mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-11-22 03:09:22 +01:00
LibreAwoo: attempt to comment what the policy sets
This commit is contained in:
parent
a0795908b2
commit
7b09a7ca1f
SSH Key Fingerprint:
SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
@ -8,6 +8,8 @@
|
||||
// and finally becoming Firefox autoconfig file copied from
|
||||
// https://codeberg.org/librewolf/settings/src/branch/master/librewolf.cfg
|
||||
|
||||
// NOTE! A lot is commented either for being a note, wrong, TODO, whatever, or most likely in my /etc/firefox/policies/policies.json
|
||||
|
||||
// Firefox autoconfig
|
||||
pref("autoadmin.global_config_url", "https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/librewolf.overrides.cfg");
|
||||
pref("general.config.obscure_value", 0);
|
||||
@ -20,7 +22,7 @@ pref("autoadmin.failover_to_cached", true);
|
||||
//pref("intl.regional_prefs.use_os_locales", false);
|
||||
|
||||
// via https://www.ghacks.net/2017/10/27/how-to-enable-firefox-webextensions-on-mozilla-websites/
|
||||
pref("extensions.webextensions.restrictedDomains", "");
|
||||
//pref("extensions.webextensions.restrictedDomains", "");
|
||||
//pref("privacy.resistFingerprinting.block_mozAddonManage", true);
|
||||
// Block cookie banners. Warning: may result to auto-accepting cookies.
|
||||
// https://www.ghacks.net/2022/12/24/configure-firefox-to-reject-cookie-banners-automatically/
|
||||
@ -69,7 +71,7 @@ defaultPref("intl.accept_languages", "fi, en");
|
||||
//pref("intl.accept_languages", "eo, fi");
|
||||
|
||||
// No JavaScript allowed in internal pdf viewer
|
||||
pref("pdfjs.enableScripting", false);
|
||||
//pref("pdfjs.enableScripting", false);
|
||||
|
||||
// Dark mode
|
||||
pref("ui.systemUsesDarkTheme", 1);
|
||||
@ -93,16 +95,16 @@ pref("privacy.clearOnShutdown.siteSettings", false);
|
||||
defaultPref("browser.sessionstore.resume_from_crash", false);
|
||||
|
||||
// Click to play. https://wiki.mozilla.org/Media/block-autoplay
|
||||
pref("media.autoplay.blocking_policy", 2);
|
||||
//pref("media.autoplay.blocking_policy", 2);
|
||||
|
||||
// No corporate CA MITM
|
||||
defaultPref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
|
||||
//defaultPref("security.certerrors.mitm.auto_enable_enterprise_roots", false);
|
||||
|
||||
// Decrease animations
|
||||
pref("image.animation_mode", "once");
|
||||
|
||||
// Punycode
|
||||
pref("network.IDN_show_punycode", true);
|
||||
//pref("network.IDN_show_punycode", true);
|
||||
|
||||
// Enforce reader mode enabling?
|
||||
pref("reader.parse-on-load.force-enabled", true);
|
||||
@ -110,17 +112,17 @@ pref("reader.parse-on-load.force-enabled", true);
|
||||
// TRR & ECH
|
||||
// Mode 2 allows fallback to system resolver, 3 is TTR-only.
|
||||
//pref("network.trr.mode", 2);
|
||||
defaultPref("network.trr.mode", 3);
|
||||
pref("network.trr.early-AAAA", true);
|
||||
//defaultPref("network.trr.mode", 3);
|
||||
//pref("network.trr.early-AAAA", true);
|
||||
//defaultPref("network.trr.uri", "https://dns0.eu/");
|
||||
defaultPref("network.trr.uri", "https://dns11.quad9.net/dns-query");
|
||||
//defaultPref("network.trr.uri", "https://dns11.quad9.net/dns-query");
|
||||
//defaultPref("network.trr.uri", "https://dns.adguard-dns.com/dns-query");
|
||||
// NOTE: ECH requires TRR, so mode 2 may not use it.
|
||||
defaultPref("network.trr.disable-ECS", false);
|
||||
pref("network.dns.echconfig.enabled", true);
|
||||
pref("network.dns.use_https_rr_as_altsvc", true);
|
||||
pref("network.trr.exclude-etc-hosts", false);
|
||||
pref("network.trr.excluded-domains", "http.badssl.com,norwegianwifi.com,mywifiext.net,tplinkrepeater.net,router.asus.com");
|
||||
//defaultPref("network.trr.disable-ECS", false);
|
||||
//pref("network.dns.echconfig.enabled", true);
|
||||
//pref("network.dns.use_https_rr_as_altsvc", true);
|
||||
//pref("network.trr.exclude-etc-hosts", false);
|
||||
//pref("network.trr.excluded-domains", "http.badssl.com,norwegianwifi.com,mywifiext.net,tplinkrepeater.net,router.asus.com");
|
||||
|
||||
// Default UI scale
|
||||
defaultPref("layout.css.devPixelsPerPx", "1.5");
|
||||
@ -134,7 +136,7 @@ pref("browser.cache.memory.enable", true);
|
||||
//pref("browser.startup.page", 1);
|
||||
// Simplified DDG experience without prompts for extension and all
|
||||
//pref("browser.startup.homepage", "https://start.duckduckgo.com");
|
||||
defaultPref("browser.startup.homepage", "about:mozilla");
|
||||
//defaultPref("browser.startup.homepage", "about:mozilla");
|
||||
|
||||
// https://codeberg.org/librewolf/settings/src/branch/master/librewolf.cfg begins
|
||||
|
||||
@ -144,7 +146,7 @@ defaultPref("browser.startup.homepage", "about:mozilla");
|
||||
pref("privacy.userContext.enabled", true);
|
||||
pref("privacy.userContext.ui.enabled", true);
|
||||
|
||||
pref("browser.contentblocking.category", "strict");
|
||||
//pref("browser.contentblocking.category", "strict");
|
||||
pref("privacy.partition.always_partition_third_party_non_cookie_storage", true);
|
||||
pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false);
|
||||
|
||||
@ -171,7 +173,7 @@ pref("network.auth.subresource-http-auth-allow", 1); // block HTTP authenticatio
|
||||
* as a general rule, the behavior of referes which are not cross-origin should not
|
||||
* be changed.
