{firefox,chromium}#ubo: add antipaywall.txt which apparently helps with Quora login prompt as well

{firefox,chromium}#ubo: add lists I can imagine triggering in near future
stop using rm where ln -n suffices
2025-08-19 04:47:19 +02:00 · 2024-05-19 15:04:52 +03:00 · 2024-05-19 14:47:06 +03:00 · 2024-05-19 14:07:21 +03:00 · 2024-05-19 14:05:04 +03:00 · 2024-05-19 13:10:20 +03:00
11 changed files with 192 additions and 122 deletions
--- a/.mikaela_install
+++ b/.mikaela_install
@ -20,14 +20,17 @@ cat etc/ssh/ssh_config >~/.ssh/config
 cat .editorconfig >~/.editorconfig
 mkdir -p ~/.local/firefox/defaults/pref/
 cat conf/autoconfig.js >~/.local/firefox/defaults/pref/autoconfig.js
-cat conf/librewolf.overrides.cfg >~/.local/firefox/librewolf.overrides.cfg
-cat conf/librewolf.overrides.cfg >~/public_html/autoconfig.js
+#cat conf/librewolf.overrides.cfg >~/.local/firefox/librewolf.overrides.cfg
+cat conf/firefox-forbidden-policies.js >~/.local/firefox/firefox-forbidden-policies.js
+#cat conf/librewolf.overrides.cfg >~/public_html/autoconfig.js
+cat conf/firefox-forbidden-policies.js >~/public_html/autoconfig.js
 mkdir -p ~/.librewolf/ ~/.var/app/io.gitlab.librewolf-community/.librewolf/
-cat conf/librewolf.overrides.cfg >~/.librewolf/librewolf.overrides.cfg
-cat conf/librewolf.overrides.cfg >~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg
+#cat conf/librewolf.overrides.cfg >~/.librewolf/librewolf.overrides.cfg
+cat conf/firefox-forbidden-policies.js >~/.librewolf/librewolf.overrides.cfg
+#cat conf/librewolf.overrides.cfg >~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg
+cat conf/firefox-forbidden-policies.js >~/.var/app/io.gitlab.librewolf-community/.librewolf/librewolf.overrides.cfg
 mkdir -p ~/.local/share/applications
-ln -sfv ~/.shell-things/local/share/applications ~/.local/share/applications/shell-things
-rm -fv ~/.shell-things/local/share/applications/applications
+ln -nsfv ~/.shell-things/local/share/applications ~/.local/share/applications/shell-things
 if hash update-desktop-database 2>/dev/null; then
 	update-desktop-database ~/.local/share/applications
 fi
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -49,14 +49,15 @@ repos:
      - id: fix-byte-order-marker
      - id: mixed-line-ending
        args: [--fix=auto]
-      - id: pretty-format-json
+        # Remember to check that prettier excludes it, if used!
+        #- id: pretty-format-json
        # Breaks AdNauseam/uBlock Origin rules as the browser interprets
        # values to be set for empty options.
        #exclude: ^etc\/firefox\/policies\/policies.json|etc\/opt\/chromium\/policies\/managed\/aminda-extensions.json$
-        args:
+        #args:
        # Remember also: --no-sort-keys
        # ASCII excludes the älphäbet amongst others
-          [--autofix, --no-ensure-ascii]
+        #[--autofix, --no-ensure-ascii]
        #- id: requirements-txt-fixer

  # Synchronize dependencies between this file and package managers
@ -133,8 +134,8 @@ repos:
    rev: "v3.2.5"
    hooks:
      - id: prettier
-        # These are handled by Black below or pretty-format-json above
-        exclude_types: [python, pyi, jupyter, json]
+        # These are handled by Black below
+        exclude_types: [python, pyi, jupyter]
        additional_dependencies: [
            # https://www.npmjs.com/package/prettier
            "prettier@3.2.5",
--- a/conf/autoconfig.js
+++ b/conf/autoconfig.js
@ -3,6 +3,7 @@

 // However the file below belongs to ../../ e.g. /usr/lib/64/firefox/ or
 // ~/.local/firefox/
-pref("general.config.filename", "librewolf.overrides.cfg");
+//pref("general.config.filename", "librewolf.overrides.cfg");
+pref("general.config.filename", "firefox-forbidden-policies.js");
 pref("general.config.obscure_value", 0);
 // vim: filetype=javascript
--- a/conf/autoconfig.js.online
+++ b/conf/autoconfig.js.online
@ -1,6 +1,6 @@
 // This file belongs to Firefox `default/pref` directory as `autoconfig.js`.
