1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/browser/app/profile/000-tor-browser.js Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,176 @@
1.4 +# Default Preferences
1.5 +# Tor Browser Bundle
1.6 +# Do not edit this file.
1.7 +
1.8 +// Please maintain unit tests at ./tbb-tests/browser_tor_TB4.js
1.9 +
1.10 +// Disable browser automatic updates and associated homepage notifications
1.11 +pref("app.update.auto", false);
1.12 +pref("browser.search.update", false);
1.13 +pref("browser.rights.3.shown", true);
1.14 +pref("browser.startup.homepage_override.mstone", "ignore");
1.15 +pref("startup.homepage_welcome_url", "");
1.16 +pref("startup.homepage_override_url", "");
1.17 +
1.18 +// Disable "Slow startup" warnings and associated disk history
1.19 +// (bug #13346)
1.20 +pref("browser.slowStartup.notificationDisabled", true);
1.21 +pref("browser.slowStartup.maxSamples", 0);
1.22 +pref("browser.slowStartup.samples", 0);
1.23 +
1.24 +// Disk activity: Disable Browsing History Storage
1.25 +pref("browser.privatebrowsing.autostart", true);
1.26 +pref("browser.cache.disk.enable", false);
1.27 +pref("browser.cache.offline.enable", false);
1.28 +pref("dom.indexedDB.enabled", false);
1.29 +pref("permissions.memory_only", true);
1.30 +pref("network.cookie.lifetimePolicy", 2);
1.31 +pref("browser.download.manager.retention", 1);
1.32 +pref("security.nocertdb", true);
1.33 +
1.34 +// Disk activity: TBB Directory Isolation
1.35 +pref("browser.download.useDownloadDir", false);
1.36 +pref("browser.shell.checkDefaultBrowser", false);
1.37 +pref("browser.download.manager.addToRecentDocs", false);
1.38 +
1.39 +// Misc privacy: Disk
1.40 +pref("signon.rememberSignons", false);
1.41 +pref("browser.formfill.enable", false);
1.42 +pref("signon.autofillForms", false);
1.43 +pref("browser.sessionstore.privacy_level", 2);
1.44 +pref("media.cache_size", 0);
1.45 +
1.46 +// Misc privacy: Remote
1.47 +pref("browser.send_pings", false);
1.48 +pref("geo.enabled", false);
1.49 +pref("geo.wifi.uri", "");
1.50 +pref("browser.search.suggest.enabled", false);
1.51 +pref("browser.safebrowsing.enabled", false);
1.52 +pref("browser.safebrowsing.malware.enabled", false);
1.53 +pref("browser.download.manager.scanWhenDone", false); // prevents AV remote reporting of downloads
1.54 +pref("extensions.ui.lastCategory", "addons://list/extension");
1.55 +pref("datareporting.healthreport.service.enabled", false); // Yes, all three of these must be set
1.56 +pref("datareporting.healthreport.uploadEnabled", false);
1.57 +pref("datareporting.policy.dataSubmissionEnabled", false);
1.58 +pref("security.mixed_content.block_active_content", false); // Disable until https://bugzilla.mozilla.org/show_bug.cgi?id=878890 is patched
1.59 +pref("browser.syncPromoViewsLeftMap", "{\"addons\":0, \"passwords\":0, \"bookmarks\":0}"); // Don't promote sync
1.60 +pref("services.sync.engine.prefs", false); // Never sync prefs, addons, or tabs with other browsers
1.61 +pref("services.sync.engine.addons", false);
1.62 +pref("services.sync.engine.tabs", false);
1.63 +pref("extensions.getAddons.cache.enabled", false); // https://blog.mozilla.org/addons/how-to-opt-out-of-add-on-metadata-updates/
1.64 +
1.65 +// Fingerprinting
1.66 +pref("webgl.min_capability_mode", true);
1.67 +pref("webgl.disable-extensions", true);
1.68 +pref("dom.battery.enabled", false); // fingerprinting due to differing OS implementations
1.69 +pref("dom.network.enabled",false); // fingerprinting due to differing OS implementations
