nix-config/home/browsers/firefox/arkenfox/0400.nix

46 lines
2.9 KiB
Nix

{
/*** [SECTION 0400]: BLOCKLISTS / SAFE BROWSING (SB) ***/
/** BLOCKLISTS ***/
/* 0401: enforce Firefox blocklist
* [NOTE] It includes updates for "revoked certificates"
* [1] https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/ ***/
"extensions.blocklist.enabled" = true; # [DEFAULT: true]
/** SAFE BROWSING (SB)
Safe Browsing has taken many steps to preserve privacy. *IF* required, a full url is never
sent to Google, only a PART-hash of the prefix, and this is hidden with noise of other real
PART-hashes. Google also swear it is anonymized and only used to flag malicious sites.
Firefox also takes measures such as striping out identifying parameters and since SBv4 (FF57+)
doesn't even use cookies. (#Turn on browser.safebrowsing.debug to monitor this activity)
[1] https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
[2] https://wiki.mozilla.org/Security/Safe_Browsing
[3] https://support.mozilla.org/kb/how-does-phishing-and-malware-protection-work
***/
/* 0410: disable SB (Safe Browsing)
* [WARNING] Do this at your own risk! These are the master switches.
* [SETTING] Privacy & Security>Security>... "Block dangerous and deceptive content" ***/
# // user_pref("browser.safebrowsing.malware.enabled", false);
# // user_pref("browser.safebrowsing.phishing.enabled", false);
/* 0411: disable SB checks for downloads (both local lookups + remote)
* This is the master switch for the safebrowsing.downloads* prefs (0412, 0413)
* [SETTING] Privacy & Security>Security>... "Block dangerous downloads" ***/
# // user_pref("browser.safebrowsing.downloads.enabled", false);
/* 0412: disable SB checks for downloads (remote)
* To verify the safety of certain executable files, Firefox may submit some information about the
* file, including the name, origin, size and a cryptographic hash of the contents, to the Google
* Safe Browsing service which helps Firefox determine whether or not the file should be blocked
* [SETUP-SECURITY] If you do not understand this, or you want this protection, then override it ***/
"browser.safebrowsing.downloads.remote.enabled" = false;
"browser.safebrowsing.downloads.remote.url" = "";
/* 0413: disable SB checks for unwanted software
* [SETTING] Privacy & Security>Security>... "Warn you about unwanted and uncommon software" ***/
# // user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
# // user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
/* 0419: disable 'ignore this warning' on SB warnings [FF45+]
* If clicked, it bypasses the block for that session. This is a means for admins to enforce SB
* [TEST] see github wiki APPENDIX A: Test Sites: Section 5
* [1] https://bugzilla.mozilla.org/1226490 ***/
# // user_pref("browser.safebrowsing.allowOverride", false);
}