From a93047e6c9fb4d6756ceb89a58a080a604280ce7 Mon Sep 17 00:00:00 2001 From: iTawkins <100447932+iTawkins@users.noreply.github.com> Date: Sun, 13 Nov 2022 14:31:17 +0000 Subject: [PATCH 01/12] Improves usability by clarifying desired action (#1583) --- prefsCleaner.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/prefsCleaner.sh b/prefsCleaner.sh index da2cfe9..99b8981 100755 --- a/prefsCleaner.sh +++ b/prefsCleaner.sh @@ -88,6 +88,7 @@ echo -e "\nThis script should be run from your Firefox profile directory.\n" echo "It will remove any entries from prefs.js that also exist in user.js." echo "This will allow inactive preferences to be reset to their default values." echo -e "\nThis Firefox profile shouldn't be in use during the process.\n" +echo -e "\nIn order to proceed, select a command below by entering its corresponding number.\n" [ "$1" == '-s' ] && fStart From 365e76bc9f2c9bf30509ce5f1aec6627ad84c84b Mon Sep 17 00:00:00 2001 From: junoslukan Date: Sun, 13 Nov 2022 14:37:26 +0000 Subject: [PATCH 02/12] Format date and time consistently. (#1580) * Format date and time consistently. Co-authored-by: junos Co-authored-by: earthlng --- prefsCleaner.bat | 11 +++++++---- updater.bat | 9 +++++---- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/prefsCleaner.bat b/prefsCleaner.bat index 616ec28..7591c0e 100644 --- a/prefsCleaner.bat +++ b/prefsCleaner.bat @@ -3,7 +3,7 @@ TITLE prefs.js cleaner REM ### prefs.js cleaner for Windows REM ## author: @claustromaniac -REM ## version: 2.4 +REM ## version: 2.5 CD /D "%~dp0" @@ -13,7 +13,7 @@ ECHO: ECHO ######################################## ECHO #### prefs.js cleaner for Windows #### ECHO #### by claustromaniac #### -ECHO #### v2.4 #### +ECHO #### v2.5 #### ECHO ######################################## ECHO: CALL :message "This script should be run from your Firefox profile directory." @@ -30,9 +30,12 @@ IF NOT EXIST "user.js" (CALL :abort "user.js not found in the current directory. IF NOT EXIST "prefs.js" (CALL :abort "prefs.js not found in the current directory." 30) CALL :strlenCheck CALL :FFcheck + CALL :message "Backing up prefs.js..." -SET "_time=%time: =0%" -COPY /B /V /Y prefs.js "prefs-backup-%date:/=-%_%_time::=.%.js" +FOR /F "usebackq tokens=1,2 delims==" %%i IN (`wmic os get LocalDateTime /VALUE 2^>NUL`) DO IF '.%%i.'=='.LocalDateTime.' SET ldt=%%j +SET ldt=%ldt:~0,8%_%ldt:~8,6% +COPY /B /V /Y prefs.js "prefs-backup-%ldt%.js" + CALL :message "Cleaning prefs.js..." CALL :cleanup CALL :message "All done!" diff --git a/updater.bat b/updater.bat index eef06f0..83499c2 100644 --- a/updater.bat +++ b/updater.bat @@ -3,10 +3,10 @@ TITLE arkenfox user.js updater REM ## arkenfox user.js updater for Windows REM ## author: @claustromaniac -REM ## version: 4.16 +REM ## version: 4.17 REM ## instructions: https://github.com/arkenfox/user.js/wiki/5.1-Updater-[Options]#-windows -SET v=4.15 +SET v=4.17 VERIFY ON CD /D "%~dp0" @@ -177,8 +177,9 @@ IF EXIST user.js.new ( IF DEFINED _singlebackup ( MOVE /Y user.js user.js.bak >nul ) ELSE ( - SET "_time=!time: =0!" - MOVE /Y user.js "user-backup-!date:/=-!_!_time::=.!.js" >nul + FOR /F "usebackq tokens=1,2 delims==" %%i IN (`wmic os get LocalDateTime /VALUE 2^>NUL`) DO IF '.%%i.'=='.LocalDateTime.' SET ldt=%%j + SET ldt=%ldt:~0,8%_%ldt:~8,6% + MOVE /Y user.js "user-backup-%ldt%.js" >nul ) REN user.js.new user.js CALL :message "Update complete." From 5a366493e029d04103b7f2c25c4eee6dc9b40176 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sat, 19 Nov 2022 04:04:59 +0000 Subject: [PATCH 03/12] dom.disable_open_during_load default true since at least FF60 --- scratchpad-scripts/arkenfox-cleanup.