From be243700b4024c1b2d581e815d55758a207f68dc Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 10 Mar 2025 18:01:22 +0000 Subject: [PATCH 1/8] v136 --- user.js | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/user.js b/user.js index 08c51ca..3e6cdbb 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: arkenfox user.js -* date: 6 March 2025 -* version: 135 +* date: 30 March 2025 +* version: 136 * urls: https://github.com/arkenfox/user.js [repo] * : https://arkenfox.github.io/gui/ [interactive] * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt @@ -125,7 +125,7 @@ user_pref("browser.discovery.enabled", false); * [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1840156#c0 ***/ user_pref("browser.shopping.experience2023.enabled", false); // [DEFAULT: false] -/** TELEMETRY ***/ +/** ACTIVITY STREAM ***/ /* 0335: disable Firefox Home (Activity Stream) telemetry ***/ user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false); user_pref("browser.newtabpage.activity-stream.telemetry", false); @@ -807,8 +807,9 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF] // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF] /* 4505: disable RFP by domain [FF91+] - * [NOTE] Working examples: "arkenfox.github.io", "*github.io" - * Non-working examples: "https://arkenfox.github.io", "github.io", "*arkenfox.github.io" ***/ + * [NOTE]: The pref takes comma separated values: e.g. "domain1.tld, *domain2.tld" + * Working domain examples: "arkenfox.github.io", "*github.io" + * Non-working domain examples: "https://arkenfox.github.io", "github.io", "*arkenfox.github.io" ***/ // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid"); /* 4506: disable RFP spoof english prompt [FF59+] * 0=prompt, 1=disabled, 2=enabled @@ -1181,7 +1182,7 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan - Opt-in telemetry _does not_ work and results in data that is unrepresentative and may be misleading Choice - Every new profile on first use provides data collection/use policy and the abillty to opt-out - - It can be disabled at any time (Settings>Privacy & Security>Data Collection and Use) + - It can be disabled at any time (Settings>Privacy & Security>Data Collection and Use) Data - no PII (Personally Identifiable Information) - can be viewed in about:telemetry From 2733b25a6e656c114a17483cd99eccefe57518b3 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Wed, 12 Mar 2025 22:55:51 +0000 Subject: [PATCH 2/8] fixup example --- user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user.js b/user.js index 3e6cdbb..639b1a4 100644 --- a/user.js +++ b/user.js @@ -807,7 +807,7 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); // user_pref("privacy.resistFingerprinting.letterboxing", true); // [HIDDEN PREF] // user_pref("privacy.resistFingerprinting.letterboxing.dimensions", ""); // [HIDDEN PREF] /* 4505: disable RFP by domain [FF91+] - * [NOTE]: The pref takes comma separated values: e.g. "domain1.tld, *domain2.tld" + * [NOTE]: The pref takes comma separated values: e.g. "*domain1.tld, *domain2.tld" * Working domain examples: "arkenfox.github.io", "*github.io" * Non-working domain examples: "https://arkenfox.github.io", "github.io", "*arkenfox.github.io" ***/ // user_pref("privacy.resistFingerprinting.exemptedDomains", "*.example.invalid"); From 5895e3171c3eda62005c7c58b654768ff1eee694 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 28 Mar 2025 10:39:27 +0000 Subject: [PATCH 3/8] remove stray reference, fixes #1953 --- user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user.js b/user.js index 639b1a4..d7fc7d1 100644 --- a/user.js +++ b/user.js @@ -1121,7 +1121,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies // user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true] // user_pref("privacy.trackingprotection.fingerprinting.enabled", true); // [DEFAULT: true] /* 7017: disable service workers - * [WHY] Already isolated with TCP (2701) behind a pref (2710) ***/ + * [WHY] Already isolated with TCP (2701) behind a pref ***/ // user_pref("dom.serviceWorkers.enabled", false); /* 7018: disable Web Notifications [FF22+] * [WHY] Web Notifications are behind a prompt (7002) From eb3b45415ecb2785fa3962a8a8b7e505d87a672d Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sat, 29 Mar 2025 23:26:06 +0000 Subject: [PATCH 4/8] add new RFP info --- user.js | 1 + 1 file changed, 1 insertion(+) diff --git a/user.js b/user.js index d7fc7d1..0223dd5 100644 --- a/user.js +++ b/user.js @@ -778,6 +778,7 @@ user_pref("_user.js.parrot", "4000 syntax error: the parrot's bereft of life!"); 1873382 - make spoofed devicePixelRatio and CSS media queries match (FF133) previously FF41+ devicePixelRatio was hardcoded as 1 and FF127+ as 2 previously FF41+ CSS media queries were spoofed as zoom level at a devicePixelRatio of 1 + 1955425 - return 128 for WebGPU subgroupMaxSize (FF138) ***/ user_pref("_user.js.parrot", "4500 syntax error: the parrot's popped 'is clogs"); /* 4501: enable RFP From 8593a538805e32f38b18feaa0648d9ee1e1d5050 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 18 Apr 2025 08:12:02 +0000 Subject: [PATCH 5/8] update passwords UI settings --- user.