Startseite Erkunden Hilfe
Anmelden
Parabola
/
abslibre
Mirror von https://git.parabola.nu/abslibre.git
Beobachten 2
Favorit hinzufügen 0
Fork 0
Dateien Issues 0 Wiki
Struktur: 90f32f24ed
Branches Tags
abslibre
/
nonprism
/
icedove-hardened-preferences
/
icedove-branding.js

icedove-branding.js 14 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232 
  1. pref("app.update.auto", false);
    2. 

  2. pref("app.update.enabled", false);
    3. 

  3. pref("app.update.url", "about:blank");
    4. 

  4. pref("beacon.enabled", false);
    5. 

  5. pref("breakpad.reportURL", "about:blank");
    6. 

  6. pref("browser.cache.disk.enable", false);
    7. 

  7. pref("browser.cache.offline.enable", false);
    8. 

  8. pref("browser.fixup.alternate.enabled", false);
    9. 

  9. pref("browser.formfill.enable", false);
    10. 

  10. pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups)
    11. 

  11. pref("browser.display.use_document_fonts", 0); // Prevent font fingerprinting
    12. 

  12. pref("browser.download.manager.addToRecentDocs", false);
    13. 

  13. pref("browser.download.manager.retention", 1);
    14. 

  14. pref("browser.download.manager.scanWhenDone", false); // prevents AV remote reporting of downloads
    15. 

  15. pref("browser.download.useDownloadDir", false);
    16. 

  16. pref("browser.safebrowsing.appRepURL", "about:blank");
    17. 

  17. pref("browser.safebrowsing.enabled", false);
    18. 

  18. pref("browser.safebrowsing.malware.enabled", false);
    19. 

  19. pref("browser.safebrowsing.provider.mozilla.gethashURL", "about:blank");
    20. 

  20. pref("browser.safebrowsing.provider.mozilla.updateURL", "about:blank");
    21. 

  21. pref("browser.search.suggest.enabled", false);
    22. 

  22. pref("browser.search.geoip.url", "about:blank");
    23. 

  23. pref("browser.send_pings", false);
    24. 

  24. pref("browser.formfill.enable", false);
    25. 

  25. pref("browser.urlbar.autocomplete.enabled", false);
    26. 

  26. pref("mail.shell.checkDefaultClient", false);
    27. 

  27. pref("calendar.useragent.extra", ""); // Wipe useragent string.
    28. 

  28. pref("camera.control.face_detection.enabled", false);
    29. 

  29. pref("captivedetect.canonicalURL", "about:blank");
    30. 

  30. pref("datareporting.healthreport.service.enabled", false); // Yes, all three of these must be set
    31. 

  31. pref("datareporting.healthreport.uploadEnabled", false);
    32. 

  32. pref("datareporting.policy.dataSubmissionEnabled", false);
    33. 

  33. pref("datareporting.healthreport.about.reportUrl", "data:text/plain,");
    34. 

  34. pref("device.sensors.enabled", false);
    35. 

  35. pref("devtools.debugger.remote-enabled",  false); // https://developer.mozilla.org/docs/Tools/Remote_Debugging/Debugging_Firefox_Desktop#Enable_remote_debugging
    36. 

  36. pref("devtools.devices.url",  "about:blank");
    37. 

  37. pref("devtools.gcli.imgurUploadURL", "about:blank");
    38. 

  38. pref("devtools.gcli.jquerySrc", "about:blank");
    39. 

  39. pref("devtools.gcli.lodashSrc", "about:blank");
    40. 

  40. pref("devtools.gcli.underscoreSrc", "about:blank");
    41. 

  41. pref("devtools.remote.wifi.scan", false); // http://forum.top-hat-sec.com/index.php?topic=4951.5;wap2
    42. 

  42. pref("devtools.remote.wifi.visible", false);
    43. 

  43. pref("dom.battery.enabled", false); // fingerprinting due to differing OS implementations
    44. 

