mirror of
				https://gitea.blesmrt.net/mikaela/shell-things.git
				synced 2025-10-26 14:47:36 +01:00 
			
		
		
		
	firefox-forbidden-policies.js: use lockPref so it's clear what cannot be changed within the browser
This commit is contained in:
		
							parent
							
								
									81d1a2a0fb
								
							
						
					
					
						commit
						473d0ba704
					
				| @ -5,41 +5,44 @@ | ||||
| // repository, etc/firefox/policies/policies.json
 | ||||
| 
 | ||||
| // If autoconfig is not found, fallback. Also means this file.
 | ||||
| pref("autoadmin.failover_to_cached", true); | ||||
| pref( | ||||
| lockPref("autoadmin.failover_to_cached", true); | ||||
| lockPref( | ||||
| 	"autoadmin.global_config_url", | ||||
| 	"https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/firefox-forbidden-policies.js", | ||||
| ); | ||||
| pref("autoadmin.offline_failover", true); | ||||
| pref("autoadmin.refresh_interval", 120); | ||||
| lockPref("autoadmin.offline_failover", true); | ||||
| lockPref("autoadmin.refresh_interval", 120); | ||||
| 
 | ||||
| // Automatically click cookiebanners although uBlock Origin might block them
 | ||||
| pref("cookiebanners.bannerClicking.enabled", true); | ||||
| pref("cookiebanners.service.mode", 2); | ||||
| pref("cookiebanners.service.mode.privateBrowsing", 2); | ||||
| lockPref("cookiebanners.bannerClicking.enabled", true); | ||||
| lockPref("cookiebanners.service.mode", 2); | ||||
| lockPref("cookiebanners.service.mode.privateBrowsing", 2); | ||||
| 
 | ||||
| // I can set my preferred fonts in an order! :O
 | ||||
| // but obviously this is forbidden in policies.json!
 | ||||
| pref("font.name-list.monospace.x-cyrillic", "Noto Shanns Mono, monospace"); | ||||
| pref("font.name-list.monospace.x-western", "Noto Shanns Mono, monospace"); | ||||
| pref("font.name-list.sans-serif.x-cyrillic", "Noto Sans, sans-serif"); | ||||
| pref("font.name-list.sans-serif.x-western", "Noto Sans, sans-serif"); | ||||
| pref("font.name-list.serif.x-cyrillic", "Noto Serif, serif"); | ||||
| pref("font.name-list.serif.x-western", "Noto Serif, serif"); | ||||
| lockPref( | ||||
| 	"font.name-list.monospace.x-cyrillic", | ||||
| 	"Noto Shanns Mono, monospace", | ||||
| ); | ||||
| lockPref("font.name-list.monospace.x-western", "Noto Shanns Mono, monospace"); | ||||
| lockPref("font.name-list.sans-serif.x-cyrillic", "Noto Sans, sans-serif"); | ||||
| lockPref("font.name-list.sans-serif.x-western", "Noto Sans, sans-serif"); | ||||
| lockPref("font.name-list.serif.x-cyrillic", "Noto Serif, serif"); | ||||
| lockPref("font.name-list.serif.x-western", "Noto Serif, serif"); | ||||
| 
 | ||||
| // Play animated images only once, accessibility.
 | ||||
| pref("image.animation.mode", "once"); | ||||
| lockPref("image.animation.mode", "once"); | ||||
| 
 | ||||
| // Spoof en-US as language to scripts
 | ||||
| pref("javascript.use_us_english_locale", true); | ||||
| lockPref("javascript.use_us_english_locale", true); | ||||
| 
 | ||||
| // DNT although PrivacyBadger from policy handles this
 | ||||
| pref("privacy.donottrackheader.enabled", true); | ||||
| pref("privacy.donottrackheader.value", 1); | ||||
| lockPref("privacy.donottrackheader.enabled", true); | ||||
| lockPref("privacy.donottrackheader.value", 1); | ||||
| 
 | ||||
| // More tunable privacy.resistfingerprinting. I have lost the privacy game
 | ||||
| // many times before this point, so this is nothing.
 | ||||
| //pref("privacy.fingerprintingProtection", true);
 | ||||
| //lockPref("privacy.fingerprintingProtection", true);
 | ||||
| 
 | ||||
| // Somehow I cannot clearPref this, so...
 | ||||
| //clearPref("privacy.fingerprintingProtection");
 | ||||
| @ -50,17 +53,17 @@ lockPref("privacy.fingerprintingProtection", false); | ||||
| //	"+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorPlatform,-NavigatorUserAgent,-JSDateTimeUTC,-HttpUserAgent,-FontVisibilityRestrictGenerics,-FontVisibilityBaseSystem,-FontVisibilityLangPack",
 | ||||
| //);
 | ||||
| clearPref("privacy.fingerprintingProtection.overrides"); | ||||
| //pref("privacy.fingerprintingProtection.pbmode", true);
 | ||||
| //lockPref("privacy.fingerprintingProtection.pbmode", true);
 | ||||
| clearPref("privacy.fingerprintingProtection.pbmode"); | ||||
| // (Incompatible with the above)
 | ||||
| //pref("privacy.resistFingerprinting", false);
 | ||||
| //lockPref("privacy.resistFingerprinting", false);
 | ||||
| clearPref("privacy.resistFingerprinting"); | ||||
| //pref("privacy.resistFingerprinting.block_mozAddonManage", true);
 | ||||
| //lockPref("privacy.resistFingerprinting.block_mozAddonManage", true);
 | ||||
| clearPref("privacy.resistFingerprinting.block_mozAddonManage"); | ||||
| // Letterboxing from Tor Browser, I like it in general.
 | ||||
| lockPref("privacy.resistFingerprinting.letterboxing", true); | ||||
| // Still Incompatible with the above
 | ||||
| //pref("privacy.resistFingerprinting.pbmode", false);
 | ||||
| //lockPref("privacy.resistFingerprinting.pbmode", false);
 | ||||
| clearPref("privacy.resistFingerprinting.pbmode"); | ||||
| 
 | ||||
| // Which extension requires container tabs? My policy and this file. This
 | ||||
| @ -70,18 +73,18 @@ lockPref("privacy.userContext.extension", ""); | ||||
| // Enable containers without extensions (although those are forced by the
 | ||||
| // policy. TODO: Remove these as they are in the policy, but disallowed by
 | ||||
| // current ESR
 | ||||
| pref("privacy.userContext.enabled", true); | ||||
| pref("privacy.userContext.ui.enabled", true); | ||||
| lockPref("privacy.userContext.enabled", true); | ||||
| lockPref("privacy.userContext.ui.enabled", true); | ||||
| 
 | ||||
| // Enables reading mode for all pages (at least in theory)
 | ||||
| pref("reader.parse-on-load.force-enabled", true); | ||||
| lockPref("reader.parse-on-load.force-enabled", true); | ||||
| 
 | ||||
| // Ensure OCSP stapling is enabled, especially if the server has it
 | ||||
| pref("security.ssl.enable_ocsp_must_staple", true); | ||||
| lockPref("security.ssl.enable_ocsp_must_staple", true); | ||||
| 
 | ||||
| // TODO: Consider removing this when ESR updates as only it needs this for
 | ||||
| // ECH, which is otherwise the default=
 | ||||
| pref("security.tls.ech.grease_http3", true); | ||||
| lockPref("security.tls.ech.grease_http3", true); | ||||
| 
 | ||||
| // No making configuration on the last line of the file!
 | ||||
| //
 | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user