diff --git a/flake.lock b/flake.lock index 6e057f5..fa1636b 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1709223815, - "narHash": "sha256-rJVzCcmaz8nBBLaUR2fzjq5fWwgey5BDT0Sb06Ltgi8=", + "lastModified": 1709288206, + "narHash": "sha256-m2XAuQL8ZWPi3dd3cG+lryWrL68TQrctEgSZ4r7SL1Q=", "owner": "Aylur", "repo": "ags", - "rev": "83656429d02028a57273e257816ebb286d7a648d", + "rev": "8f8e6d3717f7217b3b37698fe04b1d4ad21265c8", "type": "github" }, "original": { @@ -56,28 +56,6 @@ } }, "crane_2": { - "inputs": { - "nixpkgs": [ - "schizofox", - "searx-randomizer", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1701386725, - "narHash": "sha256-w4aBlMYh9Y8co1V80m5LzEKMijUJ7CBTq209WbqVwUU=", - "owner": "ipetkov", - "repo": "crane", - "rev": "8b9bad9b30bd7a9ed08782e64846b7485f9d0a38", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_3": { "inputs": { "nixpkgs": [ "zjstatus", @@ -85,11 +63,11 @@ ] }, "locked": { - "lastModified": 1708560786, - "narHash": "sha256-gcTA/iq9mfrwGPQsoxVryWhCAgBwL2GJLGO/s06/0wY=", + "lastModified": 1708794349, + "narHash": "sha256-jX+B1VGHT0ruHHL5RwS8L21R6miBn4B6s9iVyUJsJJY=", "owner": "ipetkov", "repo": "crane", - "rev": "9a5972e2e8d0b1716cc4e42af8b75eca6914fbff", + "rev": "2c94ff9a6fbeb9f3ea0107f28688edbe9c81deaa", "type": "github" }, "original": { @@ -107,11 +85,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1709265832, - "narHash": "sha256-8xugHXnVw4UPMVvjXV8xEhXNStLgH3z8FCO0Cn1kLEc=", + "lastModified": 1709352230, + "narHash": "sha256-7NfxOTEz15jHLxIRYS9WU4+PO0fypxJ/kkHC682Lhr0=", "owner": "rycee", "repo": "nur-expressions", - "rev": "22e635035e2a682b7ecde732b575ad452a2a4252", + "rev": "c13d9ef669a370fd70e6732e295513cd7342b20d", "type": "gitlab" }, "original": { @@ -151,22 +129,6 @@ "type": "github" } }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" @@ -206,45 +168,6 @@ "type": "github" } }, - "flake-parts_3": { - "inputs": { - "nixpkgs-lib": [ - "schizofox", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1706830856, - "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_4": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib_3" - }, - "locked": { - "lastModified": 1698882062, - "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, "flake-utils": { "locked": { "lastModified": 1629284811, @@ -301,11 +224,11 @@ "systems": "systems_6" }, "locked": { - "lastModified": 1705309234, - "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { @@ -361,11 +284,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1709258251, - "narHash": "sha256-yCNKsbZvreaCoeORuQJfY/QN5Q8F+lJPqttoor9UTlA=", + "lastModified": 1709365644, + "narHash": "sha256-NuGjkskwP5TIkNOrZRDNeOOWUMpd0twV4qgkiTyv9P8=", "owner": "helix-editor", "repo": "helix", - "rev": "44db25939c9361272660854878eb2fc18fcf08e8", + "rev": "d769fadde085169c26a850966a6d5d8da7cc1c12", "type": "github" }, "original": { @@ -374,33 +297,6 @@ "type": "github" } }, - "hercules-ci-effects": { - "inputs": { - "flake-parts": [ - "schizofox", - "nixpak", - "flake-parts" - ], - "nixpkgs": [ - "schizofox", - "nixpak", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1704029560, - "narHash": "sha256-a4Iu7x1OP+uSYpqadOu8VCPY+MPF3+f6KIi+MAxlgyw=", - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "rev": "d5cbf433a6ae9cae05400189a8dbc6412a03ba16", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -442,27 +338,6 @@ "type": "github" } }, - "home-manager_3": { - "inputs": { - "nixpkgs": [ - "schizofox", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1708591310, - "narHash": "sha256-8mQGVs8JccWTnORgoLOTh9zvf6Np+x2JzhIc+LDcJ9s=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "0e0e9669547e45ea6cca2de4044c1a384fd0fe55", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, "hypridle": { "inputs": { "hyprlang": "hyprlang", @@ -497,11 +372,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1709243510, - "narHash": "sha256-e47KWaUGQc+JLUABYdG0eCeqY1fFf1xGvakpKcdOP9c=", + "lastModified": 1709344015, + "narHash": "sha256-R8ribue2QDmjk3DnLVPIi4MYLkJN/wvBKTXGJAERE8Y=", "owner": "hyprwm", "repo": "hyprland", - "rev": "f590505daf90dfb4059289a906863b59663e70a6", + "rev": "7ce781e87cf7cf789a54d37af7d78f1c11d66dbc", "type": "github" }, "original": { @@ -517,11 +392,11 @@ ] }, "locked": { - "lastModified": 1708270226, - "narHash": "sha256-PCsEiFKBDZ1VKw8rlo8D/J+22gic7ls5zDWcU3AAxGQ=", + "lastModified": 1709300669, + "narHash": "sha256-tUW/Qzg0VGWuS+pMt/cppIOmWPwbYZ/F1oRnl3TRNZs=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "f99822818ec8276cfd6ec99ab60c4708c9884e3d", + "rev": "755e47790c9df11cf766370976ac2d824dd5a7f8", "type": "github" }, "original": { @@ -647,11 +522,11 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1709217267, - "narHash": "sha256-vnRuNnl3wShw8niURflAPjpmQ2KQ1a1Ft/yg8uPmPiU=", + "lastModified": 1709336984, + "narHash": "sha256-NBWWH3Uot2ZYbELwtVTe5Jt7W/PgLoMKR+0dgZHwCFA=", "owner": "hyprwm", "repo": "hyprlock", - "rev": "ac757cf7aba53870da09bcc280ad5e32d355587b", + "rev": "fa2a875e339a3f554ea2fb2c0a8bbc7098b01e71", "type": "github" }, "original": { @@ -799,11 +674,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1709172715, - "narHash": "sha256-UNxQ6dR5gK6CEJumKhnqdyoHpMMjr+yl92VSZ8Hgll8=", + "lastModified": 1709324835, + "narHash": "sha256-CSuX2DsADgc2jCkEcP6OSWjgGZCw4+Q2/TEPegsTj3s=", "owner": "NotAShelf", "repo": "nix-gaming", - "rev": "0a3ff7911bada339d842ed87e7543b25e645fa1b", + "rev": "c46aea8d46f3c97f7b47c3951ce66227d5409244", "type": "github" }, "original": { @@ -812,32 +687,6 @@ "type": "github" } }, - "nixpak": { - "inputs": { - "flake-parts": [ - "schizofox", - "flake-parts" - ], - "hercules-ci-effects": "hercules-ci-effects", - "nixpkgs": [ - "schizofox", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1708597894, - "narHash": "sha256-KxpKOBDGPJ76k37vLukYHp/wd7U4DoUVIvy8atHfy/k=", - "owner": "nixpak", - "repo": "nixpak", - "rev": "535dd408c4b19f407bc22e42eb32ccb9256e5865", - "type": "github" - }, - "original": { - "owner": "nixpak", - "repo": "nixpak", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1708475490, @@ -887,24 +736,6 @@ "type": "github" } }, - "nixpkgs-lib_3": { - "locked": { - "dir": "lib", - "lastModified": 1698611440, - "narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735", - "type": "github" - }, - "original": { - "dir": "lib", - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1708819810, @@ -987,11 +818,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1709150264, - "narHash": "sha256-HofykKuisObPUfj0E9CJVfaMhawXkYx3G8UIFR/XQ38=", + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", "owner": "nixos", "repo": "nixpkgs", - "rev": "9099616b93301d5cf84274b184a3a5ec69e94e08", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", "type": "github" }, "original": { @@ -1018,11 +849,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1708564076, - "narHash": "sha256-KKkqoxlgx9n3nwST7O2kM8tliDOijiSSNaWuSkiozdQ=", + "lastModified": 