From 0bbdf1f1a862d5acdcb0c2784e20dc7bbab6566f Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:54:34 +0200 Subject: user.js: Trimming syntax checks. Signed-off-by: Daniel Baumann --- debian/local/pref/user.js | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/debian/local/pref/user.js b/debian/local/pref/user.js index f4deaae5dd..3c224e96b7 100644 --- a/debian/local/pref/user.js +++ b/debian/local/pref/user.js @@ -34,18 +34,10 @@ ******/ -/* START: internal custom pref to test for syntax errors - * [NOTE] Not all syntax errors cause parsing to abort i.e. reaching the last debug pref - * no longer necessarily means that all prefs have been applied. Check the console right - * after startup for any warnings/error messages related to non-applied prefs - * [1] https://blog.mozilla.org/nnethercote/2018/03/09/a-new-preferences-parser-for-firefox/ ***/ -user_pref("_user.js.parrot", "START: Oh yes, the Norwegian Blue... what's wrong with it?"); - /* 0000: disable about:config warning ***/ user_pref("browser.aboutConfig.showWarning", false); /*** [SECTION 0100]: STARTUP ***/ -user_pref("_user.js.parrot", "0100 syntax error: the parrot's dead!"); /* 0102: set startup page [SETUP-CHROME] * 0=blank, 1=home, 2=last visited page, 3=resume previous session * [NOTE] Session Restore is cleared with history (2811), and not used in Private Browsing mode @@ -68,7 +60,6 @@ user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false); // user_pref("browser.newtabpage.activity-stream.default.sites", ""); /*** [SECTION 0200]: GEOLOCATION / LANGUAGE / LOCALE ***/ -user_pref("_user.js.parrot", "0200 syntax error: the parrot's definitely deceased!"); /* 0201: use Mozilla geolocation service instead of Google if permission is granted [FF74+] * Optionally enable logging to the console (defaults to false) ***/ user_pref("geo.provider.network.url", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); @@ -80,7 +71,6 @@ user_pref("geo.provider.use_gpsd", false); // [LINUX] user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX] /*** [SECTION 0300]: QUIETER FOX ***/ -user_pref("_user.js.parrot", "0300 syntax error: the parrot's not pinin' for the fjords!"); /** RECOMMENDATIONS ***/ /* 0320: disable recommendation pane in about:addons (uses Google Analytics) ***/ user_pref("extensions.getAddons.showPane", false); // [HIDDEN PREF] @@ -167,7 +157,6 @@ user_pref("network.connectivity-service.enabled", false); [3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work [4] https://educatedguesswork.org/posts/safe-browsing-privacy/ ***/ -user_pref("_user.js.parrot", "0400 syntax error: the parrot's passed on!"); /* 0401: disable SB (Safe Browsing) * [WARNING] Do this at your own risk! These are the master switches * [SETTING] Privacy & Security>Security>... Block dangerous and deceptive content ***/ @@ -195,7 +184,6 @@ user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false); user_pref("browser.safebrowsing.allowOverride", true); /*** [SECTION 0600]: BLOCK IMPLICIT OUTBOUND [not explicitly asked for - e.g. clicked on] ***/ -user_pref("_user.js.parrot", "0600 syntax error: the parrot's no more!"); /* 0601: disable link prefetching * [1] https://developer.mozilla.org/docs/Web/HTTP/Link_prefetching_FAQ ***/ user_pref("network.prefetch-next", false); @@ -216,7 +204,6 @@ user_pref("browser.places.speculativeConnect.enabled", false); // user_pref("browser.send_pings", false); // [DEFAULT: false] /*** [SECTION 0700]: DNS / DoH / PROXY / SOCKS ***/ -user_pref("_user.js.parrot", "0700 syntax error: the parrot's given up the ghost!"); /* 0702: set the proxy server to do any DNS lookups when using SOCKS * e.g. in Tor, this stops your local DNS server from knowing your Tor destination * as a remote Tor node will handle the DNS request @@ -255,7 +242,6 @@ user_pref("network.gio.supported-protocols", ""); // [HIDDEN PREF] user_pref("network.trr.mode", 5); /*** [SECTION 0800]: LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS ***/ -user_pref("_user.js.parrot", "0800 syntax error: the parrot's ceased to be!"); /* 0802: disable location bar