https://github.com/auberginehill/firefox-customization-files
Alters the Mozilla Firefox behaviour extensively and holistically with Firefox customization file(s). The main focus in this project is on privacy and security.
https://github.com/auberginehill/firefox-customization-files
firefox firefox-customization
Last synced: 3 months ago
JSON representation
Alters the Mozilla Firefox behaviour extensively and holistically with Firefox customization file(s). The main focus in this project is on privacy and security.
- Host: GitHub
- URL: https://github.com/auberginehill/firefox-customization-files
- Owner: auberginehill
- License: other
- Created: 2016-10-17T15:05:08.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2018-01-21T19:40:51.000Z (almost 8 years ago)
- Last Synced: 2024-11-27T10:36:03.541Z (11 months ago)
- Topics: firefox, firefox-customization
- Language: JavaScript
- Homepage:
- Size: 29.3 KB
- Stars: 16
- Watchers: 1
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
- jimsghstars - auberginehill/firefox-customization-files - Alters the Mozilla Firefox behaviour extensively and holistically with Firefox customization file(s). The main focus in this project is on privacy and security. (JavaScript)
README
## Firefox Customization Files
OS:
Not defined
Type:
Mozilla Firefox customization files
Language:
JavaScript
Description:
The deployment of the Firefox Customization File(s) allows to extensively and holistically modify the behaviour of the Mozilla Firefox browser. The settings listed below are mainly centered on reinforcing privacy with a few touches on security, too. For a full list of available settings, please, for example, see a fairly comprehensive list of Firefox privacy and security settings managed by Martin Brinkmann.
This code is partially based on the advice "Browser Security Guidance: Mozilla Firefox" released by the UK government's National Technical Authority for Information Assurance (CESG), which is part of the Government Communications Headquarters (in UK).
Homepage:
https://github.com/auberginehill/firefox-customization-files
Short URL: http://tinyurl.com/hc7uvh9
Version:
1.1
Sources:
Emojis:
Emoji Table
MozillaZine:
Locking preferences
MozillaZine:
About:config entries
MozillaZine:
User.js file
haasn:
about:config.md
MrYar:
about:config.md
amq:
firefox-debloat
Andrew:
Firefox Customization File
Martin Brinkmann:
A comprehensive list of Firefox privacy and security settings
Martin Brinkmann:
How to disable the Firefox Saved Telemetry Pings and archive folder
UK government's National Technical Authority for Information Assurance (CESG):
Browser Security Guidance: Mozilla Firefox
Downloads:
For instance prefs.js and firefox.cfg. Or everything as a .zip-file. Or by cloning using git:
git clone https://github.com/auberginehill/firefox-customization-files/
### Deployment and Configuration
:book:
To use this code with Mozilla Firefox, for instance:
-
Step 1: Recommended configuration
Firefox is configured by using two configuration files (a system-wide installation):
A system-wide installation
Windows:
OS
Original name
Path and file name
Windows
prefs.js
%programfiles(x86)%\Mozilla Firefox\defaults\pref\prefs.js
Windows
firefox.cfg
%programfiles(x86)%\Mozilla Firefox\firefox.cfg
Windows
prefs.js
C:\Program Files (x86)\Mozilla Firefox\defaults\pref\prefs.js
Windows
firefox.cfg
C:\Program Files (x86)\Mozilla Firefox\firefox.cfg
Linux:
OS
Original name
Path and file name
Linux
prefs.js
Either this file is not required or is copied to ~/.mozilla/firefox/*.default/prefs.js
Linux
firefox.cfg
/etc/firefox/firefox.js
Linux (Debian)
firefox.cfg
/etc/firefox-esr/firefox-esr.js
Linux (CentOS 6.3)
firefox.cfg
/usr/l/usr/lib64/firefox/defaults/preferencesib64/firefox/defaults/preferences/your_site.js
OS X:
OS
Original name
Path and file name
OS X
prefs.js
/Applications/Firefox.app/Contents/Resources/defaults/pref/prefs.js
OS X
firefox.cfg
/Applications/Firefox.app/Contents/Resources/firefox.cfg
Build a lock file with computer wide settings (prefs.js) containing only two rows of actual data (in addition to the comments, listed below starting with "pref(") and a configuration file (firefox.cfg) containing all the many configuration settings in accordance with the settings listed further down below starting with "lockPref(". These files should contain the settings which the organisation wishes to configure and enforce. The files are then deployed to the EUDs in %programfiles(x86)%\Mozilla Firefox\firefox.cfg and %programfiles(x86)%\Mozilla Firefox\defaults\pref\prefs.js in Windows – for the file locations and file names in other platforms, please see the tables above. Please note, that a prefs.js file inside a Mozilla Firefox user profile directory (the path to a user profile directory is mentioned in the optional Step 2) shouldn't be altered, since that file with the same name (which resides inside a Mozilla Firefox user profile directory) is generated automatically by the program itself. The main difference between these files, which have a common name (prefs.js) is that the other resides inside the program installation folder (target) and the other is found under user profiles (not to be changed).