|
||||
*/
|
||||
pref("network.http.referer.XOriginTrimmingPolicy", 2);
|
||||
//pref("network.http.referer.XOriginTrimmingPolicy", 2);
|
||||
|
||||
/** [SECTION] WEBRTC
|
||||
* there is no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+.
|
||||
@ -186,16 +188,16 @@ pref("network.proxy.socks_remote_dns", true); // forces dns query through the pr
|
||||
pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy when one is used
|
||||
|
||||
/** [SECTION] DNS */
|
||||
pref("network.dns.disablePrefetch", true); // disable dns prefetching
|
||||
//pref("network.dns.disablePrefetch", true); // disable dns prefetching
|
||||
pref("network.dns.skipTRR-when-parental-control-enabled", false); // Arkenfox user.js v117
|
||||
|
||||
/** [SECTION] PREFETCHING AND SPECULATIVE CONNECTIONS
|
||||
* disable prefecthing for different things such as links, bookmarks and predictions.
|
||||
*/
|
||||
pref("network.predictor.enabled", false);
|
||||
pref("network.prefetch-next", false);
|
||||
pref("network.http.speculative-parallel-limit", 0);
|
||||
pref("browser.places.speculativeConnect.enabled", false);
|
||||
//pref("network.predictor.enabled", false);
|
||||
//pref("network.prefetch-next", false);
|
||||
//pref("network.http.speculative-parallel-limit", 0);
|
||||
//pref("browser.places.speculativeConnect.enabled", false);
|
||||
// disable speculative connections and domain guessing from the urlbar
|
||||
pref("browser.urlbar.speculativeConnect.enabled", false);
|
||||
|
||||
@ -224,7 +226,7 @@ pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
|
||||
* in v103, when crlite is fully mature, it will switch to mode 2 and no longer double-check.
|
||||
*/
|
||||
pref("security.remote_settings.crlite_filters.enabled", true);
|
||||
pref("security.OCSP.require", true); // set to hard-fail, might cause SEC_ERROR_OCSP_SERVER_ERROR
|
||||
//pref("security.OCSP.require", true); // set to hard-fail, might cause SEC_ERROR_OCSP_SERVER_ERROR
|
||||
|
||||
/** [SECTION] TLS/SSL */
|
||||
pref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security
|
||||
@ -292,7 +294,7 @@ pref("browser.download.alwaysOpenPanel", false); // do not expand toolbar menu f
|
||||
* or media opened while other media is played will not start automatically.
|
||||
* thumbnails will not autoplay unless hovered. exceptions can be set from the UI.
|
||||
*/
|
||||
pref("media.autoplay.default", 5);
|
||||
//pref("media.autoplay.default", 5);
|
||||
|
||||
/** [SECTION] POP-UPS AND WINDOWS
|
||||
* prevent scripts from resizing existing windows and opening new ones, by forcing them into
|
||||
@ -384,11 +386,11 @@ pref("browser.newtabpage.activity-stream.default.sites", "");
|
||||
/** [SECTION] ABOUT
|
||||
* remove annoying ui elements from the about pages, including about:protections
|
||||
*/
|
||||
pref("browser.contentblocking.report.lockwise.enabled", false);
|
||||
pref("browser.contentblocking.report.hide_vpn_banner", true);
|
||||
pref("browser.contentblocking.report.vpn.enabled", false);
|
||||
pref("browser.contentblocking.report.show_mobile_app", false);
|
||||
pref("browser.vpn_promo.enabled", false);
|
||||
//pref("browser.contentblocking.report.lockwise.enabled", false);
|
||||
//pref("browser.contentblocking.report.hide_vpn_banner", true);
|
||||
//pref("browser.contentblocking.report.vpn.enabled", false);
|
||||
//pref("browser.contentblocking.report.show_mobile_app", false);
|
||||
//pref("browser.vpn_promo.enabled", false);
|
||||
pref("browser.promo.focus.enabled", false);
|
||||
// ...about:addons recommendations sections and more
|
||||
pref("extensions.htmlaboutaddons.recommendations.enabled", false);
|
||||
@ -397,7 +399,7 @@ pref("lightweightThemes.getMoreURL", ""); // disable button to get more themes
|
||||
// ...about:preferences#home
|
||||
pref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button
|
||||
// ...and about:config
|
||||
pref("browser.aboutConfig.showWarning", false);
|
||||
//pref("browser.aboutConfig.showWarning", false);
|
||||
// hide about:preferences#moreFromMozilla
|
||||
pref("browser.preferences.moreFromMozilla", false);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user