1.70 +pref("browser.display.max_font_attempts",10);
1.71 +pref("browser.display.max_font_count",10);
1.72 +pref("gfx.downloadable_fonts.fallback_delay", -1);
1.73 +pref("general.appname.override", "Netscape");
1.74 +pref("general.appversion.override", "5.0 (Windows)");
1.75 +pref("general.oscpu.override", "Windows NT 6.1");
1.76 +pref("general.platform.override", "Win32");
1.77 +pref("general.useragent.override", "Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0");
1.78 +pref("general.productSub.override", "20100101");
1.79 +pref("general.buildID.override", "20100101");
1.80 +pref("browser.startup.homepage_override.buildID", "20100101");
1.81 +pref("general.useragent.vendor", "");
1.82 +pref("general.useragent.vendorSub", "");
1.83 +pref("dom.enable_performance", false);
1.84 +pref("plugin.expose_full_path", false);
1.85 +pref("browser.zoom.siteSpecific", false);
1.86 +pref("intl.charset.default", "windows-1252");
1.87 +pref("browser.link.open_newwindow.restriction", 0); // Bug 9881: Open popups in new tabs (to avoid fullscreen popups)
1.88 +pref("dom.gamepad.enabled", false); // bugs.torproject.org/13023
1.89 +// pref("intl.accept_languages", "en-us, en"); // Set by Torbutton
1.90 +// pref("intl.accept_charsets", "iso-8859-1,*,utf-8"); // Set by Torbutton
1.91 +// pref("intl.charsetmenu.browser.cache", "UTF-8"); // Set by Torbutton
1.92 +
1.93 +// Third party stuff
1.94 +pref("network.cookie.cookieBehavior", 1);
1.95 +pref("security.enable_tls_session_tickets", false);
1.96 +pref("network.http.spdy.enabled", false); // Stores state and may have keepalive issues (both fixable)
1.97 +pref("network.http.spdy.enabled.v2", false); // Seems redundant, but just in case
1.98 +pref("network.http.spdy.enabled.v3", false); // Seems redundant, but just in case
1.99 +pref("privacy.thirdparty.isolate", 2); // Always enforce third party isolation
1.100 +
1.101 +// Proxy and proxy security
1.102 +pref("network.proxy.socks", "127.0.0.1");
1.103 +pref("network.proxy.socks_port", 9150);
1.104 +pref("network.proxy.socks_remote_dns", true);
1.105 +pref("network.proxy.no_proxies_on", ""); // For fingerprinting and local service vulns (#10419)
1.106 +pref("network.proxy.type", 1);
1.107 +pref("network.security.ports.banned", "9050,9051,9150,9151");
1.108 +pref("network.dns.disablePrefetch", true);
1.109 +pref("network.protocol-handler.external-default", false);
1.110 +pref("network.protocol-handler.external.mailto", false);
1.111 +pref("network.protocol-handler.external.news", false);
1.112 +pref("network.protocol-handler.external.nntp", false);
1.113 +pref("network.protocol-handler.external.snews", false);
1.114 +pref("network.protocol-handler.warn-external.mailto", true);
1.115 +pref("network.protocol-handler.warn-external.news", true);
1.116 +pref("network.protocol-handler.warn-external.nntp", true);
1.117 +pref("network.protocol-handler.warn-external.snews", true);
1.118 +pref("plugins.click_to_play", true);
1.119 +pref("plugin.state.flash", 1);
1.120 +pref("plugins.hide_infobar_for_missing_plugin", true);
1.121 +pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces
1.122 +
1.123 +// Network and performance
1.124 +pref("network.http.pipelining", true);
1.125 +pref("network.http.pipelining.aggressive", true);
1.126 +pref("network.http.pipelining.maxrequests", 12);
1.127 +pref("network.http.pipelining.ssl", true);
1.128 +pref("network.http.proxy.pipelining", true);
1.129 +pref("security.ssl.enable_false_start", true);