prefs.js (lock file) content:
pref('general.config.filename', 'firefox.cfg');
pref('general.config.obscure_value', 0);
-
Step 2: Optional configuration (concerning a single Firefox user profile)
Alternatively, if a computer-wide installation is not preferred, Firefox can be configured with a single configuration file, where the installation will concern only a single Firefox user profile.
N.B.
Please read A brief guide to Mozilla preferences
N.B.
In this option before doing any modifications that concern an existing Firefox user profile (for instance in Windows %APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\), it is highly recommended to backup the whole existing Firefox user profile directory before anything is copied to or otherwise altered inside the Firefox user profile directory, since the settings listed below may alter the browser behaviour quite a bit.
N.B.
In this option it is highly recommended to create a completely new user profile to use with the custom configuration settings.
N.B.
Please note, that a prefs.js file inside a Mozilla Firefox user profile directory shouldn't be altered, since that file (which resides inside a Mozilla Firefox user profile directory) is generated automatically by the program itself.
N.B.
In this option it is mandatory to follow option 3 below.
File (user.js) location
OS
Original name
Path and file name
Windows
firefox.cfg
%APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\user.js
Linux
firefox.cfg
~/.mozilla/firefox/[a_profile_name]/user.js
OS X
firefox.cfg
~/Library/Application Support/Firefox/Profiles/[a_profile_name]/user.js
Android
firefox.cfg
/data/data/org.mozilla.firefox/files/mozilla/[a_profile_name]/user.js
Sailfish OS + Alien Dalvik
firefox.cfg
/opt/alien/data/data/org.mozilla.firefox/files/mozilla/[a_profile_name]/user.js
Windows (portable)
firefox.cfg
[firefox_directory]\Data\[a_profile_name]\user.js
Build a configuration file called user.js containing all the many configuration settings in accordance with the settings listed further down below starting with "lockPref(". The file should contain the settings which the organisation wishes to configure and enforce. Please notice that since lockPref() may be called only in the configuration file (firefox.cfg), and user.js can only contain pref(), user_pref() and sticky_pref() calls, it is mandatory to follow the Step 3 below before deployment. The file is then deployed to the EUDs in %APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\user.js in Windows – for the file locations and file names in other platforms, please see the table above. Please note, that a prefs.js file inside a Mozilla Firefox user profile directory shouldn't be altered, since that file which resides inside a Mozilla Firefox user profile directory is generated automatically by the program itself.
-
Step 3: Tweaking the settings: Setting the settings settable rather than in a locked state
In the firefox.cfg file, if the settings are preferred to be controllable (not locked) on the about:config -page, please change every
lockPref("
to
pref("
Please notice that lockPref() may be called only in the configuration file (firefox.cfg), and user.js can only contain pref(), user_pref() and sticky_pref() calls.
-
Step 4: Additional notes
For disabling the Pocket integration, please start by removing the "pocket" icon from the toolbar.