 // E.g. /usr/lib64/firefox/defaults/pref/autoconfig.js
-//pref("autoadmin.global_config_url","https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/librewolf.overrides.cfg");
+//pref("autoadmin.global_config_url","https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/firefox-forbidden-policies.js");
 pref("autoadmin.global_config_url","file:///home/aminda/public_html/autoconfig.js");
 pref("general.config.obscure_value", 0);
 pref("autoadmin.refresh_interval", 120);
--- a/conf/firefox-forbidden-policies.js
+++ b/conf/firefox-forbidden-policies.js
@ -0,0 +1,63 @@
+// Remember to start writing at line 2. This is my second attempt at Firefox
+// autoconfig after being taught by LibreAwoo, but this time I am trying to
+// avoid duplicating my browser policy, which you can find from the same
+// repository, etc/firefox/policies/policies.json
+
+// If autoconfig is not found, fallback. Also means this file.
+pref("autoadmin.failover_to_cached", true);
+pref(
+	"autoadmin.global_config_url",
+	"https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/firefox-forbidden-policies.js",
+);
+pref("autoadmin.offline_failover", true);
+pref("autoadmin.refresh_interval", 120);
+
+// Automatically click cookiebanners although uBlock Origin might block them
+pref("cookiebanners.bannerClicking.enabled", true);
+pref("cookiebanners.service.mode", 2);
+pref("cookiebanners.service.mode.privateBrowsing", 2);
+
+// Play animated images only once, accessibility.
+pref("image.animation.mode", "once");
+
+// Spoof en-US as language to scripts
+pref("javascript.use_us_english_locale", true);
+
+// DNT although PrivacyBadger from policy handles this
+pref("privacy.donottrackheader.enabled", true);
+pref("privacy.donottrackheader.value", 1);
+
+// More tunable privacy.resistfingerprinting. I have lost the privacy game
+// many times before this point, so this is nothing.
+pref("privacy.fingerprintingProtection", true);
+pref(
+	"privacy.fingerprintingProtection.overrides",
+	"+AllTargets,-KeyboardEvents,-SpeechSynthesis,-CSSPrefersColorScheme,-CSSPrefersReducedMotion,-NavigatorPlatform,-NavigatorUserAgent,-JSDateTimeUTC,-HttpUserAgent,-FontVisibilityRestrictGenerics,-FontVisibilityBaseSystem,-FontVisibilityLangPack",
+);
+pref("privacy.fingerprintingProtection.pbmode", true);
+// (Incompatible with the above)
+pref("privacy.resistFingerprinting", false);
+pref("privacy.resistFingerprinting.block_mozAddonManage", true);
+// Letterboxing from Tor Browser, I like it in general.
+pref("privacy.resistFingerprinting.letterboxing", true);
+// Still Incompatible with the above
+pref("privacy.resistFingerprinting.pbmode", false);
+
+// Enable containers without extensions (although those are forced by the
+// policy. TODO: Remove these as they are in the policy, but disallowed by
+// current ESR
+pref("privacy.userContext.enabled", true);
+pref("privacy.userContext.ui.enabled", true);
+
+// Enables reading mode for all pages (at least in theory)
+pref("reader.parse-on-load.force-enabled", true);
+
+// Ensure OCSP stapling is enabled, especially if the server has it
+pref("security.ssl.enable_ocsp_must_staple", true);
+
+// TODO: Consider removing this when ESR updates as only it needs this for
+// ECH, which is otherwise the default=
+pref("security.tls.ech.grease_http3", true);
+
+// No making configuration on the last line of the file!