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scratchpad-scripts/arkenfox-cleanup.js b/scratchpad-scripts/arkenfox-cleanup.js index 1e98e9b..892361f 100644 --- a/scratchpad-scripts/arkenfox-cleanup.js +++ b/scratchpad-scripts/arkenfox-cleanup.js @@ -3,7 +3,7 @@ - removed from the arkenfox user.js - deprecated by Mozilla but listed in the arkenfox user.js in the past - Last updated: 4-November-2022 + Last updated: 19-November-2022 Instructions: - [optional] close Firefox and backup your profile @@ -245,6 +245,7 @@ 'browser.tabs.warnOnClose', 'devtools.chrome.enabled', 'dom.disable_beforeunload', + 'dom.disable_open_during_load', 'dom.netinfo.enabled', 'dom.vr.enabled', 'extensions.formautofill.addresses.supported', From cc0f05388f6c721c358e89372caac604f84fd0d9 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 21 Nov 2022 00:36:37 +0000 Subject: [PATCH 04/12] v107 (#1579) --- user.js | 44 ++++++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/user.js b/user.js index 6eba484..37c3bd0 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: arkenfox user.js -* date: 6 November 2022 -* version: 106 +* date: 21 November 2022 +* version: 107 * url: https://github.com/arkenfox/user.js * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt @@ -112,8 +112,8 @@ user_pref("geo.provider.use_gpsd", false); // [LINUX] user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX] /* 0203: disable region updates * [1] https://firefox-source-docs.mozilla.org/toolkit/modules/toolkit_modules/Region.html ***/ -user_pref("browser.region.network.url", ""); // [FF78+] user_pref("browser.region.update.enabled", false); // [FF79+] + // user_pref("browser.region.network.url", ""); // [FF78+] Defense-in-depth /* 0204: set search region * [NOTE] May not be hidden if Firefox has changed your settings due to your region (0203) ***/ // user_pref("browser.search.region", "US"); // [HIDDEN PREF] @@ -491,8 +491,8 @@ user_pref("security.remote_settings.crlite_filters.enabled", true); user_pref("security.pki.crlite_mode", 2); /** MIXED CONTENT ***/ -/* 1241: disable insecure passive content (such as images) on https pages [SETUP-WEB] ***/ -user_pref("security.mixed_content.block_display_content", true); +/* 1241: disable insecure passive content (such as images) on https pages ***/ + // user_pref("security.mixed_content.block_display_content", true); // Defense-in-depth (see 1244) /* 1244: enable HTTPS-Only mode in all windows [FF76+] * When the top-level is HTTPS, insecure subresources are also upgraded (silent fail) * [SETTING] to add site exceptions: Padlock>HTTPS-Only mode>On (after "Continue to HTTP Site") @@ -603,9 +603,6 @@ user_pref("media.eme.enabled", false); user_pref("_user.js.parrot", "2400 syntax error: the parrot's kicked the bucket!"); /* 2402: prevent scripts from moving and resizing open windows ***/ user_pref("dom.disable_window_move_resize", true); -/* 2403: block popup windows - * [SETTING] Privacy & Security>Permissions>Block pop-up windows ***/ -user_pref("dom.disable_open_during_load", true); /* 2404: limit events that can cause a popup [SETUP-WEB] ***/ user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); @@ -624,7 +621,7 @@ user_pref("browser.helperApps.deleteTempFileOnExit", true); user_pref("browser.pagethumbnails.capturing_disabled", true); // [HIDDEN