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/user.js b/user.js index 0223dd5..93df4c3 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: arkenfox user.js -* date: 30 March 2025 -* version: 136 +* date: 10 May 2025 +* version: 138 * urls: https://github.com/arkenfox/user.js [repo] * : https://arkenfox.github.io/gui/ [interactive] * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt @@ -330,7 +330,7 @@ user_pref("_user.js.parrot", "0900 syntax error: the parrot's expired!"); /* 0903: disable auto-filling username & password form fields * can leak in cross-site forms *and* be spoofed * [NOTE] Username & password is still available when you enter the field - * [SETTING] Privacy & Security>Logins and Passwords>Autofill logins and passwords + * [SETTING] Privacy & Security>Passwords>Autofill logins and passwords * [1] https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers/ * [2] https://homes.esat.kuleuven.be/~asenol/leaky-forms/ ***/ user_pref("signon.autofillForms", false); From 7b25b0f0133affa1d21ed3ffaf40409fd237bee7 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 18 Apr 2025 12:47:01 +0000 Subject: [PATCH 6/8] _v2.downloads hidden see #1947 --- user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user.js b/user.js index 93df4c3..44da9ad 100644 --- a/user.js +++ b/user.js @@ -633,7 +633,7 @@ user_pref("privacy.clearOnShutdown_v2.historyFormDataAndDownloads", true); // [D // user_pref("privacy.clearOnShutdown_v2.siteSettings", false); // [DEFAULT: false] /* 2812: set/enforce clearOnShutdown items [FF136+] ***/ user_pref("privacy.clearOnShutdown_v2.browsingHistoryAndDownloads", true); // [DEFAULT: true] -user_pref("privacy.clearOnShutdown_v2.downloads", true); +user_pref("privacy.clearOnShutdown_v2.downloads", true); // [HIDDEN] user_pref("privacy.clearOnShutdown_v2.formdata", true); /* 2813: set Session Restore to clear on shutdown (if 2810 is true) [FF34+] * [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811+) From f377ade0d921811c83f198efd444215ae6301cb1 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 21 Apr 2025 14:38:06 +0000 Subject: [PATCH 7/8] deprecated in 137 https://bugzilla.mozilla.org/show_bug.cgi?id=1882674 --- user.js | 1 - 1 file changed, 1 deletion(-) diff --git a/user.js b/user.js index 44da9ad..e0bbcc8 100644 --- a/user.js +++ b/user.js @@ -1168,7 +1168,6 @@ user_pref("_user.js.parrot", "8000 syntax error: the parrot's crossed the Jordan // user_pref("general.platform.override", ""); // user_pref("general.useragent.override", ""); // user_pref("media.navigator.enabled", ""); - // user_pref("media.ondevicechange.enabled", ""); // user_pref("media.video_stats.enabled", ""); // user_pref("media.webspeech.synth.enabled", ""); // user_pref("ui.use_standins_for_native_colors", ""); From dc3a3d7bd0ccba63ccfa33ec0947c0c046ab7615 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 21 Apr 2025 15:31:52 +0000 Subject: [PATCH 8/8] add RFP skipEarlyBlankFirstPaint --- user.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/user.js b/user.js index e0bbcc8..11146f1 100644 --- a/user.js +++ b/user.js @@ -818,6 +818,8 @@ user_pref("privacy.resistFingerprinting.block_mozAddonManager", true); * [SETUP-WEB] when enabled, sets 'en-US, en' for displaying pages and 'en-US' as locale. * [SETTING] General>Language>Choose your preferred language for displaying pages>Choose>Request English... ***/ user_pref("privacy.spoof_english", 1); +/* 4507: skip browser.startup.blankWindow if RFP is used [FF136+] ***/ + // user_pref("privacy.resistFingerprinting.skipEarlyBlankFirstPaint", true); // [DEFAULT: true] /* 4510: disable using system colors * [SETTING] General>Language and Appearance>Fonts and Colors>Colors>Use system colors ***/ user_pref("browser.display.use_system_colors", false); // [DEFAULT: false NON-WINDOWS]