Locked sticky issue for tracking deprecated, removed, legacy and renamed preferences that were previously used in this user.js. A few others have been added FYI. This version is simplified to a single line, and the only links are those to the relevant bugzilla tickets that saw the pref removed.
Use our scratchpad script, currently for items since FF91, to help make sure these are reset - there is an archived arkenfox-cleanup.js (up to and including FF117 with everything since we started) at the bottom of this post
:small_red_triangle_down: FF127
18803142630 disable content analysis by DLP - replaced by default_result
// user_pref("browser.contentanalysis.default_allow", false);
18296705017 disable Form Autofill heuristics
// user_pref("extensions.formautofill.heuristics.enabled", false);
:small_red_triangle_down: FF103
1681493, 1681495, 16814982801 delete cookies and site data on exit - code replaced by sanitizeOnShutdown*
// user_pref("network.cookie.lifetimePolicy", 2); // in FF103 it resets to 0 (and does a migration), removed in FF104
17440067006 onions - replaced (see new 7006 "allowlist" pref)
// user_pref("dom.securecontext.whitelist_onions", true);
:small_red_triangle_down: FF96
17389830302 disable auto-INSTALLING Firefox updates via a background service + hide the setting
// user_pref("app.update.background.scheduling.enabled", false);
:small_red_triangle_down: FF95
17359760807 disable location bar contextual suggestions [FF92+] - replaced by *.nonsponsored
// user_pref("browser.urlbar.suggest.quicksuggest", false);
:small_red_triangle_down: FF94
17155071402 limit font visibility - replaced (see new 1402)
// user_pref("layout.css.font-visibility.level", 1);
16037120212 enforce fallback text encoding to match en-US
// user_pref("intl.charset.fallback.override", "windows-1252");
:small_red_triangle_down: FF78
15099332031 disable autoplay of HTML5 media if you interacted with the site - replaced by media.autoplay.blocking_policy
// user_pref("media.autoplay.enabled.user-gestures-needed", false);
16405015000s - replaced since FF77 by using the existing ui.prefersReducedMotion
// user_pref("toolkit.cosmeticAnimations.enabled", false);
:small_red_triangle_down: FF77
16289260850e disable location bar one-off searches [FF51+]
// user_pref("browser.urlbar.oneOffSearches", false);
16030072605 block web content in file processes [FF55+]
// user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false);
15744802731 enforce websites to ask to store data for offline use
// user_pref("offline-apps.allow_by_default", false);
:small_red_triangle_down: FF69
15569911405 disable WOFF2 (Web Open Font Format) [FF35+]
// user_pref("gfx.downloadable_fonts.woff2.enabled", false);
15194341802 enable click to play
// user_pref("plugins.click_to_play", true);
15623312033 disable autoplay for muted videos [FF63+] - replaced by a new value in media.autoplay.default
// user_pref("media.autoplay.allow-muted", false);
14557231001 disable disk cache (first run)
// user_pref("browser.cache.disk.smart_size.first_run", false);
14852642428 enforce DOMHighResTimeStamp API
// user_pref("dom.event.highrestimestamp.enabled", true);
15262142705 disable HTTP sites setting cookies with the "secure" directive
// user_pref("network.cookie.leave-secure-alone", true);
15289535000s disable CFR - replaced by two new prefs: cfr.addons, cfr.features
// user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false);
14572260503: disable "Savant" Shield study (FF61+)
// user_pref("shield.savant.enabled", false);
14537511031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons
// user_pref("browser.chrome.favicons", false);
14700822030: disable auto-play of HTML5 media - replaced by media.autoplay.default
// user_pref("media.autoplay.enabled", false);
14571702704: set cookie lifetime in days (see 2703)
// user_pref("network.cookie.lifetime.days", 90);
14735955000's: enable "Ctrl+Tab cycles through tabs in recently used order" - replaced by browser.ctrlTab.recentlyUsedOrder
// user_pref("browser.ctrlTab.previews", true);
14249171242: enable Mixed-Content-Blocker to use HSTS cache / disable HSTS Priming
// user_pref("security.mixed_content.use_hsts", true);
// user_pref("security.mixed_content.send_hsts_priming", false);
5875231606: set default Referrer Policy - replaced by network.http.referer.defaultPolicy + network.http.referer.defaultPolicy.pbmode
// user_pref("network.http.referer.userControlPolicy", 3);
1416703 part81804: disable plugins using external/untrusted scripts with XPCOM or XPConnect
// user_pref("security.xpconnect.plugin.unrestricted", false);
14117422022: ONE of the "disable screensharing" prefs
// user_pref("media.getusermedia.screensharing.allowed_domains", "");
14061930374: disable "social" integration
Note: these are just left over prefs not cleaned out until 58, they serve no purpose and can be removed with 57
// user_pref("social.whitelist", "");
// user_pref("social.toast-notifications.enabled", false);
// user_pref("social.remote-install.enabled", false);
// user_pref("social.directories", "");
// user_pref("social.enabled", false); // (hidden pref)
12345220334b: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers
// user_pref("datareporting.policy.dataSubmissionEnabled.v2", false);
12353791021b: disable deferred level of storing extra session data 0=all 1=http-only 2=none
// user_pref("browser.sessionstore.privacy_level_deferred", 2);
:small_red_triangle_down: FYI: items never used in this user.js
1286530 (48+?) disable raw TCP socket support
arthuredelstein "I confirmed that navigator.mozTCPSocket is only exposed in chrome contexts"
// user_pref("dom.mozTCPSocket.enabled", false);
449596 (3.1a2) browser.sessionstore.enabled (yup, some people recommended an 8yr old pref)
...
archived section 9999
FF93-102: click me for details
```js
/* ESR91.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF93
// 7003: disable non-modern cipher suites
// [-] https://bugzilla.mozilla.org/1724072
// user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES
// FF94
// 1402: limit font visibility (Windows, Mac, some Linux) [FF79+] - replaced by new 1402
// [-] https://bugzilla.mozilla.org/1715507
// user_pref("layout.css.font-visibility.level", 1);
// FF95
// 0807: disable location bar contextual suggestions [FF92+] - replaced by new 0807
// [-] https://bugzilla.mozilla.org/1735976
user_pref("browser.urlbar.suggest.quicksuggest", false);
// FF96
// 0302: disable auto-INSTALLING Firefox updates via a background service + hide the setting [FF90+] [WINDOWS]
// [SETTING] General>Firefox Updates>Automatically install updates>When Firefox is not running
// [1] https://support.mozilla.org/kb/enable-background-updates-firefox-windows
// [-] https://bugzilla.mozilla.org/1738983
user_pref("app.update.background.scheduling.enabled", false);
// FF97
// 7006: onions - replaced by new 7006 "allowlist"
// [-] https://bugzilla.mozilla.org/1744006
// user_pref("dom.securecontext.whitelist_onions", true); // 1382359
// FF99
// 6003: enforce CSP (Content Security Policy)
// [1] https://developer.mozilla.org/docs/Web/HTTP/CSP
// [-] https://bugzilla.mozilla.org/1754301
user_pref("security.csp.enable", true); // [DEFAULT: true]
// FF100
// 7009: disable HTTP2 - replaced by network.http.http2* prefs
// [WHY] Passive fingerprinting. ~50% of sites use HTTP2 [1]
// [1] https://w3techs.com/technologies/details/ce-http2/all/all
// [-] https://bugzilla.mozilla.org/1752621
// user_pref("network.http.spdy.enabled", false);
// user_pref("network.http.spdy.enabled.deps", false);
// user_pref("network.http.spdy.enabled.http2", false);
// user_pref("network.http.spdy.websockets", false); // [FF65+]
// FF102
// 0901: set when Firefox should prompt for the primary password
// 0=once per session (default), 1=every time it's needed, 2=after n minutes (0902)
// [-] https://bugzilla.mozilla.org/1767099
user_pref("security.ask_for_password", 2);
// 0902: set how long in minutes Firefox should remember the primary password (0901)
// [-] https://bugzilla.mozilla.org/1767099
user_pref("security.password_lifetime", 5); // [DEFAULT: 30]
// 6007: enforce Local Storage Next Generation (LSNG) [FF65+]
// [-] https://bugzilla.mozilla.org/1764696
user_pref("dom.storage.next_gen", true); // [DEFAULT: true FF92+]
// ***/
```
FF79-92: click me for details
```js
/* ESR78.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF79
// 0212: enforce fallback text encoding to match en-US
// When the content or server doesn't declare a charset the browser will
// fallback to the "Current locale" based on your application language
// [TEST] https://hsivonen.com/test/moz/check-charset.htm
// [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025
// [-] https://bugzilla.mozilla.org/1603712
user_pref("intl.charset.fallback.override", "windows-1252");
// FF82
// 0206: disable geographically specific results/search engines e.g. "browser.search.*.US"
// i.e. ignore all of Mozilla's various search engines in multiple locales
// [-] https://bugzilla.mozilla.org/1619926
user_pref("browser.search.geoSpecificDefaults", false);
user_pref("browser.search.geoSpecificDefaults.url", "");
// FF86
// 1205: disable SSL Error Reporting
// [1] https://firefox-source-docs.mozilla.org/main/65.0/browser/base/sslerrorreport/preferences.html
// [-] https://bugzilla.mozilla.org/1681839
user_pref("security.ssl.errorReporting.automatic", false);
user_pref("security.ssl.errorReporting.enabled", false);
user_pref("security.ssl.errorReporting.url", "");
// 2653: disable hiding mime types (Options>General>Applications) not associated with a plugin
// [-] https://bugzilla.mozilla.org/1581678
user_pref("browser.download.hide_plugins_without_extensions", false);
// FF87
// 0105d: disable Activity Stream recent Highlights in the Library [FF57+]
// [-] https://bugzilla.mozilla.org/1689405
// user_pref("browser.library.activity-stream.enabled", false);
// 8016: disable PointerEvents
// [1] https://developer.mozilla.org/docs/Web/API/PointerEvent
// [-] https://bugzilla.mozilla.org/1688105
// user_pref("dom.w3c_pointer_events.enabled", false);
// FF89
// 0309: disable sending Flash crash reports
// [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
// 0310: disable sending the URL of the website where a plugin crashed
// [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("dom.ipc.plugins.reportCrashURL", false);
// 1243: block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+]
// [1] https://bugzilla.mozilla.org/1190623
// [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("security.mixed_content.block_object_subrequest", true);
// 1803: disable Flash plugin
// 0=deactivated, 1=ask, 2=enabled
// ESR52.x is the last branch to fully support NPAPI, FF52+ stable only supports Flash
// [NOTE] You can still override individual sites via site permissions
// [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed]
user_pref("plugin.state.flash", 0); // [DEFAULT: 1]
// FF90
// 0708: disable FTP [FF60+]
// [-] https://bugzilla.mozilla.org/1574475
// user_pref("network.ftp.enabled", false); // [DEFAULT: false FF88+]
// 7001: enforce no offline cache storage (appCache) [FF71+]
// [-] https://bugzilla.mozilla.org/1694662
user_pref("browser.cache.offline.storage.enable", false); // [DEFAULT: false FF84+]
// ***/
```
FF69-78: click me for details
```js
/* ESR68.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF69
// 1405: disable WOFF2 (Web Open Font Format) [FF35+]
// [-] https://bugzilla.mozilla.org/1556991
// user_pref("gfx.downloadable_fonts.woff2.enabled", false);
// 1802: enforce click-to-play for plugins
// [-] https://bugzilla.mozilla.org/1519434
user_pref("plugins.click_to_play", true); // [DEFAULT: true FF25+]
// 2033: disable autoplay for muted videos [FF63+] - replaced by 'media.autoplay.default' options (2030)
// [-] https://bugzilla.mozilla.org/1562331
// user_pref("media.autoplay.allow-muted", false);
// * * * /
// FF71
// 2608: disable WebIDE and ADB extension download
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1539462
user_pref("devtools.webide.enabled", false); // [DEFAULT: false FF70+]
user_pref("devtools.webide.autoinstallADBExtension", false); // [FF64+]
// 2731: enforce websites to ask to store data for offline use
// [1] https://support.mozilla.org/questions/1098540
// [2] https://bugzilla.mozilla.org/959985
// [-] https://bugzilla.mozilla.org/1574480
user_pref("offline-apps.allow_by_default", false);
// * * * /
// FF72
// 0105a: disable Activity Stream telemetry
// [-] https://bugzilla.mozilla.org/1597697
user_pref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", "");
// 0330: disable Hybdrid Content telemetry
// [-] https://bugzilla.mozilla.org/1520491
user_pref("toolkit.telemetry.hybridContent.enabled", false); // [FF59+]
// 2720: enforce IndexedDB (IDB) as enabled
// IDB is required for extensions and Firefox internals (even before FF63 in [1])
// To control *website* IDB data, control allowing cookies and service workers, or use
// Temporary Containers. To mitigate *website* IDB, FPI helps (4001), and/or sanitize
// on close (Offline Website Data, see 2800) or on-demand (Ctrl-Shift-Del), or automatically
// via an extension. Note that IDB currently cannot be sanitized by host.
// [1] https://blog.mozilla.org/addons/2018/08/03/new-backend-for-storage-local-api/
// [-] https://bugzilla.mozilla.org/1488583
user_pref("dom.indexedDB.enabled", true); // [DEFAULT: true]
// * * * /
// FF74
// 0203: use Mozilla geolocation service instead of Google when geolocation is enabled
// Optionally enable logging to the console (defaults to false)
// [-] https://bugzilla.mozilla.org/1613627
user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%");
// user_pref("geo.wifi.logging.enabled", true); // [HIDDEN PREF]
// 1704: set behaviour on "+ Tab" button to display container menu [FF53+] [SETUP-CHROME]
// 0=no menu (default), 1=show when clicked, 2=show on long press
// [1] https://bugzilla.mozilla.org/1328756
// [-] https://bugzilla.mozilla.org/1606265
user_pref("privacy.userContext.longPressBehavior", 2);
// 2012: limit WebGL
// [-] https://bugzilla.mozilla.org/1477756
user_pref("webgl.disable-extensions", true);
// * * * /
// FF76
// 0401: sanitize blocklist url
// [2] https://trac.torproject.org/projects/tor/ticket/16931
// [-] https://bugzilla.mozilla.org/1618188
user_pref("extensions.blocklist.url", "https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%APP_ID%/%APP_VERSION%/");
// 2201: prevent websites from disabling new window features
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507375,1660524
user_pref("dom.disable_window_open_feature.close", true);
user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: true]
user_pref("dom.disable_window_open_feature.menubar", true);
user_pref("dom.disable_window_open_feature.minimizable", true);
user_pref("dom.disable_window_open_feature.personalbar", true); // bookmarks toolbar
user_pref("dom.disable_window_open_feature.resizable", true); // [DEFAULT: true]
user_pref("dom.disable_window_open_feature.status", true); // [DEFAULT: true]
user_pref("dom.disable_window_open_feature.titlebar", true);
user_pref("dom.disable_window_open_feature.toolbar", true);
// * * * /
// FF77
// 0850e: disable location bar one-off searches [FF51+]
// [-] https://bugzilla.mozilla.org/1628926
// user_pref("browser.urlbar.oneOffSearches", false);
// 2605: block web content in file processes [FF55+]
// [SETUP-WEB] You may want to disable this for corporate or developer environments
// [1] https://bugzilla.mozilla.org/1343184
// [-] https://bugzilla.mozilla.org/1603007
user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false);
// * * * /
// FF78
// 2031: disable autoplay of HTML5 media if you interacted with the site [FF66+] - replaced by 'media.autoplay.blocking_policy'
// [-] https://bugzilla.mozilla.org/1509933
user_pref("media.autoplay.enabled.user-gestures-needed", false);
// 5000's: disable chrome animations - replaced FF77+ by 'ui.prefersReducedMotion' (4520)
// [-] https://bugzilla.mozilla.org/1640501
// user_pref("toolkit.cosmeticAnimations.enabled", false); // [FF55+]
// * * * /
// ***/
```
FF61-68: click me for details
```js
/* ESR60.x still uses all the following prefs
// [NOTE] replace the * with a slash in the line above to re-enable them
// FF61
// 0501: disable experiments
// [1] https://wiki.mozilla.org/Telemetry/Experiments
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1420908,1450801
user_pref("experiments.enabled", false);
user_pref("experiments.manifest.uri", "");
user_pref("experiments.supported", false);
user_pref("experiments.activeExperiment", false);
// 2612: disable remote JAR files being opened, regardless of content type [FF42+]
// [1] https://bugzilla.mozilla.org/1173171
// [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/
// [-] https://bugzilla.mozilla.org/1427726
user_pref("network.jar.block-remote-files", true);
// 2613: disable JAR from opening Unsafe File Types
// [-] https://bugzilla.mozilla.org/1427726
user_pref("network.jar.open-unsafe-types", false);
// * * * /
// FF62
// 1803: disable Java plugin
// [-] (part5) https://bugzilla.mozilla.org/1461243
user_pref("plugin.state.java", 0);
// * * * /
// FF63
// 0205: disable GeoIP-based search results
// [NOTE] May not be hidden if Firefox has changed your settings due to your locale
// [-] https://bugzilla.mozilla.org/1462015