1709294055, + "narHash": "sha256-7EECkQYoNKJZOf2+miJdrMpxpvsn/qZFwIhUI3fQpLs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "98b00b6947a9214381112bdb6f89c25498db4959", + "rev": "ec869190b56a1b4677d24a8bdbcfe80ccea2ece6", "type": "github" }, "original": { @@ -1044,11 +875,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1709277403, - "narHash": "sha256-xEpCiFOeu9Th0NUPUbsBncDKnXQd+A4XZd6r/FJ6dQw=", + "lastModified": 1709303299, + "narHash": "sha256-sBMl8/pvsuRHOre2wu3du9eQmk5K8rGHi/+noz4c3lg=", "owner": "nix-community", "repo": "nixvim", - "rev": "8c0bdb17e980b2ca64860e309ce601dd92ce0c51", + "rev": "ec687c5adefed06a70c91c002fcbcbcd2cb40005", "type": "github" }, "original": { @@ -1103,7 +934,6 @@ "nix-gaming": "nix-gaming", "nixpkgs": "nixpkgs_6", "nixvim": "nixvim", - "schizofox": "schizofox", "sops-nix": "sops-nix", "ssbm-nix": "ssbm-nix", "zjstatus": "zjstatus" @@ -1146,11 +976,11 @@ ] }, "locked": { - "lastModified": 1708567842, - "narHash": "sha256-tJmra4795ji+hWZTq9UfbHISu+0/V8kdfAj2VYFk6xc=", + "lastModified": 1709259239, + "narHash": "sha256-MbrpgqpvUND7+UnOSLazrAMj0+zle16RRiOKTtjBefw=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "0b5394f1da0e50715d36a22d4912cb3b02e6b72a", + "rev": "0e031ddb3f5a339dc6eda93d271ae43618b14eec", "type": "github" }, "original": { @@ -1159,54 +989,6 @@ "type": "github" } }, - "schizofox": { - "inputs": { - "flake-compat": "flake-compat_3", - "flake-parts": "flake-parts_3", - "home-manager": "home-manager_3", - "nixpak": "nixpak", - "nixpkgs": [ - "nixpkgs" - ], - "searx-randomizer": "searx-randomizer" - }, - "locked": { - "lastModified": 1708599757, - "narHash": "sha256-I8cZfd7hvHg2slmXeG4zR4bln0K4oxuJXm/fUwrXrDU=", - "owner": "schizofox", - "repo": "schizofox", - "rev": "cc1d66889d057c57011487db77c926fc101fb4ff", - "type": "github" - }, - "original": { - "owner": "schizofox", - "repo": "schizofox", - "type": "github" - } - }, - "searx-randomizer": { - "inputs": { - "crane": "crane_2", - "flake-parts": "flake-parts_4", - "nixpkgs": [ - "schizofox", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1704412376, - "narHash": "sha256-Ap/AudJxCYBDWYy0lyqP0/FZYJCibL7jKkoj6hp1WS0=", - "owner": "schizofox", - "repo": "searx-randomizer", - "rev": "c36a473732ba6b4f6024ac1c181631cf4d542b17", - "type": "github" - }, - "original": { - "owner": "schizofox", - "repo": "searx-randomizer", - "type": "github" - } - }, "slippi-desktop": { "flake": false, "locked": { @@ -1410,17 +1192,17 @@ }, "zjstatus": { "inputs": { - "crane": "crane_3", + "crane": "crane_2", "flake-utils": "flake-utils_4", "nixpkgs": "nixpkgs_8", "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1709051848, - "narHash": "sha256-SFm8Q2E2oSqzt9lL8RGL9nYHFE9OUSvhWD6BOS8y9A0=", + "lastModified": 1709333939, + "narHash": "sha256-9nuqbIaioEYySZLgsYCTwUYHgKdseckCtD7vgNluA44=", "owner": "dj95", "repo": "zjstatus", - "rev": "2d37d1bd28e92232541c8bff76eb3ddb7a42a0cc", + "rev": "584fa99d44a63db24f7ac999fbc9903acf2d5b5f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0de1c63..a8f7c35 100644 --- a/flake.nix +++ b/flake.nix @@ -26,10 +26,10 @@ url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; }; - schizofox = { - url = "github:schizofox/schizofox"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + # schizofox = { + # url = "github:schizofox/schizofox"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; hyprwm-contrib = { url = "github:hyprwm/contrib"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/home/modules/desktop/browser/default.nix b/home/modules/desktop/browser/default.nix index ead3948..d3d0869 100644 --- a/home/modules/desktop/browser/default.nix +++ b/home/modules/desktop/browser/default.nix @@ -3,7 +3,7 @@ imports = [ ./firefox - ./schizofox + # ./schizofox #./chrome -- still needs to be implemented #./brave -- still needs tio be implemented ]; diff --git a/home/modules/desktop/browser/firefox/default.nix b/home/modules/desktop/browser/firefox/default.nix index 727cdf5..4c7638e 100644 --- a/home/modules/desktop/browser/firefox/default.nix +++ b/home/modules/desktop/browser/firefox/default.nix @@ -22,75 +22,7 @@ in stylus surfingkeys ]; - settings = { - - #Basic Settings - "browser.disableResetPrompt" = true; - "toolkit.legacyUserProfileCustomizations.stylesheets" = true; - "browser.cache.disk.enable" = false; - "browser.cache.memory.enable" = true; - "browser.cache.memory.capacity" = 524288; - "browser.sessionstore.interval" = 15000000; - "extensions.pocket.enabled" = false; - "reader.parse-on-load.enabled" = false; - "accessibility.force_disabled" = 1; - "browser.helperApps.deleteTempFileOnExit" = true; - "browser.uitour.enabled" = false; - - #Startup - "browser.newtabpage.activity-stream.showSponsored" = false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; - "browser.newtabpage.activity-stream.default.sites" = ""; - "browser.aboutConfig.showWarning" = false; - - #Disable recommendations - "extensions.getAddons.showPane" = false; - "extensions.htmlaboutaddons.recommendations.enabled" = false; - "browser.discovery.enabled" = false; - - #Telemetry - "datareporting.policy.dataSubmissionEnabled" = false; - "datareporting.healthreport.uploadEnabled" = false; - "toolkit.telemetry.unified" = false; - "toolkit.telemetry.enabled" = false; - "toolkit.telemetry.server" = "data:,"; - "toolkit.telemetry.archive.enabled" = false; - "toolkit.telemetry.newProfilePing.enabled" = false; - "toolkit.telemetry.shutdownPingSender.enabled" = false; - "toolkit.telemetry.updatePing.enabled" = false; - "toolkit.telemetry.bhrPing.enabled" = false; - "toolkit.telemetry.firstShutdownPing.enabled" = false; - "toolkit.telemetry.coverage.opt-out" = true; - "toolkit.coverage.opt-out" = true; - "toolkit.coverage.endpoint.base" = ""; - "browser.ping-centre.telemetry" = false; - "browser.newtabpage.activity-stream.feeds.telemetry" = false; - "browser.newtabpage.activity-stream.telemetry" = false; - "toolkit.telemetry.reportingpolicy.firstRun" = false; - "toolkit.telemetry.shutdownPingSender.enabledFirstsession" = false; - "browser.vpn_promo.enabled" = false; - "app.shield.optoutstudies.enabled" = false; - "app.normandy.enabled" = false; - "app.normandy.api_url" = ""; - - #Crash Reports - "breakpad.reportURL" = ""; - "browser.tabs.crashReporting.sendReport" = false; - "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; - - #Other - "captivedetect.canonicalURL" = ""; - "network.captive-portal-service.enabled" = false; - "network.connectivity-service.enabled" = false; - - #Geolocation - "geo.provider.network.url" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; - "geo.provider.use_gpsd" = false; - "geo.provider.use_geoclue" = false; - - #Calculator - "browser.urlbar.suggest.calculator" = true; - }; + settings = import ./ooksJs.nix; userChrome = '' diff --git a/home/modules/desktop/browser/firefox/narsilUserjs.nix b/home/modules/desktop/browser/firefox/narsilUserjs.nix new file mode 100644 index 0000000..423ca4b --- /dev/null +++ b/home/modules/desktop/browser/firefox/narsilUserjs.nix @@ -0,0 +1,1048 @@ +{ +# https:#git.nixnet.services/Narsil/desktop_user.js +# Author : Narsil : https:#git.nixnet.services/Narsil + +# Based on : arkenfox : https:#github.com/arkenfox/user.js + +# License : https:#git.nixnet.services/Narsil/desktop_user.js/raw/branch/master/LICENSE + +# Disable about:config warning +"browser.aboutConfig.showWarning" = false; + +# STARTUP + +# Disable default browser check +"browser.shell.checkDefaultBrowser" = false; + +# Set startup page [SETUP-CHROME] +# 0=blank = 1=home = 2=last visited page = 3=resume previous session +"browser.startup.page" = 0; + +# Set HOME+NEWWINDOW page +"browser.startup.homepage" = "about:blank"; + +# Set NEWTAB page +# true=Activity Stream (default) = false=blank page +"browser.newtabpage.enabled" = false; + +# Disable sponsored content on Firefox Home (Activity Stream) +"browser.newtabpage.activity-stream.showSponsored" = false; # [FF58+] Pocket > Sponsored Stories +"browser.newtabpage.activity-stream.showSponsoredTopSites" = false; # [FF83+] Sponsored shortcuts + +# Clear default topsites +"browser.newtabpage.activity-stream.default.sites" = ""; +"browser.topsites.contile.enabled" = false; +"browser.topsites.useRemoteSetting" = false; + +# GEOLOCATION + +# Use Mozilla geolocation service instead of Google if permission is granted [FF74+] +"geo.provider.network.url" = ""; +#"geo.provider.network.logging.enabled" = true; # [HIDDEN PREF] + +# Disable using the OS's geolocation service +"geo.provider.use_gpsd" = false; # [LINUX] [HIDDEN PREF] +"geo.provider.geoclue.always_high_accuracy" = false; # [LINUX] +"geo.provider.use_geoclue" = false; # [FF102+] [LINUX] + +# Disable region updates +"browser.region.network.url" = ""; # [FF78+] Defense-in-depth +"browser.region.update.enabled" = false; # [FF79+] + +# QUIETER FOX + +# Disable recommendation pane in about:addons (uses Google Analytics) +"extensions.getAddons.showPane" = false; # [HIDDEN PREF] + +# Disable recommendations in about:addons' Extensions and Themes panes [FF68+] +"extensions.htmlaboutaddons.recommendations.enabled" = false; + +# Disable personalized Extension Recommendations in about:addons and AMO [FF65+] +"browser.discovery.enabled" = false; + +# Disable shopping experience [FF116+] +"browser.shopping.experience2023.enabled" = false; # [DEFAULT: false] +"browser.shopping.experience2023.opted" = 2; +"browser.shopping.experience2023.active" = false; + +# TELEMETRY + +# Disable new data submission [FF41+] +"datareporting.policy.dataSubmissionEnabled" = false; + +# Disable Health Reports +"datareporting.healthreport.uploadEnabled" = false; + +# Disable telemetry +"toolkit.telemetry.unified" = false; +"toolkit.telemetry.enabled" = false; # see [NOTE] +"toolkit.telemetry.server" = "data:,"; +"toolkit.telemetry.archive.enabled" = false; +"toolkit.telemetry.newProfilePing.enabled" = false; # [FF55+] +"toolkit.telemetry.shutdownPingSender.enabled" = false; # [FF55+] +"toolkit.telemetry.updatePing.enabled" = false; # [FF56+] +"toolkit.telemetry.bhrPing.enabled" = false; # [FF57+] Background Hang Reporter +"toolkit.telemetry.firstShutdownPing.enabled" = false; # [FF57+] + +# Skip checking omni.ja and other files +"corroborator.enabled" = false; + +# Disable Telemetry Coverage +"toolkit.telemetry.coverage.opt-out" = true; # [HIDDEN PREF] +"toolkit.coverage.opt-out" = true; # [FF64+] [HIDDEN PREF] +"toolkit.coverage.endpoint.base" = ""; + +# Disable PingCentre telemetry (used in several System Add-ons) [FF57+] +"browser.ping-centre.telemetry" = false; + +# Disable Firefox Home (Activity Stream) telemetry +"browser.newtabpage.activity-stream.feeds.telemetry" = false; +"browser.newtabpage.activity-stream.telemetry" = false; + +# Disable WebVTT logging and test events +"media.webvtt.debug.logging" = false; +"media.webvtt.testing.events" = false; + +# Disable send content blocking log to about:protections +"browser.contentblocking.database.enabled" = false; + +# Disable celebrating milestone toast when certain numbers of trackers are blocked +"browser.contentblocking.cfr-milestone.enabled" = false; + +# Disable Default Browser Agent +"default-browser-agent.enabled" = false; # [WINDOWS] + +# STUDIES + +# Disable Studies +"app.shield.optoutstudies.enabled" = false; + +# Disable Normandy/Shield [FF60+] +"app.normandy.enabled" = false; +"app.normandy.api_url" = ""; + +# CRASH REPORTS + +# Disable Crash Reports +"breakpad.reportURL" = ""; +"browser.tabs.crashReporting.sendReport" = false; # [FF44+] +#"browser.crashReports.unsubmittedCheck.enabled" = false; # [FF51+] [DEFAULT: false] + +# Enforce no submission of backlogged Crash Reports [FF58+] +"browser.crashReports.unsubmittedCheck.autoSubmit2" = false; # [DEFAULT: false] + +# OTHER + +# Disable Captive Portal detection +"captivedetect.canonicalURL" = ""; +"network.captive-portal-service.enabled" = false; # [FF52+] + +# Disable Network Connectivity checks [FF65+] +"network.connectivity-service.enabled" = false; + +# Disable contentblocking reports +"browser.contentblocking.reportBreakage.url" = ""; +"browser.contentblocking.report.cookie.url" = ""; +"browser.contentblocking.report.cryptominer.url" = ""; +"browser.contentblocking.report.fingerprinter.url" = ""; +"browser.contentblocking.report.lockwise.enabled" = false; +"browser.contentblocking.report.lockwise.how_it_works.url" = ""; +"browser.contentblocking.report.manage_devices.url" = ""; +"browser.contentblocking.report.monitor.enabled" = false; +"browser.contentblocking.report.monitor.how_it_works.url" = ""; +"browser.contentblocking.report.monitor.sign_in_url" = ""; +"browser.contentblocking.report.monitor.url" = ""; +"browser.contentblocking.report.proxy.enabled" = false; +"browser.contentblocking.report.proxy_extension.url" = ""; +"browser.contentblocking.report.social.url" = ""; +"browser.contentblocking.report.tracker.url" = ""; +"browser.contentblocking.report.endpoint_url" = ""; +"browser.contentblocking.report.monitor.home_page_url" = ""; +"browser.contentblocking.report.monitor.preferences_url" = ""; +"browser.contentblocking.report.vpn.enabled" = false; +"browser.contentblocking.report.hide_vpn_banner" = true; +"browser.contentblocking.report.show_mobile_app" = false; +"browser.vpn_promo.enabled" = false; +"browser.promo.focus.enabled" = false; + +# Block unwanted connections +"app.feedback.baseURL" = ""; +"app.support.baseURL" = ""; +"app.releaseNotesURL" = ""; +"app.update.url.details" = ""; +"app.update.url.manual" = ""; +"app.update.staging.enabled" = false; + +# Remove default handlers and translation engine +"gecko.handlerService.schemes.mailto.0.uriTemplate" = ""; +"gecko.handlerService.schemes.mailto.0.name" = ""; +"gecko.handlerService.schemes.mailto.1.uriTemplate" = ""; +"gecko.handlerService.schemes.mailto.1.name" = ""; +"gecko.handlerService.schemes.irc.0.uriTemplate" = ""; +"gecko.handlerService.schemes.irc.0.name" = ""; +"gecko.handlerService.schemes.ircs.0.uriTemplate" = ""; +"gecko.handlerService.schemes.ircs.0.name" = ""; +"browser.translation.engine" = ""; + +# Disable