Skip to content

3.2 Overrides [Common]

Thorin-Oakenpants edited this page Oct 16, 2022 · 32 revisions

🟩 Previous: Overrides

🟥 Summary: These few items, out of 120+ pref changes, will solve 99% of usability issues and you only need to do it once. You can always undo things - except deleted items (such as cookies, history and session restore), so read the entire page!


🟪 SECURITY

  • 0403: We disable binary checks not in Safe Browsing local lists
    • ⚠️ If you do not understand the consequences, override this

🟪 KEEP LOGINS

  • We delete all cookies and site data on close
    • There is no need to change any prefs - to keep some cookies and logins, just add site exceptions: either
      • Ctrl+I > Permissions > Cookies > Allow (when on the website in question)
      • ☰ Settings > Privacy & Security > Cookies & Site Data > Manage Exceptions
    • For cross-domain logins, add exceptions for both sites
      • e.g. https://www.youtube.com (site) + https://accounts.google.com (single sign on)
    • ⚠️ Be selective with what cookies you keep, as they also disable partitioning, see bugzilla 1767271

🟪 COMMON

  • 0102: We disable session restore
  • 0801: We disable automatic search from the urlbar, also see 0804
    • You can still use search buttons and keyword shortcuts
    • Override if you use and trust a privacy respecting search engine
  • 0810: We disable search & form history
  • 1223: We enforce strict pinning
    • Override if you have issues with antivirus
  • 1601: We hardened cross origin referers 🥇 #1 ISSUE
    • This may cause breakage where third party images and videos may not load, and with authentication on sites such as banks. If 1601 is too strict for you, override it to default 0 and consider using Smart Referer extension in Strict mode
  • 2022: We disable DRM
    • Override if you use Netflix, Hulu, Disney+, Amazon Prime, etc ... or consider watching those in a secondary browser
    • Note: Mac and Linux users: RFP's HTTP Header spoofing can break streaming sites, see bugzilla 1610762
  • 2811: We delete history (download, form and browsing histories) on close
    • And 2820 for manual sanitizing
  • 4520: We disable WebGL

🟪 FINGERPRINTING

  • 4501: We enable RFP 🥇 THE OTHER #1 ISSUE and 4504: letterboxing
    • letterboxing is independent of 4501 and is the pref that creates borders around your webpages

Read the next wiki page to decide if you want to keep using these or perhaps use Canvas Blocker instead.

🟪 OTHER

Other preferences may cause site breakage, but nothing that can't be fixed. You won't "lose" anything...- it's not the end of the world.

  • Check our override recipes
  • Check already answered issues
  • While not 100% definitive, search for [SETUP in the user.js; e.g.
    • [SETUP-WEB] can cause some websites to break
    • [SETUP-CHROME] changes how Firefox itself behaves (i.e. NOT directly website related)
  • You may also want to add items e.g.
    • 5000s optional
    • 9000s personal

🟩 Next: Overrides [To RFP or Not]

Clone this wiki locally