{firefox,chromium}: trust default restricted domains of Firefox

I trust Privacy Badger to handle any potential trackers there and I especially suspect JavaScript blocking of breaking things. Besides they are very unlikely to be actively malicious.
firefox: set extensions.webextensions.restrictedDomains to user set
2025-08-19 04:47:19 +02:00 · 2024-05-21 21:24:34 +03:00 · 2024-05-21 21:17:50 +03:00 · 2024-05-21 20:56:27 +03:00 · 2024-05-21 20:31:12 +03:00 · 2024-05-21 20:24:06 +03:00
4 changed files with 18 additions and 18 deletions
--- a/conf/firefox-forbidden-policies.js
+++ b/conf/firefox-forbidden-policies.js
@ -49,7 +49,7 @@ lockPref("privacy.fingerprintingProtection", true);
 //lockPref("privacy.fingerprintingProtection", false);
 pref(
 	"privacy.fingerprintingProtection.overrides",
-	"+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorPlatform,-NavigatorUserAgent,-JSDateTimeUTC",
+	"+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorUserAgent,-JSDateTimeUTC",
 );
 //clearPref("privacy.fingerprintingProtection.overrides");
 lockPref("privacy.fingerprintingProtection.pbmode", true);
@ -65,16 +65,6 @@ lockPref("privacy.resistFingerprinting.letterboxing", true);
 //lockPref("privacy.resistFingerprinting.pbmode", false);
 clearPref("privacy.resistFingerprinting.pbmode");

-// Which extension requires container tabs? My policy and this file. This
-// particular option is so forbidden, it cannot be set either in the policy
-// or autoconfig.js
-lockPref("privacy.userContext.extension", "");
-// Enable containers without extensions (although those are forced by the
-// policy. TODO: Remove these as they are in the policy, but disallowed by
-// current ESR
-lockPref("privacy.userContext.enabled", true);
-lockPref("privacy.userContext.ui.enabled", true);
-
 // Enables reading mode for all pages (at least in theory)
 lockPref("reader.parse-on-load.force-enabled", true);

--- a/etc/firefox/policies/policies.json
+++ b/etc/firefox/policies/policies.json
@ -43,7 +43,10 @@
              "challenges.cloudflare.com",
              "duckduckgo.com",
              "ecosia.org",
+              "firefox.com",
              "keyoxide.org",
+              "mozilla.net",
+              "mozilla.org",
              "moz-extension-scheme",
              "research.cloudflare.com"
            ]
@ -399,8 +402,8 @@
        "Value": false
      },
      "extensions.webextensions.restrictedDomains": {
-        "Comment": "Don't protect Mozilla domains from privacy extensions.",
-        "Status": "locked",
+        "Comment": "Don't protect Mozilla domains from privacy extensions. Always reset it to modified/empty so I can access the original value if I ever need it.",
+        "Status": "user",
        "Type": "string",
        "Value": ""
      },
@ -467,6 +470,12 @@
        "Type": "boolean",
        "Value": true
      },
+      "layout.css.always_underline_links": {
+        "Comment": "Underscore links by default, disabling allowed",
+        "Status": "default",
+        "Type": "boolean",
+        "Value": true
+      },
      "layout.css.devPixelsPerPx": {
        "Status": "default",
        "Type": "string",
@ -622,7 +631,7 @@
        "Comment": "Preference not allowed for stability reasons. :( https://searchfox.org/mozilla-central/source/toolkit/components/resistfingerprinting/RFPTargets.inc",
        "Status": "locked",
        "Type": "string",
-        "Value": "+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorPlatform,-NavigatorUserAgent,-JSDateTimeUTC"
+        "Value": "+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorUserAgent,-JSDateTimeUTC"
      },
      "privacy.fingerprintingProtection.pbmode": {
        "Comment": "Preference not allowed for stability reasons. :(",
--- a/etc/opt/chromium/policies/managed/aminda-extensions.json
+++ b/etc/opt/chromium/policies/managed/aminda-extensions.json
@ -14,7 +14,10 @@
            "challenges.cloudflare.com",
            "duckduckgo.com",
            "ecosia.org",
+            "firefox.com",
            "keyoxide.org",
+            "mozilla.net",
+            "mozilla.org",
            "moz-extension-scheme",
            "research.cloudflare.com"
          ]
--- a/6
+++ b/6
@ -3,16 +3,14 @@
 set -x

 if [ -d ~/src/gitea.blesmrt.net/Mikaela/ssh-allowed_signers ]; then
-	printf "\n[OK] ssh-allowed_signers exists\n\n"
+	git verify-commit HEAD
+	sleep 3
 else
 	echo "Keys not found, cloning..."
 	mkdir -vp ~/src/gitea.blesmrt.net/Mikaela/
 	git clone https://gitea.blesmrt.net/Mikaela/ssh-allowed_signers.git ~/src/gitea.blesmrt.net/Mikaela/ssh-allowed_signers
 fi

-git verify-commit HEAD
-sleep 3
-
 export MIKAELA_GREP=$HOME/.MIKAELA_GREP

 cat rc/bashrc >~/.bashrc
Author	SHA1	Message	Date
Aminda Suomalainen	616785fc1f	{firefox,chromium}: trust default restricted domains of Firefox I trust Privacy Badger to handle any potential trackers there and I especially suspect JavaScript blocking of breaking things. Besides they are very unlikely to be actively malicious.	2024-05-21 21:24:34 +03:00
Aminda Suomalainen	ae87cac5a8	firefox: set extensions.webextensions.restrictedDomains to user set	2024-05-21 21:17:50 +03:00
Aminda Suomalainen	1c549d964e	firefox: underline links by default	2024-05-21 20:56:27 +03:00
Aminda Suomalainen	fb50bd2d59	firefox-forbidden-policies.js: remove usercontext options since I upgraded from ESR to release	2024-05-21 20:31:12 +03:00
Aminda Suomalainen	af80e553c6	install: move git verify-commit into the if of whether the keys exist	2024-05-21 20:24:06 +03:00
Aminda Suomalainen	1769f3b6dc	firefox: remove deprecated navigator.platform as well	2024-05-21 18:59:51 +03:00