- A Guide to Bettering Firefox -
-- Web browsers are kind of awful. They do too much - (why - would I want an application to be an image viewer, pdf reader, media - player, and html renderer?), and as a result, - - they are bloated beyond belief. They strain developer resources, - require sandboxing because of the insane default that JavaScript is - arbitrarily executed, and yet, they're the most prolific method of - application distribution in the modern day. Web browsers have become the - most convenient place for many to do their computing, so, with this - page, I'm trying to define a more sane functionality for the browser I - use—Firefox. -
-- Why Firefox? -
-- I use Firefox because it is the best web browser for the kinds of - modifications I need. It is also the last major browser standing against - - Chromium domination - - (even if Mozilla - - takes money from Google - ). If there were a web browser that had sane defaults and all of the - features I need - ( - and I do plan on creating my own that does - ), I would - immediately switch to it; however, until there is a satisfactory - browser, which can do what I want from Firefox, I will stick either with - it or a fork of it like - - LibreWolf - . If you don't want to use Firefox, then at least - - choose your browser carefully - . -
-
- In addition to the modifications and extensions listed here, my
- script,
-
- xdg-sanity
- , can be used to prevent your web browser from being used to open
- remote content that has a MIME type other than text/html
.
-
-
- Modifications to about:config
-
-
-
-
- - These settings are advanced user settings, and I'm not responsible for - misconfigured browsers, broken web pages, or thermonuclear war. -
-- Make any entries that do not have anything written for their values - blank. -
- -- Performance -
--
-
gfx.webrender.all = true
-
- Disable or Enable Features -
--
-
widget.use-xdg-desktop-portal = true
- dom.event.contextmenu.enabled = false
- extensions.screenshots.disabled = true
- browser.quitShortcut.disabled = true
- reader.parse-on-load.enabled = false
- -
-
- services.sync.prefs.sync.extensions.activeThemeID = - false -
-
-
Allows Firefox to use KDE Plasma filechooser on GNU/Linux.
- -Prevents site from blocking the context menu from being opened.
- -Disables redundant in-app screenshots.
- -Disables ctrl+q quit shortcut.
- -Disables reader mode.
- -Prevents automatic application of themes on new - devices.
-- Disable Digital Rights Management -
-- - What is DRM and - - why would I want to disable it? -
--
-
-
-
media.gmp-widevinecdm.enabled = false
-
-
- -
-
media.gmp-widevinecdm.visible = false
-
-
- Disable Pocket -
-- - What is Pocket and why would I want to disable it? - -
-
-
-
-
-
- browser.newtabpage.activity-stream.section.highlights.includePocket - = false -
-
-
- -
-
extensions.pocket.enabled = false
-
-
- extensions.pocket.site
-
- -
-
extensions.pocket.oAuthConsumerKey
-
-
- extensions.pocket.api
-
- -
-
- services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includePocket - = false -
-
-
- Privacy -
--
-
privacy.resistFingerprinting = true
- privacy.firstparty.isolate = true
- media.navigator.enabled = false
-
- geo.enabled = false
- browser.send_pings = false
- dom.netinfo.enabled = false
-
- beacon.enabled = false
-
- dom.enable_resource_timing = false
-
- -
-
dom.event.clipboardevents.enabled = false
-
-
- Disables quality-of-life features such as automatic site - dark mode detection. -
-Restricts cache, storage, and cookies to the domain that - issued the data in them.
- -- Disables location tracking. -
-Disables browsers sending POST requests when you click a - link.
- -Prevents sites from being able to see what text you - copied or cut and when you did it.
-- Peripherals -
--
-
-
-
- camera.control.face_detection.enabled = false -
-
-
- -
-
- camera.control.face_detection.enabled = false -
-
-
- -
-
dom.battery.enabled = false
-
-
- Webpage Prefetching & Caching -
--
-
-
-
- browser.urlbar.speculativeConnect.enabled = false -
-
-
- -
-
browser.cache.offline.enable = false
-
-
- network.prefetch-next = false
-
- -
-
browser.cache.check_doc_frequency = 0
-
-
- Mozilla Telemetry -
--
-
-
-
toolkit.telemetry.cachedClientID
-
-
- -
-
browser.aboutHomeSnippets.updateUrL
-
-
- -
-
- browser.startup.homepage_override.mstone = ignore -
-
-
- -
-
- browser.startup.homepage_override.buildID -
-
-
- -
-
startup.homepage_welcome_url
-
-
- -
-
startup.homepage_welcome_url.additional
-
-
- startup.homepage_override_url
-
- User-Agent Spoofing -
--
-
general.platform.override = Win32
- -
-
- general.useragent.override = "" -
-
-
- Returns Win32
when the
-
- navigator.platform
object is utilized
- in JavaScript.