### Settings
:triangular_ruler:
Recommended configuration
Disable telemetry and health reporting
Firefox Health Report
Telemetry (usage statistics)
Preferences
lockPref("breakpad.reportURL", "");
lockPref("browser.tabs.crashReporting.sendReport", false);
lockPref("datareporting.healthreport.documentServerURI", "");
lockPref("datareporting.healthreport.service.enabled", false);
lockPref("datareporting.healthreport.uploadEnabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled.v2", false);
lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
lockPref("dom.ipc.plugins.reportCrashURL", false);
lockPref("toolkit.telemetry.archive.enabled", false);
lockPref("toolkit.telemetry.cachedClientID", "");
lockPref("toolkit.telemetry.enabled", false);
lockPref("toolkit.telemetry.prompted", 2);
lockPref("toolkit.telemetry.rejected", true);
lockPref("toolkit.telemetry.server", "");
lockPref("toolkit.telemetry.unified", false);
lockPref("toolkit.telemetry.unifiedIsOptIn", true);
lockPref("toolkit.telemetry.optoutSample", false);
Disable sync
lockPref("identity.fxaccounts.auth.uri", "");
lockPref("identity.fxaccounts.remote.force_auth.uri", "");
lockPref("identity.fxaccounts.remote.signin.uri", "");
lockPref("identity.fxaccounts.remote.signup.uri", "");
lockPref("identity.fxaccounts.settings.uri", "");
lockPref("services.sync.autoconnect", false);
lockPref("services.sync.engine.addons", false);
lockPref("services.sync.engine.bookmarks", false);
lockPref("services.sync.engine.history", false);
lockPref("services.sync.engine.passwords", false);
lockPref("services.sync.engine.prefs", false);
lockPref("services.sync.engine.tabs", false);
lockPref("services.sync.serverURL", "");
Turn on Do not Track
lockPref("privacy.donottrackheader.enabled", true);
lockPref("privacy.donottrackheader.value", 1);
Disable features that have an impact on privacy
lockPref("accessibility.typeaheadfind", false);
lockPref("geo.enabled", false);
lockPref("geo.wifi.logging.enabled", false);
lockPref("geo.wifi.uri", "");
lockPref("layout.spellcheckDefault", 0);
Disable certificate warning bypass
lockPref("browser.xul.error_pages.enabled", false);
Enable support for Content Security Policy
lockPref("security.csp.enable", true);
Disable Safe Browsing anti-malware
Safe Browsing communicates with a third party and leaks the browsing history and also sends metadata about the downloads made.
How does built-in Phishing and Malware Protection work?
lockPref("browser.safebrowsing.enabled", false);
lockPref("browser.safebrowsing.downloads.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);
Turn on XSS Filter
lockPref("browser.urlbar.filter.javascript", true);
Restrict third party cookies
lockPref("network.cookie.cookieBehavior", 1);
Enable Flash as it's in a sandbox
lockPref("plugin.state.flash", 2);
Disable Java unless required
lockPref("plugin.state.java", 0);
lockPref("plugin.state.npdeployjava1", 0);
Disable webcam and microphone unless necessary
lockPref("media.navigator.enabled", false);
lockPref("media.navigator.video.enabled", false);
Disable Firefox Hello
Firefox connects to third-party (Telefonica) servers without asking for permission.
Firefox Hello - video and voice conversations online
lockPref("loop.enabled", false);
Optional configuration
Clear personal and temporary data on shutdown
lockPref("privacy.clearOnShutdown.cache", true);
lockPref("privacy.clearOnShutdown.cookies", true);
lockPref("privacy.clearOnShutdown.downloads", true);
lockPref("privacy.clearOnShutdown.formData", true);
lockPref("privacy.clearOnShutdown.history", true);
lockPref("privacy.clearOnShutdown.offlineApps", true);
lockPref("privacy.clearOnShutdown.openWindows", false);
lockPref("privacy.clearOnShutdown.passwords", true);
lockPref("privacy.clearOnShutdown.sessions", true);
lockPref("privacy.clearOnShutdown.siteprefs", true);
lockPref("privacy.clearOnShutdown.siteSettings", true);
lockPref("privacy.cpd.cache", true);
lockPref("privacy.cpd.cookies", true);
lockPref("privacy.cpd.downloads", true);
lockPref("privacy.cpd.formdata", true);
lockPref("privacy.cpd.history", true);
lockPref("privacy.cpd.offlineApps", true);
lockPref("privacy.cpd.openWindows", false);
lockPref("privacy.cpd.passwords", true);
lockPref("privacy.cpd.sessions", true);
lockPref("privacy.cpd.siteprefs", true);
lockPref("privacy.cpd.siteSettings", true);
lockPref("privacy.sanitize.sanitizeOnShutdown", true);
Prevent the use of SPDY, Websockets and WebRTC if not supported by the web proxy
lockPref("media.http.spdy.enabled", false);
lockPref("media.peerconnection.enabled", false);
lockPref("media.websocket.enabled", false);
lockPref("network.websocket.enabled", false);
Disable automatic form filling
lockPref("signon.autofillForms", false);
lockPref("signon.prefillForms", false);
lockPref("signon.rememberSignons", false);
Disable Pocket integration
A third-party service (proprietary) for managing a reading list of articles.