connections to Mozilla servers +"services.settings.server" = ""; + +# SAFE BROWSING (SB) + +# Disable SB (Safe Browsing) +"browser.safebrowsing.malware.enabled" = false; +"browser.safebrowsing.phishing.enabled" = false; +"browser.safebrowsing.passwords.enabled" = false; +"browser.safebrowsing.allowOverride" = false; + +# Disable SB checks for downloads (both local lookups + remote) +"browser.safebrowsing.downloads.enabled" = false; + +# Disable SB checks for downloads (remote) +"browser.safebrowsing.downloads.remote.enabled" = false; +"browser.safebrowsing.downloads.remote.url" = ""; + +# Disable SB checks for unwanted software +"browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false; +"browser.safebrowsing.downloads.remote.block_uncommon" = false; + +# Disable "ignore this warning" on SB warnings [FF45+] +#"browser.safebrowsing.allowOverride" = false; + +# Google connections +"browser.safebrowsing.downloads.remote.block_dangerous" = false; +"browser.safebrowsing.downloads.remote.block_dangerous_host" = false; +"browser.safebrowsing.provider.google.updateURL" = ""; +"browser.safebrowsing.provider.google.gethashURL" = ""; +"browser.safebrowsing.provider.google4.updateURL" = ""; +"browser.safebrowsing.provider.google4.gethashURL" = ""; +"browser.safebrowsing.provider.google.reportURL" = ""; +"browser.safebrowsing.reportPhishURL" = ""; +"browser.safebrowsing.provider.google4.reportURL" = ""; +"browser.safebrowsing.provider.google.reportMalwareMistakeURL" = ""; +"browser.safebrowsing.provider.google.reportPhishMistakeURL" = ""; +"browser.safebrowsing.provider.google4.reportMalwareMistakeURL" = ""; +"browser.safebrowsing.provider.google4.reportPhishMistakeURL" = ""; +"browser.safebrowsing.provider.google4.dataSharing.enabled" = false; +"browser.safebrowsing.provider.google4.dataSharingURL" = ""; +"browser.safebrowsing.provider.google.advisory" = ""; +"browser.safebrowsing.provider.google.advisoryURL" = ""; +# "browser.safebrowsing.provider.google.gethashURL" = ""; +"browser.safebrowsing.provider.google4.advisoryURL" = ""; +"browser.safebrowsing.blockedURIs.enabled" = false; +"browser.safebrowsing.provider.mozilla.gethashURL" = ""; +"browser.safebrowsing.provider.mozilla.updateURL" = ""; + +# BLOCK IMPLICIT OUTBOUND + +# Disable link prefetching +"network.prefetch-next" = false; + +# Disable DNS prefetching +"network.dns.disablePrefetch" = true; +#"network.dns.disablePrefetchFromHTTPS" = true; # [DEFAULT: true] + +# Disable predictor / prefetching +"network.predictor.enabled" = false; +"network.predictor.enable-prefetch" = false; # [FF48+] [DEFAULT: false] + +# Disable link-mouseover opening connection to linked server +"network.http.speculative-parallel-limit" = 0; + +# Disable mousedown speculative connections on bookmarks and history [FF98+] +"browser.places.speculativeConnect.enabled" = false; + +# Enforce no "Hyperlink Auditing" (click tracking) +#"browser.send_pings" = false; # [DEFAULT: false] + +# DNS / DoH / PROXY / SOCKS + +# Set the proxy server to do any DNS lookups when using SOCKS +"network.proxy.socks_remote_dns" = true; + +# Disable using UNC (Uniform Naming Convention) paths [FF61+] +"network.file.disable_unc_paths" = true; # [HIDDEN PREF] + +# Disable GIO as a potential proxy bypass vector +"network.gio.supported-protocols" = ""; # [HIDDEN PREF] [DEFAULT: "" FF118+] + +# Disable proxy direct failover for system requests [FF91+] +#"network.proxy.failover_direct" = false; + +# Disable proxy bypass for system request failures [FF95+] +#"network.proxy.allow_bypass" = false; + +# Disable DNS-over-HTTPS (DoH)[FF60+] +"network.trr.mode" = 5; +"network.trr.confirmationNS" = ""; + +# Disable skipping DoH when parental controls are enabled +"network.trr.uri" = ""; +"network.trr.custom_uri" = ""; + +# LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS + +# Disable location bar making speculative connections [FF56+] +"browser.urlbar.speculativeConnect.enabled" = false; + +# Disable location bar contextual suggestions +"browser.urlbar.suggest.quicksuggest.nonsponsored" = false; # [FF95+] +"browser.urlbar.suggest.quicksuggest.sponsored" = false; # [FF92+] + +# Disable live search suggestions +"browser.search.suggest.enabled" = false; +"browser.urlbar.suggest.searches" = false; + +# Disable urlbar trending search suggestions [FF118+] +"browser.urlbar.trending.featureGate" = false; + +# Disable urlbar suggestions +"browser.urlbar.addons.featureGate" = false; # [FF115+] +"browser.urlbar.mdn.featureGate" = false; # [FF117+] [HIDDEN PREF] +"browser.urlbar.pocket.featureGate" = false; # [FF116+] [DEFAULT: false] +"browser.urlbar.weather.featureGate" = false; # [FF108+] [DEFAULT: false] + +# Disable urlbar clipboard suggestions [FF118+] +#"browser.urlbar.clipboard.featureGate" = false; # [DEFAULT: false] + +# Disable search and form history +"browser.formfill.enable" = false; + +# Disable tab-to-search [FF85+] +"browser.urlbar.suggest.engines" = false; + +# Disable coloring of visited links +"layout.css.visited_links_enabled" = false; + +# Enable separate default search engine in Private Windows and its UI setting +"browser.search.separatePrivateDefault" = true; # [FF70+] +"browser.search.separatePrivateDefault.ui.enabled" = true; # [FF71+] + +# Disable merino +"browser.urlbar.merino.enabled" = false; + +# PASSWORDS +# +# Disable saving passwords and password alerts. +"signon.rememberSignons" = false; +"signon.generation.enabled" = false; +"signon.management.page.breach-alerts.enabled" = false; +"signon.management.page.breachAlertUrl" = ""; + +# Set when Firefox should prompt for the primary password +# 0=once per session (default) = 1=every time it's needed = 2=after n minutes +"security.ask_for_password" = 2; + +# Set how long in minutes Firefox should remember the primary password (0901) +"security.password_lifetime" = 5; # [DEFAULT: 30] + +# Disable auto-filling username & password form fields +"signon.autofillForms" = false; + +# Disable formless login capture for Password Manager [FF51+] +"signon.formlessCapture.enabled" = false; + +# Limit (or disable) HTTP authentication credentials dialogs triggered by sub-resources [FF41+] +# 0 = don't allow sub-resources to open HTTP authentication credentials dialogs +# 1 = don't allow cross-origin sub-resources to open HTTP authentication credentials dialogs +# 2 = allow sub-resources to open HTTP authentication credentials dialogs (default) +"network.auth.subresource-http-auth-allow" = 1; + +# DISK AVOIDANCE + +# Disable disk cache +"browser.cache.disk.enable" = false; + +# Disable media cache from writing to disk in Private Browsing +"browser.privatebrowsing.forceMediaMemoryCache" = true; # [FF75+] +"media.memory_cache_max_size" = 65536; + +# Disable storing extra session data [SETUP-CHROME] +# 0=everywhere = 1=unencrypted sites = 2=nowhere +"browser.sessionstore.privacy_level" = 2; + +# HTTPS (SSL/TLS / OCSP / CERTS / HPKP) + +# Require safe negotiation +"security.ssl.require_safe_negotiation" = true; + +# Disable TLS1.3 0-RTT (round-trip time) [FF51+] +"security.tls.enable_0rtt_data" = false; + +# OCSP (Online Certificate Status Protocol) + +# Enforce OCSP fetching to confirm current validity of certificates +# 0=disabled = 1=enabled (default) = 2=enabled for EV certificates only +"security.OCSP.enabled" = 0; # [DEFAULT: 1] + +# Set OCSP fetch failures (non-stapled) to hard-fail [SETUP-WEB] +"security.OCSP.require" = false; + +# CERTS / HPKP (HTTP Public Key Pinning) + +# Enable strict PKP (Public Key Pinning) +# 0=disabled = 1=allow user MiTM (default; such as your antivirus) = 2=strict +"security.cert_pinning.enforcement_level" = 2; + +# Disable CRLite [FF73+] +# 0 = disabled +# 1 = consult CRLite but only collect telemetry (default) +# 2 = consult CRLite and enforce both "Revoked" and "Not Revoked" results +# 3 = consult CRLite and enforce "Not Revoked" results = but defer to OCSP for "Revoked" (default) +"security.remote_settings.intermediates.enabled" = false; +"security.remote_settings.intermediates.bucket" = ""; +"security.remote_settings.intermediates.collection" = ""; +"security.remote_settings.intermediates.signer" = ""; +"security.remote_settings.crlite_filters.enabled" = false; +"security.remote_settings.crlite_filters.bucket" = ""; +"security.remote_settings.crlite_filters.collection" = ""; +"security.remote_settings.crlite_filters.signer" = ""; +"security.pki.crlite_mode" = 0; + +# MIXED CONTENT + +# Disable insecure passive content (such as images) on https pages [SETUP-WEB] +#"security.mixed_content.block_display_content" = true; # Defense-in-depth + +# Enable HTTPS-Only mode in all windows +"dom.security.https_only_mode" = true; # [FF76+] +#"dom.security.https_only_mode_pbm" = true; # [FF80+] + +# Enable HTTPS-Only mode for local resources [FF77+] +#"dom.security.https_only_mode.upgrade_local" = true; + +# Disable HTTP background requests [FF82+] +"dom.security.https_only_mode_send_http_background_request" = false; + +# Disable ping to Mozilla for Man-in-the-Middle detection +"security.certerrors.mitm.priming.enabled" = false; +"security.certerrors.mitm.priming.endpoint" = ""; +"security.pki.mitm_canary_issuer" = ""; +"security.pki.mitm_canary_issuer.enabled" = false; +"security.pki.mitm_detected" = false; + +# UI (User Interface) + +# Display warning on the padlock for "broken security" +"security.ssl.treat_unsafe_negotiation_as_broken" = true; + +# Display advanced information on Insecure Connection warning pages +"browser.xul.error_pages.expert_bad_cert" = true; + +# REFERERS + +# Control the amount of cross-origin information to send [FF52+] +# 0=send full URI (default) = 1=scheme+host+port+path = 2=scheme+host+port +"network.http.referer.XOriginTrimmingPolicy" = 2; + +# CONTAINERS + +# Enable Container Tabs and its UI setting [FF50+] +"privacy.userContext.enabled" = true; +"privacy.userContext.ui.enabled" = true; + +# Set behavior on "+ Tab" button to display container menu on left click [FF74+] +#"privacy.userContext.newTabContainerOnLeftClick.enabled" = true; + +# PLUGINS / MEDIA / WEBRTC + +# Force WebRTC inside the proxy [FF70+] +"media.peerconnection.ice.proxy_only_if_behind_proxy" = true; + +# Force a single network interface for ICE candidates generation [FF42+] +"media.peerconnection.ice.default_address_only" = true; + +# Force exclusion of private IPs from ICE candidates [FF51+] +#"media.peerconnection.ice.no_host" = true; + +# Disable GMP (Gecko Media Plugins) +"media.gmp-provider.enabled" = false; +"media.gmp-manager.url" = ""; +"media.gmp-gmpopenh264.enabled" = false; + +# DOM (DOCUMENT OBJECT MODEL) + +# Prevent scripts from moving and resizing open windows +"dom.disable_window_move_resize" = true; + +# MISCELLANEOUS + +# Remove temp files opened from non-PB windows with an external application +"browser.download.start_downloads_in_tmp_dir" = true; # [FF102+] + +# Disable sending additional analytics to web servers +"beacon.enabled" = false; + +# Remove temp files opened with an external application +"browser.helperApps.deleteTempFileOnExit" = true; + +# Disable UITour backend so there is no chance that a remote page can use it +"browser.uitour.enabled" = false; +"browser.uitour.url" = ""; # Defense-in-depth + +# Reset remote debugging to disabled +"devtools.debugger.remote-enabled" = false; # [DEFAULT: false] + +# Disable websites overriding Firefox's keyboard shortcuts [FF58+] +# 0 (default) or 1=allow = 2=block +#"permissions.default.shortcuts" = 2; + +# Remove special permissions for certain mozilla domains [FF35+] +"permissions.manager.defaultsUrl" = ""; + +# Remove webchannel whitelist +"webchannel.allowObject.urlWhitelist" = ""; + +# Use Punycode in Internationalized Domain Names to eliminate possible spoofing +"network.IDN_show_punycode" = true; + +# Enforce PDFJS = disable PDFJS scripting +"pdfjs.disabled" = false; # [DEFAULT: false] +"pdfjs.enableScripting" = false; # [FF86+] + +# Disable middle click on new tab button opening URLs or searches using clipboard [FF115+] +"browser.tabs.searchclipboardfor.middleclick" = false; # [DEFAULT: false NON-LINUX] + +# Disable the default checkedness for "Save card and address to Firefox" checkboxes +"dom.payments.defaults.saveAddress" = false; +"dom.payments.defaults.saveCreditCard" = false; + +# Disable Displaying Javascript in History URLs +"browser.urlbar.filter.javascript" = true; + +# DOWNLOADS + +# Enable user interaction for security by always asking where to download +"browser.download.useDownloadDir" = false; + +# Disable downloads panel opening on every download [FF96+] +"browser.download.alwaysOpenPanel" = false; + +# Disable adding downloads to the system's "recent documents" list +"browser.download.manager.addToRecentDocs" = false; + +# Enable user interaction for security by always asking how to handle new mimetypes [FF101+] +"browser.download.always_ask_before_handling_new_types" = true; + +# EXTENSIONS + +# Limit allowed extension directories +"extensions.enabledScopes" = 5; # [HIDDEN PREF] +#"extensions.autoDisableScopes" = 15; # [DEFAULT: 15] + +# Disable bypassing 3rd party extension install prompts [FF82+] +"extensions.postDownloadThirdPartyPrompt" = false; + +# Disable webextension restrictions on certain mozilla domains [FF60+] +#"extensions.webextensions.restrictedDomains" = ""; + +# Disable extensions suggestions +"extensions.webservice.discoverURL" = ""; + +# ETP (ENHANCED TRACKING PROTECTION) + +# Enable ETP Strict Mode [FF86+] +"browser.contentblocking.category" = "strict"; # [HIDDEN PREF] + +# Disable ETP web compat features [FF93+] +#"privacy.antitracking.enableWebcompat" = false; + +# SHUTDOWN & SANITIZING + +# Enable Firefox to clear items on shutdown +"privacy.sanitize.sanitizeOnShutdown" = true; + +# SANITIZE ON SHUTDOWN: IGNORES "ALLOW" SITE