-
- Set this equal to the - - latest Chrome user-agent string. -
-- - DNS over HTTPS - -
-- Read about DOH - - here. -
--
-
-
-
network.trr.uri = ""
-
- network.trr.mode = 2
-
- Select a DNS-over-HTTPS server to use—I use the - dnswarden adblocking - one, but if your polity censors your internet - access, you should use the uncensored one. There is a - list of alternatives available - - on GitHub. -
- -This sets HTTPS over DNS to be on unless the DNS - server cannot be reached.
-- - Header Sanitization - -
--
-
-
-
network.http.referer.spoofSource = true
-
-
- -
-
- network.http.referer.hideOnionSource = true -
-
-
- Disable Google Safe Browsing -
-
- This is an exhaustive list of all the settings you need to
- change. Typing only browser.safebrowsing
into the
- about:config
search box will return all of them,
- but make sure to apply the correct value to each.
-
-
-
-
-
browser.safebrowsing.allowOverride = true
-
-
- -
-
- browser.safebrowsing.malware.enabled = false -
-
-
- -
-
- browser.safebrowsing.phishing.enabled = false -
-
-
- -
-
- browser.safebrowsing.downloads.enabled = false -
-
-
- -
-
- browser.safebrowsing.blockedURIs.enabled = false -
-
-
- -
-
- browser.safebrowsing.downloads.remote.block_dangerous_host = false -
-
-
- -
-
- browser.safebrowsing.downloads.remote.block_dangerous = false -
-
-
- -
-
- browser.safebrowsing.downloads.remote.block_potentially_unwanted - = false -
-
-
- -
-
- browser.safebrowsing.downloads.remote.enabled = false -
-
-
- -
-
browser.safebrowsing.downloads.remote.url
-
-
- browser.safebrowsing.id
-
- -
-
- browser.safebrowsing.provider.google4.updateURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.reportURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.reportPhishMistakeURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.reportMalwareMistakeURL -
-
-
- -
-
browser.safebrowsing.provider.google4.lists
-
-
- -
-
- browser.safebrowsing.provider.google4.gethashURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.dataSharingURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.dataSharing.enabled = false -
-
-
- -
-
- browser.safebrowsing.provider.google4.advisoryURL -
-
-
- -
-
- browser.safebrowsing.provider.google4.advisoryName -
-
-
- -
-
browser.safebrowsing.provider.google4.pver
-
-
- -
-
- browser.safebrowsing.provider.google4.lastupdatetime -
-
-
- -
-
- browser.safebrowsing.provider.google4.nextupdatetime -
-
-
- -
-
- browser.safebrowsing.provider.google.advisoryName -
-
-
- -
-
- browser.safebrowsing.provider.google.advisoryURL -
-
-
- -
-
- browser.safebrowsing.provider.google.updateURL -
-
-
- -
-
- browser.safebrowsing.provider.google.reportURL -
-
-
- -
-
- browser.safebrowsing.provider.google.gethashURL -
-
-
- -
-
- browser.safebrowsing.provider.google.reportPhishMistakeURL -
-
-
- -
-
- browser.safebrowsing.provider.google.reportMalwareMistakeURL -
-
-
- -
-
browser.safebrowsing.provider.google.pver
-
-
- -
-
browser.safebrowsing.provider.google.lists
-
-
- -
-
- browser.safebrowsing.provider.mozilla.gethashURL -
-
-
- -
-
- browser.safebrowsing.provider.mozilla.lastupdatetime -
-
-
- -
-
browser.safebrowsing.provider.mozilla.pver
-
-
- -
-
- browser.safebrowsing.provider.mozilla.updateURL -
-
-
- -
-
browser.safebrowsing.provider.mozilla.lists
-
-
- -
-
- browser.safebrowsing.provider.mozilla.lists.base -
-
-
- -
-
- browser.safebrowsing.provider.mozilla.lists.content -
-
-
- Extensions -
-- When it comes to extensions, fewer is better, so try to limit - your extensions to the minimum you need to browse the web. This - helps reduce the performance impact and fingerprintability of - your browser. The following are a list of extensions you can - give the boot: -
-
-
- - For many use cases, containerization extensions like Facebook - Container or Google Container are redundant with - - Total Cookie Protection - and - - Enhanced Cookie Clearing. - - -
- - The - - I don't care about cookies extension has been - - acquired by Avast - , and the extension itself is superfluous with the - recommended uBlock Origin filter lists below. - - -
- - Privacy Badger - - has multiple issues, including its lack of fingerprinting - protection, its connection to Fastly CDN, and its redundancy with - uBlock Origin. - -