  44. pref("dom.enable_performance", false);
    45. 

  45. pref("dom.enable_user_timing", false); 
    46. 

  46. pref("dom.event.highrestimestamp.enabled", false);
    47. 

  47. pref("dom.event.clipboardevents.enabled",false);
    48. 

  48. pref("dom.gamepad.enabled", false); // bugs.torproject.org/13023
    49. 

  49. pref("dom.indexedDB.enabled", false);
    50. 

  50. pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
    51. 

  51. pref("dom.mozApps.signed_apps_installable_from", "about:blank");
    52. 

  52. pref("dom.netinfo.enabled", false); // Network Information API provides general information about the system's connection type (WiFi, cellular, etc.)
    53. 

  53. pref("dom.network.enabled",false); // fingerprinting due to differing OS implementations
    54. 

  54. pref("dom.push.enabled", false);
    55. 

  55. pref("dom.storage.enabled", false);
    56. 

  56. pref("dom.telephony.enabled",  false); // https://wiki.mozilla.org/WebAPI/Security/WebTelephony
    57. 

  57. pref("dom.vibrator.enabled", false);
    58. 

  58. pref("dom.vr.enabled", false);
    59. 

  59. pref("dom.workers.sharedWorkers.enabled", false); // See https://bugs.torproject.org/15562
    60. 

  60. pref("dom.idle-observers-api.enabled", false); // disable idle observation
    61. 

  61. // Don't disable our bundled extensions in the application directory
    62. 

  62. pref("extensions.autoDisableScopes", 11);
    63. 

  63. pref("extensions.shownSelectionUI", true);
    64. 

  64. pref("extensions.blocklist.detailsURL", "about:blank");
    65. 

  65. pref("extensions.blocklist.enabled", false); // https://trac.torproject.org/projects/tor/ticket/6734
    66. 

  66. pref("extensions.blocklist.itemURL", "about:blank");
    67. 

  67. pref("extensions.blocklist.url", "about:blank");
    68. 

  68. pref("extensions.bootstrappedAddons", "{}");
    69. 

  69. pref("extensions.databaseSchema", 3);
    70. 

  70. pref("extensions.enabledScopes", 1);
    71. 

  71. pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
    72. 

  72. pref("extensions.getAddons.get.url", "about:blank");
    73. 

  73. pref("extensions.getAddons.getWithPerformance.url", "about:blank");
    74. 

  74. pref("extensions.getAddons.link.url", "https://directory.fsf.org/wiki/Icedove");
    75. 

  75. pref("extensions.getAddons.recommended.url", "about:blank");
    76. 

  76. pref("extensions.getAddons.search.browseURL", "https://directory.fsf.org/wiki/Icedove");
    77. 

  77. pref("extensions.getAddons.search.url", "https://directory.fsf.org/wiki/Icedove");
    78. 

  78. pref("extensions.webservice.discoverURL", "https://directory.fsf.org/wiki/Icedove");
    79. 

  79. pref("extensions.pendingOperations", false);
    80. 

  80. pref("extensions.update.autoUpdateDefault", false);
    81. 

  81. pref("extensions.update.background.url", "about:blank"); 
    82. 

  82. pref("extensions.update.enabled", false); // Users can run their own updates on addons, fingerprints installed addons.
    83. 

  83. pref("extensions.enigmail.addHeaders", false);
    84. 

  84. pref("extensions.engimail.useDefaultComment", true);
    85. 

  85. pref("extensions.enigmail.agentAdditionalParam", "--no-emit-version --no-comments --display-charset utf-8 --keyserver-options http-proxy=socks5h://127.0.0.1:9050");
    86. 

  86. pref("extensions.enigmail.mimeHashAlgorithm", 5);
    87. 

  87. pref("general.useragent.override", "");
    88. 

  88. pref("geo.enabled", false);
    89. 

  89. pref("gfx.downloadable_fonts.fallback_delay", -1);
    90. 