+//
--- a/conf/waybar/config.json
+++ b/conf/waybar/config.json
@ -21,10 +21,7 @@
  "memory": {
    "format": "RAM {percentage}%"
  },
-  "modules-left": [
-    "sway/workspaces",
-    "sway/mode"
-  ],
+  "modules-left": ["sway/workspaces", "sway/mode"],
  "modules-right": [
    "gamemode",
    "cpu",
@ -52,10 +49,7 @@
  "pulseaudio": {
    "format": "VOL {volume}%",
    "format-bluetooth": "BT VOL {volume}%",
-    "ignored-sinks": [
-      "Easy Effects Sink",
-      "Easy Effects Source"
-    ]
+    "ignored-sinks": ["Easy Effects Sink", "Easy Effects Source"]
  },
  "sway/language": {
    "format": "KBD {short} {variant}",
--- a/etc/firefox/policies/policies.json
+++ b/etc/firefox/policies/policies.json
@ -4,9 +4,7 @@
      "Extensions": {
        "adnauseam@rednoise.org": {
          "toAdd": {
-            "trustedSiteDirectives": [
-              ""
-            ]
+            "trustedSiteDirectives": [""]
          },
          "toOverwrite": {
            "filterLists": [
@ -18,21 +16,7 @@
        },
        "jid1-MnnxcxisBPnSXQ@jetpack": {
          "checkForDNTPolicy": true,
-          "disabledSites": [
-            "app.element.io",
-            "staging.element.io",
-            "develop.element.io",
-            "chat.pikaviestin.fi",
-            "webchat.disroot.org",
-            "learn.microsoft.com",
-            "teams.microsoft.com",
-            "bittimittari.fi",
-            "pp-attester-turnstile.research.cloudflare.com",
-            "keyoxide.org",
-            "one.one.one.one",
-            "www.ecosia.org",
-            "ac.ecosia.org"
-          ],
+          "disabledSites": ["cloudflare.com", "ecosia.org", "keyoxide.org"],
          "learnInIncognito": true,
          "learnLocally": true,
          "sendDNTSignal": true,
@ -46,19 +30,22 @@
        "uBlock0@raymondhill.net": {
          "toAdd": {
            "trustedSiteDirectives": [
-              "app.element.io",
-              "staging.element.io",
-              "develop.element.io",
-              "chat.pikaviestin.fi",
-              "webchat.disroot.org",
-              "learn.microsoft.com",
-              "teams.microsoft.com",
              "bittimittari.fi",
-              "pp-attester-turnstile.research.cloudflare.com",
+              "chrome-extension-scheme",
+              "cloudflare.com",
+              "disroot.org",
+              "duckduckgo.com",
+              "ecosia.org",
+              "element.io",
+              "google",
+              "google.com",
              "keyoxide.org",
-              "one.one.one.one",
-              "www.ecosia.org",
-              "ac.ecosia.org"
+              "live.com",
+              "matrix.org",
+              "microsoft.com",
+              "moz-extension-scheme",
+              "one.one",
+              "pikaviestin.fi"
            ]
          },
          "toOverwrite": {
@ -78,9 +65,19 @@
              "ublock-quick-fixes",
              "FIN-0",
              "RUS-0",
+              "BGR-0",
+              "CZE-0",
+              "EST-0",
+              "SPA-0",
+              "NOR-0",
+              "SWE-1",
              "https://big.oisd.nl",
-              "ublock-annoyances",
-              "adguard-mobile-app-banners"
+              "adguard-mobile-app-banners",
+              "fanboy-cookiemonster",
+              "ublock-cookies-easylist",
+              "adguard-cookies",
+              "ublock-cookies-adguard",
+              "https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt"
            ]
          }
        }
@ -104,10 +101,7 @@
    },
    "DNSOverHTTPS": {
      "Enabled": false,
-      "ExcludedDomains": [
-        "http.badssl.com",
-        "norwegianwifi.com"
-      ],
+      "ExcludedDomains": ["http.badssl.com", "norwegianwifi.com"],
      "Fallback": true,
      "Locked": true,
