diff --git a/conf/librewolf.overrides.cfg b/conf/librewolf.overrides.cfg index 0861ee57..7192fc25 100644 --- a/conf/librewolf.overrides.cfg +++ b/conf/librewolf.overrides.cfg @@ -8,6 +8,8 @@ // and finally becoming Firefox autoconfig file copied from // https://codeberg.org/librewolf/settings/src/branch/master/librewolf.cfg +// NOTE! A lot is commented either for being a note, wrong, TODO, whatever, or most likely in my /etc/firefox/policies/policies.json + // Firefox autoconfig pref("autoadmin.global_config_url", "https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/librewolf.overrides.cfg"); pref("general.config.obscure_value", 0); @@ -20,7 +22,7 @@ pref("autoadmin.failover_to_cached", true); //pref("intl.regional_prefs.use_os_locales", false); // via https://www.ghacks.net/2017/10/27/how-to-enable-firefox-webextensions-on-mozilla-websites/ -pref("extensions.webextensions.restrictedDomains", ""); +//pref("extensions.webextensions.restrictedDomains", ""); //pref("privacy.resistFingerprinting.block_mozAddonManage", true); // Block cookie banners. Warning: may result to auto-accepting cookies. // https://www.ghacks.net/2022/12/24/configure-firefox-to-reject-cookie-banners-automatically/ @@ -69,7 +71,7 @@ defaultPref("intl.accept_languages", "fi, en"); //pref("intl.accept_languages", "eo, fi"); // No JavaScript allowed in internal pdf viewer -pref("pdfjs.enableScripting", false); +//pref("pdfjs.enableScripting", false); // Dark mode pref("ui.systemUsesDarkTheme", 1); @@ -93,16 +95,16 @@ pref("privacy.clearOnShutdown.siteSettings", false); defaultPref("browser.sessionstore.resume_from_crash", false); // Click to play. https://wiki.mozilla.org/Media/block-autoplay -pref("media.autoplay.blocking_policy", 2); +//pref("media.autoplay.blocking_policy", 2); // No corporate CA MITM -defaultPref("security.certerrors.mitm.auto_enable_enterprise_roots", false); +//defaultPref("security.certerrors.mitm.auto_enable_enterprise_roots", false); // Decrease animations pref("image.animation_mode", "once"); // Punycode -pref("network.IDN_show_punycode", true); +//pref("network.IDN_show_punycode", true); // Enforce reader mode enabling? pref("reader.parse-on-load.force-enabled", true); @@ -110,17 +112,17 @@ pref("reader.parse-on-load.force-enabled", true); // TRR & ECH // Mode 2 allows fallback to system resolver, 3 is TTR-only. //pref("network.trr.mode", 2); -defaultPref("network.trr.mode", 3); -pref("network.trr.early-AAAA", true); +//defaultPref("network.trr.mode", 3); +//pref("network.trr.early-AAAA", true); //defaultPref("network.trr.uri", "https://dns0.eu/"); -defaultPref("network.trr.uri", "https://dns11.quad9.net/dns-query"); +//defaultPref("network.trr.uri", "https://dns11.quad9.net/dns-query"); //defaultPref("network.trr.uri", "https://dns.adguard-dns.com/dns-query"); // NOTE: ECH requires TRR, so mode 2 may not use it. -defaultPref("network.trr.disable-ECS", false); -pref("network.dns.echconfig.enabled", true); -pref("network.dns.use_https_rr_as_altsvc", true); -pref("network.trr.exclude-etc-hosts", false); -pref("network.trr.excluded-domains", "http.badssl.com,norwegianwifi.com,mywifiext.net,tplinkrepeater.net,router.asus.com"); +//defaultPref("network.trr.disable-ECS", false); +//pref("network.dns.echconfig.enabled", true); +//pref("network.dns.use_https_rr_as_altsvc", true); +//pref("network.trr.exclude-etc-hosts", false); +//pref("network.trr.excluded-domains", "http.badssl.com,norwegianwifi.com,mywifiext.net,tplinkrepeater.net,router.asus.com"); // Default UI scale defaultPref("layout.css.devPixelsPerPx", "1.5"); @@ -134,7 +136,7 @@ pref("browser.cache.memory.enable", true); //pref("browser.startup.page", 1); // Simplified DDG experience without prompts for extension and all //pref("browser.startup.homepage", "https://start.duckduckgo.com"); -defaultPref("browser.startup.homepage", "about:mozilla"); +//defaultPref("browser.startup.homepage", "about:mozilla"); // https://codeberg.org/librewolf/settings/src/branch/master/librewolf.cfg begins @@ -144,7 +146,7 @@ defaultPref("browser.startup.homepage", "about:mozilla"); pref("privacy.userContext.enabled", true); pref("privacy.userContext.ui.enabled", true); -pref("browser.contentblocking.category", "strict"); +//pref("browser.contentblocking.category", "strict"); pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); @@ -171,7 +173,7 @@ pref("network.auth.subresource-http-auth-allow", 1); // block HTTP authenticatio * as a general rule, the behavior of referes which are not cross-origin should not * be changed. */ -pref("network.http.referer.XOriginTrimmingPolicy", 2); +//pref("network.http.referer.XOriginTrimmingPolicy", 2); /** [SECTION] WEBRTC * there is no point in disabling webrtc as mDNS protects the private IP on linux, osx and win10+. @@ -186,16 +188,16 @@ pref("network.proxy.socks_remote_dns", true); // forces dns query through the pr pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // force webrtc inside proxy when one is used /** [SECTION] DNS */ -pref("network.dns.disablePrefetch", true); // disable dns prefetching +//pref("network.dns.disablePrefetch", true); // disable dns prefetching pref("network.dns.skipTRR-when-parental-control-enabled", false); // Arkenfox user.js v117 /** [SECTION] PREFETCHING AND SPECULATIVE CONNECTIONS * disable prefecthing for different things such as links, bookmarks and predictions. */ -pref("network.predictor.enabled", false); -pref("network.prefetch-next", false); -pref("network.http.speculative-parallel-limit", 0); -pref("browser.places.speculativeConnect.enabled", false); +//pref("network.predictor.enabled", false); +//pref("network.prefetch-next", false); +//pref("network.http.speculative-parallel-limit", 0); +//pref("browser.places.speculativeConnect.enabled", false); // disable speculative connections and domain guessing from the urlbar pref("browser.urlbar.speculativeConnect.enabled", false); @@ -224,7 +226,7 @@ pref("security.ssl.treat_unsafe_negotiation_as_broken", true); * in v103, when crlite is fully mature, it will switch to mode 2 and no longer double-check. */ pref("security.remote_settings.crlite_filters.enabled", true); -pref("security.OCSP.require", true); // set to hard-fail, might cause SEC_ERROR_OCSP_SERVER_ERROR +//pref("security.OCSP.require", true); // set to hard-fail, might cause SEC_ERROR_OCSP_SERVER_ERROR /** [SECTION] TLS/SSL */ pref("security.tls.enable_0rtt_data", false); // disable 0 RTT to improve tls 1.3 security @@ -292,7 +294,7 @@ pref("browser.download.alwaysOpenPanel", false); // do not expand toolbar menu f * or media opened while other media is played will not start automatically. * thumbnails will not autoplay unless hovered. exceptions can be set from the UI. */ -pref("media.autoplay.default", 5); +//pref("media.autoplay.default", 5); /** [SECTION] POP-UPS AND WINDOWS * prevent scripts from resizing existing windows and opening new ones, by forcing them into @@ -384,11 +386,11 @@ pref("browser.newtabpage.activity-stream.default.sites", ""); /** [SECTION] ABOUT * remove annoying ui elements from the about pages, including about:protections */ -pref("browser.contentblocking.report.lockwise.enabled", false); -pref("browser.contentblocking.report.hide_vpn_banner", true); -pref("browser.contentblocking.report.vpn.enabled", false); -pref("browser.contentblocking.report.show_mobile_app", false); -pref("browser.vpn_promo.enabled", false); +//pref("browser.contentblocking.report.lockwise.enabled", false); +//pref("browser.contentblocking.report.hide_vpn_banner", true); +//pref("browser.contentblocking.report.vpn.enabled", false); +//pref("browser.contentblocking.report.show_mobile_app", false); +//pref("browser.vpn_promo.enabled", false); pref("browser.promo.focus.enabled", false); // ...about:addons recommendations sections and more pref("extensions.htmlaboutaddons.recommendations.enabled", false); @@ -397,7 +399,7 @@ pref("lightweightThemes.getMoreURL", ""); // disable button to get more themes // ...about:preferences#home pref("browser.topsites.useRemoteSetting", false); // hide sponsored shortcuts button // ...and about:config -pref("browser.aboutConfig.showWarning", false); +//pref("browser.aboutConfig.showWarning", false); // hide about:preferences#moreFromMozilla pref("browser.preferences.moreFromMozilla", false);