summaryrefslogtreecommitdiff
path: root/libre-testing
diff options
context:
space:
mode:
authorGaming4JC <g4jc@openmailbox.org>2016-09-24 10:58:19 -0400
committerGaming4JC <g4jc@openmailbox.org>2016-09-24 10:58:19 -0400
commit3f52ed3c1e5e2668d0309e83d1ce1bf25bc568fb (patch)
tree734698fe4593497839c263b2139d6600dbe8361d /libre-testing
parent61a433abd40c91f66431c057368392470498dba5 (diff)
downloadabslibre-3f52ed3c1e5e2668d0309e83d1ce1bf25bc568fb.tar.gz
abslibre-3f52ed3c1e5e2668d0309e83d1ce1bf25bc568fb.tar.bz2
abslibre-3f52ed3c1e5e2668d0309e83d1ce1bf25bc568fb.zip
disable some security and privacy settings
Diffstat (limited to 'libre-testing')
-rw-r--r--libre-testing/iceweasel/PKGBUILD9
-rw-r--r--libre-testing/iceweasel/vendor.js23
2 files changed, 7 insertions, 25 deletions
diff --git a/libre-testing/iceweasel/PKGBUILD b/libre-testing/iceweasel/PKGBUILD
index b407ce914..8a6a78c09 100644
--- a/libre-testing/iceweasel/PKGBUILD
+++ b/libre-testing/iceweasel/PKGBUILD
@@ -113,16 +113,7 @@ prepare() {
# Disable various components at the source level
sed -i 's|1|0|' toolkit/components/telemetry/TelemetryStartup.manifest || die "failed break telemetry startup"
- sed -i 's|1|0|' toolkit/components/remotebrowserutils/remotebrowserutils.manifest || die "failed break remotebrowsing at startup"
- sed -i 's|1|0|' toolkit/components/captivedetect/CaptivePortalDetectComponents.manifest || die "failed to break captiveportaldetection at startup"
- sed -i 's|1|0|' toolkit/components/terminator/terminator.manifest || die "failed to break terminator at startup"
- sed -i 's|1|0|' toolkit/components/securityreporter/SecurityReporter.manifest || die "failed to break securityReporter"
- sed -i 's|1|0|' toolkit/components/crashes/CrashService.manifest || die "failed to break CrashService"
- sed -i 's|1|0|' toolkit/components/crashmonitor/crashmonitor.manifest || die "failed to break CrashMonitor"
- sed -i 's|1|0|' dom/apps/Webapps.manifest || die "failed to break WebApps"
- sed -i 's|1|0|' dom/apps/AppsService.manifest || die "failed to break AppsService"
sed -i 's|1|0|' browser/experiments/Experiments.manifest || die "failed to break ExperimentsService"
- echo "Battling the Barlog... please wait" && grep -rl '.mozilla.org' | xargs sed -i 's|aus4.mozilla.org|null|;s|aus5.mozilla.org|null|' || die "Failed to defeat the Barlog"
sed -i '/pocket/d' browser/extensions/moz.build || die "failed to wipe pocket"
# Patch and remove anything that's left
diff --git a/libre-testing/iceweasel/vendor.js b/libre-testing/iceweasel/vendor.js
index 91d644a1b..64f4e9710 100644
--- a/libre-testing/iceweasel/vendor.js
+++ b/libre-testing/iceweasel/vendor.js
@@ -31,8 +31,8 @@ pref("browser.download.manager.retention", 1);
pref("browser.download.manager.scanWhenDone", false); // prevents AV remote reporting of downloads
pref("browser.download.useDownloadDir", false);
pref("browser.eme.ui.enabled", false);
-pref("browser.fixup.alternate.enabled", false);
-pref("browser.formfill.enable", false);
+// pref("browser.fixup.alternate.enabled", false);
+// pref("browser.formfill.enable", false);
pref("browser.history.allowPopState", false); // HTML5 privacy https://bugzilla.mozilla.org/show_bug.cgi?id=500328
pref("browser.history.allowPushState", false);
pref("browser.history.allowReplaceState", false);
@@ -198,8 +198,8 @@ pref("javascript.use_us_english_locale", true);
pref("javascript.options.typeinference", false);
pref("javascript.options.baselinejit.content", false);
pref("javascript.options.ion.content", false); // https://trac.torproject.org/projects/tor/ticket/9387#comment:43
-pref("keyword.enabled", false);
-pref("layers.acceleration.disabled", true);
+// pref("keyword.enabled", false);
+// pref("layers.acceleration.disabled", true);
pref("layout.css.visited_links_enabled", false);
pref("lightweightThemes.update.enabled", false); // We can update our themes manually, may fingerprint the user.