user_pref("browser.search.countryCode", "US"); // [HIDDEN PREF]
// 0301a: disable auto-update checks for Firefox
// [SETTING] General>Firefox Updates>Never check for updates
// [-] https://bugzilla.mozilla.org/1420514
// user_pref("app.update.enabled", false);
// 0503: disable "Savant" Shield study [FF61+]
// [-] https://bugzilla.mozilla.org/1457226
user_pref("shield.savant.enabled", false);
// 1031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons
// [-] https://bugzilla.mozilla.org/1453751
// user_pref("browser.chrome.favicons", false);
// 2030: disable autoplay of HTML5 media - replaced by media.autoplay.default
// This may break video playback on various sites
// [-] https://bugzilla.mozilla.org/1470082
user_pref("media.autoplay.enabled", false);
// 2704: set cookie lifetime in days (see 2703)
// [-] https://bugzilla.mozilla.org/1457170
// user_pref("network.cookie.lifetime.days", 90); // [DEFAULT: 90]
// 5000's: enable "Ctrl+Tab cycles through tabs in recently used order" - replaced by browser.ctrlTab.recentlyUsedOrder
// [-] https://bugzilla.mozilla.org/1473595
// user_pref("browser.ctrlTab.previews", true);
// * * * /
// FF64
// 0516: disable Onboarding [FF55+]
// Onboarding is an interactive tour/setup for new installs/profiles and features. Every time
// about:home or about:newtab is opened, the onboarding overlay is injected into that page
// [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3]
// [1] https://wiki.mozilla.org/Firefox/Onboarding
// [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf
// [3] https://bugzilla.mozilla.org/863246#c154
// [-] https://bugzilla.mozilla.org/1462415
user_pref("browser.onboarding.enabled", false);
// 2608: disable WebIDE ADB extension downloads - both renamed
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1491315
user_pref("devtools.webide.autoinstallADBHelper", false);
user_pref("devtools.webide.adbAddonURL", "");
// 2681: disable CSP violation events [FF59+]
// [1] https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent
// [-] https://bugzilla.mozilla.org/1488165
user_pref("security.csp.enable_violation_events", false);
// * * * /
// FF65
// 0850a: disable location bar autocomplete and suggestion types
// If you enforce any of the suggestion types (see the other 0850a), you MUST enforce 'autocomplete'
// - If *ALL* of the suggestion types are false, 'autocomplete' must also be false
// - If *ANY* of the suggestion types are true, 'autocomplete' must also be true
// [-] https://bugzilla.mozilla.org/1502392
user_pref("browser.urlbar.autocomplete.enabled", false);
// 0908: remove user & password info when attempting to fix an entered URL (i.e. 0802 is true)
// e.g. //user:password@foo -> //user@(prefix)foo(suffix) NOT //user:password@(prefix)foo(suffix)
// [-] https://bugzilla.mozilla.org/1510580
user_pref("browser.fixup.hide_user_pass", true); // [DEFAULT: true]
// * * * /
// FF66
// 0380: disable Browser Error Reporter [FF60+]
// [1] https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection
// [2] https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html
// [-] https://bugzilla.mozilla.org/1509888
user_pref("browser.chrome.errorReporter.enabled", false);
user_pref("browser.chrome.errorReporter.submitUrl", "");
// 0502: disable Mozilla permission to silently opt you into tests
// [-] https://bugzilla.mozilla.org/1415625
user_pref("network.allow-experiments", false);
// * * * /
// FF67
// 2428: enforce DOMHighResTimeStamp API
// [WARNING] Required for normalization of timestamps and any timer resolution mitigations
// [-] https://bugzilla.mozilla.org/1485264
user_pref("dom.event.highrestimestamp.enabled", true); // [DEFAULT: true]
// 5000's: disable CFR [FF64+] - split into two new prefs: *cfr.addons, *cfr.features
// [SETTING] General>Browsing>Recommend extensions as you browse
// [1] https://support.mozilla.org/en-US/kb/extension-recommendations
// [-] https://bugzilla.mozilla.org/1528953
// user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false);
// * * * /
// FF68
// 0105b: disable Activity Stream Legacy Snippets
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1546190,1540939
user_pref("browser.newtabpage.activity-stream.disableSnippets", true);
user_pref("browser.aboutHomeSnippets.updateUrl", "");
// 0307: disable auto updating of lightweight themes (LWT)
// Not to be confused with themes in 0301* + 0302*, which use the FF55+ Theme API
// Mozilla plan to convert existing LWTs and remove LWT support in the future, see [1]
// [1] https://blog.mozilla.org/addons/2018/09/20/future-themes-here/
// [-] (part3b) https://bugzilla.mozilla.org/1525762
user_pref("lightweightThemes.update.enabled", false);
// 2682: enable CSP 1.1 experimental hash-source directive [FF29+]
// [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=855326,883975
// [-] https://bugzilla.mozilla.org/1386214
user_pref("security.csp.experimentalEnabled", true);
// * * * /
// ***/
```
FF60 and lower: click me for details
```js
/* FF42 and older
// 2604: (25+) disable page thumbnails - replaced by browser.pagethumbnails.capturing_disabled
// [-] https://bugzilla.mozilla.org/897811
user_pref("pageThumbs.enabled", false);
// 2503: (31+) disable network API - replaced by dom.netinfo.enabled
// [-] https://bugzilla.mozilla.org/960426
user_pref("dom.network.enabled", false);
// 2600's: (35+) disable WebSockets
// [-] https://bugzilla.mozilla.org/1091016
user_pref("network.websocket.enabled", false);
// 1610: (36+) set DNT "value" to "not be tracked" [FF21+]
// [1] http://kb.mozillazine.org/Privacy.donottrackheader.value
// [-] https://bugzilla.mozilla.org/1042135#c101
// user_pref("privacy.donottrackheader.value", 1);
// 2023: (37+) disable camera autofocus callback
// The API will be superseded by the WebRTC Capture and Stream API
// [1] https://developer.mozilla.org/docs/Archive/B2G_OS/API/CameraControl
// [-] https://bugzilla.mozilla.org/1107683
user_pref("camera.control.autofocus_moving_callback.enabled", false);
// 0415: (41+) disable reporting URLs (safe browsing) - removed or replaced by various
// [-] https://bugzilla.mozilla.org/1109475
user_pref("browser.safebrowsing.reportErrorURL", ""); // browser.safebrowsing.reportPhishMistakeURL
user_pref("browser.safebrowsing.reportGenericURL", ""); // removed
user_pref("browser.safebrowsing.reportMalwareErrorURL", ""); // browser.safebrowsing.reportMalwareMistakeURL
user_pref("browser.safebrowsing.reportMalwareURL", ""); // removed
user_pref("browser.safebrowsing.reportURL", ""); // removed
// 0702: (41+) disable HTTP2 (draft)
// [-] https://bugzilla.mozilla.org/1132357
user_pref("network.http.spdy.enabled.http2draft", false);
// 1804: (41+) disable plugin enumeration
// [-] https://bugzilla.mozilla.org/1169945
user_pref("plugins.enumerable_names", "");
// 2803: (42+) clear passwords on shutdown
// [-] https://bugzilla.mozilla.org/1102184
// user_pref("privacy.clearOnShutdown.passwords", false);
// 5002: (42+) disable warning when a domain requests full screen
// replaced by setting full-screen-api.warning.timeout to zero
// [-] https://bugzilla.mozilla.org/1160017
// user_pref("full-screen-api.approval-required", false);
// ***/
/* FF43
// 0410's: disable safebrowsing urls & updates - replaced by various
// [-] https://bugzilla.mozilla.org/1107372
// user_pref("browser.safebrowsing.gethashURL", ""); // browser.safebrowsing.provider.google.gethashURL
// user_pref("browser.safebrowsing.updateURL", ""); // browser.safebrowsing.provider.google.updateURL
user_pref("browser.safebrowsing.malware.reportURL", ""); // browser.safebrowsing.provider.google.reportURL
// 0420's: disable tracking protection - replaced by various
// [-] https://bugzilla.mozilla.org/1107372
// user_pref("browser.trackingprotection.gethashURL", ""); // browser.safebrowsing.provider.mozilla.gethashURL
// user_pref("browser.trackingprotection.updateURL", ""); // browser.safebrowsing.provider.mozilla.updateURL
// 1803: remove plugin finder service
// [1] http://kb.mozillazine.org/Pfs.datasource.url
// [-] https://bugzilla.mozilla.org/1202193
user_pref("pfs.datasource.url", "");
// 5003: disable new search panel UI
// [-] https://bugzilla.mozilla.org/1119250
// user_pref("browser.search.showOneOffButtons", false);
// ***/
/* FF44
// 0414: disable safebrowsing's real-time binary checking (google) [FF43+]
// [-] https://bugzilla.mozilla.org/1237103
user_pref("browser.safebrowsing.provider.google.appRepURL", ""); // browser.safebrowsing.appRepURL
// 1200's: block rc4 whitelist
// [-] https://bugzilla.mozilla.org/1215796
user_pref("security.tls.insecure_fallback_hosts.use_static_list", false);
// 2300's: disable SharedWorkers
// [1] https://trac.torproject.org/projects/tor/ticket/15562
// [-] https://bugzilla.mozilla.org/1207635
user_pref("dom.workers.sharedWorkers.enabled", false);
// 2403: disable scripts changing images
// [TEST] https://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_img_src2
// [-] https://bugzilla.mozilla.org/773429
// user_pref("dom.disable_image_src_set", true);
// ***/
/* FF45
// 1021b: disable deferred level of storing extra session data 0=all 1=http-only 2=none
// extra session data contains contents of forms, scrollbar positions, cookies and POST data
// [-] https://bugzilla.mozilla.org/1235379
user_pref("browser.sessionstore.privacy_level_deferred", 2);
// ***/
/* FF46
// 0340: disable health report
// [-] https://bugzilla.mozilla.org/1234526
user_pref("datareporting.healthreport.service.enabled", false); // [HIDDEN PREF]
user_pref("datareporting.healthreport.documentServerURI", ""); // [HIDDEN PREF]
// 0341: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers
// [-] https://bugzilla.mozilla.org/1234522
user_pref("datareporting.policy.dataSubmissionEnabled.v2", false);
// 0414: disable safebrowsing pref - replaced by browser.safebrowsing.downloads.remote.url
// [-] https://bugzilla.mozilla.org/1239587
user_pref("browser.safebrowsing.appRepURL", ""); // Google application reputation check
// 0420: disable polaris (part of Tracking Protection, never used in stable)
// [-] https://bugzilla.mozilla.org/1235565
// user_pref("browser.polaris.enabled", false);
// 0510: disable "Pocket" [FF39+] - replaced by extensions.pocket.*
// [-] https://bugzilla.mozilla.org/1215694
user_pref("browser.pocket.enabled", false);
user_pref("browser.pocket.api", "");
user_pref("browser.pocket.site", "");
user_pref("browser.pocket.oAuthConsumerKey", "");
// ***/
/* FF47
// 0330b: set unifiedIsOptIn to make sure telemetry respects OptIn choice and that telemetry
// is enabled ONLY for people that opted into it, even if unified Telemetry is enabled
// [-] https://bugzilla.mozilla.org/1236580
user_pref("toolkit.telemetry.unifiedIsOptIn", true); // [HIDDEN PREF]
// 0340b: disable about:healthreport page UNIFIED
// [-] https://bugzilla.mozilla.org/1236580
user_pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,");
// 0807: disable history manipulation
// [1] https://developer.mozilla.org/docs/Web/API/History_API
// [-] https://bugzilla.mozilla.org/1249542
user_pref("browser.history.allowPopState", false);
user_pref("browser.history.allowPushState", false);
user_pref("browser.history.allowReplaceState", false);
// ***/
/* FF48
// 0806: disable 'unified complete': 'Search with [default search engine]'
// [-] http://techdows.com/2016/05/firefox-unified-complete-aboutconfig-preference-removed.html
// [-] https://bugzilla.mozilla.org/1181078
user_pref("browser.urlbar.unifiedcomplete", false);
// ***/
/* FF49
// 0372: disable "Hello"
// [1] https://www.mozilla.org/privacy/archive/hello/2016-03/
// [2] https://security.stackexchange.com/questions/94284/how-secure-is-firefox-hello
// [-] https://bugzilla.mozilla.org/1287827
user_pref("loop.enabled", false);
user_pref("loop.server", "");
user_pref("loop.feedback.formURL", "");
user_pref("loop.feedback.manualFormURL", "");
user_pref("loop.facebook.appId", "");
user_pref("loop.facebook.enabled", false);
user_pref("loop.facebook.fallbackUrl", "");
user_pref("loop.facebook.shareUrl", "");
user_pref("loop.logDomains", false);
// 2201: disable new window scrollbars being hidden
// [-] https://bugzilla.mozilla.org/1257887
user_pref("dom.disable_window_open_feature.scrollbars", true);
// 2303: disable push notification (UDP wake-up)
// [-] https://bugzilla.mozilla.org/1265914
user_pref("dom.push.udp.wakeupEnabled", false);
// ***/
/* FF50
// 0101: disable Windows10 intro on startup [WINDOWS]
// [-] https://bugzilla.mozilla.org/1274633
user_pref("browser.usedOnWindows10.introURL", "");
// 0308: disable plugin update notifications
// [-] https://bugzilla.mozilla.org/1277905
user_pref("plugins.update.notifyUser", false);
// 0410: disable "Block dangerous and deceptive content" - replaced by browser.safebrowsing.phishing.enabled
// [-] https://bugzilla.mozilla.org/1025965
// user_pref("browser.safebrowsing.enabled", false);
// 1266: disable rc4 ciphers
// [1] https://trac.torproject.org/projects/tor/ticket/17369
// [-] https://bugzilla.mozilla.org/1268728
// [-] https://www.fxsitecompat.com/en-CA/docs/2016/rc4-support-has-been-completely-removed/
user_pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
user_pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
user_pref("security.ssl3.rsa_rc4_128_md5", false);
user_pref("security.ssl3.rsa_rc4_128_sha", false);
// 1809: remove Mozilla's plugin update URL
// [-] https://bugzilla.mozilla.org/1277905
user_pref("plugins.update.url", "");
// ***/
/* FF51
// 0702: disable SPDY
// [-] https://bugzilla.mozilla.org/1248197
user_pref("network.http.spdy.enabled.v3-1", false);
// 1851: delay play of videos until they're visible
// [1] https://bugzilla.mozilla.org/1180563
// [-] https://bugzilla.mozilla.org/1262053
user_pref("media.block-play-until-visible", true);
// 2504: disable virtual reality devices
// [-] https://bugzilla.mozilla.org/1250244
user_pref("dom.vr.oculus050.enabled", false);
// ***/
/* FF52
// 1601: disable referer from an SSL Website
// [-] https://bugzilla.mozilla.org/1308725
user_pref("network.http.sendSecureXSiteReferrer", false);
// 1850: disable Adobe EME "Primetime CDM" (Content Decryption Module)
// [1] https://trac.torproject.org/projects/tor/ticket/16285
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1329538,1337121 // FF52
// [-] https://bugzilla.mozilla.org/1329543 // FF53
user_pref("media.gmp-eme-adobe.enabled", false);
user_pref("media.gmp-eme-adobe.visible", false);
user_pref("media.gmp-eme-adobe.autoupdate", false);
// 2405: disable WebTelephony API
// [1] https://wiki.mozilla.org/WebAPI/Security/WebTelephony
// [-] https://bugzilla.mozilla.org/1309719
user_pref("dom.telephony.enabled", false);
// ***/
/* FF53
// 1265: block rc4 fallback
// [-] https://bugzilla.mozilla.org/1130670
user_pref("security.tls.unrestricted_rc4_fallback", false);
// 1806: disable Acrobat, Quicktime, WMP (the string = min version number allowed)
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1317108,1317109,1317110
user_pref("plugin.scan.Acrobat", "99999");
user_pref("plugin.scan.Quicktime", "99999");
user_pref("plugin.scan.WindowsMediaPlayer", "99999");
// 2022: disable screensharing
// [-] https://bugzilla.mozilla.org/1329562
user_pref("media.getusermedia.screensharing.allow_on_old_platforms", false);
// 2507: disable keyboard fingerprinting
// [-] https://bugzilla.mozilla.org/1322736
user_pref("dom.beforeAfterKeyboardEvent.enabled", false);
// ***/
/* FF54
// 0415: disable reporting URLs (safe browsing)
// [-] https://bugzilla.mozilla.org/1288633
user_pref("browser.safebrowsing.reportMalwareMistakeURL", "");
user_pref("browser.safebrowsing.reportPhishMistakeURL", "");
// 1830: block websites detecting DRM is disabled
// [-] https://bugzilla.mozilla.org/1242321
user_pref("media.eme.apiVisible", false);
// 2425: disable Archive Reader API
// i.e. reading archive contents directly in the browser, through DOM file objects
// [-] https://bugzilla.mozilla.org/1342361
user_pref("dom.archivereader.enabled", false);
// ***/
/* FF55
// 0209: disable geolocation on non-secure origins [FF54+]
// [1] https://bugzilla.mozilla.org/1269531
// [-] https://bugzilla.mozilla.org/1072859
user_pref("geo.security.allowinsecure", false);
// 0336: disable "Heartbeat" (Mozilla user rating telemetry) [FF37+]
// [1] https://trac.torproject.org/projects/tor/ticket/18738
// [-] https://bugzilla.mozilla.org/1361578
user_pref("browser.selfsupport.enabled", false); // [HIDDEN PREF]
user_pref("browser.selfsupport.url", "");
// 0360: disable new tab "pings"
// [-] https://bugzilla.mozilla.org/1241390
user_pref("browser.newtabpage.directory.ping", "data:text/plain,");
// 0861: disable saving form history on secure websites
// [-] https://bugzilla.mozilla.org/1361220
user_pref("browser.formfill.saveHttpsForms", false);
// 0863: disable Form Autofill [FF54+] - replaced by extensions.formautofill.*
// [-] https://bugzilla.mozilla.org/1364334
user_pref("browser.formautofill.enabled", false);
// 2410: disable User Timing API
// [1] https://trac.torproject.org/projects/tor/ticket/16336
// [-] https://bugzilla.mozilla.org/1344669
user_pref("dom.enable_user_timing", false);
// 2507: disable keyboard fingerprinting (physical keyboards) [FF38+]
// The Keyboard API allows tracking the "read parameter" of pressed keys in forms on
// web pages. These parameters vary between types of keyboard layouts such as QWERTY,
// AZERTY, Dvorak, and between various languages, e.g. German vs English.