      "ProviderURL": "https://dns0.eu/",
@ -124,21 +118,22 @@
      "Cryptomining": true,
      "EmailTracking": true,
      "Exceptions": [
+        "https://ac.ecosia.org",
        "https://app.element.io",
-        "https://staging.element.io",
-        "https://develop.element.io",
-        "https://chat.pikaviestin.fi",
-        "https://webchat.disroot.org",
-        "https://learn.microsoft.com",
-        "https://teams.microsoft.com",
-        "https://glowing-bear.org",
-        "https://latest.glowing-bear.org",
        "https://bittimittari.fi",
-        "https://pp-attester-turnstile.research.cloudflare.com",
+        "https://challenges.cloudflare.com",
+        "https://chat.pikaviestin.fi",
+        "https://develop.element.io",
+        "https://glowing-bear.org",
        "https://keyoxide.org",
+        "https://latest.glowing-bear.org",
+        "https://learn.microsoft.com",
        "https://one.one.one.one",
-        "https://www.ecosia.org",
-        "https://ac.ecosia.org"
+        "https://pp-attester-turnstile.research.cloudflare.com",
+        "https://staging.element.io",
+        "https://teams.microsoft.com",
+        "https://webchat.disroot.org",
+        "https://www.ecosia.org"
      ],
      "Fingerprinting": true,
      "Locked": false,
@ -149,10 +144,6 @@
      "Locked": false
    },
    "ExtensionSettings": {
-      "addon@darkreader.org": {
-        "install_url": "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi",
-        "installation_mode": "normal_installed"
-      },
      "adnauseam@rednoise.org": {
        "install_url": "https://addons.mozilla.org/firefox/downloads/latest/adnauseam/latest.xpi",
        "installation_mode": "blocked"
@ -222,6 +213,10 @@
      "{b5501fd1-7084-45c5-9aa6-567c2fcf5dc6}": {
        "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ruffle_rs/latest.xpi",
        "installation_mode": "normal_installed"
+      },
+      "{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}": {
+        "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ecosia-the-green-search/latest.xpi",
+        "installation_mode": "normal_installed"
      }
    },
    "FirefoxHome": {
@ -263,7 +258,7 @@
        "Comment": "Preference not allowed for stability reasons. :(",
        "Status": "locked",
        "Type": "string",
-        "Value": "https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/librewolf.overrides.cfg"
+        "Value": "https://gitea.blesmrt.net/mikaela/shell-things/raw/branch/master/conf/firefox-forbidden-policies.js"
      },
      "autoadmin.offline_failover": {
        "Comment": "Preference not allowed for stability reasons. :(",
@ -307,6 +302,16 @@
        "Type": "boolean",
        "Value": false
      },
+      "browser.translation.neverForLanguages": {
+        "Status": "default",
+        "Type": "string",
+        "Value": "en, fi"
+      },
+      "browser.translations.neverTranslateLanguages": {
+        "Status": "default",
+        "Type": "string",
+        "Value": "en, fi"
+      },
      "cookiebanners.bannerClicking.enabled": {
        "Comment": "Preference not allowed for stability reasons. :(",
        "Status": "locked",
--- a/etc/opt/chromium/policies/managed/aminda-extensions.json
+++ b/etc/opt/chromium/policies/managed/aminda-extensions.json
@ -10,19 +10,22 @@
      "cjpalhdlnbpafiamejdnhcphjbkeiagm": {
        "toAdd": {
          "trustedSiteDirectives": [
-            "app.element.io",
-            "staging.element.io",
-            "develop.element.io",
-            "chat.pikaviestin.fi",
-            "webchat.disroot.org",
-            "learn.microsoft.com",
-            "teams.microsoft.com",
            "bittimittari.fi",
-            "pp-attester-turnstile.research.cloudflare.com",
+            "chrome-extension-scheme",
+            "cloudflare.com",
