Skip to content

Commit c6ab6c4

Browse files
Thorin-OakenpantsThorin-Oakenpants
authored
v102.1 (#1507)
revert back to relying on network.cookie.lifetimePolicy
1 parent ceacc9d commit c6ab6c4

File tree

1 file changed

+31
-32
lines changed

1 file changed

+31
-32
lines changed

user.js

Lines changed: 31 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/******
22
* name: arkenfox user.js
3-
* date: 1 July 2022
3+
* date: 18 July 2022
44
* version: 102
55
* url: https://github.com/arkenfox/user.js
66
* license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt
@@ -333,7 +333,7 @@ user_pref("keyword.enabled", false);
333333
* as the 411 for DNS errors?), privacy issues (why connect to sites you didn't
334334
* intend to), can leak sensitive data (e.g. query strings: e.g. Princeton attack),
335335
* and is a security risk (e.g. common typos & malicious sites set up to exploit this) ***/
336-
user_pref("browser.fixup.alternate.enabled", false);
336+
user_pref("browser.fixup.alternate.enabled", false); // [DEFAULT: false FF104+]
337337
/* 0804: disable live search suggestions
338338
* [NOTE] Both must be true for the location bar to work
339339
* [SETUP-CHROME] Override these if you trust and use a privacy respecting search engine
@@ -493,11 +493,10 @@ user_pref("security.OCSP.require", true);
493493
* 2=detect Family Safety mode and import the root
494494
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/21686 ***/
495495
user_pref("security.family_safety.mode", 0);
496-
/* 1223: enable strict pinning
497-
* PKP (Public Key Pinning) 0=disabled, 1=allow user MiTM (such as your antivirus), 2=strict
498-
* [SETUP-WEB] If you rely on an AV (antivirus) to protect your web browsing
499-
* by inspecting ALL your web traffic, then leave at current default=1
500-
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16206 ***/
496+
/* 1223: enable strict PKP (Public Key Pinning)
497+
* 0=disabled, 1=allow user MiTM (default; such as your antivirus), 2=strict
498+
* [SETUP-WEB] MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE: If you rely on an AV (antivirus) to protect
499+
* your web browsing by inspecting ALL your web traffic, then override to current default ***/
501500
user_pref("security.cert_pinning.enforcement_level", 2);
502501
/* 1224: enable CRLite [FF73+]
503502
* 0 = disabled
@@ -763,17 +762,26 @@ user_pref("privacy.partition.serviceWorkers", true);
763762

764763
/*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/
765764
user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!");
766-
/** SANITIZE ON SHUTDOWN: ALLOWS COOKIES + SITE DATA EXCEPTIONS FF102+ ***/
767-
/* 2810: enable Firefox to clear items on shutdown (2811)
768-
* [NOTE] Exceptions: A "cookie" block permission also controls "offlineApps" (see note in 2811).
769-
* serviceWorkers require an "Allow" permission. For cross-domain logins, add exceptions for
770-
* both sites e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
771-
* [WARNING] Be selective with what cookies you keep, as they also disable partitioning (1767271)
772-
* [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes
773-
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow (when on the website in question)
765+
/** COOKIES + SITE DATA : ALLOWS EXCEPTIONS ***/
766+
/* 2801: delete cookies and site data on exit
767+
* 0=keep until they expire (default), 2=keep until you close Firefox
768+
* [NOTE] A "cookie" block permission also controls localStorage/sessionStorage, indexedDB,
769+
* sharedWorkers and serviceWorkers. serviceWorkers require an "Allow" permission
770+
* [SETTING] Privacy & Security>Cookies and Site Data>Delete cookies and site data when Firefox is closed
771+
* [SETTING] to add site exceptions: Ctrl+I>Permissions>Cookies>Allow
774772
* [SETTING] to manage site exceptions: Options>Privacy & Security>Permissions>Settings ***/
773+
user_pref("network.cookie.lifetimePolicy", 2);
774+
/* 2802: delete cache on exit [FF96+]
775+
* [NOTE] We already disable disk cache (1001) and clear on exit (2811) which is more robust
776+
* [1] https://bugzilla.mozilla.org/1671182 ***/
777+
// user_pref("privacy.clearsitedata.cache.enabled", true);
778+
779+
/** SANITIZE ON SHUTDOWN : ALL OR NOTHING ***/
780+
/* 2810: enable Firefox to clear items on shutdown (2811)
781+
* [SETTING] Privacy & Security>History>Custom Settings>Clear history when Firefox closes ***/
775782
user_pref("privacy.sanitize.sanitizeOnShutdown", true);
776783
/* 2811: set/enforce what items to clear on shutdown (if 2810 is true) [SETUP-CHROME]
784+
* These items do not use exceptions, it is all or nothing (1681701)
777785
* [NOTE] If "history" is true, downloads will also be cleared
778786
* [NOTE] "sessions": Active Logins: refers to HTTP Basic Authentication [1], not logins via cookies
779787
* [NOTE] "offlineApps": Offline Website Data: localStorage, service worker cache, QuotaManager (IndexedDB, asm-cache)
@@ -784,13 +792,9 @@ user_pref("privacy.clearOnShutdown.downloads", true); // [DEFAULT: true]
784792
user_pref("privacy.clearOnShutdown.formdata", true); // [DEFAULT: true]
785793
user_pref("privacy.clearOnShutdown.history", true); // [DEFAULT: true]
786794
user_pref("privacy.clearOnShutdown.sessions", true); // [DEFAULT: true]
787-
user_pref("privacy.clearOnShutdown.offlineApps", true);
788-
user_pref("privacy.clearOnShutdown.cookies", true);
789-
// user_pref("privacy.clearOnShutdown.siteSettings", false); // [DEFAULT: false]
790-
/* 2812: delete cache on exit [FF96+]
791-
* [NOTE] We already disable disk cache (1001) and clear on exit (2811) which is more robust
792-
* [1] https://bugzilla.mozilla.org/1671182 ***/
793-
// user_pref("privacy.clearsitedata.cache.enabled", true);
795+
user_pref("privacy.clearOnShutdown.offlineApps", false); // [DEFAULT: false]
796+
user_pref("privacy.clearOnShutdown.cookies", false);
797+
// user_pref("privacy.clearOnShutdown.siteSettings", false);
794798