PREF] /* 2606: disable UITour backend so there is no chance that a remote page can use it ***/ user_pref("browser.uitour.enabled", false); -user_pref("browser.uitour.url", ""); + // user_pref("browser.uitour.url", ""); // Defense-in-depth /* 2608: reset remote debugging to disabled * [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/16222 ***/ user_pref("devtools.debugger.remote-enabled", false); // [DEFAULT: false] @@ -648,16 +645,16 @@ user_pref("webchannel.allowObject.urlWhitelist", ""); * [3] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=punycode+firefox * [4] https://www.xudongz.com/blog/2017/idn-phishing/ ***/ user_pref("network.IDN_show_punycode", true); -/* 2620: enforce PDFJS, disable PDFJS scripting [SETUP-CHROME] +/* 2620: enforce PDFJS, disable PDFJS scripting * This setting controls if the option "Display in Firefox" is available in the setting below * and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With") - * PROS: pdfjs is lightweight, open source, and more secure/vetted than most - * Exploits are rare (one serious case in seven years), treated seriously and patched quickly. + * [WHY] pdfjs is lightweight, open source, and secure: the last exploit was June 2015 [1] * It doesn't break "state separation" of browser content (by not sharing with OS, independent apps). * It maintains disk avoidance and application data isolation. It's convenient. You can still save to disk. - * CONS: You may prefer a different pdf reader for security reasons - * CAVEAT: JS can still force a pdf to open in-browser by bundling its own code - * [SETTING] General>Applications>Portable Document Format (PDF) ***/ + * [NOTE] JS can still force a pdf to open in-browser by bundling its own code + * [SETUP-CHROME] You may prefer a different pdf reader for security/workflow reasons + * [SETTING] General>Applications>Portable Document Format (PDF) + * [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pdf.js+firefox ***/ user_pref("pdfjs.disabled", false); // [DEFAULT: false] user_pref("pdfjs.enableScripting", false); // [FF86+] /* 2621: disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS] ***/ @@ -717,8 +714,8 @@ user_pref("browser.contentblocking.category", "strict"); /* 2710: enable state partitioning of service workers [FF96+] ***/ user_pref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+] /* 2720: enable APS (Always Partitioning Storage) ***/ -user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] -user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] +user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+} +user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+] /*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/ user_pref("_user.js.parrot", "2800 syntax error: the parrot's bleedin' demised!"); @@ -809,7 +806,6 @@ user_pref("privacy.sanitize.timeSpan", 0); 1382545 - reduce fingerprinting in Animation API 1354633 - limit MediaError.message to a whitelist FF58+ - 967895 - spoof canvas and enable site permission prompt (FF58) 1372073 - spoof/block fingerprinting in MediaDevices API (FF59) Spoof: enumerate devices as one "Internal Camera" and one "Internal Microphone" Block: suppresses the ondevicechange event @@ -925,7 +921,7 @@ user_pref("_user.js.parrot", "5000 syntax error: the parrot's taken 'is last bow /* 5005: disable intermediate certificate caching [FF41+] [RESTART] * [NOTE] This affects login/cert/key dbs. The effect is