// [WARNING] Don't use if Android + physical keyboard
// [1] https://developer.mozilla.org/docs/Web/API/KeyboardEvent/code
// [2] https://www.privacy-handbuch.de/handbuch_21v.htm
// [-] https://bugzilla.mozilla.org/1352949
user_pref("dom.keyboardevent.code.enabled", false);
// 5015: disable tab animation - replaced by toolkit.cosmeticAnimations.enabled
// [-] https://bugzilla.mozilla.org/1352069
user_pref("browser.tabs.animate", false);
// 5016: disable fullscreeen animation - replaced by toolkit.cosmeticAnimations.enabled
// [-] https://bugzilla.mozilla.org/1352069
user_pref("browser.fullscreen.animate", false);
// ***/
/* FF56
// 0515: disable Screenshots (rollout pref only) [FF54+]
// [-] https://bugzilla.mozilla.org/1386333
// user_pref("extensions.screenshots.system-disabled", true);
// 0517: disable Form Autofill [FF55+] - replaced by extensions.formautofill.available
// [-] https://bugzilla.mozilla.org/1385201
user_pref("extensions.formautofill.experimental", false);
// ***/
/* FF57
// 0374: disable "social" integration
// [1] https://developer.mozilla.org/docs/Mozilla/Projects/Social_API
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388902,1406193 (some leftovers were removed in FF58)
user_pref("social.whitelist", "");
user_pref("social.toast-notifications.enabled", false);
user_pref("social.shareDirectory", "");
user_pref("social.remote-install.enabled", false);
user_pref("social.directories", "");
user_pref("social.share.activationPanelEnabled", false);
user_pref("social.enabled", false); // [HIDDEN PREF]
// 1830: disable DRM's EME WideVineAdapter [FF55+]
// [-] https://bugzilla.mozilla.org/1395468
user_pref("media.eme.chromium-api.enabled", false);
// 2608: disable WebIDE extension downloads (Valence)
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1393497
user_pref("devtools.webide.autoinstallFxdtAdapters", false);
user_pref("devtools.webide.adaptersAddonURL", "");
// 2600's: disable SimpleServiceDiscovery - which can bypass proxy settings - e.g. Roku
// [1] https://trac.torproject.org/projects/tor/ticket/16222
// [-] https://bugzilla.mozilla.org/1393582
user_pref("browser.casting.enabled", false);
// 5022: hide recently bookmarked items (you still have the original bookmarks) [FF49+]
// [-] https://bugzilla.mozilla.org/1401238
user_pref("browser.bookmarks.showRecentlyBookmarked", false);
// ***/
/* FF58
// 0351: disable sending of crash reports [FF51+] - replaced by *.autoSubmit2
// [-] https://bugzilla.mozilla.org/1424373
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit", false);
// ***/
/* FF59
// 0203: disable using OS locale, force APP locale - replaced by intl.locale.requested
// [-] https://bugzilla.mozilla.org/1414390
user_pref("intl.locale.matchOS", false);
// 0204: set APP locale - replaced by intl.locale.requested
// [-] https://bugzilla.mozilla.org/1414390
user_pref("general.useragent.locale", "en-US");
// 0340b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json)
// If you have disabled health reports, then this about page is useless - disable it
// If you want to see what health data is present, then this must be set at default
// [-] https://bugzilla.mozilla.org/1352497
user_pref("datareporting.healthreport.about.reportUrl", "data:,");
// 0511: disable FlyWeb [FF49+]
// Flyweb is a set of APIs for advertising and discovering local-area web servers
// [1] https://flyweb.github.io/
// [2] https://wiki.mozilla.org/FlyWeb/Security_scenarios
// [-] https://bugzilla.mozilla.org/1374574
user_pref("dom.flyweb.enabled", false);
// 1007: disable randomized FF HTTP cache decay experiments
// [1] https://trac.torproject.org/projects/tor/ticket/13575
// [-] https://bugzilla.mozilla.org/1430197
user_pref("browser.cache.frecency_experiment", -1);
// 1242: enable Mixed-Content-Blocker to use the HSTS cache but disable the HSTS Priming requests [FF51+]
// Allow resources from domains with an existing HSTS cache record or in the HSTS preload list
// to be upgraded to HTTPS internally but disable sending out HSTS Priming requests, because
// those may cause noticeable delays e.g. requests time out or are not handled well by servers
// [NOTE] If you want to use the priming requests make sure 'use_hsts' is also true
// [1] https://bugzilla.mozilla.org/1246540#c145
// [-] https://bugzilla.mozilla.org/1424917
user_pref("security.mixed_content.use_hsts", true);
user_pref("security.mixed_content.send_hsts_priming", false);
// 1606: set the default Referrer Policy [FF53+] - replaced by network.http.referer.defaultPolicy
// [-] https://bugzilla.mozilla.org/587523
user_pref("network.http.referer.userControlPolicy", 3);
// 1804: disable plugins using external/untrusted scripts with XPCOM or XPConnect
// [-] (part8) https://bugzilla.mozilla.org/1416703#c21
user_pref("security.xpconnect.plugin.unrestricted", false);
// 2022: disable screensharing domain whitelist
// [-] https://bugzilla.mozilla.org/1411742
user_pref("media.getusermedia.screensharing.allowed_domains", "");
// 2023: disable camera stuff
// [-] (part7) https://bugzilla.mozilla.org/1416703#c21
user_pref("camera.control.face_detection.enabled", false);
// 2202: prevent scripts from changing the status text
// [-] https://bugzilla.mozilla.org/1425999
user_pref("dom.disable_window_status_change", true);
// 2416: disable idle observation
// [-] (part7) https://bugzilla.mozilla.org/1416703#c21
user_pref("dom.idle-observers-api.enabled", false);
// ***/
/* FF60
// 0360: disable new tab tile ads & preload & marketing junk
// [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1370930,1433133
user_pref("browser.newtabpage.directory.source", "data:text/plain,");
user_pref("browser.newtabpage.enhanced", false);
user_pref("browser.newtabpage.introShown", true);
// 0512: disable Shield [FF53+] - renamed to app.normandy.* (see 0503)
// Shield is an telemetry system (including Heartbeat) that can also push and test "recipes"
// [1] https://wiki.mozilla.org/Firefox/Shield
// [2] https://github.com/mozilla/normandy
// [-] https://bugzilla.mozilla.org/1436113
user_pref("extensions.shield-recipe-client.enabled", false);
user_pref("extensions.shield-recipe-client.api_url", "");
// 0514: disable Activity Stream [FF54+]
// [-] https://bugzilla.mozilla.org/1433324
user_pref("browser.newtabpage.activity-stream.enabled", false);
// 2301: disable workers
// Disabling workers *will* break sites (e.g. Google Street View, Twitter)
// [NOTE] CVE-2016-5259, CVE-2016-2812, CVE-2016-1949, CVE-2016-5287 (fixed)
// [-] https://bugzilla.mozilla.org/1434934
user_pref("dom.workers.enabled", false);
// 5000's: open "page/selection source" in a new window
// [-] https://bugzilla.mozilla.org/1418403
// user_pref("view_source.tab", false);
// ***/
```
archived arkenfox-cleanup.js
this is everything up to FF117 - the live version has been tidied up to prefs deprecated/removed since FF91
click for details
```js
/***
This will reset the preferences that have been
- removed from the arkenfox user.js
- deprecated by Mozilla but listed in the arkenfox user.js in the past
Last updated: 18-September-2023
Instructions:
- [optional] close Firefox and backup your profile
- [optional] disable your network connection [1]
- start Firefox
- load about:config and press Ctrl+Shift+K to open the Web Console for about:config
- using about:config is important, so the script has the right permissions
- paste this script
- if you edited the list of prefs in the script, make sure the last pref does not have a trailing comma
- hit enter
- check the Info output to see which prefs were reset
- restart
- some prefs require a restart
- a restart will reapply your user.js
- [optional] re-enable your network connection
[1] Blocking Firefox from the internet ensures it cannot act on your reset preferences in the
period before you restart it, such as app and extension auto-updating, or downloading unwanted
components (GMP etc). It depends on what you're resetting and how long before you restart.
***/
(() => {
if ('undefined' === typeof(Services)) return alert('about:config needs to be the active tab!');
const aPREFS = [
/* DEPRECATED */
/* 116+ */
'dom.webnotifications.serviceworker.enabled', // 117
'layout.css.font-visibility.resistFingerprinting', // 116
'permissions.delegation.enabled', // 118
'security.family_safety.mode', // 117
/* 103-115 */
'browser.cache.offline.enable', // 115
'extensions.formautofill.heuristics.enabled', // 114
'network.cookie.lifetimePolicy', // 103 [technically removed in 104]
'privacy.clearsitedata.cache.enabled', // 114
'privacy.resistFingerprinting.testGranularityMask', // 114
'security.pki.sha1_enforcement_level', // 103
/* 92-102 */
'browser.urlbar.suggest.quicksuggest', // 95
'dom.securecontext.whitelist_onions', // 97
'dom.storage.next_gen', // 102
'network.http.spdy.enabled', // 100
'network.http.spdy.enabled.deps',
'network.http.spdy.enabled.http2',
'network.http.spdy.websockets',
'layout.css.font-visibility.level', // 94
'security.ask_for_password', // 102
'security.csp.enable', // 99
'security.password_lifetime', // 102
'security.ssl3.rsa_des_ede3_sha', // 93
/* 79-91 */
'browser.cache.offline.storage.enable',
'browser.download.hide_plugins_without_extensions',
'browser.library.activity-stream.enabled',
'browser.search.geoSpecificDefaults',
'browser.search.geoSpecificDefaults.url',
'dom.ipc.plugins.flash.subprocess.crashreporter.enabled',
'dom.ipc.plugins.reportCrashURL',
'dom.w3c_pointer_events.enabled',
'intl.charset.fallback.override',
'network.ftp.enabled',
'plugin.state.flash',
'security.mixed_content.block_object_subrequest',
'security.ssl.errorReporting.automatic',
'security.ssl.errorReporting.enabled',
'security.ssl.errorReporting.url',
/* 69-78 */
'browser.newtabpage.activity-stream.telemetry.ping.endpoint',
'browser.tabs.remote.allowLinkedWebInFileUriProcess',
'browser.urlbar.oneOffSearches',
'devtools.webide.autoinstallADBExtension',
'devtools.webide.enabled',
'dom.indexedDB.enabled',
'extensions.blocklist.url',
'geo.wifi.logging.enabled',
'geo.wifi.uri',
'gfx.downloadable_fonts.woff2.enabled',
'media.autoplay.allow-muted',
'media.autoplay.enabled.user-gestures-needed',
'offline-apps.allow_by_default',
'plugins.click_to_play',
'privacy.userContext.longPressBehavior',
'toolkit.cosmeticAnimations.enabled',
'toolkit.telemetry.hybridContent.enabled',
'webgl.disable-extensions',
/* 61-68 */
'app.update.enabled',
'browser.aboutHomeSnippets.updateUrl',
'browser.chrome.errorReporter.enabled',
'browser.chrome.errorReporter.submitUrl',
'browser.chrome.favicons',
'browser.ctrlTab.previews',
'browser.fixup.hide_user_pass',
'browser.newtabpage.activity-stream.asrouter.userprefs.cfr',
'browser.newtabpage.activity-stream.disableSnippets',
'browser.onboarding.enabled',
'browser.search.countryCode',
'browser.urlbar.autocomplete.enabled',
'devtools.webide.adbAddonURL',
'devtools.webide.autoinstallADBHelper',
'dom.event.highrestimestamp.enabled',
'experiments.activeExperiment',
'experiments.enabled',
'experiments.manifest.uri',
'experiments.supported',
'lightweightThemes.update.enabled',
'media.autoplay.enabled',
'network.allow-experiments',
'network.cookie.lifetime.days',
'network.jar.block-remote-files',
'network.jar.open-unsafe-types',
'plugin.state.java',
'security.csp.enable_violation_events',
'security.csp.experimentalEnabled',
'shield.savant.enabled',
/* 60 or earlier */
'browser.bookmarks.showRecentlyBookmarked',
'browser.casting.enabled',
'browser.crashReports.unsubmittedCheck.autoSubmit',
'browser.formautofill.enabled',
'browser.formfill.saveHttpsForms',
'browser.fullscreen.animate',
'browser.history.allowPopState',
'browser.history.allowPushState',
'browser.history.allowReplaceState',
'browser.newtabpage.activity-stream.enabled',
'browser.newtabpage.directory.ping',
'browser.newtabpage.directory.source',
'browser.newtabpage.enhanced',
'browser.newtabpage.introShown',
'browser.pocket.api',
'browser.pocket.enabled',
'browser.pocket.oAuthConsumerKey',
'browser.pocket.site',
'browser.polaris.enabled',
'browser.safebrowsing.appRepURL',
'browser.safebrowsing.enabled',
'browser.safebrowsing.gethashURL',
'browser.safebrowsing.malware.reportURL',
'browser.safebrowsing.provider.google.appRepURL',
'browser.safebrowsing.reportErrorURL',
'browser.safebrowsing.reportGenericURL',
'browser.safebrowsing.reportMalwareErrorURL',
'browser.safebrowsing.reportMalwareMistakeURL',
'browser.safebrowsing.reportMalwareURL',
'browser.safebrowsing.reportPhishMistakeURL',
'browser.safebrowsing.reportURL',
'browser.safebrowsing.updateURL',
'browser.search.showOneOffButtons',
'browser.selfsupport.enabled',
'browser.selfsupport.url',
'browser.sessionstore.privacy_level_deferred',
'browser.tabs.animate',
'browser.trackingprotection.gethashURL',
'browser.trackingprotection.updateURL',
'browser.urlbar.unifiedcomplete',
'browser.usedOnWindows10.introURL',
'camera.control.autofocus_moving_callback.enabled',
'camera.control.face_detection.enabled',
'datareporting.healthreport.about.reportUrl',
'datareporting.healthreport.about.reportUrlUnified',
'datareporting.healthreport.documentServerURI',
'datareporting.healthreport.service.enabled',
'datareporting.policy.dataSubmissionEnabled.v2',
'devtools.webide.autoinstallFxdtAdapters',
'dom.archivereader.enabled',
'dom.beforeAfterKeyboardEvent.enabled',
'dom.disable_image_src_set',
'dom.disable_window_open_feature.scrollbars',
'dom.disable_window_status_change',
'dom.enable_user_timing',
'dom.flyweb.enabled',
'dom.idle-observers-api.enabled',
'dom.keyboardevent.code.enabled',
'dom.network.enabled',
'dom.push.udp.wakeupEnabled',
'dom.telephony.enabled',
'dom.vr.oculus050.enabled',
'dom.workers.enabled',
'dom.workers.sharedWorkers.enabled',
'extensions.formautofill.experimental',
'extensions.screenshots.system-disabled',
'extensions.shield-recipe-client.api_url',
'extensions.shield-recipe-client.enabled',
'full-screen-api.approval-required',
'general.useragent.locale',
'geo.security.allowinsecure',
'intl.locale.matchOS',
'loop.enabled',
'loop.facebook.appId',
'loop.facebook.enabled',
'loop.facebook.fallbackUrl',
'loop.facebook.shareUrl',
'loop.feedback.formURL',
'loop.feedback.manualFormURL',
'loop.logDomains',
'loop.server',
'media.block-play-until-visible',
'media.eme.apiVisible',
'media.eme.chromium-api.enabled',
'media.getusermedia.screensharing.allow_on_old_platforms',
'media.getusermedia.screensharing.allowed_domains',
'media.gmp-eme-adobe.autoupdate',
'media.gmp-eme-adobe.enabled',
'media.gmp-eme-adobe.visible',
'network.http.referer.userControlPolicy',
'network.http.sendSecureXSiteReferrer',
'network.http.spdy.enabled.http2draft',
'network.http.spdy.enabled.v3-1',
'network.websocket.enabled',
'pageThumbs.enabled',
'pfs.datasource.url',
'plugin.scan.Acrobat',
'plugin.scan.Quicktime',
'plugin.scan.WindowsMediaPlayer',
'plugins.enumerable_names',
'plugins.update.notifyUser',
'plugins.update.url',
'privacy.clearOnShutdown.passwords',
'privacy.donottrackheader.value',
'security.mixed_content.send_hsts_priming',
'security.mixed_content.use_hsts',
'security.ssl3.ecdhe_ecdsa_rc4_128_sha',
'security.ssl3.ecdhe_rsa_rc4_128_sha',
'security.ssl3.rsa_rc4_128_md5',
'security.ssl3.rsa_rc4_128_sha',
'security.tls.insecure_fallback_hosts.use_static_list',
'security.tls.unrestricted_rc4_fallback',
'security.xpconnect.plugin.unrestricted',
'social.directories',
'social.enabled',
'social.remote-install.enabled',
'social.share.activationPanelEnabled',
'social.shareDirectory',
'social.toast-notifications.enabled',
'social.whitelist',
'toolkit.telemetry.unifiedIsOptIn',
/* REMOVED */
/* 116+ */
'media.gmp-widevinecdm.enabled',
'network.protocol-handler.external.ms-windows-store',
/* 103-115 */
'beacon.enabled',
'browser.startup.blankWindow',
'browser.newtab.preload',
'browser.newtabpage.activity-stream.feeds.discoverystreamfeed',
'browser.newtabpage.activity-stream.feeds.snippets',
'browser.region.network.url',
'browser.region.update.enabled',
'browser.search.region',
'browser.ssl_override_behavior',
'browser.tabs.warnOnClose',
'devtools.chrome.enabled',
'dom.disable_beforeunload',
'dom.disable_open_during_load',
'dom.netinfo.enabled',
'dom.vr.enabled',
'extensions.formautofill.addresses.supported',
'extensions.formautofill.available',
'extensions.formautofill.creditCards.available',
'extensions.formautofill.creditCards.supported',
'middlemouse.contentLoadURL',
'network.http.altsvc.oe',
/* 92-102 */
'browser.urlbar.trimURLs',
'dom.caches.enabled',
'dom.storageManager.enabled',
'dom.storage_access.enabled',
'dom.targetBlankNoOpener.enabled',
'network.cookie.thirdparty.sessionOnly',
'network.cookie.thirdparty.nonsecureSessionOnly',
'privacy.firstparty.isolate.block_post_message',
'privacy.firstparty.isolate.restrict_opener_access',
'privacy.firstparty.isolate.use_site',
'privacy.window.name.update.enabled',
'security.insecure_connection_text.enabled',