795799
/** SANITIZE MANUAL: ALL OR NOTHING ***/
796800
/* 2820: reset default items to clear with Ctrl-Shift-Del [SETUP-CHROME]
@@ -805,12 +809,11 @@ user_pref("privacy.cpd.sessions", true); // [DEFAULT: true]
805809
user_pref("privacy.cpd.offlineApps", false); // [DEFAULT: false]
806810
user_pref("privacy.cpd.cookies", false);
807811
// user_pref("privacy.cpd.downloads", true); // not used, see note above
808-
// user_pref("privacy.cpd.passwords", false); // [DEFAULT: false] not listed
809-
// user_pref("privacy.cpd.siteSettings", false); // [DEFAULT: false]
812+
// user_pref("privacy.cpd.passwords", false);
813+
// user_pref("privacy.cpd.siteSettings", false);
810814
/* 2821: clear Session Restore data when sanitizing on shutdown or manually [FF34+]
811815
* [NOTE] Not needed if Session Restore is not used (0102) or it is already cleared with history (2811)
812-
* [NOTE] privacy.clearOnShutdown.openWindows prevents resuming from crashes (also see 5008)
813-
* [NOTE] privacy.cpd.openWindows has a bug that causes an additional window to open ***/
816+
* [NOTE] privacy.clearOnShutdown.openWindows prevents resuming from crashes (also see 5008) ***/
814817
// user_pref("privacy.clearOnShutdown.openWindows", true);
815818
// user_pref("privacy.cpd.openWindows", true);
816819
/* 2822: reset default "Time range to clear" for "Clear Recent History" (2820)
@@ -976,7 +979,8 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow
976979
// user_pref("browser.chrome.site_icons", false);
977980
/* 5007: exclude "Undo Closed Tabs" in Session Restore ***/
978981
// user_pref("browser.sessionstore.max_tabs_undo", 0);
979-
/* 5008: disable resuming session from crash ***/
982+
/* 5008: disable resuming session from crash
983+
* [TEST] about:crashparent ***/
980984
// user_pref("browser.sessionstore.resume_from_crash", false);
981985
/* 5009: disable "open with" in download dialog [FF50+]
982986
* Application data isolation [1]
@@ -1340,11 +1344,6 @@ user_pref("security.ask_for_password", 2);
13401344
// 0902: set how long in minutes Firefox should remember the primary password (0901)
13411345
// [-] https://bugzilla.mozilla.org/1767099
13421346
user_pref("security.password_lifetime", 5); // [DEFAULT: 30]
1343-
// 2801: delete cookies and site data on exit - replaced by sanitizeOnShutdown* (2810)
1344-
// 0=keep until they expire (default), 2=keep until you close Firefox
1345-
// [SETTING] Privacy & Security>Cookies and Site Data>Delete cookies and site data when Firefox is closed
1346-
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1681493,1681495,1681498,1759665
1347-
user_pref("network.cookie.lifetimePolicy", 2);
13481347
// 6007: enforce Local Storage Next Generation (LSNG) [FF65+]
13491348
// [-] https://bugzilla.mozilla.org/1764696
13501349
user_pref("dom.storage.next_gen", true); // [DEFAULT: true FF92+]

0 commit comments

Comments
 (0)