all credentials are session-only. * Saved logins and passwords are not available. Reset the pref and restart to return them ***/ - // user_pref("security.nocertdb", true); // [HIDDEN PREF in FF101 or lower] + // user_pref("security.nocertdb", true); /* 5006: disable favicons in history and bookmarks * [NOTE] Stored as data blobs in favicons.sqlite, these don't reveal anything that your * actual history (and bookmarks) already do. Your history is more detailed, so @@ -1053,6 +1049,7 @@ user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false] // user_pref("browser.ssl_override_behavior", ""); // user_pref("devtools.chrome.enabled", ""); // user_pref("dom.disable_beforeunload", ""); + // user_pref("dom.disable_open_during_load", ""); // user_pref("extensions.formautofill.available", ""); // user_pref("extensions.formautofill.addresses.supported", ""); // user_pref("extensions.formautofill.creditCards.available", ""); @@ -1082,8 +1079,8 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies /* 7003: disable non-modern cipher suites [1] * [WHY] Passive fingerprinting. Minimal/non-existent threat of downgrade attacks * [1] https://browserleaks.com/ssl ***/ - // user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); - // user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); + // user_pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); // [DEFAULT: false FF109+] + // user_pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); // [DEFAULT: false FF109+] // user_pref("security.ssl3.ecdhe_rsa_aes_128_sha", false); // user_pref("security.ssl3.ecdhe_rsa_aes_256_sha", false); // user_pref("security.ssl3.rsa_aes_128_gcm_sha256", false); // no PFS @@ -1097,7 +1094,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies /* 7005: disable SSL session IDs [FF36+] * [WHY] Passive fingerprinting and perf costs. These are session-only * and isolated with network partitioning (FF85+) and/or containers ***/ - // user_pref("security.ssl.disable_session_identifiers", true); // [HIDDEN PREF in FF101 or lower] + // user_pref("security.ssl.disable_session_identifiers", true); /* 7006: onions * [WHY] Firefox doesn't support hidden services. Use Tor Browser ***/ // user_pref("dom.securecontext.allowlist_onions", true); // [FF97+] 1382359/1744006 @@ -1146,8 +1143,7 @@ user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies // user_pref("privacy.trackingprotection.cryptomining.enabled", true); // [DEFAULT: true] // user_pref("privacy.trackingprotection.fingerprinting.enabled", true); // [DEFAULT: true] /* 7017: disable service workers - * [WHY] Already isolated (FF96+) with TCP (2701) behind a pref (2710) - * or blocked with TCP in 3rd parties (FF95 or lower) ***/ + * [WHY] Already isolated with TCP (2701) behind a pref (2710) ***/ // user_pref("dom.serviceWorkers.enabled", false); /* 7018: disable Web Notifications * [WHY] Web Notifications are behind a prompt (7002) From 5eaa8196e2bb77a8f126781c6f290af93d091070 Mon Sep 17 00:00:00 2001 From: earthlng Date: Tue, 22 Nov 2022 19:00:47 +0000 Subject: [PATCH 05/12] v4.18 - fix backup filename --- updater.bat | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/updater.bat b/updater.bat index 83499c2..40a6d10 100644 --- a/updater.bat +++ b/updater.bat @@ -3,10 +3,10 @@ TITLE arkenfox user.js updater REM ## arkenfox user.js updater for Windows REM ## author: @claustromaniac -REM ## version: 4.17 +REM ## version: 4.18 REM ## instructions: https://github.com/arkenfox/user.js/wiki/5.1-Updater-[Options]#-windows -SET v=4.17 +SET v=4.18 VERIFY ON CD /D "%~dp0" @@ -178,8 +178,8 @@ IF EXIST user.js.new ( MOVE /Y user.js user.js.bak >nul ) ELSE ( FOR /F "usebackq tokens=1,2 delims==" %%i IN (`wmic os get LocalDateTime /VALUE 2^>NUL`) DO IF '.