/* 79-91 */
'alerts.showFavicons',
'browser.newtabpage.activity-stream.asrouter.providers.snippets',
'browser.send_pings.require_same_host',
'browser.urlbar.usepreloadedtopurls.enabled',
'dom.allow_cut_copy',
'dom.battery.enabled',
'dom.IntersectionObserver.enabled',
'dom.storage.enabled',
'dom.vibrator.enabled',
'extensions.screenshots.upload-disabled',
'general.warnOnAboutConfig',
'gfx.direct2d.disabled',
'layers.acceleration.disabled',
'media.getusermedia.audiocapture.enabled',
'media.getusermedia.browser.enabled',
'media.getusermedia.screensharing.enabled',
'media.gmp-widevinecdm.visible',
'media.media-capabilities.enabled',
'network.http.redirection-limit',
'privacy.partition.network_state',
'security.insecure_connection_icon.enabled',
'security.mixed_content.block_active_content',
'security.ssl.enable_ocsp_stapling',
'security.ssl3.dhe_rsa_aes_128_sha',
'security.ssl3.dhe_rsa_aes_256_sha',
'webgl.min_capability_mode',
/* 69-78 */
'browser.cache.disk_cache_ssl',
'browser.search.geoip.url',
'browser.search.region',
'browser.sessionhistory.max_entries',
'dom.push.connection.enabled',
'dom.push.serverURL',
'extensions.getAddons.discovery.api_url',
'extensions.htmlaboutaddons.discover.enabled',
'extensions.webservice.discoverURL',
'intl.locale.requested',
'intl.regional_prefs.use_os_locales',
'media.block-autoplay-until-in-foreground',
'middlemouse.paste',
'plugin.sessionPermissionNow.intervalInMinutes',
'privacy.usercontext.about_newtab_segregation.enabled',
'security.insecure_connection_icon.pbmode.enabled',
'security.insecure_connection_text.pbmode.enabled',
'webgl.dxgl.enabled',
/* 61-68 */
'app.update.service.enabled',
'app.update.silent',
'app.update.staging.enabled',
'browser.cache.disk.capacity',
'browser.cache.disk.smart_size.enabled',
'browser.cache.disk.smart_size.first_run',
'browser.cache.offline.insecure.enable',
'browser.contentblocking.enabled',
'browser.laterrun.enabled',
'browser.offline-apps.notify',
'browser.rights.3.shown',
'browser.safebrowsing.blockedURIs.enabled',
'browser.safebrowsing.downloads.remote.block_dangerous',
'browser.safebrowsing.downloads.remote.block_dangerous_host',
'browser.safebrowsing.provider.google.gethashURL',
'browser.safebrowsing.provider.google.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google.reportPhishMistakeURL',
'browser.safebrowsing.provider.google.reportURL',
'browser.safebrowsing.provider.google.updateURL',
'browser.safebrowsing.provider.google4.dataSharing.enabled',
'browser.safebrowsing.provider.google4.dataSharingURL',
'browser.safebrowsing.provider.google4.gethashURL',
'browser.safebrowsing.provider.google4.reportMalwareMistakeURL',
'browser.safebrowsing.provider.google4.reportPhishMistakeURL',
'browser.safebrowsing.provider.google4.reportURL',
'browser.safebrowsing.provider.google4.updateURL',
'browser.safebrowsing.provider.mozilla.gethashURL',
'browser.safebrowsing.provider.mozilla.updateURL',
'browser.safebrowsing.reportPhishURL',
'browser.sessionhistory.max_total_viewers',
'browser.sessionstore.max_windows_undo',
'browser.slowStartup.maxSamples',
'browser.slowStartup.notificationDisabled',
'browser.slowStartup.samples',
'browser.storageManager.enabled',
'browser.urlbar.autoFill.typed',
'browser.urlbar.filter.javascript',
'browser.urlbar.maxHistoricalSearchSuggestions',
'browser.urlbar.userMadeSearchSuggestionsChoice',
'canvas.capturestream.enabled',
'dom.allow_scripts_to_close_windows',
'dom.disable_window_flip',
'dom.forms.datetime',
'dom.imagecapture.enabled',
'dom.popup_maximum',
'extensions.webextensions.keepStorageOnUninstall',
'extensions.webextensions.keepUuidOnUninstall',
'font.blacklist.underline_offset',
'font.name.monospace.x-unicode',
'font.name.monospace.x-western',
'font.name.sans-serif.x-unicode',
'font.name.sans-serif.x-western',
'font.name.serif.x-unicode',
'font.name.serif.x-western',
'gfx.offscreencanvas.enabled',
'javascript.options.shared_memory',
'layout.css.font-loading-api.enabled',
'media.gmp-gmpopenh264.autoupdate',
'media.gmp-gmpopenh264.enabled',
'media.gmp-manager.updateEnabled',
'media.gmp-manager.url',
'media.gmp-manager.url.override',
'media.gmp-widevinecdm.autoupdate',
'media.gmp.trial-create.enabled',
'media.navigator.video.enabled',
'media.peerconnection.ice.tcp',
'media.peerconnection.identity.enabled',
'media.peerconnection.identity.timeout',
'media.peerconnection.turn.disable',
'media.peerconnection.use_document_iceservers',
'media.peerconnection.video.enabled',
'network.auth.subresource-img-cross-origin-http-auth-allow',
'network.cookie.leave-secure-alone',
'network.cookie.same-site.enabled',
'network.dnsCacheEntries',
'network.dnsCacheExpiration',
'network.http.fast-fallback-to-IPv4',
'network.proxy.autoconfig_url.include_path',
'offline-apps.quota.warn',
'pdfjs.enableWebGL',
'plugin.default.state',
'plugin.defaultXpi.state',
'plugin.scan.plid.all',
'privacy.trackingprotection.annotate_channels',
'privacy.trackingprotection.lower_network_priority',
'privacy.trackingprotection.pbmode.enabled',
'privacy.trackingprotection.ui.enabled',
'security.data_uri.block_toplevel_data_uri_navigations',
'security.insecure_field_warning.contextual.enabled',
'security.insecure_password.ui.enabled',
'security.tls.version.fallback-limit',
'services.blocklist.addons.collection',
'services.blocklist.gfx.collection',
'services.blocklist.onecrl.collection',
'services.blocklist.plugins.collection',
'services.blocklist.signing.enforced',
'services.blocklist.update_enabled',
'signon.autofillForms.http',
'signon.storeWhenAutocompleteOff',
'toolkit.telemetry.cachedClientID',
'urlclassifier.trackingTable',
'xpinstall.whitelist.required',
/* 60 or lower */
'browser.migrate.automigrate.enabled',
'browser.search.geoip.timeout',
'browser.search.reset.enabled',
'browser.search.reset.whitelist',
'browser.stopReloadAnimation.enabled',
'browser.tabs.insertRelatedAfterCurrent',
'browser.tabs.loadDivertedInBackground',
'browser.tabs.loadInBackground',
'browser.tabs.selectOwnerOnClose',
'browser.urlbar.clickSelectsAll',
'browser.urlbar.doubleClickSelectsAll',
'device.storage.enabled',
'dom.keyboardevent.dispatch_during_composition',
'dom.presentation.controller.enabled',
'dom.presentation.discoverable',
'dom.presentation.discovery.enabled',
'dom.presentation.enabled',
'dom.presentation.receiver.enabled',
'dom.presentation.session_transport.data_channel.enable',
'dom.vr.oculus.enabled',
'dom.vr.openvr.enabled',
'dom.vr.osvr.enabled',
'extensions.pocket.api',
'extensions.pocket.oAuthConsumerKey',
'extensions.pocket.site',
'general.useragent.compatMode.firefox',
'geo.wifi.xhr.timeout',
'gfx.layerscope.enabled',
'media.flac.enabled',
'media.mediasource.enabled',
'media.mediasource.mp4.enabled',
'media.mediasource.webm.audio.enabled',
'media.mediasource.webm.enabled',
'media.mp4.enabled',
'media.ogg.enabled',
'media.ogg.flac.enabled',
'media.opus.enabled',
'media.raw.enabled',
'media.wave.enabled',
'media.webm.enabled',
'media.webspeech.recognition.enable',
'media.wmf.amd.vp9.enabled',
'media.wmf.enabled',
'media.wmf.vp9.enabled',
'network.dns.blockDotOnion',
'network.stricttransportsecurity.preloadlist',
'security.block_script_with_wrong_mime',
'security.fileuri.strict_origin_policy',
'security.sri.enable',
'services.sync.enabled',
'ui.submenuDelay',
'webextensions.storage.sync.enabled',
'webextensions.storage.sync.serverURL',
// excluding these e10 settings
// 'browser.tabs.remote.autostart',
// 'browser.tabs.remote.autostart.2',
// 'browser.tabs.remote.force-enable',
// 'browser.tabs.remote.separateFileUriProcess',
// 'extensions.e10sBlocksEnabling',
// 'extensions.webextensions.remote',
// 'dom.ipc.processCount',
// 'dom.ipc.shims.enabledWarnings',
// 'dom.ipc.processCount.extension',
// 'dom.ipc.processCount.file',
// 'security.sandbox.content.level',
// 'dom.ipc.plugins.sandbox-level.default',
// 'dom.ipc.plugins.sandbox-level.flash',
// 'security.sandbox.logging.enabled',
/* IMPORTANT: last active pref must not have a trailing comma */
/* reset parrot: check your open about:config after running the script */
'_user.js.parrot'
];
console.clear();
let c = 0;
for (const sPname of aPREFS) {
if (Services.prefs.prefHasUserValue(sPname)) {
Services.prefs.clearUserPref(sPname);
if (!Services.prefs.prefHasUserValue(sPname)) {
console.info('reset', sPname);
c++;
} else console.warn('failed to reset', sPname);
}
}
focus();
const d = (c==1) ? ' pref' : ' prefs';
alert(c ? 'successfully reset ' + c + d + "\n\nfor details check the console" : 'nothing to reset');
return 'all done';
})();
```
Locked sticky issue for tracking deprecated, removed, legacy and renamed preferences that were previously used in this user.js. A few others have been added FYI. This version is simplified to a single line, and the only links are those to the relevant bugzilla tickets that saw the pref removed.
Use our scratchpad script, currently for items since FF91, to help make sure these are reset - there is an archived arkenfox-cleanup.js (up to and including FF117 with everything since we started) at the bottom of this post
:small_red_triangle_down: FF127
2630
disable content analysis by DLP - replaced by default_result // user_pref("browser.contentanalysis.default_allow", false);4511
enforce non-native widget theme // user_pref("widget.non-native-theme.enabled", true);:small_red_triangle_down: FF126
9003
disable What's New toolbar icon // user_pref("browser.messaging-system.whatsNewPanel.enabled", false);:small_red_triangle_down: FF123
0334
disable PingCentre telemetry // user_pref("browser.ping-centre.telemetry", false);:small_red_triangle_down: FF119
0211
use en-US locale regardless of the system or region locale // user_pref("javascript.use_us_english_locale", true);0711
disable skipping DoH when parental controls are enabled // user_pref("network.dns.skipTRR-when-parental-control-enabled", false);:small_red_triangle_down: FF118
1402
limit font visibility // user_pref("layout.css.font-visibility.private", 1); // user_pref("layout.css.font-visibility.standard", 1); // user_pref("layout.css.font-visibility.trackingprotection", 1);2623
disable permissions delegation // user_pref("permissions.delegation.enabled", false);:small_red_triangle_down: FF117
1221
disable Windows Microsoft Family Safety cert // pref("security.family_safety.mode", 0);7018
disable service worker Web Notifications // pref("dom.webnotifications.serviceworker.enabled", false);:small_red_triangle_down: FF116
4506
set RFP's font visibility level [FF94+] // user_pref("layout.css.font-visibility.resistFingerprinting", 1); // [DEFAULT: 1]:small_red_triangle_down: FF115
7001
disable offline cache (appCache) // user_pref("browser.cache.offline.enable", false);:small_red_triangle_down: FF114
2816
set cache to clear on exit [FF96+] // user_pref("privacy.clearsitedata.cache.enabled", true);4505
experimental RFP [FF91+] // user_pref("privacy.resistFingerprinting.testGranularityMask", 0);5017
disable Form Autofill heuristics // user_pref("extensions.formautofill.heuristics.enabled", false);:small_red_triangle_down: FF103
2801
delete cookies and site data on exit - code replaced bysanitizeOnShutdown*
// user_pref("network.cookie.lifetimePolicy", 2); // in FF103 it resets to 0 (and does a migration), removed in FF1046012
disable SHA-1 certificates // user_pref("security.pki.sha1_enforcement_level", 1);:small_red_triangle_down: FF102
0901
set when Firefox should prompt for the primary password // user_pref("security.ask_for_password", 2);0902
set how long in minutes Firefox should remember the primary password // user_pref("security.password_lifetime", 5);6007
enforce Local Storage Next Generation (LSNG) // user_pref("dom.storage.next_gen", true);:small_red_triangle_down: FF100
7009
disable HTTP2 - replaced bynetwork.http.http2*
prefs // user_pref("network.http.spdy.enabled", false); // user_pref("network.http.spdy.enabled.deps", false); // user_pref("network.http.spdy.enabled.http2", false); // user_pref("network.http.spdy.websockets", false);:small_red_triangle_down: FF99
6003
enforce CSP (Content Security Policy) // user_pref("security.csp.enable", true):small_red_triangle_down: FF97
7006
onions - replaced (see new 7006 "allowlist" pref) // user_pref("dom.securecontext.whitelist_onions", true);:small_red_triangle_down: FF96
0302
disable auto-INSTALLING Firefox updates via a background service + hide the setting // user_pref("app.update.background.scheduling.enabled", false);:small_red_triangle_down: FF95
0807
disable location bar contextual suggestions [FF92+] - replaced by*.nonsponsored
// user_pref("browser.urlbar.suggest.quicksuggest", false);:small_red_triangle_down: FF94
1402
limit font visibility - replaced (see new 1402) // user_pref("layout.css.font-visibility.level", 1);:small_red_triangle_down: FF93
7003
disable non-modern cipher suites // user_pref("security.ssl3.rsa_des_ede3_sha", false);:small_red_triangle_down: FF90
0708
disable FTP // user_pref("network.ftp.enabled", false);2730
enforce no offline cache storage (appCache) // user_pref("browser.cache.offline.storage.enable", false); // [DEFAULT: false FF84+]:small_red_triangle_down: FF89
0309
: disable sending Flash crash reports // user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);0310
: disable sending the URL of the website where a plugin crashed // user_pref("dom.ipc.plugins.reportCrashURL", false);1243
: block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks // user_pref("security.mixed_content.block_object_subrequest", true);1803
: disable Flash plugin // user_pref("plugin.state.flash", 0); // [DEFAULT: 1]:small_red_triangle_down: FF87
0105d
disable AS recent Highlights in the Library // user_pref("browser.library.activity-stream.enabled", false);4616
disable PointerEvents (RFP ALTS) // user_pref("dom.w3c_pointer_events.enabled", false);:small_red_triangle_down: FF86
1205
disable SSL Error Reporting // user_pref("security.ssl.errorReporting.automatic", false); // user_pref("security.ssl.errorReporting.enabled", false); // user_pref("security.ssl.errorReporting.url", "");2653
disable hiding mime types not associated with a plugin // user_pref("browser.download.hide_plugins_without_extensions", false);:small_red_triangle_down: FF82
0206
disable geographically specific results/search engines // user_pref("browser.search.geoSpecificDefaults", false); // user_pref("browser.search.geoSpecificDefaults.url", "");:small_red_triangle_down: FF79
0212
enforce fallback text encoding to match en-US // user_pref("intl.charset.fallback.override", "windows-1252");:small_red_triangle_down: FF78
2031
disable autoplay of HTML5 media if you interacted with the site - replaced bymedia.autoplay.blocking_policy
// user_pref("media.autoplay.enabled.user-gestures-needed", false);5000s
- replaced since FF77 by using the existingui.prefersReducedMotion
// user_pref("toolkit.cosmeticAnimations.enabled", false);:small_red_triangle_down: FF77
0850e
disable location bar one-off searches [FF51+] // user_pref("browser.urlbar.oneOffSearches", false);2605
block web content in file processes [FF55+] // user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false);:small_red_triangle_down: FF76
0401
sanitize blocklist url // user_pref("extensions.blocklist.url", "https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%APP_ID%/%APP_VERSION%/");2201
prevent websites from disabling new window features // NOTE: the code was ripped out in FF76, but they forgot to remove the prefs until FF82 // user_pref("dom.disable_window_open_feature.close", true); // user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: true] // user_pref("dom.disable_window_open_feature.menubar", true); // user_pref("dom.disable_window_open_feature.minimizable", true); // user_pref("dom.disable_window_open_feature.personalbar", true); // bookmarks toolbar // user_pref("dom.disable_window_open_feature.resizable", true); // [DEFAULT: true] // user_pref("dom.disable_window_open_feature.status", true); // [DEFAULT: true] // user_pref("dom.disable_window_open_feature.titlebar", true); // user_pref("dom.disable_window_open_feature.toolbar", true);:small_red_triangle_down: FF74
0203
geo: renamed toprovider.network
// user_pref("geo.wifi.uri", "blah blah"); // user_pref("geo.wifi.logging.enabled", true); // [HIDDEN PREF]1704
: set behaviour on "+ Tab" button to display container menu // user_pref("privacy.userContext.longPressBehavior", 2);2012
limit WebGL // user_pref("webgl.disable-extensions", true);:small_red_triangle_down: FF72
105a
disable Activity Stream telemetry // user_pref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", "");0330
disable [hybrid content] telemetry // user_pref("toolkit.telemetry.hybridContent.enabled", false);2720
enforce IndexedDB (IDB) as enabled // user_pref("dom.indexedDB.enabled", true);:small_red_triangle_down: FF71
2608
