From 86779704559914ce85483a65b5a14fef50dd4589 Mon Sep 17 00:00:00 2001 From: Nick Date: Wed, 8 Oct 2025 18:01:32 -0500 Subject: [PATCH] feat: updated arkenfox --- .../config/settings/config/fingerprinting.nix | 34 +++++++++- .../config/settings/config/formFill.nix | 41 ++++++++++-- .../config/settings/config/geolocation.nix | 12 +++- .../floorp/config/settings/config/misc.nix | 67 ++++++++++++++----- .../floorp/config/settings/config/opSec.nix | 20 +++++- .../config/settings/config/outbound.nix | 14 +++- .../floorp/config/settings/config/privacy.nix | 53 ++++++++++++--- .../floorp/config/settings/config/startup.nix | 27 ++++++-- .../config/settings/config/telemetry.nix | 54 ++++++++++++--- 9 files changed, 265 insertions(+), 57 deletions(-) diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/fingerprinting.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/fingerprinting.nix index 67f9670..4768384 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/fingerprinting.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/fingerprinting.nix @@ -1,18 +1,46 @@ { - # FPP (fingerprintingProtection) + # Arkenfox user.js - FPP (fingerprintingProtection) and RFP (resistFingerprinting) + # Version: 140 (14 August 2025) + + # 4000: FPP (fingerprintingProtection) - enabled by default in private windows + # FPP is automatically enabled with ETP Strict (browser.contentblocking.category = "strict") "privacy.fingerprintingProtection.pbmode" = true; "privacy.fingerprintingProtection" = true; - # RFP (resistFingerprinting) + # 4500: OPTIONAL RFP (resistFingerprinting) + # RFP is an all-or-nothing approach - you cannot pick and choose parts + # Disabled by default as most people should use FPP instead "privacy.resistFingerprinting" = false; + + # 4502: set RFP new window size max rounded values "privacy.window.maxInnerWidth" = 1600; "privacy.window.maxInnerHeight" = 900; + + # 4503: disable mozAddonManager Web API "privacy.resistFingerprinting.block_mozAddonManager" = true; + + # 4504: disable letterboxing (commented out - only enable if using RFP) "privacy.resistFingerprinting.letterboxing" = false; + + # 4506: disable RFP spoof english prompt + # 0=prompt, 1=disabled, 2=enabled "privacy.spoof_english" = 1; + + # 4510: disable using system colors "browser.display.use_system_colors" = false; - "widget.non-native-theme.enabled" = true; + + # 4511: disable using system accent colors + "widget.non-native-theme.use-theme-accent" = false; + + # 4512: enforce links targeting new windows to open in a new tab instead "browser.link.open_newwindow" = 3; + + # 4513: set all open window methods to abide by browser.link.open_newwindow "browser.link.open_newwindow.restriction" = 0; + + # 4520: disable WebGL (commented out - set to false to keep WebGL enabled) "webgl.disabled" = false; + + # Legacy setting for compatibility + "widget.non-native-theme.enabled" = true; } diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/formFill.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/formFill.nix index 767fd2d..2a19a9e 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/formFill.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/formFill.nix @@ -1,11 +1,40 @@ { - # LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS - "browser.formfill.enable" = false; - "browser.search.separatePrivateDefault.ui.enabled" = true; - "browser.search.separatePrivateDefault" = true; - "browser.search.suggest.enabled" = false; - "browser.urlbar.maxRichResults" = 16; + # Arkenfox user.js - LOCATION BAR / SEARCH BAR / SUGGESTIONS / HISTORY / FORMS + # Version: 140 (14 August 2025) + + # 0801: disable location bar making speculative connections "browser.urlbar.speculativeConnect.enabled" = false; + + # 0802: disable location bar contextual suggestions + "browser.urlbar.quicksuggest.enabled" = false; + "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; + "browser.urlbar.suggest.quicksuggest.sponsored" = false; + + # 0803: disable live search suggestions + "browser.search.suggest.enabled" = false; + "browser.urlbar.suggest.searches" = false; + + # 