 --- a/debian/local/pref/user.js +++ b/debian/local/pref/user.js @@ -53,7 +53,6 @@ 2600: MISCELLANEOUS 2700: ETP (ENHANCED TRACKING PROTECTION) 2800: SHUTDOWN & SANITIZING - 4500: RFP (RESIST FINGERPRINTING) 5000: OPTIONAL OPSEC 5500: OPTIONAL HARDENING 6000: DON'T TOUCH @@ -630,119 +629,6 @@ user_pref("privacy.cpd.siteSettings", true); * which will display a blank value, and are not guaranteed to work ***/ user_pref("privacy.sanitize.timeSpan", 1); -/*** [SECTION 4500]: RFP (RESIST FINGERPRINTING) - RFP covers a wide range of ongoing fingerprinting solutions. - It is an all-or-nothing buy in: you cannot pick and choose what parts you want - [TEST] https://arkenfox.github.io/TZP/tzp.html - - [WARNING] DO NOT USE extensions to alter RFP protected metrics - - 418986 - limit window.screen & CSS media queries (FF41) - 1281949 - spoof screen orientation (FF50) - 1330890 - spoof timezone as UTC0 (FF55) - 1360039 - spoof navigator.hardwareConcurrency as 2 (FF55) - FF56 - 1369303 - spoof/disable performance API - 1333651 - spoof User Agent & Navigator API - version: android version spoofed as ESR - OS: JS spoofed as Windows 10, OS 10.15, Android 10, or Linux | HTTP Headers spoofed as Windows or Android - 1369319 - disable device sensor API - 1369357 - disable site specific zoom - 1337161 - hide gamepads from content - 1372072 - spoof network information API as "unknown" when dom.netinfo.enabled = true - 1333641 - reduce fingerprinting in WebSpeech API - FF57 - 1369309 - spoof media statistics - 1382499 - reduce screen co-ordinate fingerprinting in Touch API - 1217290 & 1409677 - enable some fingerprinting resistance for WebGL - 1382545 - reduce fingerprinting in Animation API - 1354633 - limit MediaError.message to a whitelist - FF58+ - 1372073 - spoof/block fingerprinting in MediaDevices API (FF59) - Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone" - Block: suppresses the ondevicechange event - 1039069 - warn when language prefs are not set to "en*" (also see 0210, 0211) (FF59) - 1222285 & 1433592 - spoof keyboard events and suppress keyboard modifier events (FF59) - Spoofing mimics the content language of the document. Currently it only supports en-US. - Modifier events suppressed are SHIFT and both ALT keys. Chrome is not affected. - 1337157 - disable WebGL debug renderer info (FF60) - 1459089 - disable OS locale in HTTP Accept-Language headers (ANDROID) (FF62) - 1479239 - return "no-preference" with prefers-reduced-motion (FF63) - 1363508 - spoof/suppress Pointer Events (FF64) - 1492766 - spoof pointerEvent.pointerid (FF65) - 1485266 - disable exposure of system colors to CSS or canvas (FF67) - 1494034 - return "light" with prefers-color-scheme (FF67) - 1564422 - spoof audioContext outputLatency (FF70) - 1595823 - return audioContext sampleRate as 44100 (FF72) - 1607316 - spoof pointer as coarse and hover as none (ANDROID) (FF74) - 1621433 - randomize canvas (previously FF58+ returned an all-white canvas) (FF78) - 1506364 - return "no-preference" with prefers-contrast (FF80) - 1653987 - limit font visibility to bundled and "Base Fonts" (Windows, Mac, some Linux) (FF80) - 1461454 - spoof smooth=true and powerEfficient=false for supported media in MediaCapabilities (FF82) - 531915 - use fdlibm's sin, cos and tan in jsmath (FF93, ESR91.1) - 1756280 - enforce navigator.pdfViewerEnabled as true and plugins/mimeTypes as hard-coded values (FF100) - 1692609 - reduce JS timing precision to 16.67ms (previously FF55+ was 100ms) (FF102) - 1422237 - return "srgb" with color-gamut (FF110) - 1794628 - return "none" with inverted-colors (FF114) -***/ -user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs"); -/* 4501: enable privacy.resistFingerprinting - * [SETUP-WEB] RFP can cause