EXCEPTIONS + +# Set/enforce what items to clear on shutdown [SETUP-CHROME] +"privacy.clearOnShutdown.cache" = true; +"privacy.clearOnShutdown.downloads" = true; # [DEFAULT: true] +"privacy.clearOnShutdown.formdata" = true; # [DEFAULT: true] +"privacy.clearOnShutdown.history" = true; # [DEFAULT: true] +"privacy.clearOnShutdown.sessions" = true; # [DEFAULT: true] +#"privacy.clearOnShutdown.siteSettings" = false; # [DEFAULT: false] + +# Set Session Restore to clear on shutdown [FF34+] +#"privacy.clearOnShutdown.openWindows" = true; + +# SANITIZE ON SHUTDOWN: RESPECTS "ALLOW" SITE EXCEPTIONS FF103+ + +# Set "Cookies" and "Site Data" to clear on shutdown +"privacy.clearOnShutdown.cookies" = true; # Cookies +"privacy.clearOnShutdown.offlineApps" = true; # Site Data + +# SANITIZE MANUAL: IGNORES "ALLOW" SITE EXCEPTIONS + +# Reset default items to clear with Ctrl-Shift-Del +"privacy.cpd.cache" = true; # [DEFAULT: true] +"privacy.cpd.formdata" = true; # Form & Search History +"privacy.cpd.history" = true; # Browsing & Download History +"privacy.cpd.offlineApps" = true; # Offline Website Data +"privacy.cpd.sessions" = true; # [DEFAULT: true] +# "privacy.cpd.offlineApps" = true; # [DEFAULT: false] +"privacy.cpd.cookies" = true; +#"privacy.cpd.downloads" = true; # not used +#"privacy.cpd.openWindows" = false; # Session Restore +#"privacy.cpd.passwords" = false; +#"privacy.cpd.siteSettings" = false; + +# Clear Session Restore data when sanitizing on shutdown or manually [FF34+] +#"privacy.clearOnShutdown.openWindows" = true; +#"privacy.cpd.openWindows" = true; + +# Reset default "Time range to clear" for "Clear Recent History" +# 0=everything = 1=last hour = 2=last two hours = 3=last four hours = 4=today +"privacy.sanitize.timeSpan" = 0; + +# FPP (fingerprintingProtection) + +# Enable FPP in PB mode [FF114+] +#"privacy.fingerprintingProtection.pbmode" = true; # [DEFAULT: true FF118+] + +# Set global FPP overrides [FF114+] +#"privacy.fingerprintingProtection.overrides" = ""; + +# RFP (resistFingerprinting) + +# Enable RFP +"privacy.resistFingerprinting" = true; # [FF41+] +#"privacy.resistFingerprinting.pbmode" = true; # [FF114+] + +# Set new window size rounding max values [FF55+] +"privacy.window.maxInnerWidth" = 1400; +"privacy.window.maxInnerHeight" = 900; + +# Disable mozAddonManager Web API [FF57+] +"privacy.resistFingerprinting.block_mozAddonManager" = true; + +# Enable RFP letterboxing [FF67+] +#"privacy.resistFingerprinting.letterboxing" = true; # [HIDDEN PREF] +#"privacy.resistFingerprinting.letterboxing.dimensions" = ""; # [HIDDEN PREF] + +# Experimental RFP [FF91+] +#"privacy.resistFingerprinting.exemptedDomains" = "*.example.invalid"; + +# Disable using system colors +"browser.display.use_system_colors" = false; # [DEFAULT: false NON-WINDOWS] + +# Enforce non-native widget theme +"widget.non-native-theme.enabled" = true; # [DEFAULT: true] + +# Enforce links targeting new windows to open in a new tab instead +# 1=most recent window or tab = 2=new window = 3=new tab +"browser.link.open_newwindow" = 3; # [DEFAULT: 3] + +# Set all open window methods to abide by "browser.link.open_newwindow" +"browser.link.open_newwindow.restriction" = 0; + +# Disable WebGL (Web Graphics Library) +"webgl.disabled" = true; + +# OPTIONAL OPSEC + +# Start Firefox in PB (Private Browsing) mode +#"browser.privatebrowsing.autostart" = true; + +# Disable memory cache +# capacity: -1=determine dynamically (default) = 0=none = n=memory capacity in kibibytes +#"browser.cache.memory.enable" = false; +#"browser.cache.memory.capacity" = 0; + +# Disable saving passwords +#"signon.rememberSignons" = false; + +# Disable permissions manager from writing to disk [FF41+] [RESTART] +#"permissions.memory_only" = true; # [HIDDEN PREF] + +# Disable intermediate certificate caching [FF41+] [RESTART] +#"security.nocertdb" = true; # + +# Disable favicons in history and bookmarks +"browser.chrome.site_icons" = false; + +# Exclude "Undo Closed Tabs" in Session Restore +#"browser.sessionstore.max_tabs_undo" = 0; + +# Disable resuming session from crash +#"browser.sessionstore.resume_from_crash" = false; + +# Disable "open with" in download dialog [FF50+] +#"browser.download.forbid_open_with" = true; + +# Disable location bar suggestion types +"browser.urlbar.suggest.history" = false; +"browser.urlbar.suggest.bookmark" = false; +"browser.urlbar.suggest.openpage" = false; +"browser.urlbar.suggest.topsites" = false; # [FF78+] +"browser.urlbar.suggest.weather" = false; + +# Disable location bar dropdown +#"browser.urlbar.maxRichResults" = 0; + +# Disable location bar autofill +"browser.urlbar.autoFill" = false; + +# Disable browsing and download history +"places.history.enabled" = false; + +# Discourage downloading to desktop +# 0=desktop = 1=downloads (default) = 2=custom +#"browser.download.folderList" = 2; + +# Disable Form Autofill +"extensions.formautofill.addresses.enabled" = false; # [FF55+] +"extensions.formautofill.creditCards.enabled" = false; # [FF56+] + +# Limit events that can cause a pop-up +#"dom.popup_allowed_events" = "click dblclick mousedown pointerdown"; + +# Disable page thumbnail collection +#"browser.pagethumbnails.capturing_disabled" = true; # [HIDDEN PREF] + +# Disable location bar using search +"keyword.enabled" = false; + +# Force GPU sandboxing (Linux = default on Windows) +"security.sandbox.gpu.level" = 1; + +# Enable Site Isolation +"fission.autostart" = true; +"gfx.webrender.all" = true; + +# OPTIONAL HARDENING + +# Disable MathML (Mathematical Markup Language) [FF51+] +"mathml.disabled" = true; + +# Disable in-content SVG (Scalable Vector Graphics) [FF53+] +#"svg.disabled" = true; + +# Disable graphite +"gfx.font_rendering.graphite.enabled" = false; + +# Disable asm.js [FF22+] +"javascript.options.asmjs" = false; + +# Disable Ion and baseline JIT to harden against JS exploits +"javascript.options.ion" = false; +"javascript.options.baselinejit" = false; +"javascript.options.jit_trustedprincipals" = true; # [FF75+] [HIDDEN PREF] + +# Disable WebAssembly [FF52+] +"javascript.options.wasm" = false; + +# Disable rendering of SVG OpenType fonts +"gfx.font_rendering.opentype_svg.enabled" = false; + +# Disable widevine CDM (Content Decryption Module) +"media.gmp-widevinecdm.enabled" = false; + +# Disable all DRM content (EME: Encryption Media Extension) +"media.eme.enabled" = false; +"browser.eme.ui.enabled" = false; + +# Disable IPv6 if using a VPN +#"network.dns.disableIPv6" = true; + +# Control when to send a cross-origin referer +# * 0=always (default) = 1=only if base domains match = 2=only if hosts match +#"network.http.referer.XOriginPolicy" = 2; + +# Set DoH bootstrap address [FF89+] +#"network.trr.bootstrapAddr" = "10.0.0.1"; # [HIDDEN PREF] + +# DON'T TOUCH + +# Disable Firefox blocklist +"extensions.blocklist.enabled" = false; # [DEFAULT: true] +"extensions.blocklist.addonItemURL" = ""; +"extensions.blocklist.detailsURL" = ""; +"extensions.blocklist.itemURL" = ""; +"services.blocklist.addons.collection" = ""; +"services.blocklist.addons.signer" = ""; +"services.blocklist.plugins.collection" = ""; +"services.blocklist.plugins.signer" = ""; +"services.blocklist.gfx.collection" = ""; +"services.blocklist.gfx.signer" = ""; + +# Enforce no referer spoofing +"network.http.referer.spoofSource" = true; # [DEFAULT: false] + +# Enforce a security delay on some confirmation dialogs such as install = open/save +"security.dialog_enable_delay" = 1000; # [DEFAULT: 1000] + +# Enforce no First Party Isolation [FF51+] +"privacy.firstparty.isolate" = false; # [DEFAULT: false] + +# Enforce SmartBlock shims (about:compat) [FF81+] +"extensions.webcompat.enable_shims" = true; # [HIDDEN PREF] [DEFAULT: true] + +# Enforce no TLS 1.0/1.1 downgrades +"security.tls.version.enable-deprecated" = false; # [DEFAULT: false] + +# Enforce disabling of Web Compatibility Reporter [FF56+] +"extensions.webcompat-reporter.enabled" = false; # [DEFAULT: false] + +# Disable Quarantined Domains [FF115+] +"extensions.quarantinedDomains.enabled" = false; # [DEFAULT: true] + +# prefsCleaner: previously active items removed from arkenfox 115-117 +#"accessibility.force_disabled" = ""; +#"browser.urlbar.dnsResolveSingleWordsAfterSearch" = ""; +#"network.protocol-handler.external.ms-windows-store" = ""; +#"privacy.partition.always_partition_third_party_non_cookie_storage" = ""; +#"privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage" = ""; +#"privacy.partition.serviceWorkers" = ""; + +# DON'T BOTHER + +# Disable APIs +"geo.enabled" = false; +#"full-screen-api.enabled" = false; + +# Set default permissions +# 0=always ask (default) = 1=allow = 2=block +"permissions.default.geo" = 2; +"permissions.default.camera" = 2; +"permissions.default.microphone" = 2; +"permissions.default.desktop-notification" = 2; +"permissions.default.xr" = 2; # Virtual Reality + +# Disable canvas capture stream +"canvas.capturestream.enabled" = false; + +# Disable offscreen canvas +"gfx.offscreencanvas.enabled" = false; + +# Disable non-modern cipher suites +#"security.ssl3.ecdhe_ecdsa_aes_128_sha" = false; +#"security.ssl3.ecdhe_ecdsa_aes_256_sha" = false; +#"security.ssl3.ecdhe_rsa_aes_128_sha" = false; +#"security.ssl3.ecdhe_rsa_aes_256_sha" = false; +#"security.ssl3.rsa_aes_128_gcm_sha256" = false; # no PFS +#"security.ssl3.rsa_aes_256_gcm_sha384" = false; # no PFS +#"security.ssl3.rsa_aes_128_sha" = false; # no PFS +#"security.ssl3.rsa_aes_256_sha" = false; # no PFS + +# Control TLS versions +#"security.tls.version.min" = 3; # [DEFAULT: 3] +#"security.tls.version.max" = 4; + +# Disable SSL session IDs [FF36+] +#"security.ssl.disable_session_identifiers" = true; + +# Onions +#"dom.securecontext.allowlist_onions" = true; +#"network.http.referer.hideOnionSource" = true; + +# Referers +#"network.http.sendRefererHeader" = 2; +#"network.http.referer.trimmingPolicy" = 0; + +# Set the default Referrer Policy [FF59+] +# 0=no-referer = 1=same-origin = 2=strict-origin-when-cross-origin = 3=no-referrer-when-downgrade +#"network.http.referer.defaultPolicy" = 2; # [DEFAULT: 2] +#"network.http.referer.defaultPolicy.pbmode" = 2; # [DEFAULT: 2] + +# Disable HTTP Alternative Services [FF37+] +#"network.http.altsvc.enabled" = false; + +# Disable website control over browser right-click context menu +#"dom.event.contextmenu.enabled" = false; + +# Disable icon fonts (glyphs) and local fallback rendering +#"gfx.downloadable_fonts.enabled" = false; # [FF41+] +#"gfx.downloadable_fonts.fallback_delay" = -1; + +# Disable Clipboard API +#"dom.event.clipboardevents.enabled" = false; + +# Disable System Add-on updates +"extensions.systemAddon.update.enabled" = false; # [FF62+] +"extensions.systemAddon.update.url" = ""; # [FF44+] + +# Enable the DNT (Do Not Track) HTTP header +"privacy.donottrackheader.enabled" = false; + +# Customize ETP settings +#"network.cookie.cookieBehavior" = 5; # [DEFAULT: 5] +#"privacy.fingerprintingProtection" = true; # [FF114+] [ETP FF119+] +#"privacy.partition.network_state.ocsp_cache" = true; # [DEFAULT: true FF123+] +#"privacy.query_stripping.enabled" = true; # [FF101+] +"privacy.query_stripping.strip_list" = "__hsfp __hssc __hstc __s _hsenc _openstat dclid fbclid gbraid gclid hsCtaTracking igshid mc_eid ml_subscriber ml_subscriber_hash msclkid oft_c oft_ck oft_d oft_id oft_ids oft_k oft_lk oft_sk oly_anon_id oly_enc_id rb_clickid s_cid twclid vero_conv vero_id wbraid wickedid yclid"; +#"network.http.referer.disallowCrossSiteRelaxingDefault" = true; +#"network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation" = true; # [FF100+] +#"privacy.trackingprotection.enabled" = true; +#"privacy.trackingprotection.socialtracking.enabled" = true; +#"privacy.trackingprotection.cryptomining.enabled" = true; # [DEFAULT: true] +#"privacy.trackingprotection.fingerprinting.enabled" = true; # [DEFAULT: true] + +# Allow embedded tweets and Reddit posts. Don't do it! +#"urlclassifier.trackingSkipURLs" = "*.reddit.com = *.twitter.com = *.twimg.com"; # [HIDDEN PREF] +#"urlclassifier.features.socialtracking.skipURLs" = "*.instagram.com = *.twitter.com = *.twimg.com"; # [HIDDEN PREF] + +# Disable service workers +#"dom.serviceWorkers.enabled" = false; + +# Disable Web Notifications [FF22+] +#"dom.webnotifications.enabled" = false; + +# Disable Push Notifications [FF44+] +"dom.push.enabled" = false; +"dom.push.connection.enabled" = false; +"dom.push.serverURL" = ""; +"dom.push.userAgentID" = ""; + +# Disable WebRTC (Web Real-Time Communication) +"media.peerconnection.enabled" = false; + +# DON'T BOTHER: FINGERPRINTING + +# prefsCleaner: reset items useless for anti-fingerprinting +#"browser.zoom.siteSpecific" = false; +#"dom.enable_performance" = false; +#"dom.enable_resource_timing" = false; +#"dom.maxHardwareConcurrency" = 2; +#"font.system.whitelist" = ""; # [HIDDEN PREF] +#"general.appname.override" = ""; # [HIDDEN PREF] +#"general.appversion.override" = ""; # [HIDDEN PREF] +#"general.buildID.override" = "20181001000000"; # [HIDDEN PREF] +#"general.oscpu.override" = ""; # [HIDDEN PREF] +#"general.platform.override" = ""; # [HIDDEN PREF] +#"general.useragent.override" = "Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0"; # [HIDDEN PREF] +#"media.ondevicechange.enabled" = false; +#"media.video_stats.enabled" = false; +#"webgl.enable-debug-renderer-info" = false; +"ui.use_standins_for_native_colors" = true; +"browser.display.use_document_fonts" = 0; +"device.sensors.enabled" = false; +"dom.gamepad.enabled" = false; +"dom.netinfo.enabled" = false; +"dom.vibrator.enabled" = false; +"dom.w3c_touch_events.enabled" = 0; +"dom.webaudio.enabled" = false; +"media.navigator.enabled" = false; +"media.webspeech.synth.enabled" = false; + +# Disable API for measuring text width and height. +"dom.textMetrics.actualBoundingBox.enabled" = false; +"dom.textMetrics.baselines.enabled" = false; +"dom.textMetrics.emHeight.enabled" = false; +"dom.textMetrics.fontBoundingBox.enabled" = false; + +# NON-PROJECT