  90. pref("javascript.enabled", false); // We don't need to run JS in an e-mail client. Use a browser..
    91. 

  91. pref("javascript.options.asmjs", false); // Multiple security advisories, low level js
    92. 

  92. pref("keyword.enabled", false);
    93. 

  93. pref("layers.acceleration.disabled", true);
    94. 

  94. pref("layout.css.visited_links_enabled", false);
    95. 

  95. pref("lightweightThemes.update.enabled", false); // We can update our themes manually, may fingerprint the user.
    96. 

  96. pref("mail.instrumentation.askUser", false);
    97. 

  97. pref("mail.instrumentation.postUrl", "about:blank");
    98. 

  98. pref("mail.instrumentation.userOptedIn", false);
    99. 

  99. pref("mailnews.start_page.enabled", false); // http://anonymous-proxy-servers.net/en/help/thunderbird.html
    100. 

  100. pref("mailnews.start_page.override_url", "http://wiki.debian.org/Icedove/WhatsNew45");
    101. 

  101. pref("mailnews.send_default_charset", "UTF-8");
    102. 

  102. pref("mailnews.send_plaintext_flowed", false);
    103. 

  103. pref("mailnews.display.prefer_plaintext", true);
    104. 

  104. pref("mailnews.display.disallow_mime_handlers", 3); // http://www.bucksch.org/1/projects/mozilla/108153/
    105. 

  105. pref("mailnews.display.html_as", 1);  // Convert HTML to text and then back again.
    106. 

  106. //pref("mailnews.reply_header_type", 1);
    107. 

  107. pref("mailnews.reply_header_authorwrote", "%s"); // https://lists.torproject.org/pipermail/tor-talk/2012-May/024395.html
    108. 

  108. //pref("mailnews.reply_header_authorwrotesingle", "#1");
    109. 

  109. pref("mailnews.headers.showSender", true);
    110. 

  110. pref("mailnews.message_display.allow_plugins", false); // Disable plugin support.
    111. 

  111. pref("mailnews.migration.header_addons_url", "");
    112. 

  112. pref("mailnews.messageid_browser.url", "");
    113. 

  113. pref("mailnews.display.original_date", false); // Don't convert to our local date. This may matter in a reply, etc.
    114. 

  114. pref("mail.cloud_files.enabled", false); // Disable "Cloud" advertisements
    115. 

  115. pref("mail.cloud_files.inserted_urls.footer.link", "");
    116. 

  116. pref("mail.smtpserver.default.hello_argument", "[127.0.0.1]"); // Prevent hostname leaks.
    117. 

  117. //pref("mail.provider.enabled", false); // Disable Thunderbird's 'Get new account' wizard.
    118. 

  118. pref("mail.inline_attachments", false);  // Disable inline attachments.
    119. 

  119. pref("mail.addr_book.mapit_url.format", "");
    120. 

  120. pref("mail.addr_book.mapit_url.1.format", ""); // Pushes addressbook info to GoogleMaps without HTTPS unless changed or disabled http://www-archive.mozilla.org/mailnews/arch/addrbook/hiddenprefs.html
    121. 

  121. pref("mail.addr_book.mapit_url.2.format", "");
    122. 

  122. pref("mail.server.default.use_idle", false);   // Do not IDLE (disable push mail).
    123. 

  123. pref("media.autoplay.enabled", false);
    124. 

  124. pref("media.cache_size", 0);
    125. 

  125. pref("media.getusermedia.screensharing.allowed_domains", ""); // We really don't want to be promoting Cisco and Cloudflare in a whitelist here.
    126. 

  126. pref("media.getusermedia.screensharing.enabled", false);
    127. 

  127. pref("media.gmp-manager.url", "about:blank"); // Disable Gecko media plugins: https://wiki.mozilla.org/GeckoMediaPlugins
    128. 

  128. pref("media.gmp-manager.url.override", "data:text/plain,");
    129. 