disable WebIDE and ADB extension download // user_pref("devtools.webide.enabled", false); // user_pref("devtools.webide.autoinstallADBExtension", false);2731
enforce websites to ask to store data for offline use // user_pref("offline-apps.allow_by_default", false);:small_red_triangle_down: FF69
1405
disable WOFF2 (Web Open Font Format) [FF35+] // user_pref("gfx.downloadable_fonts.woff2.enabled", false);1802
enable click to play // user_pref("plugins.click_to_play", true);2033
disable autoplay for muted videos [FF63+] - replaced by a new value inmedia.autoplay.default
// user_pref("media.autoplay.allow-muted", false);:small_red_triangle_down: FF68
0105b
disable Activity Stream Snippets // user_pref("browser.aboutHomeSnippets.updateUrl", "");0105b
disable Activity Stream Snippets // user_pref("browser.newtabpage.activity-stream.disableSnippets", true);0307
disable auto updating of lightweight themes (LWT) // user_pref("lightweightThemes.update.enabled", false);2682
enable CSP 1.1 experimental hash-source directive // user_pref("security.csp.experimentalEnabled", true);:small_red_triangle_down: FF67
1001
disable disk cache (first run) // user_pref("browser.cache.disk.smart_size.first_run", false);2428
enforce DOMHighResTimeStamp API // user_pref("dom.event.highrestimestamp.enabled", true);2705
disable HTTP sites setting cookies with the "secure" directive // user_pref("network.cookie.leave-secure-alone", true);5000s
disable CFR - replaced by two new prefs: cfr.addons, cfr.features // user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false);:small_red_triangle_down: FF66
0380
disable Browser Error Reporter [FF60+] // user_pref("browser.chrome.errorReporter.enabled", false); // user_pref("browser.chrome.errorReporter.submitUrl", "");0502
disable Mozilla permission to silently opt you into tests // user_pref("network.allow-experiments", false);:small_red_triangle_down: FF65
0850a
disable location bar autocomplete // user_pref("browser.urlbar.autocomplete.enabled", false);0908
remove user & password info when attempting to fix an entered URL // user_pref("browser.fixup.hide_user_pass", true); // [DEFAULT: true]:small_red_triangle_down: FF64
0516
disable Onboarding [FF55+] // user_pref("browser.onboarding.enabled", false);2608
disable WebIDE ADB extension download // user_pref("devtools.webide.autoinstallADBHelper", false); // replaced by*autoinstallADBExtension
// user_pref("devtools.webide.adbAddonURL", ""); // replaced bydevtools.remote.adb.extensionURL
2681
disable CSP violation events [FF59+] // user_pref("security.csp.enable_violation_events", false);:small_red_triangle_down: FF63
0202
: disable GeoIP-based search results // user_pref("browser.search.countryCode", "US"); // (hidden pref)0301a
: disable auto-update checks for Firefox // user_pref("app.update.enabled", false);0402
: enable Kinto blocklist updates (FF50+) // user_pref("services.blocklist.update_enabled", true); // [DEFAULT: true]0503
: disable "Savant" Shield study (FF61+) // user_pref("shield.savant.enabled", false);1031
: disable favicons in tabs and new bookmarks - merged intobrowser.chrome.site_icons
// user_pref("browser.chrome.favicons", false);2030
: disable auto-play of HTML5 media -replaced by media.autoplay.default
// user_pref("media.autoplay.enabled", false);2704
: set cookie lifetime in days (see 2703) // user_pref("network.cookie.lifetime.days", 90);5000's
: enable "Ctrl+Tab cycles through tabs in recently used order" - replaced bybrowser.ctrlTab.recentlyUsedOrder
// user_pref("browser.ctrlTab.previews", true);:small_red_triangle_down: FF62
1803
: disable java plugin // user_pref("plugin.state.java", 0);:small_red_triangle_down: FF61
0402
: enforce Kinto blocklist signing (FF50+) // user_pref("services.blocklist.signing.enforced", true);0501
: disable experiments // user_pref("experiments.enabled", false); // user_pref("experiments.manifest.uri", ""); // user_pref("experiments.supported", false); // user_pref("experiments.activeExperiment", false);2612
: disable remote JAR files being opened, regardless of content type (FF42+) // user_pref("network.jar.block-remote-files", true);2613
: disable JAR from opening Unsafe File Types ***/ // user_pref("network.jar.open-unsafe-types", false);2750
: hide the Privacy>Cookies & Site Data UI // user_pref("browser.storageManager.enabled", false);:small_red_triangle_down: FF60
0360
: disable new tab tile ads & preload & marketing junk // user_pref("browser.newtabpage.directory.source", "data:text/plain,"); // user_pref("browser.newtabpage.enhanced", false); // user_pref("browser.newtabpage.introShown", true);0512
: disable Shield (FF53+) - renamed toapp.normandy.*
(see 0503) // user_pref("extensions.shield-recipe-client.enabled", false); // user_pref("extensions.shield-recipe-client.api_url", "");0514
: disable Activity Stream (FF54+) // user_pref("browser.newtabpage.activity-stream.enabled", false);2301
: disable workers // user_pref("dom.workers.enabled", false);5000's
: open "page/selection source" in a new window // user_pref("view_source.tab", false);:small_red_triangle_down: FF59
0203
: disable using OS locale, force APP locale - replaced byintl.locale.requested
// user_pref("intl.locale.matchOS", false);0204
+4707
: set APP locale - replaced byintl.locale.requested
// user_pref("general.useragent.locale", "en-US");0333b
: disable about:healthreport page // user_pref("datareporting.healthreport.about.reportUrl", "data:,");0511
: disable FlyWeb // user_pref("dom.flyweb.enabled", false);1007
: disable randomized FF HTTP cache decay experiments // user_pref("browser.cache.frecency_experiment", -1);1242
: enable Mixed-Content-Blocker to use HSTS cache / disable HSTS Priming // user_pref("security.mixed_content.use_hsts", true); // user_pref("security.mixed_content.send_hsts_priming", false);1606
: set default Referrer Policy - replaced bynetwork.http.referer.defaultPolicy
+network.http.referer.defaultPolicy.pbmode
// user_pref("network.http.referer.userControlPolicy", 3);1804
: disable plugins using external/untrusted scripts with XPCOM or XPConnect // user_pref("security.xpconnect.plugin.unrestricted", false);2022
: ONE of the "disable screensharing" prefs // user_pref("media.getusermedia.screensharing.allowed_domains", "");2023
: user_pref("camera.control.face_detection.enabled", false);2203
: ONE of the "disable [popup window] scripts" prefs // user_pref("dom.disable_window_status_change", true);2416
: disable idle observation // user_pref("dom.idle-observers-api.enabled", false);:small_red_triangle_down: FF58
0351
: disable sending of crash reports - replaced by*.autoSubmit2
// user_pref("browser.crashReports.unsubmittedCheck.autoSubmit", false); // (FF51-57):small_red_triangle_down: FF57
0374
: disable "social" integration // user_pref("social.share.activationPanelEnabled", false); // user_pref("social.shareDirectory", "");0374
: disable "social" integration Note: these are just left over prefs not cleaned out until 58, they serve no purpose and can be removed with 57 // user_pref("social.whitelist", ""); // user_pref("social.toast-notifications.enabled", false); // user_pref("social.remote-install.enabled", false); // user_pref("social.directories", ""); // user_pref("social.enabled", false); // (hidden pref)1830
: disable DRM's EME WideVineAdapter // user_pref("media.eme.chromium-api.enabled", false); // (FF55+)2611
: disable WebIDE extension downloads (Valence) // user_pref("devtools.webide.autoinstallFxdtAdapters", false); // user_pref("devtools.webide.adaptersAddonURL", "");2612
: disable SimpleServiceDiscovery - casting // user_pref("browser.casting.enabled", false);5022
: hide recently bookmarked items // user_pref("browser.bookmarks.showRecentlyBookmarked", false);:small_red_triangle_down: FF56
0515
: disable Screenshots (Rollout pref only) // user_pref("extensions.screenshots.system-disabled", true)0517
: disable Form Autofill // user_pref("extensions.formautofill.experimental", false); //replaced by extensions.formautofill.available
:small_red_triangle_down: FF55
0209
: disable geolocation on non-secure origins // user_pref("geo.security.allowinsecure", false);0336
: disable "Heartbeat" // user_pref("browser.selfsupport.url", ""); // user_pref("browser.selfsupport.enabled", false); // (hidden pref)0360
: disable new tab tile ads & preload & marketing junk // user_pref("browser.newtabpage.directory.ping", "data:text/plain,");0861
: disable saving form history on secure websites // user_pref("browser.formfill.saveHttpsForms", false);0863
: disable Form Autofill - replaced by system add-on &extensions.formautofill.*
// user_pref("browser.formautofill.enabled", false);2410
: disable User Timing API // user_pref("dom.enable_user_timing", false);2507
: disable keyboard fingerprinting // user_pref("dom.keyboardevent.code.enabled", false);3015
: disable tab animation - replaced bytoolkit.cosmeticAnimations.enabled
// user_pref("browser.tabs.animate", false);3016
: disable fullscreeen animation - replaced bytoolkit.cosmeticAnimations.enabled
// user_pref("browser.fullscreen.animate", false);:small_red_triangle_down: FF54
0415
: disable reporting URLs (safe browsing) // user_pref("browser.safebrowsing.reportMalwareMistakeURL", ""); //replaced by browser.safebrowsing.provider.google4.reportMalwareMistakeURL
// user_pref("browser.safebrowsing.reportPhishMistakeURL", ""); //replaced by browser.safebrowsing.provider.google4.reportPhishMistakeURL
1830
: block websites detecting DRM is disabled // user_pref("media.eme.apiVisible", false);2425
: disable Archive Reader API // user_pref("dom.archivereader.enabled", false);:small_red_triangle_down: FF53
1265
: block rc4 fallback // user_pref("security.tls.unrestricted_rc4_fallback", false);1806
: disable Acrobat, Quicktime, WMP // user_pref("plugin.scan.Acrobat", "99999"); // user_pref("plugin.scan.Quicktime", "99999"); // user_pref("plugin.scan.WindowsMediaPlayer", "99999");2022
: disable screensharing // user_pref("media.getusermedia.screensharing.allow_on_old_platforms", false);2507
: disable keyboard fingerprinting // user_pref("dom.beforeAfterKeyboardEvent.enabled", false);:small_red_triangle_down: FF52
1601
: disable referer from an SSL Website // user_pref("network.http.sendSecureXSiteReferrer", false);1850
: disable Adobe EME "Primetime CDM" (Content Decryption Module) // user_pref("media.gmp-eme-adobe.enabled", false); // user_pref("media.gmp-eme-adobe.visible", false); // user_pref("media.gmp-eme-adobe.autoupdate", false);2405
: disable WebTelephony API // user_pref("dom.telephony.enabled", false);:small_red_triangle_down: FF51
1851
: delay play of videos until they're visible // user_pref("media.block-play-until-visible", true);2504
: disable virtual reality devices // user_pref("dom.vr.oculus050.enabled", false);2614
: disable SPDY // user_pref("network.http.spdy.enabled.v3-1", false);:small_red_triangle_down: FF50
0101
: disable Windows10 intro on startup // user_pref("browser.usedOnWindows10.introURL", "");0308
: disable plugin update notifications // user_pref("plugins.update.notifyUser", false);0410
: disable "Block dangerous and deceptive content" - replaced bybrowser.safebrowsing.phishing.enabled
// user_pref("browser.safebrowsing.enabled", false);1266
: disable rc4 ciphers // user_pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); // user_pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); // user_pref("security.ssl3.rsa_rc4_128_sha", false); // user_pref("security.ssl3.rsa_rc4_128_md5", false);1809
: remove Mozilla's plugin update URL // user_pref("plugins.update.url", "");:small_red_triangle_down: FF49
0372
: disable "Hello" // user_pref("loop.enabled", false); // user_pref("loop.server", ""); // user_pref("loop.feedback.formURL", ""); // user_pref("loop.feedback.manualFormURL", ""); // user_pref("loop.facebook.appId", ""); // user_pref("loop.facebook.enabled", false); // user_pref("loop.facebook.fallbackUrl", ""); // user_pref("loop.facebook.shareUrl", ""); // user_pref("loop.logDomains", false);2202
: disable new window scrollbars being hidden // user_pref("dom.disable_window_open_feature.scrollbars", true);2303
: disable push notification (UDP wake-up) // user_pref("dom.push.udp.wakeupEnabled", false);:small_red_triangle_down: FF48
0806
: disable 'unified complete': 'Search with [default search engine]' // user_pref("browser.urlbar.unifiedcomplete", false);:small_red_triangle_down: FF47
0330b
: set unifiedIsOptIn // user_pref("toolkit.telemetry.unifiedIsOptIn", true); // (hidden pref)0333b
: disable about:healthreport page UNIFIED // user_pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,");0807
: disable history manipulation // user_pref("browser.history.allowPopState", false); // user_pref("browser.history.allowPushState", false); // user_pref("browser.history.allowReplaceState", false);:small_red_triangle_down: FF46
0333a
: disable health report // user_pref("datareporting.healthreport.service.enabled", false); // (hidden pref) // user_pref("datareporting.healthreport.documentServerURI", ""); // (hidden pref)0334b
: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers // user_pref("datareporting.policy.dataSubmissionEnabled.v2", false);0373
: disable "Pocket" - replaced byextensions.pocket.*
// user_pref("browser.pocket.enabled", false); // user_pref("browser.pocket.api", ""); // user_pref("browser.pocket.site", ""); // user_pref("browser.pocket.oAuthConsumerKey", "");0414
: safebrowsing pref - replaced bybrowser.safebrowsing.downloads.remote.url
// user_pref("browser.safebrowsing.appRepURL", ""); // Google application reputation check0420
: disable polaris // user_pref("browser.polaris.enabled", false);:small_red_triangle_down: FF45
1021b
: disable deferred level of storing extra session data 0=all 1=http-only 2=none // user_pref("browser.sessionstore.privacy_level_deferred", 2);:small_red_triangle_down: FF44
0414
: disable safebrowsing's real-time binary checking (google) (FF43+) // user_pref("browser.safebrowsing.provider.google.appRepURL", ""); //replaced by browser.safebrowsing.appRepURL
1200's
: block rc4 whitelist // user_pref("security.tls.insecure_fallback_hosts.use_static_list", false);2301
: disable SharedWorkers // user_pref("dom.workers.sharedWorkers.enabled", false);2403
: disable scripts changing images // user_pref("dom.disable_image_src_set", true);:small_red_triangle_down: FF43
0410's
: disable safebrowsing urls & updates - replaced by various // user_pref("browser.safebrowsing.gethashURL", ""); //replaced by browser.safebrowsing.provider.google.gethashURL
// user_pref("browser.safebrowsing.updateURL", ""); //replaced by browser.safebrowsing.provider.google.updateURL
// user_pref("browser.safebrowsing.malware.reportURL", ""); //replaced by browser.safebrowsing.provider.google.reportURL
0420's
: disable tracking protection - replaced by various // user_pref("browser.trackingprotection.gethashURL", ""); //replaced by browser.safebrowsing.provider.mozilla.gethashURL
// user_pref("browser.trackingprotection.updateURL", ""); //replaced by browser.safebrowsing.provider.mozilla.updateURL
1803
: remove plugin finder service // user_pref("pfs.datasource.url", "");3003
: disable new search panel UI // user_pref("browser.search.showOneOffButtons", false);:small_red_triangle_down: FF42 and older
2803
: (42+) clear passwords on shutdown // user_pref("privacy.clearOnShutdown.passwords", false);3001a
: (42+) disable warning when a domain requests full screen // user_pref("full-screen-api.approval-required", false);0415
: (41+) disable reporting URLs (safe browsing) - removed or replaced by various // user_pref("browser.safebrowsing.reportErrorURL", ""); //replaced by browser.safebrowsing.reportPhishMistakeURL
// user_pref("browser.safebrowsing.reportGenericURL", ""); //removed
// user_pref("browser.safebrowsing.reportMalwareErrorURL", ""); //replaced by browser.safebrowsing.reportMalwareMistakeURL
// user_pref("browser.safebrowsing.reportMalwareURL", ""); //removed
// user_pref("browser.safebrowsing.reportURL", ""); //removed
1804
: (41+) disable plugin enumeration // user_pref("plugins.enumerable_names", "");2614
: (41+) disable HTTP2 (draft) // user_pref("network.http.spdy.enabled.http2draft", false);2023
: (37+) disable camera autofocus callback // user_pref("camera.control.autofocus_moving_callback.enabled", false);1610
: (36+) set DNT "value" to "not be tracked" (FF21+) // user_pref("privacy.donottrackheader.value", 1);2620
: (35+) disable WebSockets // user_pref("network.websocket.enabled", false);2503
: (31+) disable network API - replaced bydom.netinfo.enabled
// user_pref("dom.network.enabled", false);2607
: (25+) disable page thumbnails - replaced bybrowser.pagethumbnails.capturing_disabled
// user_pref("pageThumbs.enabled", false);:small_red_triangle_down: FYI: items never used in this user.js
...
