2025.01.13.1
-
Set additional preferences to ensure DNS Prefetching is fully disabled for defense in depth -
dom.prefetch_dns_for_anchor_http_document&dom.prefetch_dns_for_anchor_https_document->false -
Similarly, set the maximum amount of connections for Preconnect to
0... -network.early-hints.preconnect.max_connections->0 -
Disabled saving clipboard history locally and/or to the cloud... -
clipboard.copyPrivateDataToClipboardCloudOrHistory->false -
Set
file://URLs to open in a separate content process -browser.tabs.remote.separateFileUriProcess->true -
Enabled Opaque Response Blocking -
browser.opaqueResponseBlocking&browser.opaqueResponseBlocking.javascriptValidator->true -
Enabled SHIP (Session History In Parent), as it's required for Per-site process isolation (Fission) -
fission.disableSessionHistoryInParent->false -
Explicitly opted out of the origin trial for Privacy-Preserving Attribution for defense in depth -
dom.origin-trials.private-attribution.state->2 -
Enforced blocking access to the AddonManager over insecure protocols -
extensions.webapi.testing.http->false -
Additionally, blocked certain Mozilla developer websites from accessing the AddonManager... -
extensions.webapi.testing->false -
Enforced always running web extensions out of process -
extensions.webextensions.remote->true -
Enabled COEP: credentialless -
browser.tabs.remote.coep.credentialless->true,dom.origin-trials.coep-credentialless.state->1 -
Prevented
remoteTypesfrom triggering process switches they shouldn't be able to... -browser.tabs.remote.enforceRemoteTypeRestrictions->true -
Switched setting Quad9 as the default DoH provider by now using
network.trr.default_provider_uriinstead ofnetwork.trr.custom_uri&network.trr.uri-network.trr.default_provider_uri->https://dns.quad9.net/dns-query,network.trr.custom_uri&network.trr.uri-> -
Minor tweaks & re-organization
Codeberg: See here for more details.
GitLab: See here for more details.
GitHub: See here for more details.
:)