+            "disroot.org",
+            "duckduckgo.com",
+            "ecosia.org",
+            "element.io",
+            "google",
+            "google.com",
            "keyoxide.org",
-            "one.one.one.one",
-            "www.ecosia.org",
-            "ac.ecosia.org"
+            "live.com",
+            "matrix.org",
+            "microsoft.com",
+            "moz-extension-scheme",
+            "one.one",
+            "pikaviestin.fi"
          ]
        },
        "toOverwrite": {
@ -42,17 +45,25 @@
            "ublock-quick-fixes",
            "FIN-0",
            "RUS-0",
+            "BGR-0",
+            "CZE-0",
+            "EST-0",
+            "SPA-0",
+            "NOR-0",
+            "SWE-1",
            "https://big.oisd.nl",
-            "ublock-annoyances",
-            "adguard-mobile-app-banners"
+            "adguard-mobile-app-banners",
+            "fanboy-cookiemonster",
+            "ublock-cookies-easylist",
+            "adguard-cookies",
+            "ublock-cookies-adguard",
+            "https://raw.githubusercontent.com/liamengland1/miscfilters/master/antipaywall.txt"
          ]
        }
      },
      "mlojlfildnehdpnlmpkeiiglhhkofhpb": {
        "toAdd": {
-          "trustedSiteDirectives": [
-            ""
-          ]
+          "trustedSiteDirectives": [""]
        },
        "toOverwrite": {
          "filterLists": [
@ -64,21 +75,7 @@
      },
      "pkehgijcmpdhfbdbbnkijodmdjhbjlgp": {
        "checkForDNTPolicy": true,
-        "disabledSites": [
-          "app.element.io",
-          "staging.element.io",
-          "develop.element.io",
-          "chat.pikaviestin.fi",
-          "webchat.disroot.org",
-          "learn.microsoft.com",
-          "teams.microsoft.com",
-          "bittimittari.fi",
-          "pp-attester-turnstile.research.cloudflare.com",
-          "keyoxide.org",
-          "one.one.one.one",
-          "www.ecosia.org",
-          "ac.ecosia.org"
-        ],
+        "disabledSites": ["cloudflare.com", "ecosia.org", "keyoxide.org"],
        "learnInIncognito": true,
        "learnLocally": true,
        "sendDNTSignal": true,
--- a/etc/opt/chromium/policies/managed/brave-shields-disabled.json
+++ b/etc/opt/chromium/policies/managed/brave-shields-disabled.json
@ -1,19 +1,20 @@
 {
  "BraveShieldsDisabledForUrls": [
+    "https://ac.ecosia.org",
    "https://app.element.io",
-    "https://staging.element.io",
-    "https://develop.element.io",
-    "https://chat.pikaviestin.fi",
-    "https://webchat.disroot.org",
-    "https://learn.microsoft.com",
-    "https://teams.microsoft.com",
-    "https://glowing-bear.org",
-    "https://latest.glowing-bear.org",
    "https://bittimittari.fi",
-    "https://pp-attester-turnstile.research.cloudflare.com",
+    "https://challenges.cloudflare.com",
+    "https://chat.pikaviestin.fi",
+    "https://develop.element.io",
+    "https://glowing-bear.org",
    "https://keyoxide.org",
+    "https://latest.glowing-bear.org",
+    "https://learn.microsoft.com",
    "https://one.one.one.one",
-    "https://www.ecosia.org",
-    "https://ac.ecosia.org"
+    "https://pp-attester-turnstile.research.cloudflare.com",
+    "https://staging.element.io",
+    "https://teams.microsoft.com",
+    "https://webchat.disroot.org",
+    "https://www.ecosia.org"
  ]
 }
--- a/etc/opt/chromium/policies/managed/languages.json
+++ b/etc/opt/chromium/policies/managed/languages.json
@ -1,7 +1,3 @@
 {
-  "ForcedLanguages": [
-    "fi",
-    "en",
-    "ru"
-  ]
+  "ForcedLanguages": ["fi", "en", "ru"]
 }
--- a/11
+++ b/11
@ -2,7 +2,16 @@
 # Do not use this script unless you know what you are doing!
 set -x

+if [ -d ~/src/gitea.blesmrt.net/Mikaela/ssh-allowed_signers ]; then
+	printf "\n[OK] ssh-allowed_signers exists\n\n"
+else
+	echo "Keys not found, cloning..."