archived section 9999
FF93-102: click me for details
```js /* ESR91.x still uses all the following prefs // [NOTE] replace the * with a slash in the line above to re-enable them // FF93 // 7003: disable non-modern cipher suites // [-] https://bugzilla.mozilla.org/1724072 // user_pref("security.ssl3.rsa_des_ede3_sha", false); // 3DES // FF94 // 1402: limit font visibility (Windows, Mac, some Linux) [FF79+] - replaced by new 1402 // [-] https://bugzilla.mozilla.org/1715507 // user_pref("layout.css.font-visibility.level", 1); // FF95 // 0807: disable location bar contextual suggestions [FF92+] - replaced by new 0807 // [-] https://bugzilla.mozilla.org/1735976 user_pref("browser.urlbar.suggest.quicksuggest", false); // FF96 // 0302: disable auto-INSTALLING Firefox updates via a background service + hide the setting [FF90+] [WINDOWS] // [SETTING] General>Firefox Updates>Automatically install updates>When Firefox is not running // [1] https://support.mozilla.org/kb/enable-background-updates-firefox-windows // [-] https://bugzilla.mozilla.org/1738983 user_pref("app.update.background.scheduling.enabled", false); // FF97 // 7006: onions - replaced by new 7006 "allowlist" // [-] https://bugzilla.mozilla.org/1744006 // user_pref("dom.securecontext.whitelist_onions", true); // 1382359 // FF99 // 6003: enforce CSP (Content Security Policy) // [1] https://developer.mozilla.org/docs/Web/HTTP/CSP // [-] https://bugzilla.mozilla.org/1754301 user_pref("security.csp.enable", true); // [DEFAULT: true] // FF100 // 7009: disable HTTP2 - replaced by network.http.http2* prefs // [WHY] Passive fingerprinting. ~50% of sites use HTTP2 [1] // [1] https://w3techs.com/technologies/details/ce-http2/all/all // [-] https://bugzilla.mozilla.org/1752621 // user_pref("network.http.spdy.enabled", false); // user_pref("network.http.spdy.enabled.deps", false); // user_pref("network.http.spdy.enabled.http2", false); // user_pref("network.http.spdy.websockets", false); // [FF65+] // FF102 // 0901: set when Firefox should prompt for the primary password // 0=once per session (default), 1=every time it's needed, 2=after n minutes (0902) // [-] https://bugzilla.mozilla.org/1767099 user_pref("security.ask_for_password", 2); // 0902: set how long in minutes Firefox should remember the primary password (0901) // [-] https://bugzilla.mozilla.org/1767099 user_pref("security.password_lifetime", 5); // [DEFAULT: 30] // 6007: enforce Local Storage Next Generation (LSNG) [FF65+] // [-] https://bugzilla.mozilla.org/1764696 user_pref("dom.storage.next_gen", true); // [DEFAULT: true FF92+] // ***/ ```
FF79-92: click me for details
```js /* ESR78.x still uses all the following prefs // [NOTE] replace the * with a slash in the line above to re-enable them // FF79 // 0212: enforce fallback text encoding to match en-US // When the content or server doesn't declare a charset the browser will // fallback to the "Current locale" based on your application language // [TEST] https://hsivonen.com/test/moz/check-charset.htm // [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/20025 // [-] https://bugzilla.mozilla.org/1603712 user_pref("intl.charset.fallback.override", "windows-1252"); // FF82 // 0206: disable geographically specific results/search engines e.g. "browser.search.*.US" // i.e. ignore all of Mozilla's various search engines in multiple locales // [-] https://bugzilla.mozilla.org/1619926 user_pref("browser.search.geoSpecificDefaults", false); user_pref("browser.search.geoSpecificDefaults.url", ""); // FF86 // 1205: disable SSL Error Reporting // [1] https://firefox-source-docs.mozilla.org/main/65.0/browser/base/sslerrorreport/preferences.html // [-] https://bugzilla.mozilla.org/1681839 user_pref("security.ssl.errorReporting.automatic", false); user_pref("security.ssl.errorReporting.enabled", false); user_pref("security.ssl.errorReporting.url", ""); // 2653: disable hiding mime types (Options>General>Applications) not associated with a plugin // [-] https://bugzilla.mozilla.org/1581678 user_pref("browser.download.hide_plugins_without_extensions", false); // FF87 // 0105d: disable Activity Stream recent Highlights in the Library [FF57+] // [-] https://bugzilla.mozilla.org/1689405 // user_pref("browser.library.activity-stream.enabled", false); // 8016: disable PointerEvents // [1] https://developer.mozilla.org/docs/Web/API/PointerEvent // [-] https://bugzilla.mozilla.org/1688105 // user_pref("dom.w3c_pointer_events.enabled", false); // FF89 // 0309: disable sending Flash crash reports // [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed] user_pref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); // 0310: disable sending the URL of the website where a plugin crashed // [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed] user_pref("dom.ipc.plugins.reportCrashURL", false); // 1243: block unencrypted requests from Flash on encrypted pages to mitigate MitM attacks [FF59+] // [1] https://bugzilla.mozilla.org/1190623 // [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed] user_pref("security.mixed_content.block_object_subrequest", true); // 1803: disable Flash plugin // 0=deactivated, 1=ask, 2=enabled // ESR52.x is the last branch to fully support NPAPI, FF52+ stable only supports Flash // [NOTE] You can still override individual sites via site permissions // [-] https://bugzilla.mozilla.org/1682030 [underlying NPAPI code removed] user_pref("plugin.state.flash", 0); // [DEFAULT: 1] // FF90 // 0708: disable FTP [FF60+] // [-] https://bugzilla.mozilla.org/1574475 // user_pref("network.ftp.enabled", false); // [DEFAULT: false FF88+] // 7001: enforce no offline cache storage (appCache) [FF71+] // [-] https://bugzilla.mozilla.org/1694662 user_pref("browser.cache.offline.storage.enable", false); // [DEFAULT: false FF84+] // ***/ ```
FF69-78: click me for details
```js /* ESR68.x still uses all the following prefs // [NOTE] replace the * with a slash in the line above to re-enable them // FF69 // 1405: disable WOFF2 (Web Open Font Format) [FF35+] // [-] https://bugzilla.mozilla.org/1556991 // user_pref("gfx.downloadable_fonts.woff2.enabled", false); // 1802: enforce click-to-play for plugins // [-] https://bugzilla.mozilla.org/1519434 user_pref("plugins.click_to_play", true); // [DEFAULT: true FF25+] // 2033: disable autoplay for muted videos [FF63+] - replaced by 'media.autoplay.default' options (2030) // [-] https://bugzilla.mozilla.org/1562331 // user_pref("media.autoplay.allow-muted", false); // * * * / // FF71 // 2608: disable WebIDE and ADB extension download // [1] https://trac.torproject.org/projects/tor/ticket/16222 // [-] https://bugzilla.mozilla.org/1539462 user_pref("devtools.webide.enabled", false); // [DEFAULT: false FF70+] user_pref("devtools.webide.autoinstallADBExtension", false); // [FF64+] // 2731: enforce websites to ask to store data for offline use // [1] https://support.mozilla.org/questions/1098540 // [2] https://bugzilla.mozilla.org/959985 // [-] https://bugzilla.mozilla.org/1574480 user_pref("offline-apps.allow_by_default", false); // * * * / // FF72 // 0105a: disable Activity Stream telemetry // [-] https://bugzilla.mozilla.org/1597697 user_pref("browser.newtabpage.activity-stream.telemetry.ping.endpoint", ""); // 0330: disable Hybdrid Content telemetry // [-] https://bugzilla.mozilla.org/1520491 user_pref("toolkit.telemetry.hybridContent.enabled", false); // [FF59+] // 2720: enforce IndexedDB (IDB) as enabled // IDB is required for extensions and Firefox internals (even before FF63 in [1]) // To control *website* IDB data, control allowing cookies and service workers, or use // Temporary Containers. To mitigate *website* IDB, FPI helps (4001), and/or sanitize // on close (Offline Website Data, see 2800) or on-demand (Ctrl-Shift-Del), or automatically // via an extension. Note that IDB currently cannot be sanitized by host. // [1] https://blog.mozilla.org/addons/2018/08/03/new-backend-for-storage-local-api/ // [-] https://bugzilla.mozilla.org/1488583 user_pref("dom.indexedDB.enabled", true); // [DEFAULT: true] // * * * / // FF74 // 0203: use Mozilla geolocation service instead of Google when geolocation is enabled // Optionally enable logging to the console (defaults to false) // [-] https://bugzilla.mozilla.org/1613627 user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); // user_pref("geo.wifi.logging.enabled", true); // [HIDDEN PREF] // 1704: set behaviour on "+ Tab" button to display container menu [FF53+] [SETUP-CHROME] // 0=no menu (default), 1=show when clicked, 2=show on long press // [1] https://bugzilla.mozilla.org/1328756 // [-] https://bugzilla.mozilla.org/1606265 user_pref("privacy.userContext.longPressBehavior", 2); // 2012: limit WebGL // [-] https://bugzilla.mozilla.org/1477756 user_pref("webgl.disable-extensions", true); // * * * / // FF76 // 0401: sanitize blocklist url // [2] https://trac.torproject.org/projects/tor/ticket/16931 // [-] https://bugzilla.mozilla.org/1618188 user_pref("extensions.blocklist.url", "https://blocklists.settings.services.mozilla.com/v1/blocklist/3/%APP_ID%/%APP_VERSION%/"); // 2201: prevent websites from disabling new window features // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1507375,1660524 user_pref("dom.disable_window_open_feature.close", true); user_pref("dom.disable_window_open_feature.location", true); // [DEFAULT: true] user_pref("dom.disable_window_open_feature.menubar", true); user_pref("dom.disable_window_open_feature.minimizable", true); user_pref("dom.disable_window_open_feature.personalbar", true); // bookmarks toolbar user_pref("dom.disable_window_open_feature.resizable", true); // [DEFAULT: true] user_pref("dom.disable_window_open_feature.status", true); // [DEFAULT: true] user_pref("dom.disable_window_open_feature.titlebar", true); user_pref("dom.disable_window_open_feature.toolbar", true); // * * * / // FF77 // 0850e: disable location bar one-off searches [FF51+] // [-] https://bugzilla.mozilla.org/1628926 // user_pref("browser.urlbar.oneOffSearches", false); // 2605: block web content in file processes [FF55+] // [SETUP-WEB] You may want to disable this for corporate or developer environments // [1] https://bugzilla.mozilla.org/1343184 // [-] https://bugzilla.mozilla.org/1603007 user_pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", false); // * * * / // FF78 // 2031: disable autoplay of HTML5 media if you interacted with the site [FF66+] - replaced by 'media.autoplay.blocking_policy' // [-] https://bugzilla.mozilla.org/1509933 user_pref("media.autoplay.enabled.user-gestures-needed", false); // 5000's: disable chrome animations - replaced FF77+ by 'ui.prefersReducedMotion' (4520) // [-] https://bugzilla.mozilla.org/1640501 // user_pref("toolkit.cosmeticAnimations.enabled", false); // [FF55+] // * * * / // ***/ ```
FF61-68: click me for details
```js /* ESR60.x still uses all the following prefs // [NOTE] replace the * with a slash in the line above to re-enable them // FF61 // 0501: disable experiments // [1] https://wiki.mozilla.org/Telemetry/Experiments // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1420908,1450801 user_pref("experiments.enabled", false); user_pref("experiments.manifest.uri", ""); user_pref("experiments.supported", false); user_pref("experiments.activeExperiment", false); // 2612: disable remote JAR files being opened, regardless of content type [FF42+] // [1] https://bugzilla.mozilla.org/1173171 // [2] https://www.fxsitecompat.com/en-CA/docs/2015/jar-protocol-support-has-been-disabled-by-default/ // [-] https://bugzilla.mozilla.org/1427726 user_pref("network.jar.block-remote-files", true); // 2613: disable JAR from opening Unsafe File Types // [-] https://bugzilla.mozilla.org/1427726 user_pref("network.jar.open-unsafe-types", false); // * * * / // FF62 // 1803: disable Java plugin // [-] (part5) https://bugzilla.mozilla.org/1461243 user_pref("plugin.state.java", 0); // * * * / // FF63 // 0205: disable GeoIP-based search results // [NOTE] May not be hidden if Firefox has changed your settings due to your locale // [-] https://bugzilla.mozilla.org/1462015 user_pref("browser.search.countryCode", "US"); // [HIDDEN PREF] // 0301a: disable auto-update checks for Firefox // [SETTING] General>Firefox Updates>Never check for updates // [-] https://bugzilla.mozilla.org/1420514 // user_pref("app.update.enabled", false); // 0503: disable "Savant" Shield study [FF61+] // [-] https://bugzilla.mozilla.org/1457226 user_pref("shield.savant.enabled", false); // 1031: disable favicons in tabs and new bookmarks - merged into browser.chrome.site_icons // [-] https://bugzilla.mozilla.org/1453751 // user_pref("browser.chrome.favicons", false); // 2030: disable autoplay of HTML5 media - replaced by media.autoplay.default // This may break video playback on various sites // [-] https://bugzilla.mozilla.org/1470082 user_pref("media.autoplay.enabled", false); // 2704: set cookie lifetime in days (see 2703) // [-] https://bugzilla.mozilla.org/1457170 // user_pref("network.cookie.lifetime.days", 90); // [DEFAULT: 90] // 5000's: enable "Ctrl+Tab cycles through tabs in recently used order" - replaced by browser.ctrlTab.recentlyUsedOrder // [-] https://bugzilla.mozilla.org/1473595 // user_pref("browser.ctrlTab.previews", true); // * * * / // FF64 // 0516: disable Onboarding [FF55+] // Onboarding is an interactive tour/setup for new installs/profiles and features. Every time // about:home or about:newtab is opened, the onboarding overlay is injected into that page // [NOTE] Onboarding uses Google Analytics [2], and leaks resource://URIs [3] // [1] https://wiki.mozilla.org/Firefox/Onboarding // [2] https://github.com/mozilla/onboard/commit/db4d6c8726c89a5d6a241c1b1065827b525c5baf // [3] https://bugzilla.mozilla.org/863246#c154 // [-] https://bugzilla.mozilla.org/1462415 user_pref("browser.onboarding.enabled", false); // 2608: disable WebIDE ADB extension downloads - both renamed // [1] https://trac.torproject.org/projects/tor/ticket/16222 // [-] https://bugzilla.mozilla.org/1491315 user_pref("devtools.webide.autoinstallADBHelper", false); user_pref("devtools.webide.adbAddonURL", ""); // 2681: disable CSP violation events [FF59+] // [1] https://developer.mozilla.org/docs/Web/API/SecurityPolicyViolationEvent // [-] https://bugzilla.mozilla.org/1488165 user_pref("security.csp.enable_violation_events", false); // * * * / // FF65 // 0850a: disable location bar autocomplete and suggestion types // If you enforce any of the suggestion types (see the other 0850a), you MUST enforce 'autocomplete' // - If *ALL* of the suggestion types are false, 'autocomplete' must also be false // - If *ANY* of the suggestion types are true, 'autocomplete' must also be true // [-] https://bugzilla.mozilla.org/1502392 user_pref("browser.urlbar.autocomplete.enabled", false); // 0908: remove user & password info when attempting to fix an entered URL (i.e. 0802 is true) // e.g. //user:password@foo -> //user@(prefix)foo(suffix) NOT //user:password@(prefix)foo(suffix) // [-] https://bugzilla.mozilla.org/1510580 user_pref("browser.fixup.hide_user_pass", true); // [DEFAULT: true] // * * * / // FF66 // 0380: disable Browser Error Reporter [FF60+] // [1] https://support.mozilla.org/en-US/kb/firefox-nightly-error-collection // [2] https://firefox-source-docs.mozilla.org/browser/browser/BrowserErrorReporter.html // [-] https://bugzilla.mozilla.org/1509888 user_pref("browser.chrome.errorReporter.enabled", false); user_pref("browser.chrome.errorReporter.submitUrl", ""); // 0502: disable Mozilla permission to silently opt you into tests // [-] https://bugzilla.mozilla.org/1415625 user_pref("network.allow-experiments", false); // * * * / // FF67 // 2428: enforce DOMHighResTimeStamp API // [WARNING] Required for normalization of timestamps and any timer resolution mitigations // [-] https://bugzilla.mozilla.org/1485264 user_pref("dom.event.highrestimestamp.enabled", true); // [DEFAULT: true] // 5000's: disable CFR [FF64+] - split into two new prefs: *cfr.addons, *cfr.features // [SETTING] General>Browsing>Recommend extensions as you browse // [1] https://support.mozilla.org/en-US/kb/extension-recommendations // [-] https://bugzilla.mozilla.org/1528953 // user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr", false); // * * * / // FF68 // 0105b: disable Activity Stream Legacy Snippets // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1546190,1540939 user_pref("browser.newtabpage.activity-stream.disableSnippets", true); user_pref("browser.aboutHomeSnippets.updateUrl", ""); // 0307: disable auto updating of lightweight themes (LWT) // Not to be confused with themes in 0301* + 0302*, which use the FF55+ Theme API // Mozilla plan to convert existing LWTs and remove LWT support in the future, see [1] // [1] https://blog.mozilla.org/addons/2018/09/20/future-themes-here/ // [-] (part3b) https://bugzilla.mozilla.org/1525762 user_pref("lightweightThemes.update.enabled", false); // 2682: enable CSP 1.1 experimental hash-source directive [FF29+] // [1] https://bugzilla.mozilla.org/buglist.cgi?bug_id=855326,883975 // [-] https://bugzilla.mozilla.org/1386214 user_pref("security.csp.experimentalEnabled", true); // * * * / // ***/ ```
FF60 and lower: click me for details
