1
0

change cookies from block all to allow 1st party (#477)

* change cookies from block all to allow 1st party

see https://github.com/ghacksuserjs/ghacks-user.js/issues/439

* and fixup readme as well
This commit is contained in:
earthlng 2018-08-15 05:56:40 +00:00 committed by Thorin-Oakenpants
parent 29e2461cd1
commit 572d16d5a5

16
user.js
View File

@ -19,10 +19,7 @@
* https://github.com/ghacksuserjs/ghacks-user.js/wiki/1.3-Implementation
3. If you skipped steps 1 and 2 above (shame on you), then here is the absolute minimum
* Auto-installing updates for Firefox and extensions are disabled (section 0302's)
* Some user data is erased on close (section 2800), namely history (browsing, form, download)
* Cookies are denied by default (2701), we use site exceptions. In Firefox 58 and lower, this breaks
extensions that use IndexedDB, so you need to allow exceptions for those as well: see [1] below
[1] https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.1.1-Setting-Extension-Permission-Exceptions
* Some user data is erased on close (section 2800). Change this to suit your needs
* EACH RELEASE check:
- 4600s: reset prefs made redundant due to privacy.resistFingerprinting (RPF)
or enable them as an alternative to RFP or for ESR users
@ -1338,14 +1335,14 @@ user_pref("security.dialog_enable_delay", 700); // default: 1000 (milliseconds)
serviceWorkers :
***/
user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin' choir invisible!");
/* 2701: disable cookies on all sites [SETUP]
/* 2701: disable 3rd-party cookies and site-data [SETUP]
* You can set exceptions under site permissions or use an extension
* 0=allow all 1=allow same host 2=disallow all 3=allow 3rd party if it already set a cookie
* [SETTING] Privacy & Security>History>Custom Settings>Accept cookies from sites
* [NOTE] Blocking 3rd party controls 3rd party access to localStorage, IndexedDB, Cache API and Service Worker Cache.
* Blocking 1st party controls access to localStorage and IndexedDB (note: Service Workers can still use IndexedDB).
* [1] https://www.fxsitecompat.com/en-CA/docs/2015/web-storage-indexeddb-cache-api-now-obey-third-party-cookies-preference/ ***/
user_pref("network.cookie.cookieBehavior", 2);
user_pref("network.cookie.cookieBehavior", 1);
/* 2702: set third-party cookies (i.e ALL) (if enabled, see above pref) to session-only
and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only
[NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and
@ -1401,8 +1398,7 @@ user_pref("dom.caches.enabled", false);
// user_pref("dom.storageManager.enabled", false);
/*** 2800: SHUTDOWN [SETUP]
You should set the values to what suits you best. Be aware that the settings below clear
browsing, download and form history, but not cookies (use exceptions or an extension).
You should set the values to what suits you best.
- "Offline Website Data" includes appCache (2730), localStorage (2710),
Service Worker cache (2740), and QuotaManager (IndexedDB (2720), asm-cache)
- In both 2803 + 2804, the 'download' and 'history' prefs are combined in the
@ -1419,7 +1415,7 @@ user_pref("privacy.sanitize.sanitizeOnShutdown", true);
* However, this may not always be the case. The interface combines and syncs these
* prefs when set from there, and the sanitize code may change at any time ***/
user_pref("privacy.clearOnShutdown.cache", true);
user_pref("privacy.clearOnShutdown.cookies", false);
user_pref("privacy.clearOnShutdown.cookies", true);
user_pref("privacy.clearOnShutdown.downloads", true); // see note above
user_pref("privacy.clearOnShutdown.formdata", true); // Form & Search History
user_pref("privacy.clearOnShutdown.history", true); // Browsing & Download History
@ -1432,7 +1428,7 @@ user_pref("privacy.clearOnShutdown.siteSettings", false); // Site Preferences
* [NOTE] Regardless of what you set privacy.cpd.downloads to, as soon as the dialog
* for "Clear Recent History" is opened, it is synced to the same as 'history' ***/
user_pref("privacy.cpd.cache", true);
user_pref("privacy.cpd.cookies", false);
user_pref("privacy.cpd.cookies", true);
// user_pref("privacy.cpd.downloads", true); // not used, see note above
user_pref("privacy.cpd.formdata", true); // Form & Search History
user_pref("privacy.cpd.history", true); // Browsing & Download History