1.130 +pref("network.http.keep-alive.timeout", 20);
1.131 +pref("network.http.connection-retry-timeout", 0);
1.132 +pref("network.http.max-persistent-connections-per-proxy", 256);
1.133 +pref("network.http.pipelining.reschedule-timeout", 15000);
1.134 +pref("network.http.pipelining.read-timeout", 60000);
1.135 +// Hacked pref: Now means "Attempt to pipeline at least this many requests together"
1.136 +pref("network.http.pipelining.max-optimistic-requests", 3);
1.137 +pref("security.ssl.disable_session_identifiers", true);
1.138 +
1.139 +// Extension support
1.140 +pref("extensions.autoDisableScopes", 0);
1.141 +pref("extensions.bootstrappedAddons", "{}");
1.142 +pref("extensions.checkCompatibility.4.*", false);
1.143 +pref("extensions.databaseSchema", 3);
1.144 +pref("extensions.enabledAddons", "https-everywhere%40eff.org:3.1.4,%7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1,torbutton%40torproject.org:1.5.2,ubufox%40ubuntu.com:2.6,tor-launcher%40torproject.org:0.1.1pre-alpha,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.5");
1.145 +pref("extensions.enabledItems", "langpack-en-US@firefox.mozilla.org:,{73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.57,{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.4,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.8");
1.146 +pref("extensions.enabledScopes", 1);
1.147 +pref("extensions.pendingOperations", false);
1.148 +pref("xpinstall.whitelist.add", "");
1.149 +pref("xpinstall.whitelist.add.36", "");
1.150 +
1.151 +// Toolbar layout
1.152 +pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"save-page-button\",\"print-button\",\"bookmarks-menu-button\",\"history-panelmenu\",\"find-button\",\"preferences-button\",\"add-ons-button\",\"developer-button\",\"https-everywhere-button\",\"downloads-button\"],\"addon-bar\":[\"addonbar-closebutton\",\"status-bar\"],\"PersonalToolbar\":[\"personal-bookmarks\"],\"nav-bar\":[\"noscript-tbb\",\"torbutton-button\",\"urlbar-container\",\"search-container\",\"webrtc-status-button\",\"social-share-button\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"toolbar-menubar\":[\"menubar-items\"]},\"seen\":[],\"dirtyAreaCache\":[\"PersonalToolbar\",\"nav-bar\",\"TabsToolbar\",\"toolbar-menubar\",\"PanelUI-contents\",\"addon-bar\"],\"newElementCount\":0}");
1.153 +
1.154 +// Omnibox settings
1.155 +pref("keyword.URL", "https://startpage.com/do/search?q=");
1.156 +
1.157 +// Hacks/workarounds: Direct2D seems to crash w/ lots of video cards w/ MinGW?
1.158 +// Nvida cards also experience crashes without the second pref set to disabled
1.159 +pref("gfx.direct2d.disabled", true);
1.160 +pref("layers.acceleration.disabled", true);
1.161 +
1.162 +// Security enhancements
1.163 +// https://trac.torproject.org/projects/tor/ticket/9387#comment:17
1.164 +pref("javascript.options.ion.content", false);
1.165 +pref("javascript.options.baselinejit.content", false);
1.166 +pref("javascript.options.asmjs", false);
1.167 +pref("javascript.options.typeinference", false);
1.168 +
1.169 +// Audio_data is deprecated in future releases, but still present
1.170 +// in FF24. This is a dangerous combination (spotted by iSec)
1.171 +pref("media.audio_data.enabled", false);
1.172 +
1.173 +// Enable TLS 1.1 and 1.2:
1.174 +// https://trac.torproject.org/projects/tor/ticket/11253
1.175 +pref("security.tls.version.max", 3);
1.176 +
1.177 +#ifdef TOR_BROWSER_VERSION
1.178 +#expand pref("torbrowser.version", __TOR_BROWSER_VERSION__);
1.179 +#endif