```js /* FF42 and older // 2604: (25+) disable page thumbnails - replaced by browser.pagethumbnails.capturing_disabled // [-] https://bugzilla.mozilla.org/897811 user_pref("pageThumbs.enabled", false); // 2503: (31+) disable network API - replaced by dom.netinfo.enabled // [-] https://bugzilla.mozilla.org/960426 user_pref("dom.network.enabled", false); // 2600's: (35+) disable WebSockets // [-] https://bugzilla.mozilla.org/1091016 user_pref("network.websocket.enabled", false); // 1610: (36+) set DNT "value" to "not be tracked" [FF21+] // [1] http://kb.mozillazine.org/Privacy.donottrackheader.value // [-] https://bugzilla.mozilla.org/1042135#c101 // user_pref("privacy.donottrackheader.value", 1); // 2023: (37+) disable camera autofocus callback // The API will be superseded by the WebRTC Capture and Stream API // [1] https://developer.mozilla.org/docs/Archive/B2G_OS/API/CameraControl // [-] https://bugzilla.mozilla.org/1107683 user_pref("camera.control.autofocus_moving_callback.enabled", false); // 0415: (41+) disable reporting URLs (safe browsing) - removed or replaced by various // [-] https://bugzilla.mozilla.org/1109475 user_pref("browser.safebrowsing.reportErrorURL", ""); // browser.safebrowsing.reportPhishMistakeURL user_pref("browser.safebrowsing.reportGenericURL", ""); // removed user_pref("browser.safebrowsing.reportMalwareErrorURL", ""); // browser.safebrowsing.reportMalwareMistakeURL user_pref("browser.safebrowsing.reportMalwareURL", ""); // removed user_pref("browser.safebrowsing.reportURL", ""); // removed // 0702: (41+) disable HTTP2 (draft) // [-] https://bugzilla.mozilla.org/1132357 user_pref("network.http.spdy.enabled.http2draft", false); // 1804: (41+) disable plugin enumeration // [-] https://bugzilla.mozilla.org/1169945 user_pref("plugins.enumerable_names", ""); // 2803: (42+) clear passwords on shutdown // [-] https://bugzilla.mozilla.org/1102184 // user_pref("privacy.clearOnShutdown.passwords", false); // 5002: (42+) disable warning when a domain requests full screen // replaced by setting full-screen-api.warning.timeout to zero // [-] https://bugzilla.mozilla.org/1160017 // user_pref("full-screen-api.approval-required", false); // ***/ /* FF43 // 0410's: disable safebrowsing urls & updates - replaced by various // [-] https://bugzilla.mozilla.org/1107372 // user_pref("browser.safebrowsing.gethashURL", ""); // browser.safebrowsing.provider.google.gethashURL // user_pref("browser.safebrowsing.updateURL", ""); // browser.safebrowsing.provider.google.updateURL user_pref("browser.safebrowsing.malware.reportURL", ""); // browser.safebrowsing.provider.google.reportURL // 0420's: disable tracking protection - replaced by various // [-] https://bugzilla.mozilla.org/1107372 // user_pref("browser.trackingprotection.gethashURL", ""); // browser.safebrowsing.provider.mozilla.gethashURL // user_pref("browser.trackingprotection.updateURL", ""); // browser.safebrowsing.provider.mozilla.updateURL // 1803: remove plugin finder service // [1] http://kb.mozillazine.org/Pfs.datasource.url // [-] https://bugzilla.mozilla.org/1202193 user_pref("pfs.datasource.url", ""); // 5003: disable new search panel UI // [-] https://bugzilla.mozilla.org/1119250 // user_pref("browser.search.showOneOffButtons", false); // ***/ /* FF44 // 0414: disable safebrowsing's real-time binary checking (google) [FF43+] // [-] https://bugzilla.mozilla.org/1237103 user_pref("browser.safebrowsing.provider.google.appRepURL", ""); // browser.safebrowsing.appRepURL // 1200's: block rc4 whitelist // [-] https://bugzilla.mozilla.org/1215796 user_pref("security.tls.insecure_fallback_hosts.use_static_list", false); // 2300's: disable SharedWorkers // [1] https://trac.torproject.org/projects/tor/ticket/15562 // [-] https://bugzilla.mozilla.org/1207635 user_pref("dom.workers.sharedWorkers.enabled", false); // 2403: disable scripts changing images // [TEST] https://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_img_src2 // [-] https://bugzilla.mozilla.org/773429 // user_pref("dom.disable_image_src_set", true); // ***/ /* FF45 // 1021b: disable deferred level of storing extra session data 0=all 1=http-only 2=none // extra session data contains contents of forms, scrollbar positions, cookies and POST data // [-] https://bugzilla.mozilla.org/1235379 user_pref("browser.sessionstore.privacy_level_deferred", 2); // ***/ /* FF46 // 0340: disable health report // [-] https://bugzilla.mozilla.org/1234526 user_pref("datareporting.healthreport.service.enabled", false); // [HIDDEN PREF] user_pref("datareporting.healthreport.documentServerURI", ""); // [HIDDEN PREF] // 0341: disable FHR (Firefox Health Report) v2 data being sent to Mozilla servers // [-] https://bugzilla.mozilla.org/1234522 user_pref("datareporting.policy.dataSubmissionEnabled.v2", false); // 0414: disable safebrowsing pref - replaced by browser.safebrowsing.downloads.remote.url // [-] https://bugzilla.mozilla.org/1239587 user_pref("browser.safebrowsing.appRepURL", ""); // Google application reputation check // 0420: disable polaris (part of Tracking Protection, never used in stable) // [-] https://bugzilla.mozilla.org/1235565 // user_pref("browser.polaris.enabled", false); // 0510: disable "Pocket" [FF39+] - replaced by extensions.pocket.* // [-] https://bugzilla.mozilla.org/1215694 user_pref("browser.pocket.enabled", false); user_pref("browser.pocket.api", ""); user_pref("browser.pocket.site", ""); user_pref("browser.pocket.oAuthConsumerKey", ""); // ***/ /* FF47 // 0330b: set unifiedIsOptIn to make sure telemetry respects OptIn choice and that telemetry // is enabled ONLY for people that opted into it, even if unified Telemetry is enabled // [-] https://bugzilla.mozilla.org/1236580 user_pref("toolkit.telemetry.unifiedIsOptIn", true); // [HIDDEN PREF] // 0340b: disable about:healthreport page UNIFIED // [-] https://bugzilla.mozilla.org/1236580 user_pref("datareporting.healthreport.about.reportUrlUnified", "data:text/plain,"); // 0807: disable history manipulation // [1] https://developer.mozilla.org/docs/Web/API/History_API // [-] https://bugzilla.mozilla.org/1249542 user_pref("browser.history.allowPopState", false); user_pref("browser.history.allowPushState", false); user_pref("browser.history.allowReplaceState", false); // ***/ /* FF48 // 0806: disable 'unified complete': 'Search with [default search engine]' // [-] http://techdows.com/2016/05/firefox-unified-complete-aboutconfig-preference-removed.html // [-] https://bugzilla.mozilla.org/1181078 user_pref("browser.urlbar.unifiedcomplete", false); // ***/ /* FF49 // 0372: disable "Hello" // [1] https://www.mozilla.org/privacy/archive/hello/2016-03/ // [2] https://security.stackexchange.com/questions/94284/how-secure-is-firefox-hello // [-] https://bugzilla.mozilla.org/1287827 user_pref("loop.enabled", false); user_pref("loop.server", ""); user_pref("loop.feedback.formURL", ""); user_pref("loop.feedback.manualFormURL", ""); user_pref("loop.facebook.appId", ""); user_pref("loop.facebook.enabled", false); user_pref("loop.facebook.fallbackUrl", ""); user_pref("loop.facebook.shareUrl", ""); user_pref("loop.logDomains", false); // 2201: disable new window scrollbars being hidden // [-] https://bugzilla.mozilla.org/1257887 user_pref("dom.disable_window_open_feature.scrollbars", true); // 2303: disable push notification (UDP wake-up) // [-] https://bugzilla.mozilla.org/1265914 user_pref("dom.push.udp.wakeupEnabled", false); // ***/ /* FF50 // 0101: disable Windows10 intro on startup [WINDOWS] // [-] https://bugzilla.mozilla.org/1274633 user_pref("browser.usedOnWindows10.introURL", ""); // 0308: disable plugin update notifications // [-] https://bugzilla.mozilla.org/1277905 user_pref("plugins.update.notifyUser", false); // 0410: disable "Block dangerous and deceptive content" - replaced by browser.safebrowsing.phishing.enabled // [-] https://bugzilla.mozilla.org/1025965 // user_pref("browser.safebrowsing.enabled", false); // 1266: disable rc4 ciphers // [1] https://trac.torproject.org/projects/tor/ticket/17369 // [-] https://bugzilla.mozilla.org/1268728 // [-] https://www.fxsitecompat.com/en-CA/docs/2016/rc4-support-has-been-completely-removed/ user_pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); user_pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); user_pref("security.ssl3.rsa_rc4_128_md5", false); user_pref("security.ssl3.rsa_rc4_128_sha", false); // 1809: remove Mozilla's plugin update URL // [-] https://bugzilla.mozilla.org/1277905 user_pref("plugins.update.url", ""); // ***/ /* FF51 // 0702: disable SPDY // [-] https://bugzilla.mozilla.org/1248197 user_pref("network.http.spdy.enabled.v3-1", false); // 1851: delay play of videos until they're visible // [1] https://bugzilla.mozilla.org/1180563 // [-] https://bugzilla.mozilla.org/1262053 user_pref("media.block-play-until-visible", true); // 2504: disable virtual reality devices // [-] https://bugzilla.mozilla.org/1250244 user_pref("dom.vr.oculus050.enabled", false); // ***/ /* FF52 // 1601: disable referer from an SSL Website // [-] https://bugzilla.mozilla.org/1308725 user_pref("network.http.sendSecureXSiteReferrer", false); // 1850: disable Adobe EME "Primetime CDM" (Content Decryption Module) // [1] https://trac.torproject.org/projects/tor/ticket/16285 // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1329538,1337121 // FF52 // [-] https://bugzilla.mozilla.org/1329543 // FF53 user_pref("media.gmp-eme-adobe.enabled", false); user_pref("media.gmp-eme-adobe.visible", false); user_pref("media.gmp-eme-adobe.autoupdate", false); // 2405: disable WebTelephony API // [1] https://wiki.mozilla.org/WebAPI/Security/WebTelephony // [-] https://bugzilla.mozilla.org/1309719 user_pref("dom.telephony.enabled", false); // ***/ /* FF53 // 1265: block rc4 fallback // [-] https://bugzilla.mozilla.org/1130670 user_pref("security.tls.unrestricted_rc4_fallback", false); // 1806: disable Acrobat, Quicktime, WMP (the string = min version number allowed) // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1317108,1317109,1317110 user_pref("plugin.scan.Acrobat", "99999"); user_pref("plugin.scan.Quicktime", "99999"); user_pref("plugin.scan.WindowsMediaPlayer", "99999"); // 2022: disable screensharing // [-] https://bugzilla.mozilla.org/1329562 user_pref("media.getusermedia.screensharing.allow_on_old_platforms", false); // 2507: disable keyboard fingerprinting // [-] https://bugzilla.mozilla.org/1322736 user_pref("dom.beforeAfterKeyboardEvent.enabled", false); // ***/ /* FF54 // 0415: disable reporting URLs (safe browsing) // [-] https://bugzilla.mozilla.org/1288633 user_pref("browser.safebrowsing.reportMalwareMistakeURL", ""); user_pref("browser.safebrowsing.reportPhishMistakeURL", ""); // 1830: block websites detecting DRM is disabled // [-] https://bugzilla.mozilla.org/1242321 user_pref("media.eme.apiVisible", false); // 2425: disable Archive Reader API // i.e. reading archive contents directly in the browser, through DOM file objects // [-] https://bugzilla.mozilla.org/1342361 user_pref("dom.archivereader.enabled", false); // ***/ /* FF55 // 0209: disable geolocation on non-secure origins [FF54+] // [1] https://bugzilla.mozilla.org/1269531 // [-] https://bugzilla.mozilla.org/1072859 user_pref("geo.security.allowinsecure", false); // 0336: disable "Heartbeat" (Mozilla user rating telemetry) [FF37+] // [1] https://trac.torproject.org/projects/tor/ticket/18738 // [-] https://bugzilla.mozilla.org/1361578 user_pref("browser.selfsupport.enabled", false); // [HIDDEN PREF] user_pref("browser.selfsupport.url", ""); // 0360: disable new tab "pings" // [-] https://bugzilla.mozilla.org/1241390 user_pref("browser.newtabpage.directory.ping", "data:text/plain,"); // 0861: disable saving form history on secure websites // [-] https://bugzilla.mozilla.org/1361220 user_pref("browser.formfill.saveHttpsForms", false); // 0863: disable Form Autofill [FF54+] - replaced by extensions.formautofill.* // [-] https://bugzilla.mozilla.org/1364334 user_pref("browser.formautofill.enabled", false); // 2410: disable User Timing API // [1] https://trac.torproject.org/projects/tor/ticket/16336 // [-] https://bugzilla.mozilla.org/1344669 user_pref("dom.enable_user_timing", false); // 2507: disable keyboard fingerprinting (physical keyboards) [FF38+] // The Keyboard API allows tracking the "read parameter" of pressed keys in forms on // web pages. These parameters vary between types of keyboard layouts such as QWERTY, // AZERTY, Dvorak, and between various languages, e.g. German vs English. // [WARNING] Don't use if Android + physical keyboard // [1] https://developer.mozilla.org/docs/Web/API/KeyboardEvent/code // [2] https://www.privacy-handbuch.de/handbuch_21v.htm // [-] https://bugzilla.mozilla.org/1352949 user_pref("dom.keyboardevent.code.enabled", false); // 5015: disable tab animation - replaced by toolkit.cosmeticAnimations.enabled // [-] https://bugzilla.mozilla.org/1352069 user_pref("browser.tabs.animate", false); // 5016: disable fullscreeen animation - replaced by toolkit.cosmeticAnimations.enabled // [-] https://bugzilla.mozilla.org/1352069 user_pref("browser.fullscreen.animate", false); // ***/ /* FF56 // 0515: disable Screenshots (rollout pref only) [FF54+] // [-] https://bugzilla.mozilla.org/1386333 // user_pref("extensions.screenshots.system-disabled", true); // 0517: disable Form Autofill [FF55+] - replaced by extensions.formautofill.available // [-] https://bugzilla.mozilla.org/1385201 user_pref("extensions.formautofill.experimental", false); // ***/ /* FF57 // 0374: disable "social" integration // [1] https://developer.mozilla.org/docs/Mozilla/Projects/Social_API // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388902,1406193 (some leftovers were removed in FF58) user_pref("social.whitelist", ""); user_pref("social.toast-notifications.enabled", false); user_pref("social.shareDirectory", ""); user_pref("social.remote-install.enabled", false); user_pref("social.directories", ""); user_pref("social.share.activationPanelEnabled", false); user_pref("social.enabled", false); // [HIDDEN PREF] // 1830: disable DRM's EME WideVineAdapter [FF55+] // [-] https://bugzilla.mozilla.org/1395468 user_pref("media.eme.chromium-api.enabled", false); // 2608: disable WebIDE extension downloads (Valence) // [1] https://trac.torproject.org/projects/tor/ticket/16222 // [-] https://bugzilla.mozilla.org/1393497 user_pref("devtools.webide.autoinstallFxdtAdapters", false); user_pref("devtools.webide.adaptersAddonURL", ""); // 2600's: disable SimpleServiceDiscovery - which can bypass proxy settings - e.g. Roku // [1] https://trac.torproject.org/projects/tor/ticket/16222 // [-] https://bugzilla.mozilla.org/1393582 user_pref("browser.casting.enabled", false); // 5022: hide recently bookmarked items (you still have the original bookmarks) [FF49+] // [-] https://bugzilla.mozilla.org/1401238 user_pref("browser.bookmarks.showRecentlyBookmarked", false); // ***/ /* FF58 // 0351: disable sending of crash reports [FF51+] - replaced by *.autoSubmit2 // [-] https://bugzilla.mozilla.org/1424373 user_pref("browser.crashReports.unsubmittedCheck.autoSubmit", false); // ***/ /* FF59 // 0203: disable using OS locale, force APP locale - replaced by intl.locale.requested // [-] https://bugzilla.mozilla.org/1414390 user_pref("intl.locale.matchOS", false); // 0204: set APP locale - replaced by intl.locale.requested // [-] https://bugzilla.mozilla.org/1414390 user_pref("general.useragent.locale", "en-US"); // 0340b: disable about:healthreport page (which connects to Mozilla for locale/css+js+json) // If you have disabled health reports, then this about page is useless - disable it // If you want to see what health data is present, then this must be set at default // [-] https://bugzilla.mozilla.org/1352497 user_pref("datareporting.healthreport.about.reportUrl", "data:,"); // 0511: disable FlyWeb [FF49+] // Flyweb is a set of APIs for advertising and discovering local-area web servers // [1] https://flyweb.github.io/ // [2] https://wiki.mozilla.org/FlyWeb/Security_scenarios // [-] https://bugzilla.mozilla.org/1374574 user_pref("dom.flyweb.enabled", false); // 1007: disable randomized FF HTTP cache decay experiments // [1] https://trac.torproject.org/projects/tor/ticket/13575 // [-] https://bugzilla.mozilla.org/1430197 user_pref("browser.cache.frecency_experiment", -1); // 1242: enable Mixed-Content-Blocker to use the HSTS cache but disable the HSTS Priming requests [FF51+] // Allow resources from domains with an existing HSTS cache record or in the HSTS preload list // to be upgraded to HTTPS internally but disable sending out HSTS Priming requests, because // those may cause noticeable delays e.g. requests time out or are not handled well by servers // [NOTE] If you want to use the priming requests make sure 'use_hsts' is also true // [1] https://bugzilla.mozilla.org/1246540#c145 // [-] https://bugzilla.mozilla.org/1424917 user_pref("security.mixed_content.use_hsts", true); user_pref("security.mixed_content.send_hsts_priming", false); // 1606: set the default Referrer Policy [FF53+] - replaced by network.http.referer.defaultPolicy // [-] https://bugzilla.mozilla.org/587523 user_pref("network.http.referer.userControlPolicy", 3); // 1804: disable plugins using external/untrusted scripts with XPCOM or XPConnect // [-] (part8) https://bugzilla.mozilla.org/1416703#c21 user_pref("security.xpconnect.plugin.unrestricted", false); // 2022: disable screensharing domain whitelist // [-] https://bugzilla.mozilla.org/1411742 user_pref("media.getusermedia.screensharing.allowed_domains", ""); // 2023: disable camera stuff // [-] (part7) https://bugzilla.mozilla.org/1416703#c21 user_pref("camera.control.face_detection.enabled", false); // 2202: prevent scripts from changing the status text // [-] https://bugzilla.mozilla.org/1425999 user_pref("dom.disable_window_status_change", true); // 2416: disable idle observation // [-] (part7) https://bugzilla.mozilla.org/1416703#c21 user_pref("dom.idle-observers-api.enabled", false); // ***/ /* FF60 // 0360: disable new tab tile ads & preload & marketing junk // [-] https://bugzilla.mozilla.org/buglist.cgi?bug_id=1370930,1433133 user_pref("browser.newtabpage.directory.source", "data:text/plain,"); user_pref("browser.newtabpage.enhanced", false); user_pref("browser.newtabpage.introShown", true); // 0512: disable Shield [FF53+] - renamed to app.normandy.* (see 0503) // Shield is an telemetry system (including Heartbeat) that can also push and test "recipes" // [1] https://wiki.mozilla.org/Firefox/Shield // [2] https://github.com/mozilla/normandy // [-] https://bugzilla.mozilla.org/1436113 user_pref("extensions.shield-recipe-client.enabled", false); user_pref("extensions.shield-recipe-client.api_url", ""); // 0514: disable Activity Stream [FF54+] // [-] https://bugzilla.mozilla.org/1433324 user_pref("browser.newtabpage.activity-stream.enabled", false); // 2301: disable workers // Disabling workers *will* break sites (e.g. Google Street View, Twitter) // [NOTE] CVE-2016-5259, CVE-2016-2812, CVE-2016-1949, CVE-2016-5287 (fixed) // [-] https://bugzilla.mozilla.org/1434934 user_pref("dom.workers.enabled", false); // 5000's: open "page/selection source" in a new window // [-] https://bugzilla.mozilla.org/1418403 // user_pref("view_source.tab", false); // ***/ ```
archived arkenfox-cleanup.js
this is everything up to FF117 - the live version has been tidied up to prefs deprecated/removed since FF91
click for details