domain guessing * domain guessing intercepts DNS "hostname not found errors" and resends a * request (e.g. by adding www or .com). This is inconsistent use (e.g. FQDNs), does not work @@ -308,7 +294,6 @@ user_pref("browser.formfill.enable", false); /*** [SECTION 0900]: PASSWORDS [1] https://support.mozilla.org/kb/use-primary-password-protect-stored-logins-and-pas ***/ -user_pref("_user.js.parrot", "0900 syntax error: the parrot's expired!"); /* 0903: disable auto-filling username & password form fields * can leak in cross-site forms *and* be spoofed * [NOTE] Username & password is still available when you enter the field @@ -330,7 +315,6 @@ user_pref("network.auth.subresource-http-auth-allow", 1); // user_pref("network.http.windows-sso.enabled", false); // [DEFAULT: false] /*** [SECTION 1000]: DISK AVOIDANCE ***/ -user_pref("_user.js.parrot", "1000 syntax error: the parrot's gone to meet 'is maker!"); /* 1005: disable automatic Firefox start and session restore after reboot [FF62+] [WINDOWS] * [1] https://bugzilla.mozilla.org/603903 ***/ user_pref("toolkit.winRegisterApplicationRestart", false); @@ -347,7 +331,6 @@ user_pref("browser.shell.shortcutFavicons", false); [TEST] https://ja3er.com/ [1] https://www.securityartwork.es/2017/02/02/tls-client-fingerprinting-with-bro/ ***/ -user_pref("_user.js.parrot", "1200 syntax error: the parrot's a stiff!"); /** SSL (Secure Sockets Layer) / TLS (Transport Layer Security) ***/ /* 1201: require safe negotiation * Blocks connections to servers that don't support RFC 5746 [2] as they're potentially vulnerable to a @@ -445,7 +428,6 @@ user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true); user_pref("browser.xul.error_pages.expert_bad_cert", true); /*** [SECTION 1400]: FONTS ***/ -user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!"); /* 1402: limit font visibility (Windows, Mac, some Linux) [FF94+] * Uses hardcoded lists with two parts: kBaseFonts + kLangPackFonts [1], bundled fonts are auto-allowed * In normal windows: uses the first applicable: RFP (4506) over TP over Standard @@ -457,7 +439,6 @@ user_pref("_user.js.parrot", "1400 syntax error: the parrot's bereft of life!"); // user_pref("layout.css.font-visibility.trackingprotection", 1); /*** [SECTION 1700]: CONTAINERS ***/ -user_pref("_user.js.parrot", "1700 syntax error: the parrot's bit the dust!"); /* 1701: enable Container Tabs and its UI setting [FF50+] * [SETTING] General>Tabs>Enable Container Tabs * https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers ***/ @@ -469,7 +450,6 @@ user_pref("privacy.userContext.ui.enabled", true); // user_pref("privacy.userContext.newTabContainerOnLeftClick.enabled", true); /*** [SECTION 2000]: PLUGINS / MEDIA / WEBRTC ***/ -user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!"); /* 2004: force exclusion of private IPs from ICE candidates [FF51+] * [SETUP-HARDEN] This will protect your private IP even in TRUSTED scenarios after you * grant device access, but often results in breakage on video-conferencing platforms ***/ @@ -479,12 +459,10 @@ user_pref("_user.js.parrot", "2000 syntax error: the parrot's snuffed it!"); // user_pref("media.gmp-provider.enabled", false); /*** [SECTION 2400]: DOM (DOCUMENT OBJECT MODEL) ***/ -user_pref("_user.js.parrot", "2400 syntax error: the parrot's kicked the bucket!"); /* 2402: prevent scripts from moving and resizing open windows ***/ user_pref("dom.disable_window_move_resize", true); /*** [SECTION 2600]: MISCELLANEOUS ***/ -user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curtain!"); /* 2601: prevent accessibility services from accessing your browser [RESTART] * [1] https://support.mozilla.org/kb/accessibility-services ***/ user_pref("accessibility.force_disabled", 1); @@ -553,7 +531,6 @@ user_pref("extensions.postDownloadThirdPartyPrompt", false); // user_pref("extensions.webextensions.restrictedDomains", ""); /*** [SECTION 2700]: ETP (ENHANCED TRACKING PROTECTION) ***/ -user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!"); /* 2701: enable ETP Strict Mode [FF86+] * ETP Strict Mode enables Total Cookie