RELATED + +# WELCOME & WHAT'S NEW NOTICES + +"browser.startup.homepage_override.mstone" = "ignore"; # [HIDDEN PREF] +"startup.homepage_welcome_url" = ""; +"startup.homepage_welcome_url.additional" = ""; +"startup.homepage_override_url" = ""; # What's New page after updates + +# WARNINGS + +"browser.tabs.warnOnClose" = false; # [DEFAULT: false FF94+] +"browser.tabs.warnOnCloseOtherTabs" = false; +"browser.tabs.warnOnOpen" = false; +"browser.warnOnQuitShortcut" = false; # [FF94+] +"full-screen-api.warning.delay" = 0; +"full-screen-api.warning.timeout" = 0; +"browser.warnOnQuit" = false; + +# UPDATES + +# Disable auto-INSTALLING Firefox updates [NON-WINDOWS] +"app.update.auto" = false; + +# Disable auto-CHECKING for extension and theme updates +"extensions.update.enabled" = false; + +# Disable auto-INSTALLING extension and theme updates +"extensions.update.autoUpdateDefault" = false; + +# Disable extension metadata +"extensions.getAddons.cache.enabled" = false; + +# Disable search engine updates (e.g. OpenSearch) +"browser.search.update" = false; + +# CONTENT BEHAVIOR + +"accessibility.typeaheadfind" = false; # enable "Find As You Type" +"clipboard.autocopy" = false; # disable autocopy default [LINUX] +"layout.spellcheckDefault" = 0; # 0=none = 1-multi-line = 2=multi-line & single-line + +# FIREFOX HOME CONTENT + +"browser.newtabpage.activity-stream.feeds.section.topstories" = false; # Recommended by Pocket +"browser.newtabpage.activity-stream.section.highlights.includePocket" = false; +"browser.newtabpage.activity-stream.feeds.topsites" = false; +"browser.newtabpage.activity-stream.showSearch" = false; +"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false; +"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false; +"browser.newtabpage.activity-stream.section.highlights.includeVisited" = false; + +# UX FEATURES + +"extensions.pocket.enabled" = false; # Pocket Account [FF46+] +"extensions.screenshots.disabled" = true; # [FF55+] +"identity.fxaccounts.enabled" = false; # Firefox Accounts & Sync [FF60+] [RESTART] +"reader.parse-on-load.enabled" = false; # Reader View +"browser.tabs.firefox-view" = false; # Firefox-view + +# OTHER + +#"browser.bookmarks.max_backups" = 2; +"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false; # disable CFR [FF67+] +"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false; # disable CFR [FF67+] +"browser.messaging-system.whatsNewPanel.enabled" = false; # What's New toolbar icon [FF69+] +"browser.urlbar.showSearchTerms.enabled" = false; +"browser.sessionstore.interval" = 30000; # minimum interval between session save operations +"network.manage-offline-status" = false; +"browser.preferences.moreFromMozilla" = false; +"browser.disableResetPrompt" = true; # [HIDDEN PREF] +#"xpinstall.signatures.required" = false; # enforced extension signing (Nightly/ESR) + +# MORE + +#"security.insecure_connection_icon.enabled" = ""; # [DEFAULT: true FF70+] +#"security.mixed_content.block_active_content" = ""; # [DEFAULT: true since at least FF60] +"security.ssl.enable_ocsp_stapling" = false; # [DEFAULT: true FF26+] +#"webgl.disable-fail-if-major-performance-caveat" = ""; # [DEFAULT: true FF86+] +"webgl.enable-webgl2" = false; +#"webgl.min_capability_mode" = ""; + +# DEPRECATED / RENAMED + +# ESR115.x still uses all the following prefs + +# FF116 + +# Set RFP's font visibility level [FF94+] +#"layout.css.font-visibility.resistFingerprinting" = 1; # [DEFAULT: 1] + +# FF117 + +# Disable service worker Web Notifications [FF44+] +#"dom.webnotifications.serviceworker.enabled" = false; + +# FF118 + +# Limit font visibility (Windows = Mac = some Linux) [FF94+] +#"layout.css.font-visibility.private" = 1; +#"layout.css.font-visibility.standard" = 1; +#"layout.css.font-visibility.trackingprotection" = 1; + +# Disable permissions delegation [FF73+] +#"permissions.delegation.enabled" = false; + +# FF119 + +# Use en-US locale regardless of the system or region locale +#"javascript.use_us_english_locale" = true; # [HIDDEN PREF] + +# Disable skipping DoH when parental controls are enabled [FF70+] +"network.dns.skipTRR-when-parental-control-enabled" = false; +# + +} diff --git a/home/modules/desktop/browser/firefox/ooksJs.nix b/home/modules/desktop/browser/firefox/ooksJs.nix new file mode 100644 index 0000000..afc0e51 --- /dev/null +++ b/home/modules/desktop/browser/firefox/ooksJs.nix @@ -0,0 +1,68 @@ +{ + #Basic Settings + "browser.disableResetPrompt" = true; + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + "browser.cache.disk.enable" = false; + "browser.cache.memory.enable" = true; + "browser.cache.memory.capacity" = 524288; + "browser.sessionstore.interval" = 15000000; + "extensions.pocket.enabled" = false; + "reader.parse-on-load.enabled" = false; + "accessibility.force_disabled" = 1; + "browser.helperApps.deleteTempFileOnExit" = true; + "browser.uitour.enabled" = false; + + #Startup + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; + "browser.newtabpage.activity-stream.default.sites" = ""; + "browser.aboutConfig.showWarning" = false; + + #Disable recommendations + "extensions.getAddons.showPane" = false; + "extensions.htmlaboutaddons.recommendations.enabled" = false; + "browser.discovery.enabled" = false; + + #Telemetry + "datareporting.policy.dataSubmissionEnabled" = false; + "datareporting.healthreport.uploadEnabled" = false; + "toolkit.telemetry.unified" = false; + "toolkit.telemetry.enabled" = false; + "toolkit.telemetry.server" = "data:,"; + "toolkit.telemetry.archive.enabled" = false; + "toolkit.telemetry.newProfilePing.enabled" = false; + "toolkit.telemetry.shutdownPingSender.enabled" = false; + "toolkit.telemetry.updatePing.enabled" = false; + "toolkit.telemetry.bhrPing.enabled" = false; + "toolkit.telemetry.firstShutdownPing.enabled" = false; + "toolkit.telemetry.coverage.opt-out" = true; + "toolkit.coverage.opt-out" = true; + "toolkit.coverage.endpoint.base" = ""; + "browser.ping-centre.telemetry" = false; + "browser.newtabpage.activity-stream.feeds.telemetry" = false; + "browser.newtabpage.activity-stream.telemetry" = false; + "toolkit.telemetry.reportingpolicy.firstRun" = false; + "toolkit.telemetry.shutdownPingSender.enabledFirstsession" = false; + "browser.vpn_promo.enabled" = false; + "app.shield.optoutstudies.enabled" = false; + "app.normandy.enabled" = false; + "app.normandy.api_url" = ""; + + #Crash Reports + "breakpad.reportURL" = ""; + "browser.tabs.crashReporting.sendReport" = false; + "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; + + #Other + "captivedetect.canonicalURL" = ""; + "network.captive-portal-service.enabled" = false; + "network.connectivity-service.enabled" = false; + + #Geolocation + "geo.provider.network.url" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; + "geo.provider.use_gpsd" = false; + "geo.provider.use_geoclue" = false; + + #Calculator + "browser.urlbar.suggest.calculator" = true; +}