Mikaela/shell-things
1
0
Fork 0
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git synced 2024-11-29 06:29:36 +01:00
Code Issues Projects Releases Wiki Activity

firefox: apparently HTTPS Only mode can be set here contrary to the documentation

Browse Source 
Also generic hardening(?)
This commit is contained in:
Aminda Suomalainen 2024-05-16 15:03:01 +03:00
parent 83d53b8c17
commit 5158b52da4
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
2 changed files with 42 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
etc/firefox/policies/README.md
View File

@ -13,6 +13,7 @@ per whatever I am doing.
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --> <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
- [WARNING TO LIBREWOLF USERS](#warning-to-librewolf-users) - [WARNING TO LIBREWOLF USERS](#warning-to-librewolf-users)
- [General warning](#general-warning)
- [Extensions](#extensions) - [Extensions](#extensions)
- [Privacy Badger](#privacy-badger) - [Privacy Badger](#privacy-badger)
- [Duplicate](#duplicate) - [Duplicate](#duplicate)
@ -33,6 +34,12 @@ This file takes priority over
`/usr/share/librewolf/distribution/policies.json` so don't apply this or `/usr/share/librewolf/distribution/policies.json` so don't apply this or
a lot of LibreWolf specific customizations stops being in force. a lot of LibreWolf specific customizations stops being in force.
## General warning
This is meant for me and devices I maintain for self-dogfooding so there are
opinions. Including those Firefox won't accept and will appear as warnings or
errors in `about:config` depending on the release channel or even all of them.
## Extensions ## Extensions
They are mostly self-explanatory. They are mostly self-explanatory.

35
etc/firefox/policies/policies.json
View File

@ -251,6 +251,16 @@
"Type": "boolean", "Type": "boolean",
"Value": false "Value": false
}, },
"dom.block_download_insecure": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"dom.security.https_only_mode": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"extensions.webextensions.restrictedDomains": { "extensions.webextensions.restrictedDomains": {
"Status": "locked", "Status": "locked",
"Type": "string", "Type": "string",
@ -351,6 +361,26 @@
"Type": "string", "Type": "string",
"Value": "#ffb700" "Value": "#ffb700"
}, },
"privacy.donottrackheader.enabled": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"privacy.donottrackheader.value": {
"Status": "locked",
"Type": "number",
"Value": 1
},
"privacy.globalprivacycontrol.enabled": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"privacy.globalprivacycontrol.functionality.enabled": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"security.OCSP.require": { "security.OCSP.require": {
"Status": "locked", "Status": "locked",
"Type": "boolean", "Type": "boolean",
@ -366,6 +396,11 @@
"Type": "boolean", "Type": "boolean",
"Value": true "Value": true
}, },
"security.ssl.enable_ocsp_must_staple": {
"Status": "locked",
"Type": "boolean",
"Value": true
},
"security.ssl.enable_ocsp_stapling": { "security.ssl.enable_ocsp_stapling": {
"Status": "locked", "Status": "locked",
"Type": "boolean", "Type": "boolean",