misc

- align indent on all the section and subsection lines - rename 4600 to NON-RFP - since it's "optional", we better tag stuff like 4650 with a warning
2025-06-18 16:12:40 +02:00 · 2021-08-04 21:17:34 +00:00 · 2021-08-04 21:17:34 +00:00 · 2ba66dafc9
commit 2ba66dafc9
parent e28abc8748
1 changed files with 106 additions and 105 deletions
--- a/user.js
+++ b/user.js
@ -67,7 +67,7 @@
  2800: SHUTDOWN
  4000: FPI (FIRST PARTY ISOLATION)
  4500: RFP (RESIST FINGERPRINTING)
-  4600: DO NOT USE: RFP ALTERNATIVES
+  4600: NON-RFP
  5000: PERSONAL
  9999: DEPRECATED / REMOVED / LEGACY / RENAMED
@ -743,11 +743,11 @@ user_pref("dom.security.https_only_mode_send_http_background_request", false);
   // user_pref("dom.securecontext.whitelist_onions", true);
 /** CIPHERS [WARNING: do not meddle with your cipher suite: see the section 1200 intro]
- * These are the ciphers listed under "Cipher Suites" [1] that are either still using SHA-1 and CBC,
+   These are the ciphers listed under "Cipher Suites" [1] that are either still using SHA-1 and CBC,
- * and/or are missing Perfect Forward Secrecy [3] and/or have other weaknesses like key sizes of 128
+   and/or are missing Perfect Forward Secrecy [3] and/or have other weaknesses like key sizes of 128
- * [1] https://browserleaks.com/ssl
+   [1] https://browserleaks.com/ssl
- * [2] https://en.wikipedia.org/wiki/Key_size
+   [2] https://en.wikipedia.org/wiki/Key_size
- * [3] https://en.wikipedia.org/wiki/Forward_secrecy
+   [3] https://en.wikipedia.org/wiki/Forward_secrecy
 ***/
 /* 1261: disable 3DES (effective key size < 128 and no PFS)
 * [1] https://en.wikipedia.org/wiki/3des#Security
@ -1297,14 +1297,14 @@ user_pref("privacy.trackingprotection.socialtracking.enabled", true);
 user_pref("dom.storage.next_gen", true);
 /*** [SECTION 2800]: SHUTDOWN
-     - Sanitizing on shutdown is all or nothing. It does not use Managed Exceptions under
+   * Sanitizing on shutdown is all or nothing. It does not use Managed Exceptions under
     Privacy & Security>Delete cookies and site data when Firefox is closed (1681701)
-     - If you want to keep some sites' cookies (exception as "Allow") and optionally other site
+   * If you want to keep some sites' cookies (exception as "Allow") and optionally other site
     data but clear all the rest on close, then you need to set the "cookie" and optionally the
     "offlineApps" prefs below to false, and to set the cookie lifetime pref to 2 (2703)
-     - "Offline Website Data" includes appCache (2730), localStorage (2720),
+   * "Offline Website Data" includes appCache (2730), localStorage (2720),
     service worker cache (2740), and QuotaManager (IndexedDB, asm-cache)
-     - In both 2803 + 2804, the 'download' and 'history' prefs are combined in the
+   * In both 2803 + 2804, the 'download' and 'history' prefs are combined in the
     Firefox interface as "Browsing & Download History" and their values will be synced
 ***/
 user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
@ -1402,11 +1402,11 @@ user_pref("privacy.firstparty.isolate", true);
   [WARNING] DO NOT USE prefs in section 4600 with RFP as they can interfere
 FF41+
-    418986 - limit window.screen & CSS media queries leaking identifiable info
+    418986 - limit window.screen & CSS media queries leaking identifiable info (FF41+)
      [TEST] https://arkenfox.github.io/TZP/tzp.html#screen
 FF50+
   1281949 - spoof screen orientation
-   1281963 - hide the contents of navigator.plugins and navigator.mimeTypes (FF50+)
+   1281963 - hide the contents of navigator.plugins and navigator.mimeTypes
 FF55+
   1330890 - spoof timezone as UTC 0
   1360039 - spoof navigator.hardwareConcurrency as 2 (see 4601)
@ -1498,9 +1498,9 @@ user_pref("browser.startup.blankWindow", false);
 * [NOTE] pref added in FF63, but applied to chrome in FF77. RFP spoofs this for web content ***/
 user_pref("ui.prefersReducedMotion", 1); // [HIDDEN PREF]
-/*** [SECTION 4600]: RFP ALTERNATIVES
+/*** [SECTION 4600]: NON-RFP
-     [WARNING] DO NOT USE
+   [WARNING] DO NOT USE with RFP. RFP already covers these, and they can interfere
-     These are all covered by RFP and if used can interfere. These prefs are
+   [NOTE] These prefs will not help anti-fingeprinting. They are mostly useless,
   insufficient on their own, can cause breakage, and will make you stand out
 ***/
 user_pref("_user.js.parrot", "4600 syntax error: the parrot's crossed the Jordan");
@ -1569,7 +1569,7 @@ user_pref("_user.js.parrot", "4600 syntax error: the parrot's crossed the Jordan
 * [1] https://searchfox.org/mozilla-central/search?path=StandardFonts*.inc ***/
   // user_pref("layout.css.font-visibility.level", 1);
 /* 4650: navigator DOM object overrides
- * These prefs are insufficient and leak ***/
+ * [WANRING] NO NOT USE: these prefs are insufficient and leak ***/
   // user_pref("general.appname.override", ""); // [HIDDEN PREF]
   // user_pref("general.appversion.override", ""); // [HIDDEN PREF]
   // user_pref("general.buildID.override", ""); // [HIDDEN PREF]
@ -1579,7 +1579,8 @@ user_pref("_user.js.parrot", "4600 syntax error: the parrot's crossed the Jordan
 /*** [SECTION 5000]: PERSONAL
   Non-project related but useful. If any of these interest you, add them to your overrides
-     To save some overrides, we've made a few active as they seem to be universally used ***/
+   To save some overrides, we've made a few active as they seem to be universally used
 ***/
 user_pref("_user.js.parrot", "5000 syntax error: this is an ex-parrot!");
 /* WELCOME & WHAT's NEW NOTICES ***/
 user_pref("browser.startup.homepage_override.mstone", "ignore"); // master switch