%%i.'=='.LocalDateTime.' SET ldt=%%j - SET ldt=%ldt:~0,8%_%ldt:~8,6% - MOVE /Y user.js "user-backup-%ldt%.js" >nul + SET ldt=!ldt:~0,8!_!ldt:~8,6! + MOVE /Y user.js "user-backup-!ldt!.js" >nul ) REN user.js.new user.js CALL :message "Update complete." From 6789dc7fefac5594d958a065463b4dc9d265c089 Mon Sep 17 00:00:00 2001 From: earthlng Date: Tue, 22 Nov 2022 19:50:50 +0000 Subject: [PATCH 06/12] fix typo --- user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/user.js b/user.js index 37c3bd0..c3eaab9 100644 --- a/user.js +++ b/user.js @@ -714,7 +714,7 @@ user_pref("browser.contentblocking.category", "strict"); /* 2710: enable state partitioning of service workers [FF96+] ***/ user_pref("privacy.partition.serviceWorkers", true); // [DEFAULT: true FF105+] /* 2720: enable APS (Always Partitioning Storage) ***/ -user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+} +user_pref("privacy.partition.always_partition_third_party_non_cookie_storage", true); // [FF104+] [DEFAULT: true FF109+] user_pref("privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage", false); // [FF105+] [DEFAULT: false FF109+] /*** [SECTION 2800]: SHUTDOWN & SANITIZING ***/ From 40e8e1acbe55dd266a280ab40ab418ca8d9646ec Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 28 Nov 2022 08:11:40 +0000 Subject: [PATCH 07/12] beacon.enabled, see #1586 --- scratchpad-scripts/arkenfox-cleanup.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scratchpad-scripts/arkenfox-cleanup.js b/scratchpad-scripts/arkenfox-cleanup.js index 892361f..3928978 100644 --- a/scratchpad-scripts/arkenfox-cleanup.js +++ b/scratchpad-scripts/arkenfox-cleanup.js @@ -3,7 +3,7 @@ - removed from the arkenfox user.js - deprecated by Mozilla but listed in the arkenfox user.js in the past - Last updated: 19-November-2022 + Last updated: 28-November-2022 Instructions: - [optional] close Firefox and backup your profile @@ -238,6 +238,7 @@ /* REMOVED */ /* 103+ */ + 'beacon.enabled', 'browser.newtab.preload', 'browser.newtabpage.activity-stream.feeds.discoverystreamfeed', 'browser.newtabpage.activity-stream.feeds.snippets', From 45d23f8d75c4cd23be26cfcb32689e60ebbad072 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Fri, 2 Dec 2022 10:19:29 +0000 Subject: [PATCH 08/12] region prefs, #1590 --- scratchpad-scripts/arkenfox-cleanup.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scratchpad-scripts/arkenfox-cleanup.js b/scratchpad-scripts/arkenfox-cleanup.js index 3928978..fa4409b 100644 --- a/scratchpad-scripts/arkenfox-cleanup.js +++ b/scratchpad-scripts/arkenfox-cleanup.js @@ -3,7 +3,7 @@ - removed from the arkenfox user.js - deprecated by Mozilla but listed in the arkenfox user.js in the past - Last updated: 28-November-2022 + Last updated: 2-December-2022 Instructions: - [optional] close Firefox and backup your profile @@ -242,6 +242,9 @@ 'browser.newtab.preload', 'browser.newtabpage.activity-stream.feeds.discoverystreamfeed', 'browser.newtabpage.activity-stream.feeds.snippets', + 'browser.region.network.url', + 'browser.region.update.enabled', + 'browser.search.region', 'browser.ssl_override_behavior', 'browser.tabs.warnOnClose', 'devtools.chrome.enabled', From e4a85c30c129cf664cc8a39705bb070fce828d33 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Mon, 5 Dec 2022 18:48:51 +0000 Subject: [PATCH 09/12] security.tls.version.enable-deprecated the UI for downgrading was removed in FF94, default is false --- scratchpad-scripts/arkenfox-cleanup.