```js /*** This will reset the preferences that have been - removed from the arkenfox user.js - deprecated by Mozilla but listed in the arkenfox user.js in the past Last updated: 18-September-2023 Instructions: - [optional] close Firefox and backup your profile - [optional] disable your network connection [1] - start Firefox - load about:config and press Ctrl+Shift+K to open the Web Console for about:config - using about:config is important, so the script has the right permissions - paste this script - if you edited the list of prefs in the script, make sure the last pref does not have a trailing comma - hit enter - check the Info output to see which prefs were reset - restart - some prefs require a restart - a restart will reapply your user.js - [optional] re-enable your network connection [1] Blocking Firefox from the internet ensures it cannot act on your reset preferences in the period before you restart it, such as app and extension auto-updating, or downloading unwanted components (GMP etc). It depends on what you're resetting and how long before you restart. ***/ (() => { if ('undefined' === typeof(Services)) return alert('about:config needs to be the active tab!'); const aPREFS = [ /* DEPRECATED */ /* 116+ */ 'dom.webnotifications.serviceworker.enabled', // 117 'layout.css.font-visibility.resistFingerprinting', // 116 'permissions.delegation.enabled', // 118 'security.family_safety.mode', // 117 /* 103-115 */ 'browser.cache.offline.enable', // 115 'extensions.formautofill.heuristics.enabled', // 114 'network.cookie.lifetimePolicy', // 103 [technically removed in 104] 'privacy.clearsitedata.cache.enabled', // 114 'privacy.resistFingerprinting.testGranularityMask', // 114 'security.pki.sha1_enforcement_level', // 103 /* 92-102 */ 'browser.urlbar.suggest.quicksuggest', // 95 'dom.securecontext.whitelist_onions', // 97 'dom.storage.next_gen', // 102 'network.http.spdy.enabled', // 100 'network.http.spdy.enabled.deps', 'network.http.spdy.enabled.http2', 'network.http.spdy.websockets', 'layout.css.font-visibility.level', // 94 'security.ask_for_password', // 102 'security.csp.enable', // 99 'security.password_lifetime', // 102 'security.ssl3.rsa_des_ede3_sha', // 93 /* 79-91 */ 'browser.cache.offline.storage.enable', 'browser.download.hide_plugins_without_extensions', 'browser.library.activity-stream.enabled', 'browser.search.geoSpecificDefaults', 'browser.search.geoSpecificDefaults.url', 'dom.ipc.plugins.flash.subprocess.crashreporter.enabled', 'dom.ipc.plugins.reportCrashURL', 'dom.w3c_pointer_events.enabled', 'intl.charset.fallback.override', 'network.ftp.enabled', 'plugin.state.flash', 'security.mixed_content.block_object_subrequest', 'security.ssl.errorReporting.automatic', 'security.ssl.errorReporting.enabled', 'security.ssl.errorReporting.url', /* 69-78 */ 'browser.newtabpage.activity-stream.telemetry.ping.endpoint', 'browser.tabs.remote.allowLinkedWebInFileUriProcess', 'browser.urlbar.oneOffSearches', 'devtools.webide.autoinstallADBExtension', 'devtools.webide.enabled', 'dom.indexedDB.enabled', 'extensions.blocklist.url', 'geo.wifi.logging.enabled', 'geo.wifi.uri', 'gfx.downloadable_fonts.woff2.enabled', 'media.autoplay.allow-muted', 'media.autoplay.enabled.user-gestures-needed', 'offline-apps.allow_by_default', 'plugins.click_to_play', 'privacy.userContext.longPressBehavior', 'toolkit.cosmeticAnimations.enabled', 'toolkit.telemetry.hybridContent.enabled', 'webgl.disable-extensions', /* 61-68 */ 'app.update.enabled', 'browser.aboutHomeSnippets.updateUrl', 'browser.chrome.errorReporter.enabled', 'browser.chrome.errorReporter.submitUrl', 'browser.chrome.favicons', 'browser.ctrlTab.previews', 'browser.fixup.hide_user_pass', 'browser.newtabpage.activity-stream.asrouter.userprefs.cfr', 'browser.newtabpage.activity-stream.disableSnippets', 'browser.onboarding.enabled', 'browser.search.countryCode', 'browser.urlbar.autocomplete.enabled', 'devtools.webide.adbAddonURL', 'devtools.webide.autoinstallADBHelper', 'dom.event.highrestimestamp.enabled', 'experiments.activeExperiment', 'experiments.enabled', 'experiments.manifest.uri', 'experiments.supported', 'lightweightThemes.update.enabled', 'media.autoplay.enabled', 'network.allow-experiments', 'network.cookie.lifetime.days', 'network.jar.block-remote-files', 'network.jar.open-unsafe-types', 'plugin.state.java', 'security.csp.enable_violation_events', 'security.csp.experimentalEnabled', 'shield.savant.enabled', /* 60 or earlier */ 'browser.bookmarks.showRecentlyBookmarked', 'browser.casting.enabled', 'browser.crashReports.unsubmittedCheck.autoSubmit', 'browser.formautofill.enabled', 'browser.formfill.saveHttpsForms', 'browser.fullscreen.animate', 'browser.history.allowPopState', 'browser.history.allowPushState', 'browser.history.allowReplaceState', 'browser.newtabpage.activity-stream.enabled', 'browser.newtabpage.directory.ping', 'browser.newtabpage.directory.source', 'browser.newtabpage.enhanced', 'browser.newtabpage.introShown', 'browser.pocket.api', 'browser.pocket.enabled', 'browser.pocket.oAuthConsumerKey', 'browser.pocket.site', 'browser.polaris.enabled', 'browser.safebrowsing.appRepURL', 'browser.safebrowsing.enabled', 'browser.safebrowsing.gethashURL', 'browser.safebrowsing.malware.reportURL', 'browser.safebrowsing.provider.google.appRepURL', 'browser.safebrowsing.reportErrorURL', 'browser.safebrowsing.reportGenericURL', 'browser.safebrowsing.reportMalwareErrorURL', 'browser.safebrowsing.reportMalwareMistakeURL', 'browser.safebrowsing.reportMalwareURL', 'browser.safebrowsing.reportPhishMistakeURL', 'browser.safebrowsing.reportURL', 'browser.safebrowsing.updateURL', 'browser.search.showOneOffButtons', 'browser.selfsupport.enabled', 'browser.selfsupport.url', 'browser.sessionstore.privacy_level_deferred', 'browser.tabs.animate', 'browser.trackingprotection.gethashURL', 'browser.trackingprotection.updateURL', 'browser.urlbar.unifiedcomplete', 'browser.usedOnWindows10.introURL', 'camera.control.autofocus_moving_callback.enabled', 'camera.control.face_detection.enabled', 'datareporting.healthreport.about.reportUrl', 'datareporting.healthreport.about.reportUrlUnified', 'datareporting.healthreport.documentServerURI', 'datareporting.healthreport.service.enabled', 'datareporting.policy.dataSubmissionEnabled.v2', 'devtools.webide.autoinstallFxdtAdapters', 'dom.archivereader.enabled', 'dom.beforeAfterKeyboardEvent.enabled', 'dom.disable_image_src_set', 'dom.disable_window_open_feature.scrollbars', 'dom.disable_window_status_change', 'dom.enable_user_timing', 'dom.flyweb.enabled', 'dom.idle-observers-api.enabled', 'dom.keyboardevent.code.enabled', 'dom.network.enabled', 'dom.push.udp.wakeupEnabled', 'dom.telephony.enabled', 'dom.vr.oculus050.enabled', 'dom.workers.enabled', 'dom.workers.sharedWorkers.enabled', 'extensions.formautofill.experimental', 'extensions.screenshots.system-disabled', 'extensions.shield-recipe-client.api_url', 'extensions.shield-recipe-client.enabled', 'full-screen-api.approval-required', 'general.useragent.locale', 'geo.security.allowinsecure', 'intl.locale.matchOS', 'loop.enabled', 'loop.facebook.appId', 'loop.facebook.enabled', 'loop.facebook.fallbackUrl', 'loop.facebook.shareUrl', 'loop.feedback.formURL', 'loop.feedback.manualFormURL', 'loop.logDomains', 'loop.server', 'media.block-play-until-visible', 'media.eme.apiVisible', 'media.eme.chromium-api.enabled', 'media.getusermedia.screensharing.allow_on_old_platforms', 'media.getusermedia.screensharing.allowed_domains', 'media.gmp-eme-adobe.autoupdate', 'media.gmp-eme-adobe.enabled', 'media.gmp-eme-adobe.visible', 'network.http.referer.userControlPolicy', 'network.http.sendSecureXSiteReferrer', 'network.http.spdy.enabled.http2draft', 'network.http.spdy.enabled.v3-1', 'network.websocket.enabled', 'pageThumbs.enabled', 'pfs.datasource.url', 'plugin.scan.Acrobat', 'plugin.scan.Quicktime', 'plugin.scan.WindowsMediaPlayer', 'plugins.enumerable_names', 'plugins.update.notifyUser', 'plugins.update.url', 'privacy.clearOnShutdown.passwords', 'privacy.donottrackheader.value', 'security.mixed_content.send_hsts_priming', 'security.mixed_content.use_hsts', 'security.ssl3.ecdhe_ecdsa_rc4_128_sha', 'security.ssl3.ecdhe_rsa_rc4_128_sha', 'security.ssl3.rsa_rc4_128_md5', 'security.ssl3.rsa_rc4_128_sha', 'security.tls.insecure_fallback_hosts.use_static_list', 'security.tls.unrestricted_rc4_fallback', 'security.xpconnect.plugin.unrestricted', 'social.directories', 'social.enabled', 'social.remote-install.enabled', 'social.share.activationPanelEnabled', 'social.shareDirectory', 'social.toast-notifications.enabled', 'social.whitelist', 'toolkit.telemetry.unifiedIsOptIn', /* REMOVED */ /* 116+ */ 'media.gmp-widevinecdm.enabled', 'network.protocol-handler.external.ms-windows-store', /* 103-115 */ 'beacon.enabled', 'browser.startup.blankWindow', 'browser.newtab.preload', 'browser.newtabpage.activity-stream.feeds.discoverystreamfeed', 'browser.newtabpage.activity-stream.feeds.snippets', 'browser.region.network.url', 'browser.region.update.enabled', 'browser.search.region', 'browser.ssl_override_behavior', 'browser.tabs.warnOnClose', 'devtools.chrome.enabled', 'dom.disable_beforeunload', 'dom.disable_open_during_load', 'dom.netinfo.enabled', 'dom.vr.enabled', 'extensions.formautofill.addresses.supported', 'extensions.formautofill.available', 'extensions.formautofill.creditCards.available', 'extensions.formautofill.creditCards.supported', 'middlemouse.contentLoadURL', 'network.http.altsvc.oe', /* 92-102 */ 'browser.urlbar.trimURLs', 'dom.caches.enabled', 'dom.storageManager.enabled', 'dom.storage_access.enabled', 'dom.targetBlankNoOpener.enabled', 'network.cookie.thirdparty.sessionOnly', 'network.cookie.thirdparty.nonsecureSessionOnly', 'privacy.firstparty.isolate.block_post_message', 'privacy.firstparty.isolate.restrict_opener_access', 'privacy.firstparty.isolate.use_site', 'privacy.window.name.update.enabled', 'security.insecure_connection_text.enabled', /* 79-91 */ 'alerts.showFavicons', 'browser.newtabpage.activity-stream.asrouter.providers.snippets', 'browser.send_pings.require_same_host', 'browser.urlbar.usepreloadedtopurls.enabled', 'dom.allow_cut_copy', 'dom.battery.enabled', 'dom.IntersectionObserver.enabled', 'dom.storage.enabled', 'dom.vibrator.enabled', 'extensions.screenshots.upload-disabled', 'general.warnOnAboutConfig', 'gfx.direct2d.disabled', 'layers.acceleration.disabled', 'media.getusermedia.audiocapture.enabled', 'media.getusermedia.browser.enabled', 'media.getusermedia.screensharing.enabled', 'media.gmp-widevinecdm.visible', 'media.media-capabilities.enabled', 'network.http.redirection-limit', 'privacy.partition.network_state', 'security.insecure_connection_icon.enabled', 'security.mixed_content.block_active_content', 'security.ssl.enable_ocsp_stapling', 'security.ssl3.dhe_rsa_aes_128_sha', 'security.ssl3.dhe_rsa_aes_256_sha', 'webgl.min_capability_mode', /* 69-78 */ 'browser.cache.disk_cache_ssl', 'browser.search.geoip.url', 'browser.search.region', 'browser.sessionhistory.max_entries', 'dom.push.connection.enabled', 'dom.push.serverURL', 'extensions.getAddons.discovery.api_url', 'extensions.htmlaboutaddons.discover.enabled', 'extensions.webservice.discoverURL', 'intl.locale.requested', 'intl.regional_prefs.use_os_locales', 'media.block-autoplay-until-in-foreground', 'middlemouse.paste', 'plugin.sessionPermissionNow.intervalInMinutes', 'privacy.usercontext.about_newtab_segregation.enabled', 'security.insecure_connection_icon.pbmode.enabled', 'security.insecure_connection_text.pbmode.enabled', 'webgl.dxgl.enabled', /* 61-68 */ 'app.update.service.enabled', 'app.update.silent', 'app.update.staging.enabled', 'browser.cache.disk.capacity', 'browser.cache.disk.smart_size.enabled', 'browser.cache.disk.smart_size.first_run', 'browser.cache.offline.insecure.enable', 'browser.contentblocking.enabled', 'browser.laterrun.enabled', 'browser.offline-apps.notify', 'browser.rights.3.shown', 'browser.safebrowsing.blockedURIs.enabled', 'browser.safebrowsing.downloads.remote.block_dangerous', 'browser.safebrowsing.downloads.remote.block_dangerous_host', 'browser.safebrowsing.provider.google.gethashURL', 'browser.safebrowsing.provider.google.reportMalwareMistakeURL', 'browser.safebrowsing.provider.google.reportPhishMistakeURL', 'browser.safebrowsing.provider.google.reportURL', 'browser.safebrowsing.provider.google.updateURL', 'browser.safebrowsing.provider.google4.dataSharing.enabled', 'browser.safebrowsing.provider.google4.dataSharingURL', 'browser.safebrowsing.provider.google4.gethashURL', 'browser.safebrowsing.provider.google4.reportMalwareMistakeURL', 'browser.safebrowsing.provider.google4.reportPhishMistakeURL', 'browser.safebrowsing.provider.google4.reportURL', 'browser.safebrowsing.provider.google4.updateURL', 'browser.safebrowsing.provider.mozilla.gethashURL', 'browser.safebrowsing.provider.mozilla.updateURL', 'browser.safebrowsing.reportPhishURL', 'browser.sessionhistory.max_total_viewers', 'browser.sessionstore.max_windows_undo', 'browser.slowStartup.maxSamples', 'browser.slowStartup.notificationDisabled', 'browser.slowStartup.samples', 'browser.storageManager.enabled', 'browser.urlbar.autoFill.typed', 'browser.urlbar.filter.javascript', 'browser.urlbar.maxHistoricalSearchSuggestions', 'browser.urlbar.userMadeSearchSuggestionsChoice', 'canvas.capturestream.enabled', 'dom.allow_scripts_to_close_windows', 'dom.disable_window_flip', 'dom.forms.datetime', 'dom.imagecapture.enabled', 'dom.popup_maximum', 'extensions.webextensions.keepStorageOnUninstall', 'extensions.webextensions.keepUuidOnUninstall', 'font.blacklist.underline_offset', 'font.name.monospace.x-unicode', 'font.name.monospace.x-western', 'font.name.sans-serif.x-unicode', 'font.name.sans-serif.x-western', 'font.name.serif.x-unicode', 'font.name.serif.x-western', 'gfx.offscreencanvas.enabled', 'javascript.options.shared_memory', 'layout.css.font-loading-api.enabled', 'media.gmp-gmpopenh264.autoupdate', 'media.gmp-gmpopenh264.enabled', 'media.gmp-manager.updateEnabled', 'media.gmp-manager.url', 'media.gmp-manager.url.override', 'media.gmp-widevinecdm.autoupdate', 'media.gmp.trial-create.enabled', 'media.navigator.video.enabled', 'media.peerconnection.ice.tcp', 'media.peerconnection.identity.enabled', 'media.peerconnection.identity.timeout', 'media.peerconnection.turn.disable', 'media.peerconnection.use_document_iceservers', 'media.peerconnection.video.enabled', 'network.auth.subresource-img-cross-origin-http-auth-allow', 'network.cookie.leave-secure-alone', 'network.cookie.same-site.enabled', 'network.dnsCacheEntries', 'network.dnsCacheExpiration', 'network.http.fast-fallback-to-IPv4', 'network.proxy.autoconfig_url.include_path', 'offline-apps.quota.warn', 'pdfjs.enableWebGL', 'plugin.default.state', 'plugin.defaultXpi.state', 'plugin.scan.plid.all', 'privacy.trackingprotection.annotate_channels', 'privacy.trackingprotection.lower_network_priority', 'privacy.trackingprotection.pbmode.enabled', 'privacy.trackingprotection.ui.enabled', 'security.data_uri.block_toplevel_data_uri_navigations', 'security.insecure_field_warning.contextual.enabled', 'security.insecure_password.ui.enabled', 'security.tls.version.fallback-limit', 'services.blocklist.addons.collection', 'services.blocklist.gfx.collection', 'services.blocklist.onecrl.collection', 'services.blocklist.plugins.collection', 'services.blocklist.signing.enforced', 'services.blocklist.update_enabled', 'signon.autofillForms.http', 'signon.storeWhenAutocompleteOff', 'toolkit.telemetry.cachedClientID', 'urlclassifier.trackingTable', 'xpinstall.whitelist.required', /* 60 or lower */ 'browser.migrate.automigrate.enabled', 'browser.search.geoip.timeout', 'browser.search.reset.enabled', 'browser.search.reset.whitelist', 'browser.stopReloadAnimation.enabled', 'browser.tabs.insertRelatedAfterCurrent', 'browser.tabs.loadDivertedInBackground', 'browser.tabs.loadInBackground', 'browser.tabs.selectOwnerOnClose', 'browser.urlbar.clickSelectsAll', 'browser.urlbar.doubleClickSelectsAll', 'device.storage.enabled', 'dom.keyboardevent.dispatch_during_composition', 'dom.presentation.controller.enabled', 'dom.presentation.discoverable', 'dom.presentation.discovery.enabled', 'dom.presentation.enabled', 'dom.presentation.receiver.enabled', 'dom.presentation.session_transport.data_channel.enable', 'dom.vr.oculus.enabled', 'dom.vr.openvr.enabled', 'dom.vr.osvr.enabled', 'extensions.pocket.api', 'extensions.pocket.oAuthConsumerKey', 'extensions.pocket.site', 'general.useragent.compatMode.firefox', 'geo.wifi.xhr.timeout', 'gfx.layerscope.enabled', 'media.flac.enabled', 'media.mediasource.enabled', 'media.mediasource.mp4.enabled', 'media.mediasource.webm.audio.enabled', 'media.mediasource.webm.enabled', 'media.mp4.enabled', 'media.ogg.enabled', 'media.ogg.flac.enabled', 'media.opus.enabled', 'media.raw.enabled', 'media.wave.enabled', 'media.webm.enabled', 'media.webspeech.recognition.enable', 'media.wmf.amd.vp9.enabled', 'media.wmf.enabled', 'media.wmf.vp9.enabled', 'network.dns.blockDotOnion', 'network.stricttransportsecurity.preloadlist', 'security.block_script_with_wrong_mime', 'security.fileuri.strict_origin_policy', 'security.sri.enable', 'services.sync.enabled', 'ui.submenuDelay', 'webextensions.storage.sync.enabled', 'webextensions.storage.sync.serverURL', // excluding these e10 settings // 'browser.tabs.remote.autostart', // 'browser.tabs.remote.autostart.2', // 'browser.tabs.remote.force-enable', // 'browser.tabs.remote.separateFileUriProcess', // 'extensions.e10sBlocksEnabling', // 'extensions.webextensions.remote', // 'dom.ipc.processCount', // 'dom.ipc.shims.enabledWarnings', // 'dom.ipc.processCount.extension', // 'dom.ipc.processCount.file', // 'security.sandbox.content.level', // 'dom.ipc.plugins.sandbox-level.default', // 'dom.ipc.plugins.sandbox-level.flash', // 'security.sandbox.logging.enabled', /* IMPORTANT: last active pref must not have a trailing comma */ /* reset parrot: check your open about:config after running the script */ '_user.js.parrot' ]; console.clear(); let c = 0; for (const sPname of aPREFS) { if (Services.prefs.prefHasUserValue(sPname)) { Services.prefs.clearUserPref(sPname); if (!Services.prefs.prefHasUserValue(sPname)) { console.info('reset', sPname); c++; } else console.warn('failed to reset', sPname); } } focus(); const d = (c==1) ? ' pref' : ' prefs'; alert(c ? 'successfully reset ' + c + d + "\n\nfor details check the console" : 'nothing to reset'); return 'all done'; })(); ```