For disabling the Pocket integration, please start by removing the "pocket" icon from the toolbar.
Save web pages for later with Pocket for Firefox
Pocket-Erweiterung in Firefox 57 deaktivieren
lockPref("browser.pocket.enabled", false);
lockPref("extensions.pocket.enabled", false);
Disable Firefox's new Screenshot tool (requires at least Firefox 55)
How to enable or disable Firefox's new Screenshot tool
lockPref("extensions.screenshots.disabled", true);
Expire master password
lockPref("signon.expireMasterPassword", true);
Disable the version updated page
lockPref("browser.startup.homepage_override.mstone", "ignore");
Disable default browser check
lockPref("browser.shell.checkDefaultBrowser", false);
Set disk cache to 1MB
lockPref("browser.cache.disk.capacity", 1024);
lockPref("browser.cache.disk.smart_size.enabled", false);
lockPref("browser.cache.disk.smart_size.first_run", false);
lockPref("browser.cache.disk.smart_size.use_old_max", false);
Ideas (not enabled nor disabled)
Disable updates and notifications
lockPref("app.update.auto", false);
lockPref("app.update.autoUpdateEnabled", false);
lockPref("app.update.enabled", false);
lockPref("app.update.mode", 1);
lockPref("app.update.service.enabled", false);
lockPref("app.update.silent", true);
lockPref("update_notifications.enabled", false);
Disable unnecessary protocols
This disables older protocols that are known to be weak or entirely broken (3DES, RC4 and MD5).
lockPref("security.ssl3.rsa_rc4_128_sha", false);
lockPref("security.ssl3.rsa_rc4_128_md5", false);
lockPref("security.ssl3.rsa_des_ede3_sha", false);
lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
lockPref("app.update.auto", false);
Disable device sensors
lockPref("device.sensors.enabled", false);
lockPref("camera.control.face_detection.enabled", false);
lockPref("camera.control.autofocus_moving_callback.enabled", false);
Disable JavaScript fingerprinting and/or data collection
lockPref("dom.event.clipboardevents.enabled", false);
lockPref("dom.battery.enabled", false);
lockPref("browser.send_pings", false);
lockPref("webgl.disabled", false);
Disable search suggestions
By default everything that is typed in the search box is sent to the search engine.
If disabled, suggestions based on local history will still work.
lockPref("browser.search.suggest.enabled", false);
Turn on tracking protection
This makes Firefox block known tracking domains by default.
lockPref("privacy.trackingprotection.enabled", true);
For more ideas, please see A comprehensive list of Firefox privacy and security settings
### Contributing
Find a bug? Have a feature request? Here is how you can contribute to this project:
Bugs:
Submit bugs and help us verify fixes.
Feature Requests:
Feature request can be submitted by creating an Issue.
Edit Source Files:
Submit pull requests for bug fixes and features and discuss existing proposals.
### www
Script Homepage
MozillaZine: Locking preferences
MozillaZine: About:config entries
MozillaZine: User.js file
haasn: about:config.md
MrYar: about:config.md
amq: firefox-debloat
Andrew: Firefox Customization File
Martin Brinkmann: A comprehensive list of Firefox privacy and security settings
Martin Brinkmann: How to disable the Firefox Saved Telemetry Pings and archive folder
UK government's National Technical Authority for Information Assurance (CESG): Browser Security Guidance: Mozilla Firefox
ASCII Art: http://www.figlet.org/ and ASCII Art Text Generator
### Related scripts
Get-AsciiTable
Get-BatteryInfo
Get-ComputerInfo
Get-DirectorySize
Get-InstalledPrograms
Get-InstalledWindowsUpdates
Get-RAMInfo
Get-TimeDifference
Get-TimeZoneTable
Get-UnusedDriveLetters
Rock-Paper-Scissors
Toss-a-Coin
Update-AdobeFlashPlayer