24 lines
1.4 KiB
Nix
24 lines
1.4 KiB
Nix
{
|
|
/*** [SECTION 2200]: WINDOW MEDDLING & LEAKS / POPUPS ***/
|
|
/* 2202: prevent scripts from moving and resizing open windows ***/
|
|
"dom.disable_window_move_resize" = true;
|
|
/* 2203: open links targeting new windows in a new tab instead
|
|
* This stops malicious window sizes and some screen resolution leaks.
|
|
* You can still right-click a link and open in a new window.
|
|
* [TEST] https://arkenfox.github.io/TZP/tzp.html#screen
|
|
* [1] https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/9881 ***/
|
|
"browser.link.open_newwindow" = 3; # 1=most recent window or tab 2=new window, 3=new tab
|
|
"browser.link.open_newwindow.restriction" = 0;
|
|
/* 2204: disable Fullscreen API (requires user interaction) to prevent screen-resolution leaks
|
|
* [NOTE] You can still manually toggle the browser's fullscreen state (F11),
|
|
* but this pref will disable embedded video/game fullscreen controls, e.g. youtube
|
|
* [TEST] https://arkenfox.github.io/TZP/tzp.html#screen ***/
|
|
# // user_pref("full-screen-api.enabled", false);
|
|
/* 2210: block popup windows
|
|
* [SETTING] Privacy & Security>Permissions>Block pop-up windows ***/
|
|
"dom.disable_open_during_load" = true;
|
|
/* 2212: limit events that can cause a popup [SETUP-WEB]
|
|
* default FF86+: "change click dblclick auxclick mousedown mouseup pointerdown pointerup notificationclick reset submit touchend contextmenu ***/
|
|
"dom.popup_allowed_events" = "click dblclick mousedown pointerdown";
|
|
}
|