some website breakage: mainly canvas, use a site exception via the urlbar - * RFP also has a few side effects: mainly timezone is UTC0, and websites will prefer light theme - * [NOTE] pbmode applies if true and the original pref is false - * [1] https://bugzilla.mozilla.org/418986 ***/ -user_pref("privacy.resistFingerprinting", true); // [FF41+] - // user_pref("privacy.resistFingerprinting.pbmode", true); // [FF114+] -/* 4502: set new window size rounding max values [FF55+] - * [SETUP-CHROME] sizes round down in hundreds: width to 200s and height to 100s, to fit your screen - * [1] https://bugzilla.mozilla.org/1330882 ***/ -user_pref("privacy.window.maxInnerWidth", 1600); -user_pref("privacy.window.maxInnerHeight", 900); -/* 4503: disable mozAddonManager Web API [FF57+] - * [NOTE] To allow extensions to work on AMO, you also need 2662 - * [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1384330,1406795,1415644,1453988 ***/ -user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // [HIDDEN PREF FF57-108] -/* 4504: enable RFP letterboxing [FF67+] - * Dynamically resizes the inner window by applying margins in stepped ranges [2] - * If you use the dimension pref, then it will only apply those resolutions. - * The format is "width1xheight1, width2xheight2, ..." (e.g. "800x600, 1000x1000") - * [SETUP-WEB] This is independent of RFP (4501). If you're not using RFP, or you are but - * dislike the margins, then flip this pref, keeping in mind that it is effectively fingerprintable - * [WARNING] DO NOT USE: the dimension pref is only meant for testing - * [1] https://bugzilla.mozilla.org/1407366 - * [2] https://hg.mozilla.org/mozilla-central/rev/6d2d7856e468#l2.32 ***/ -user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF] - // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF] -/* 4505: experimental RFP [FF91+] - * [WARNING] DO NOT USE unless testing, see [1] comment 12 - * [1] https://bugzilla.mozilla.org/1635603 ***/ - // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid"); -/* 4506: set RFP's font visibility level (1402) [FF94+] ***/ - // user_pref("layout.css.font-visibility.resistFingerprinting", 1); // [DEFAULT: 1] -/* 4510: disable using system colors - * [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/ -user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS] -/* 4511: enforce non-native widget theme - * Security: removes/reduces system API calls, e.g. win32k API [1] - * Fingerprinting: provides a uniform look and feel across platforms [2] - * [1] https://bugzilla.mozilla.org/1381938 - * [2] https://bugzilla.mozilla.org/1411425 ***/ -user_pref("widget.non-native-theme.enabled", true); // [DEFAULT: true] -/* 4512: enforce links targeting new windows to open in a new tab instead - * 1=most recent window or tab, 2=new window, 3=new tab - * Stops malicious window sizes and some screen resolution leaks. - * You can still right-click a link and open in a new window - * [SETTING] General>Tabs>Open links in tabs instead of new windows - * [TEST] https://arkenfox.github.io/TZP/tzp.html#screen - * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881 ***/ -user_pref("browser.link.open_newwindow", 3); // [DEFAULT: 3] -/* 4513: set all open window methods to abide by "browser.link.open_newwindow" (4512) - * [1] https://searchfox.org/mozilla-central/source/dom/tests/browser/browser_test_new_window_from_content.js ***/ -user_pref("browser.link.open_newwindow.restriction", 0); -/* 4520: disable WebGL (Web Graphics Library) - * [SETUP-WEB] If you need it then override it. RFP still randomizes canvas for naive scripts ***/ -user_pref("webgl.disabled", true); - /*** [SECTION 5000]: OPTIONAL OPSEC Disk avoidance, application data isolation, eyeballs... ***/ |