+	mkdir -vp ~/src/gitea.blesmrt.net/Mikaela/
+	git clone https://gitea.blesmrt.net/Mikaela/ssh-allowed_signers.git ~/src/gitea.blesmrt.net/Mikaela/ssh-allowed_signers
+fi
+
 git verify-commit HEAD
+sleep 3

 export MIKAELA_GREP=$HOME/.MIKAELA_GREP

@ -14,7 +23,7 @@ mkdir -p ~/.config/git
 cat conf/gitconfig >~/.config/git/config
 touch ~/.gitconfig
 rm ~/.gitconfig
-ln -sfv ~/.config/git/config ~/.gitconfig
+ln -nsfv ~/.config/git/config ~/.gitconfig
 mkdir -p ~/.git-template
 cat rc/vimrc >~/.vimrc
 mkdir -p ~/.config/nvim/
Author	SHA1	Message	Date
Aminda Suomalainen	4d11897918	{firefox,chromium}#ubo: add antipaywall.txt which apparently helps with Quora login prompt as well	2024-05-19 15:04:52 +03:00
Aminda Suomalainen	6ece6f5e75	{firefox,chromium}#ubo: add lists I can imagine triggering in near future	2024-05-19 14:47:06 +03:00
Aminda Suomalainen	6f7d510f89	stop using rm where ln -n suffices	2024-05-19 14:07:21 +03:00
Aminda Suomalainen	17a189396b	initial commit of firefox-forbidden-policies.js (autoconfig take#2)	2024-05-19 14:05:04 +03:00
Aminda Suomalainen	6293ce0a14	run prettier on json files (4)	2024-05-19 13:10:20 +03:00
Aminda Suomalainen	e24c05bb3d	.pre-commit-config.yaml: move json to prettier for cod{e,ium} compatibility	2024-05-19 13:07:23 +03:00
Aminda Suomalainen	e92addc23f	install: attempt to ensure allowed signers exist	2024-05-19 13:00:39 +03:00
Aminda Suomalainen	79411a0932	{firefox,brave}: add forgotten integrated protection excemptions	2024-05-19 11:59:50 +03:00
Aminda Suomalainen	162912dd82	{firefox,chromium}#PrivacyBadger: just trust cloudflare.com directly I remembered that the analytics domain is cloudflareinsigts.com and I use cloudflare's esni testing etc. too often	2024-05-19 11:54:58 +03:00
Aminda Suomalainen	79a7e38d93	{firefox,chromium}: actually cut PrivacyBadger's list a lot	2024-05-19 11:41:20 +03:00
Aminda Suomalainen	1f0ac5a0e9	{firefox,chromium}: simplify allowlist configuration PrivacyBadger continues having stricter rules and I am trusting it to catch what I let through	2024-05-19 11:38:18 +03:00
Aminda Suomalainen	b4e1f7fd0e	{firefox,chromium}: allow challenges.cloudflare.com just in case	2024-05-19 11:04:09 +03:00
Aminda Suomalainen	77e2e37362	{firefox,chromium}: add cookie lists to uBlock Origin I was staring at them too much while testing policies	2024-05-19 09:53:16 +03:00
Aminda Suomalainen	e8a3ecff0c	firefox: stop offering to translate English [and Finnish] by default Otherwise it's not intelligent enough to understand that accepted language en also means en-US	2024-05-19 09:27:32 +03:00
Aminda Suomalainen	9fff2bb17d	firefox: don't install Dark Reader by default I cannot deploy it, so I have to configure it anyway and this means only Bitwarden throws a welcome page at me	2024-05-19 09:07:51 +03:00
Aminda Suomalainen	ea5db5a670	firefox: install Ecosia extension by default for non-{ESR,nightly}	2024-05-19 09:03:51 +03:00