  129. pref("media.navigator.enabled", false);
    130. 

  130. pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
    131. 

  131. pref("media.peerconnection.ice.default_address_only", true);
    132. 

  132. pref("media.video_stats.enabled", false);
    133. 

  133. pref("media.webspeech.recognition.enable", false);
    134. 

  134. pref("media.track.enabled", false);
    135. 

  135. pref("network.allow-experiments", false);
    136. 

  136. pref("network.captive-portal-service.enabled", false);
    137. 

  137. pref("network.cookie.cookieBehavior", 1);
    138. 

  138. pref("network.cookie.lifetimePolicy", 2); // http://kb.mozillazine.org/Network.cookie.lifetimePolicy
    139. 

  139. pref("network.dns.disablePrefetch", true);
    140. 

  140. pref("network.http.altsvc.enabled", false); 
    141. 

  141. pref("network.http.altsvc.oe", false);  // https://trac.torproject.org/projects/tor/ticket/16673
    142. 

  142. pref("network.http.connection-retry-timeout", 0);
    143. 

  143. pref("network.http.max-persistent-connections-per-proxy", 256);
    144. 

  144. pref("network.http.pipelining", true);
    145. 

  145. pref("network.http.pipelining.aggressive", true);
    146. 

  146. pref("network.http.pipelining.max-optimistic-requests", 3);
    147. 

  147. pref("network.http.pipelining.maxrequests", 10);
    148. 

  148. pref("network.http.pipelining.maxrequests", 12);
    149. 

  149. pref("network.http.pipelining.read-timeout", 60000);
    150. 

  150. pref("network.http.pipelining.reschedule-timeout", 15000);
    151. 

  151. pref("network.http.pipelining.ssl", true);
    152. 

  152. pref("network.http.proxy.pipelining", true);
    153. 

  153. pref("network.http.referer.spoofSource", true);
    154. 

  154. pref("network.http.sendRefererHeader", 2);
    155. 

  155. pref("network.http.sendSecureXSiteReferrer", false);
    156. 

  156. pref("network.http.spdy.enabled", false); // Stores state and may have keepalive issues (both fixable)
    157. 

  157. pref("network.http.spdy.enabled.v2", false); // Seems redundant, but just in case
    158. 

  158. pref("network.http.spdy.enabled.v3", false); // Seems redundant, but just in case
    159. 

  159. pref("network.http.speculative-parallel-limit", 0);
    160. 

  160. pref("network.jar.block-remote-files", true); // https://bugzilla.mozilla.org/show_bug.cgi?id=1173171
    161. 

  161. pref("network.jar.open-unsafe-types", false);
    162. 

  162. pref("network.manage-offline-status", false); // https://trac.torproject.org/projects/tor/ticket/18945
    163. 

  163. pref("network.prefetch-next", false);
    164. 

  164. pref("network.protocol-handler.warn-external.http", true);
    165. 

  165. pref("network.protocol-handler.warn-external.https", true);
    166. 

  166. pref("network.protocol-handler.warn-external.ftp", true);
    167. 

  167. pref("network.protocol-handler.warn-external.file", true);
    168. 

  168. pref("network.protocol-handler.warn-external-default", true);
    169. 

  169. pref("network.protocol-handler.external-default", false);
    170. 

  170. pref("network.protocol-handler.external.mailto", false);
    171. 

  171. pref("network.protocol-handler.external.news", false);
    172. 

  172. pref("network.protocol-handler.external.nntp", false);
    173. 

  173. pref("network.protocol-handler.external.snews", false);
    174. 

  174. pref("network.protocol-handler.warn-external.mailto", true);
    175. 

  175. pref("network.protocol-handler.warn-external.news", true);
    176. 

  176. pref("network.protocol-handler.warn-external.nntp", true);
    177. 

  177. pref("network.protocol-handler.warn-external.snews", true);
    178. 

  178. pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
    179. 

  179. pref("network.proxy.socks", "127.0.0.1");
    180. 