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scratchpad-scripts/arkenfox-cleanup.js b/scratchpad-scripts/arkenfox-cleanup.js index fa4409b..15f59d7 100644 --- a/scratchpad-scripts/arkenfox-cleanup.js +++ b/scratchpad-scripts/arkenfox-cleanup.js @@ -3,7 +3,7 @@ - removed from the arkenfox user.js - deprecated by Mozilla but listed in the arkenfox user.js in the past - Last updated: 2-December-2022 + Last updated: 5-December-2022 Instructions: - [optional] close Firefox and backup your profile @@ -257,6 +257,7 @@ 'extensions.formautofill.creditCards.available', 'extensions.formautofill.creditCards.supported', 'network.http.altsvc.oe', + 'security.tls.version.enable-deprecated', /* 92-102 */ 'browser.urlbar.trimURLs', 'dom.caches.enabled', From 12ca83b550866882c338b354de53287664332560 Mon Sep 17 00:00:00 2001 From: earthlng Date: Sat, 10 Dec 2022 14:00:23 +0000 Subject: [PATCH 10/12] v1.6 - autoupdate --- prefsCleaner.sh | 83 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 71 insertions(+), 12 deletions(-) diff --git a/prefsCleaner.sh b/prefsCleaner.sh index 99b8981..dee3f70 100755 --- a/prefsCleaner.sh +++ b/prefsCleaner.sh @@ -2,33 +2,54 @@ ## prefs.js cleaner for Linux/Mac ## author: @claustromaniac -## version: 1.5 +## version: 1.6 ## special thanks to @overdodactyl and @earthlng for a few snippets that I stol..*cough* borrowed from the updater.sh -currdir=$(pwd) +## DON'T GO HIGHER THAN VERSION x.9 !! ( because of ASCII comparison in update_prefsCleaner() ) + +readonly CURRDIR=$(pwd) ## get the full path of this script (readlink for Linux, greadlink for Mac with coreutils installed) -sfp=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null) +SCRIPT_FILE=$(readlink -f "${BASH_SOURCE[0]}" 2>/dev/null || greadlink -f "${BASH_SOURCE[0]}" 2>/dev/null) ## fallback for Macs without coreutils -if [ -z "$sfp" ]; then sfp=${BASH_SOURCE[0]}; fi +[ -z "$SCRIPT_FILE" ] && SCRIPT_FILE=${BASH_SOURCE[0]} -## change directory to the Firefox profile directory -cd "$(dirname "${sfp}")" + +AUTOUPDATE=true +QUICKSTART=false + +## download method priority: curl -> wget +DOWNLOAD_METHOD='' +if command -v curl >/dev/null; then + DOWNLOAD_METHOD='curl --max-redirs 3 -so' +elif command -v wget >/dev/null; then + DOWNLOAD_METHOD='wget --max-redirect 3 --quiet -O' +else + AUTOUPDATE=false + echo -e "No curl or wget detected.\nAutomatic self-update disabled!" +fi fQuit() { ## change directory back to the original working directory - cd "${currdir}" + cd "${CURRDIR}" [ "$1" -eq 0 ] && echo -e "\n$2" || echo -e "\n$2" >&2 exit $1 } fUsage() { - echo -e "\nUsage: $0 [-s]" + echo -e "\nUsage: $0 [-ds]" echo -e " Optional Arguments: - -s Start immediately" + -s Start immediately + -d Don't auto-update prefsCleaner.sh" +} + +download_file() { # expects URL as argument ($1) + declare -r tf=$(mktemp) + + $DOWNLOAD_METHOD "${tf}" "$1" &>/dev/null && echo "$tf" || echo '' # return the temp-filename or empty string on error } fFF_check() { @@ -40,6 +61,24 @@ fFF_check() { done } +## returns the version number of a prefsCleaner.sh file +get_prefsCleaner_version() { + echo "$(sed -n '5 s/.*[[:blank:]]\([[:digit:]]*\.