Protection (TCP) * [NOTE] Adding site exceptions disables all ETP protections for that site and increases the risk of @@ -576,7 +553,6 @@ user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", t user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+] /*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/ -user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!"); /** SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS ***/ /* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME] * This dialog can also be accessed from the menu History>Clear Recent History @@ -603,7 +579,6 @@ user_pref("privacy.sanitize.timeSpan", 1); /*** [SECTION 5000]: OPTIONAL OPSEC Disk avoidance, application data isolation, eyeballs... ***/ -user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow"); /* 5001: start Firefox in PB (Private Browsing) mode * [NOTE] In this mode all windows are "private windows" and the PB mode icon is not displayed * [NOTE] The P in PB mode can be misleading: it means no "persistent" disk state such as history, @@ -697,7 +672,6 @@ user_pref("keyword.enabled", false); Not recommended. Overriding these can cause breakage and performance issues, they are mostly fingerprintable, and the threat model is practically nonexistent ***/ -user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!"); /* 5501: disable MathML (Mathematical Markup Language) [FF51+] * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mathml ***/ // user_pref("mathml.disabled", true); // 1173199 @@ -753,7 +727,6 @@ user_pref("_user.js.parrot", "5500 syntax error: this is an ex-parrot!"); // user_pref("network.http.referer.XOriginPolicy", 2); /*** [SECTION 6000]: DON'T TOUCH ***/ -user_pref("_user.js.parrot", "6000 syntax error: the parrot's 'istory!"); /* 6001: enforce Firefox blocklist * [WHY] It includes updates for "revoked certificates" * [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/ @@ -803,7 +776,6 @@ user_pref("extensions.quarantinedDomains.enabled", true); // [DEFAULT: true] // user_pref("network.protocol-handler.external.ms-windows-store", ""); /*** [SECTION 7000]: DON'T BOTHER ***/ -user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!"); /* 7001: disable APIs * Location-Aware Browsing, Full Screen * [WHY] The API state is easily fingerprintable. @@ -913,7 +885,6 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies [WHY] They are insufficient to help anti-fingerprinting and do more harm than good [WARNING] DO NOT USE with RFP. RFP already covers these and they can interfere ***/ -user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan"); /* 8001: prefsCleaner: reset items useless for anti-fingerprinting ***/ // user_pref("browser.display.use_document_fonts", ""); // user_pref("browser.zoom.siteSpecific", ""); @@ -939,7 +910,6 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan // user_pref("webgl.enable-debug-renderer-info", ""); /*** [SECTION 9000]: NON-PROJECT RELATED ***/ -user_pref("_user.js.parrot", "9000 syntax error: the parrot's cashed in 'is chips!"); /* 9001: disable welcome notices ***/ user_pref("browser.startup.homepage_override.mstone", "ignore"); /* 9002: disable General>Browsing>Recommend extensions/features as you browse [FF67+] ***/ @@ -955,7 +925,6 @@ user_pref("browser.urlbar.showSearchTerms.enabled", false); Documentation denoted as [-]. Items deprecated prior to FF91 have been archived at [1] [1] https://github.com/arkenfox/user.js/issues/123 ***/ -user_pref("_user.js.parrot", "9999 syntax error: the parrot's shuffled off 'is mortal coil!"); /* ESR102.x still uses all the following prefs // [NOTE] replace the * with a slash in the line above to re-enable active ones // FF103 @@ -987,9 +956,6 @@ user_pref("network.cookie.lifetimePolicy", 2); // user_pref("browser.cache.offline.enable", false); // ***/ -/* END: internal custom pref to test for syntax errors ***/ -user_pref("_user.js.parrot", "SUCCESS: No no he's not dead, he's, he's restin'!"); - user_pref("browser.tabs.warnOnClose", true); user_pref("browser.toolbars.bookmarks.visibility", "never"); -- cgit v1.2.3