  180. pref("network.proxy.socks_port", 9050);
    181. 

  181. pref("network.proxy.socks_remote_dns", true);
    182. 

  182. pref("network.proxy.type", 0);
    183. 

  183. pref("network.security.ports.banned", "9050,9051,9150,9151");
    184. 

  184. pref("network.websocket.max-connections", 0);
    185. 

  185. pref("network.websocket.enabled", false);
    186. 

  186. pref("pfs.datasource.url", "about:blank");
    187. 

  187. pref("plugins.click_to_play", true);
    188. 

  188. pref("plugins.crash.supportUrl", "about:blank");
    189. 

  189. pref("privacy.trackingprotection.enabled", true);
    190. 

  190. pref("purple.logging.log_chats", false); // Disable messenger logging and auto-start
    191. 

  191. pref("purple.logging.log_ims", false);
    192. 

  192. pref("purple.logging.log_system", false);
    193. 

  193. pref("purple.conversations.im.send_typing", false);
    194. 

  194. pref("messenger.startup.action", 0);
    195. 

  195. pref("messenger.conversations.autoAcceptChatInvitations", 0); // Ignore invitations; do not automatically accept them.
    196. 

  196. pref("rss.display.prefer_plaintext", true);
    197. 

  197. pref("rss.display.disallow_mime_handlers", 3);
    198. 

  198. pref("rss.display.html_as", 1);
    199. 

  199. pref("security.OCSP.enabled", 0);
    200. 

  200. pref("security.OCSP.require", false);
    201. 

  201. //pref("security.ask_for_password", 0);
    202. 

  202. pref("security.cert_pinning.enforcement_level", 2); // https://trac.torproject.org/projects/tor/ticket/16206
    203. 

  203. pref("security.enable_tls_session_tickets", false);
    204. 

  204. pref("security.mixed_content.block_active_content", true); //  Note: Can be disabled for user experience. https://bugzilla.mozilla.org/show_bug.cgi?id=878890
    205. 

  205. pref("security.nocertdb", false);
    206. 

  206. pref("security.ssl.disable_session_identifiers", true);
    207. 

  207. pref("security.ssl.enable_false_start", true);
    208. 

  208. pref("security.ssl.require_safe_negotiation", true);
    209. 

  209. pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
    210. 

  210. pref("security.ssl3.rsa_seed_sha", true);
    211. 

  211. pref("security.tls.insecure_fallback_hosts.use_static_list", false);
    212. 

  212. pref("security.tls.unrestricted_rc4_fallback", false);
    213. 

  213. pref("security.tls.version.max", 3);
    214. 

  214. pref("security.tls.version.min", 1);
    215. 

  215. pref("security.warn_entering_weak", true);
    216. 

  216. pref("security.warn_submit_insecure", true);
    217. 

  217. pref("signon.autofillForms", false);  // disable cross-site form exposure from password manager - http://kb.mozillazine.org/Signon.autofillForms
    218. 

  218. pref("social.directories", "");
    219. 

  219. pref("social.enabled", false);
    220. 

  220. pref("social.remote-install.enabled", false); // Disable Social API for content
    221. 

  221. pref("social.shareDirectory", "");
    222. 

  222. pref("social.toast-notifications.enabled", false);
    223. 

  223. pref("social.whitelist", "");
    224. 

  224. pref("toolkit.telemetry.enabled", false);
    225. 

  225. pref("toolkit.telemetry.server", "about:blank");
    226. 

  226. pref("ui.key.menuAccessKeyFocuses", false);
    227. 

  227. pref("webgl.disable-extensions", true);
    228. 

  228. pref("webgl.disabled", true);
    229. 

  229. pref("webgl.min_capability_mode", true);
    230. 

  230. pref("xpinstall.signatures.required", true); // Requires AMO signing key for addons
    231. 

  231. pref("xpinstall.whitelist.add", "");
    232. 

  232.