[[:digit:]]*\)/\1/p' "$1")" +} + +## updates the prefsCleaner.sh file based on the latest public version +update_prefsCleaner() { + declare -r tmpfile="$(download_file 'https://raw.githubusercontent.com/arkenfox/user.js/master/prefsCleaner.sh')" + [ -z "$tmpfile" ] && echo -e "Error! Could not download prefsCleaner.sh" && return 1 # check if download failed + + [[ $(get_prefsCleaner_version "$SCRIPT_FILE") == $(get_prefsCleaner_version "$tmpfile") ]] && return 0 + + mv "$tmpfile" "$SCRIPT_FILE" + chmod u+x "$SCRIPT_FILE" + "$SCRIPT_FILE" -s -d + exit 0 +} + fClean() { # the magic happens here prefs="@@" @@ -78,19 +117,37 @@ fStart() { fQuit 0 "All done!" } + +while getopts "sd" opt; do + case $opt in + s) + QUICKSTART=true + ;; + d) + AUTOUPDATE=false + ;; + esac +done + +## change directory to the Firefox profile directory +cd "$(dirname "${SCRIPT_FILE}")" + +[ "$AUTOUPDATE" = true ] && update_prefsCleaner + echo -e "\n\n" echo " ╔══════════════════════════╗" echo " ║ prefs.js cleaner ║" echo " ║ by claustromaniac ║" -echo " ║ v1.5 ║" +echo " ║ v1.6 ║" echo " ╚══════════════════════════╝" echo -e "\nThis script should be run from your Firefox profile directory.\n" echo "It will remove any entries from prefs.js that also exist in user.js." echo "This will allow inactive preferences to be reset to their default values." echo -e "\nThis Firefox profile shouldn't be in use during the process.\n" -echo -e "\nIn order to proceed, select a command below by entering its corresponding number.\n" -[ "$1" == '-s' ] && fStart +[ "$QUICKSTART" = true ] && fStart + +echo -e "\nIn order to proceed, select a command below by entering its corresponding number.\n" select option in Start Help Exit; do case $option in @@ -114,3 +171,5 @@ select option in Start Help Exit; do ;; esac done + +fQuit 0 From 7135907b2fe13fa55eb8ebf162603037f83e353c Mon Sep 17 00:00:00 2001 From: earthlng Date: Sat, 10 Dec 2022 14:35:48 +0000 Subject: [PATCH 11/12] Update prefsCleaner.sh --- prefsCleaner.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/prefsCleaner.sh b/prefsCleaner.sh index dee3f70..052905e 100755 --- a/prefsCleaner.sh +++ b/prefsCleaner.sh @@ -75,7 +75,7 @@ update_prefsCleaner() { mv "$tmpfile" "$SCRIPT_FILE" chmod u+x "$SCRIPT_FILE" - "$SCRIPT_FILE" -s -d + "$SCRIPT_FILE" "$@" -d exit 0 } @@ -132,7 +132,7 @@ done ## change directory to the Firefox profile directory cd "$(dirname "${SCRIPT_FILE}")" -[ "$AUTOUPDATE" = true ] && update_prefsCleaner +[ "$AUTOUPDATE" = true ] && update_prefsCleaner "$@" echo -e "\n\n" echo " ╔══════════════════════════╗" From bd1a0c28ddd2fc1f170151f8f9e4baab8be0d21e Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Tue, 20 Dec 2022 10:30:39 +0000 Subject: [PATCH 12/12] v108 - fixup pop-up thanks @Tiagoquix - remove beacon see #1586 - remove region prefs: note: the search.region pref has been inactive since at least 102, so removing entirely - which is good, because we shouldn't be resetting it with prefsCleaner anyway see #1590 --- user.js | 24 ++++++++---------------- 1 file changed, 8 insertions(+), 16 deletions(-) diff --git a/user.js b/user.js index c3eaab9..1f34e49 100644 --- a/user.js +++ b/user.js @@ -1,7 +1,7 @@ /****** * name: arkenfox user.js -* date: 21 November 2022 -* version: 107 +* date: 21 December 2022 +* version: 108 * url: https://github.com/arkenfox/user.js * license: MIT: https://github.com/arkenfox/user.js/blob/master/LICENSE.txt @@ -110,13 +110,6 @@ user_pref("geo.provider.ms-windows-location", false); // [WINDOWS] user_pref("geo.provider.use_corelocation", false); // [MAC] user_pref("geo.provider.use_gpsd", false); // [LINUX] user_pref("geo.provider.use_geoclue", false); // [FF102+] [LINUX] -/* 0203: disable region updates - * [1] https://firefox-source-docs.mozilla.org/toolkit/modules/toolkit_modules/Region.html ***/ -user_pref("browser.region.update.enabled", false); // [FF79+] - // user_pref("browser.region.network.url", ""); // [FF78+] Defense-in-depth -/* 0204: set search region - * [NOTE] May not be hidden if Firefox has changed your settings due to your region (0203) ***/ - // user_pref("browser.search.region", "US"); // [HIDDEN PREF] /* 0210: set preferred language for displaying pages * [SETTING] General>Language and Appearance>Language>Choose your preferred language... * [TEST] https://addons.mozilla.org/about ***/ @@ -603,7 +596,7 @@ user_pref("media.eme.enabled", false); user_pref("_user.js.parrot", "2400 syntax error: the parrot's kicked the bucket!"); /* 2402: prevent scripts from moving and resizing open windows ***/ user_pref("dom.disable_window_move_resize", true); -/* 2404: limit events that can cause a popup [SETUP-WEB] ***/ +/* 2404: limit events that can cause a pop-up [SETUP-WEB] ***/ user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown"); /*** [SECTION 2600]: MISCELLANEOUS ***/ @@ -611,9 +604,6 @@ user_pref("_user.js.parrot", "2600 syntax error: the parrot's run down the curta /* 2601: prevent accessibility services from accessing your browser [RESTART] * [1] https://support.mozilla.org/kb/accessibility-services ***/ user_pref("accessibility.force_disabled", 1); -/* 2602: disable sending additional analytics to web servers - * [1] https://developer.mozilla.org/docs/Web/API/Navigator/sendBeacon ***/ -user_pref("beacon.enabled", false); /* 2603: remove temp files opened with an external application * [1] https://bugzilla.mozilla.org/302433 ***/ user_pref("browser.helperApps.deleteTempFileOnExit", true); @@ -1034,18 +1024,20 @@ user_pref("privacy.firstparty.isolate", false); // [DEFAULT: false] * In FF96+ these are listed in about:compat * [1] https://blog.mozilla.org/security/2021/03/23/introducing-smartblock/ ***/ user_pref("extensions.webcompat.enable_shims", true); // [DEFAULT: true] -/* 6010: enforce/reset TLS 1.0/1.1 downgrades to session only - * [NOTE] In FF97+ the TLS 1.0/1.1 downgrade UX was removed +/* 6010: enforce no TLS 1.0/1.1 downgrades * [TEST] https://tls-v1-1.badssl.com:1010/ ***/ user_pref("security.tls.version.enable-deprecated", false); // [DEFAULT: false] /* 6011: enforce disabling of Web Compatibility Reporter [FF56+] * Web Compatibility Reporter adds a "Report Site Issue" button to send data to Mozilla * [WHY] To prevent wasting Mozilla's time with a custom setup ***/ user_pref("extensions.webcompat-reporter.enabled", false); // [DEFAULT: false] -/* 6050: prefsCleaner: reset items removed from arkenfox FF102+ ***/ +/* 6050: prefsCleaner: reset previously active items removed from arkenfox FF102+ ***/ + // user_pref("beacon.enabled", ""); // user_pref("browser.newtab.preload", ""); // user_pref("browser.newtabpage.activity-stream.feeds.discoverystreamfeed", ""); // user_pref("browser.newtabpage.activity-stream.feeds.snippets", ""); + // user_pref("browser.region.network.url", ""); + // user_pref("browser.region.update.enabled", "") // user_pref("browser.ssl_override_behavior", ""); // user_pref("devtools.chrome.enabled", ""); // user_pref("dom.disable_beforeunload", "");