pref("loop.copy.throttler", "about:blank");
@@ -246,8 +246,6 @@ pref("media.webspeech.synth.enabled", false);
pref("network.allow-experiments", false);
pref("network.http.altsvc.enabled", false);
pref("network.http.altsvc.oe", false); // https://trac.torproject.org/projects/tor/ticket/16673
-pref("network.cookie.cookieBehavior", 1);
-pref("network.cookie.lifetimePolicy", 2);
pref("network.dns.disablePrefetch", true);
pref("network.http.connection-retry-timeout", 0);
pref("network.http.max-persistent-connections-per-proxy", 256);
@@ -260,12 +258,6 @@ pref("network.http.pipelining.read-timeout", 60000);
pref("network.http.pipelining.reschedule-timeout", 15000);
pref("network.http.pipelining.ssl", true);
pref("network.http.proxy.pipelining", true);
-pref("network.http.referer.spoofSource", true);
-pref("network.http.sendRefererHeader", 2);
-pref("network.http.sendSecureXSiteReferrer", false);
-pref("network.http.spdy.enabled", false); // Stores state and may have keepalive issues (both fixable)
-pref("network.http.spdy.enabled.v2", false); // Seems redundant, but just in case
-pref("network.http.spdy.enabled.v3", false); // Seems redundant, but just in case
pref("network.http.speculative-parallel-limit", 0);
pref("network.jar.block-remote-files", true); // https://bugzilla.mozilla.org/show_bug.cgi?id=1173171
pref("network.jar.open-unsafe-types", false);
@@ -288,7 +280,7 @@ pref("network.proxy.socks_remote_dns", true);
pref("network.proxy.type", 0); // Setup for TOR for default proxy, but do not enable by default.
pref("network.security.ports.banned", "9050,9051,9150,9151");
pref("network.websocket.max-connections", 0);
-pref("nglayout.initialpaint.delay", 0);
+// pref("nglayout.initialpaint.delay", 0); http://www.mozdev.org/pipermail/fasterfox/2006-January/000509.html
pref("noscript.forbidMedia", true);
pref("offline-apps.allow_by_default", false); // https://support.mozilla.org/en-US/questions/1014708
//pref("pdfjs.disabled", true); // https://www.exploit-db.com/exploits/37958/
@@ -337,7 +329,7 @@ pref("services.sync.prefs.sync.addons.ignoreUserEnabledChanges", false);
pref("services.sync.prefs.sync.extensions.update.enabled", false);
pref("services.sync.serverURL", "about:blank");
pref("services.sync.jpake.serverURL", "about:blank");
-pref("signon.autofillForms", false); // disable cross-site form exposure from password manager - http://kb.mozillazine.org/Signon.autofillForms
+//pref("signon.autofillForms", false); // disable cross-site form exposure from password manager - http://kb.mozillazine.org/Signon.autofillForms
//pref("signon.rememberSignons", false);
pref("social.directories", "");
pref("social.enabled", false);
@@ -354,7 +346,6 @@ pref("toolkit.telemetry.archive.enabled", false);
pref("ui.key.menuAccessKeyFocuses", false); // Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier
//pref("webgl.disable-extensions", true);
//pref("webgl.disabled", true);
-pref("webgl.min_capability_mode", true);
+//pref("webgl.min_capability_mode", true);
pref("xpinstall.signatures.required", true); // Requires AMO signing key for addons
pref("xpinstall.whitelist.add", "");
-pref("xpinstall.whitelist.add.36", "");