From 3f52ed3c1e5e2668d0309e83d1ce1bf25bc568fb Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 24 Sep 2016 10:58:19 -0400 Subject: disable some security and privacy settings --- libre-testing/iceweasel/PKGBUILD | 9 --------- libre-testing/iceweasel/vendor.js | 23 +++++++---------------- 2 files changed, 7 insertions(+), 25 deletions(-) (limited to 'libre-testing/iceweasel') diff --git a/libre-testing/iceweasel/PKGBUILD b/libre-testing/iceweasel/PKGBUILD index b407ce914..8a6a78c09 100644 --- a/libre-testing/iceweasel/PKGBUILD +++ b/libre-testing/iceweasel/PKGBUILD @@ -113,16 +113,7 @@ prepare() { # Disable various components at the source level sed -i 's|1|0|' toolkit/components/telemetry/TelemetryStartup.manifest || die "failed break telemetry startup" - sed -i 's|1|0|' toolkit/components/remotebrowserutils/remotebrowserutils.manifest || die "failed break remotebrowsing at startup" - sed -i 's|1|0|' toolkit/components/captivedetect/CaptivePortalDetectComponents.manifest || die "failed to break captiveportaldetection at startup" - sed -i 's|1|0|' toolkit/components/terminator/terminator.manifest || die "failed to break terminator at startup" - sed -i 's|1|0|' toolkit/components/securityreporter/SecurityReporter.manifest || die "failed to break securityReporter" - sed -i 's|1|0|' toolkit/components/crashes/CrashService.manifest || die "failed to break CrashService" - sed -i 's|1|0|' toolkit/components/crashmonitor/crashmonitor.manifest || die "failed to break CrashMonitor" - sed -i 's|1|0|' dom/apps/Webapps.manifest || die "failed to break WebApps" - sed -i 's|1|0|' dom/apps/AppsService.manifest || die "failed to break AppsService" sed -i 's|1|0|' browser/experiments/Experiments.manifest || die "failed to break ExperimentsService" - echo "Battling the Barlog... please wait" && grep -rl '.mozilla.org' | xargs sed -i 's|aus4.mozilla.org|null|;s|aus5.mozilla.org|null|' || die "Failed to defeat the Barlog" sed -i '/pocket/d' browser/extensions/moz.build || die "failed to wipe pocket" # Patch and remove anything that's left diff --git a/libre-testing/iceweasel/vendor.js b/libre-testing/iceweasel/vendor.js index 91d644a1b..64f4e9710 100644 --- a/libre-testing/iceweasel/vendor.js +++ b/libre-testing/iceweasel/vendor.js @@ -31,8 +31,8 @@ pref("browser.download.manager.retention", 1); pref("browser.download.manager.scanWhenDone", false); // prevents AV remote reporting of downloads pref("browser.download.useDownloadDir", false); pref("browser.eme.ui.enabled", false); -pref("browser.fixup.alternate.enabled", false); -pref("browser.formfill.enable", false); +// pref("browser.fixup.alternate.enabled", false); +// pref("browser.formfill.enable", false); pref("browser.history.allowPopState", false); // HTML5 privacy https://bugzilla.mozilla.org/show_bug.cgi?id=500328 pref("browser.history.allowPushState", false); pref("browser.history.allowReplaceState", false); @@ -198,8 +198,8 @@ pref("javascript.use_us_english_locale", true); pref("javascript.options.typeinference", false); pref("javascript.options.baselinejit.content", false); pref("javascript.options.ion.content", false); // https://trac.torproject.org/projects/tor/ticket/9387#comment:43 -pref("keyword.enabled", false); -pref("layers.acceleration.disabled", true); +// pref("keyword.enabled", false); +// pref("layers.acceleration.disabled", true); pref("layout.css.visited_links_enabled", false); pref("lightweightThemes.update.enabled", false); // We can update our themes manually, may fingerprint the user. pref("loop.copy.throttler", "about:blank"); @@ -246,8 +246,6 @@ pref("media.webspeech.synth.enabled", false); pref("network.allow-experiments", false); pref("network.http.altsvc.enabled", false); pref("network.http.altsvc.oe", false); // https://trac.torproject.org/projects/tor/ticket/16673 -pref("network.cookie.cookieBehavior", 1); -pref("network.cookie.lifetimePolicy", 2); pref("network.dns.disablePrefetch", true); pref("network.http.connection-retry-timeout", 0); pref("network.http.max-persistent-connections-per-proxy", 256); @@ -260,12 +258,6 @@ pref("network.http.pipelining.read-timeout", 60000); pref("network.http.pipelining.reschedule-timeout", 15000); pref("network.http.pipelining.ssl", true); pref("network.http.proxy.pipelining", true); -pref("network.http.referer.spoofSource", true); -pref("network.http.sendRefererHeader", 2); -pref("network.http.sendSecureXSiteReferrer", false); -pref("network.http.spdy.enabled", false); // Stores state and may have keepalive issues (both fixable) -pref("network.http.spdy.enabled.v2", false); // Seems redundant, but just in case -pref("network.http.spdy.enabled.v3", false); // Seems redundant, but just in case pref("network.http.speculative-parallel-limit", 0); pref("network.jar.block-remote-files", true); // https://bugzilla.mozilla.org/show_bug.cgi?id=1173171 pref("network.jar.open-unsafe-types", false); @@ -288,7 +280,7 @@ pref("network.proxy.socks_remote_dns", true); pref("network.proxy.type", 0); // Setup for TOR for default proxy, but do not enable by default. pref("network.security.ports.banned", "9050,9051,9150,9151"); pref("network.websocket.max-connections", 0); -pref("nglayout.initialpaint.delay", 0); +// pref("nglayout.initialpaint.delay", 0); http://www.mozdev.org/pipermail/fasterfox/2006-January/000509.html pref("noscript.forbidMedia", true); pref("offline-apps.allow_by_default", false); // https://support.mozilla.org/en-US/questions/1014708 //pref("pdfjs.disabled", true); // https://www.exploit-db.com/exploits/37958/ @@ -337,7 +329,7 @@ pref("services.sync.prefs.sync.addons.ignoreUserEnabledChanges", false); pref("services.sync.prefs.sync.extensions.update.enabled", false); pref("services.sync.serverURL", "about:blank"); pref("services.sync.jpake.serverURL", "about:blank"); -pref("signon.autofillForms", false); // disable cross-site form exposure from password manager - http://kb.mozillazine.org/Signon.autofillForms +//pref("signon.autofillForms", false); // disable cross-site form exposure from password manager - http://kb.mozillazine.org/Signon.autofillForms //pref("signon.rememberSignons", false); pref("social.directories", ""); pref("social.enabled", false); @@ -354,7 +346,6 @@ pref("toolkit.telemetry.archive.enabled", false); pref("ui.key.menuAccessKeyFocuses", false); // Disable "alt" as a shortcut key to open full menu bar. Conflicts with "alt" as a modifier //pref("webgl.disable-extensions", true); //pref("webgl.disabled", true); -pref("webgl.min_capability_mode", true); +//pref("webgl.min_capability_mode", true); pref("xpinstall.signatures.required", true); // Requires AMO signing key for addons pref("xpinstall.whitelist.add", ""); -pref("xpinstall.whitelist.add.36", ""); -- cgit v1.2.3