0805: disable urlbar trending search suggestions + "browser.urlbar.trending.featureGate" = false; + + # 0806: disable urlbar suggestions + "browser.urlbar.addons.featureGate" = false; + "browser.urlbar.amp.featureGate" = false; + "browser.urlbar.fakespot.featureGate" = false; + "browser.urlbar.mdn.featureGate" = false; + "browser.urlbar.weather.featureGate" = false; + "browser.urlbar.wikipedia.featureGate" = false; + "browser.urlbar.yelp.featureGate" = false; + + # 0810: disable search and form history + "browser.formfill.enable" = false; + + # 0830: enable separate default search engine in Private Windows + "browser.search.separatePrivateDefault" = true; + "browser.search.separatePrivateDefault.ui.enabled" = true; + + # Additional form autofill settings + "browser.urlbar.maxRichResults" = 16; "extensions.formautofill.addresses.enabled" = false; "extensions.formautofill.addresses.supported" = "on"; "extensions.formautofill.addresses.usage.hasEntry" = true; diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/geolocation.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/geolocation.nix index cc5924e..cea8f4d 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/geolocation.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/geolocation.nix @@ -1,8 +1,14 @@ { + # Arkenfox user.js - GEOLOCATION + # Version: 140 (14 August 2025) + + # 0202: disable using the OS's geolocation service + "geo.provider.ms-windows-location" = false; # [WINDOWS] + "geo.provider.use_corelocation" = false; # [MAC] + "geo.provider.use_geoclue" = false; # [FF102+] [LINUX] + + # Keep network geolocation URL (not part of core arkenfox but useful) "geo.provider.network.url" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; - "geo.provider.ms-windows-location" = false; - "geo.provider.use_corelocation" = false; "geo.provider.use_gpsd" = false; - "geo.provider.use_geoclue" = false; } diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/misc.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/misc.nix index 5b60b2f..ee841d1 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/misc.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/misc.nix @@ -1,25 +1,60 @@ { - # CONTAINERS + # Arkenfox user.js - MISCELLANEOUS SECTIONS + # Version: 140 (14 August 2025) + + # 1700: CONTAINERS "privacy.userContext.enabled" = true; "privacy.userContext.ui.enabled" = true; - # DOM (DOCUMENT OBJECT MODEL) - "dom.disable_window_move_resize" = true; - # MISCELLANEOUS - "browser.safebrowsing.downloads.remote.enabled" = false; - "browser.download.start_downloads_in_tmp_dir" = true; - "browser.helperApps.deleteTempFileOnExit" = true; - "browser.uitour.enabled" = false; - "devtools.debugger.remote-enabled" = false; - "network.IDN_show_punycode" = true; - "pdfjs.disabled" = false; - "pdfjs.enableScripting" = false; - # PLUGINS / MEDIA / WEBRTC + + # 2000: PLUGINS / MEDIA / WEBRTC "media.peerconnection.ice.proxy_only_if_behind_proxy" = true; "media.peerconnection.ice.default_address_only" = true; - # REFERERS + + # 2400: DOM (DOCUMENT OBJECT MODEL) + "dom.disable_window_move_resize" = true; + + # 2600: MISCELLANEOUS + # 2603: remove temp files opened from non-PB windows with external application + "browser.download.start_downloads_in_tmp_dir" = true; + "browser.helperApps.deleteTempFileOnExit" = true; + + # 2606: disable UITour backend + "browser.uitour.enabled" = false; + + # 2608: reset remote debugging to disabled + "devtools.debugger.remote-enabled" = false; + + # 2616: remove special permissions for certain mozilla domains + "permissions.manager.defaultsUrl" = ""; + + # 2619: use Punycode in Internationalized Domain Names + "network.IDN_show_punycode" = true; + + # 2620: enforce PDFJS, disable PDFJS scripting + "pdfjs.disabled" = false; + "pdfjs.enableScripting" = false; + + # 2624: disable middle click on new tab button opening URLs + "browser.tabs.searchclipboardfor.middleclick" = false; + + # 2630: disable content analysis by DLP agents + "browser.contentanalysis.enabled" = false; + "browser.contentanalysis.default_result" = 0; + + # 2640: disable CSP Level 2 Reporting + "security.csp.reporting.enabled" = false; + + # 2700: ETP (ENHANCED TRACKING PROTECTION) + "browser.contentblocking.category" = "strict"; + + # 1600: REFERERS "network.http.referer.XOriginTrimmingPolicy" = 2; - # NON-PROJECT RELATED - # "browser.startup.homepage_override.mstone" = "ignore"; + + # 0400: SAFE BROWSING + "browser.safebrowsing.downloads.remote.enabled" = false; + + # 9000: NON-PROJECT RELATED + "browser.startup.homepage_override.mstone" = "ignore"; "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false; "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false; "browser.urlbar.showSearchTerms.enabled" = false; diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/opSec.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/opSec.nix index ce59f5c..0bb8ffb 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/opSec.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/opSec.nix @@ -1,11 +1,27 @@ { - # ETP (ENHANCED TRACKING PROTECTION) + # Arkenfox user.js - ETP (ENHANCED TRACKING PROTECTION) AND OPTIONAL OPSEC + # Version: 140 (14 August 2025) + + # 2701: enable ETP Strict Mode "browser.contentblocking.category" = "strict"; - # OPTIONAL OPSEC + + # DOWNLOADS + # 2651: enable user interaction for security by always asking where to download "browser.download.useDownloadDir" = false; + + # 2652: disable downloads panel opening on every download "browser.download.alwaysOpenPanel" = false; + + # 2653: disable adding downloads to the system's "recent documents" list "browser.download.manager.addToRecentDocs" = false; + + # 2654: enable user interaction for security by always asking how to handle new mimetypes "browser.download.always_ask_before_handling_new_types" = true; + + # EXTENSIONS + # 2660: limit allowed extension directories "extensions.enabledScopes" = 5; + + # 2661: disable bypassing 3rd party extension install prompts "extensions.postDownloadThirdPartyPrompt" = false; } diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/outbound.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/outbound.nix index 41af8b5..2481b61 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/outbound.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/outbound.nix @@ -1,9 +1,21 @@ { - # BLOCK IMPLICIT OUTBOUND + # Arkenfox user.js - BLOCK IMPLICIT OUTBOUND + # Version: 140 (14 August 2025) + + # 0601: disable link prefetching "network.prefetch-next" = false; + + # 0602: disable DNS prefetching "network.dns.disablePrefetch" = true; + "network.dns.disablePrefetchFromHTTPS" = true; + + # 0603: disable predictor / prefetching "network.predictor.enabled" = false; "network.predictor.enable-prefetch" = false; + + # 0604: disable link-mouseover opening connection to linked server "network.http.speculative-parallel-limit" = 0; + + # 0605: disable mousedown speculative connections on bookmarks and history "browser.places.speculativeConnect.enabled" = false; } diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/privacy.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/privacy.nix index baf40f5..f93a2be 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/privacy.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/privacy.nix @@ -1,6 +1,44 @@ { - # SHUTDOWN & SANITIZING + # Arkenfox user.js - SHUTDOWN & SANITIZING + # Version: 140 (14 August 2025) + + # 2810: enable Firefox to clear items on shutdown "privacy.sanitize.sanitizeOnShutdown" = false; + + # 2811: set/enforce clearOnShutdown items (FF128+) + "privacy.clearOnShutdown_v2.cache" = true; + "privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true; + + # 2812: set/enforce clearOnShutdown items (FF136+) + "privacy.clearOnShutdown_v2.browsingHistoryAndDownloads" = true; + "privacy.clearOnShutdown_v2.downloads" = true; + "privacy.clearOnShutdown_v2.formdata" = true; + + # 2815: set "Cookies" and "Site Data" to clear on shutdown (FF128+) + "privacy.clearOnShutdown_v2.cookiesAndStorage" = false; + + # 2820: set manual "Clear Data" items (FF128+) + "privacy.clearSiteData.cache" = true; + "privacy.clearSiteData.cookiesAndStorage" = false; + "privacy.clearSiteData.historyFormDataAndDownloads" = true; + + # 2821: set manual "Clear Data" items (FF136+) + "privacy.clearSiteData.browsingHistoryAndDownloads" = true; + "privacy.clearSiteData.formdata" = true; + + # 2830: set manual "Clear History" items (FF128+) + "privacy.clearHistory.cache" = true; + "privacy.clearHistory.cookiesAndStorage" = false; + "privacy.clearHistory.historyFormDataAndDownloads" = true; + + # 2831: set manual "Clear History" items (FF136+) + "privacy.clearHistory.browsingHistoryAndDownloads" = true; + "privacy.clearHistory.formdata" = true; + + # 2840: set "Time range to clear" for "Clear Data" and "Clear History" + "privacy.sanitize.timeSpan" = 0; + + # Legacy shutdown settings (deprecated but may still be used by some versions) "privacy.clearOnShutdown.cache" = true; "privacy.clearOnShutdown.downloads" = true; "privacy.clearOnShutdown.formdata" = true; @@ -8,17 +46,12 @@ "privacy.clearOnShutdown.cookies" = true; "privacy.clearOnShutdown.offlineApps" = true; "privacy.clearOnShutdown.sessions" = false; - "privacy.clearSiteData.cache" = true; - "privacy.clearSiteData.historyFormDataAndDownloads" = true; - "privacy.clearHistory.cache" = true; - "privacy.clearHistory.cookiesAndStorage" = false; - "privacy.clearHistory.historyFormDataAndDownloads" = true; "privacy.cpd.sessions" = true; - # SHUTDOWN & SANITIZING (continued) - "privacy.clearOnShutdown_v2.cache" = true; - "privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = true; - "privacy.clearOnShutdown_v2.cookiesAndStorage" = true; + + # Privacy headers "privacy.donottrackheader.enabled" = true; "privacy.globalprivacycontrol.enabled" = true; + + # History "places.history.enabled" = false; } diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/startup.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/startup.nix index eda94dd..9021b4a 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/startup.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/startup.nix @@ -1,16 +1,31 @@ { - "browser.newtab.url" = "about:home"; + # Arkenfox user.js - STARTUP Section + # Version: 140 (14 August 2025) + + # 0102: set startup page + "browser.startup.page" = 0; + + # 0103: set HOME+NEWWINDOW page + "browser.startup.homepage" = "chrome://browser/content/blanktab.html"; + + # 0104: set NEWTAB page + "browser.newtabpage.enabled" = true; + + # 0105: disable sponsored content on Firefox Home + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; + "browser.newtabpage.activity-stream.showSponsoredCheckboxes" = false; + + # 0106: clear default topsites "browser.newtabpage.activity-stream.default.sites" = ""; + + # Additional startup-related settings + "browser.newtab.url" = "about:home"; "browser.newtabpage.activity-stream.feeds.system.topstories" = false; "browser.newtabpage.activity-stream.feeds.topsites" = false; "browser.newtabpage.activity-stream.showRecentSaves" = false; "browser.newtabpage.activity-stream.showSearch" = false; - "browser.newtabpage.activity-stream.showSponsored" = false; - "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; "browser.newtabpage.activity-stream.showWeather" = false; - "browser.newtabpage.enabled" = true; - "browser.startup.homepage" = "https://cronometer.com"; - "browser.startup.page" = 1; "browser.tabs.closeWindowWithLastTab" = false; "browser.tabs.firefox-view-newIcon" = false; "browser.tabs.firefox-view" = false; diff --git a/modules/home/gui/apps/browsers/floorp/config/settings/config/telemetry.nix b/modules/home/gui/apps/browsers/floorp/config/settings/config/telemetry.nix index 777909b..efa8926 100755 --- a/modules/home/gui/apps/browsers/floorp/config/settings/config/telemetry.nix +++ b/modules/home/gui/apps/browsers/floorp/config/settings/config/telemetry.nix @@ -1,10 +1,48 @@ { + # Arkenfox user.js - TELEMETRY AND QUIETER FOX + # Version: 140 (14 August 2025) + + # 0320: disable recommendation pane in about:addons "extensions.getAddons.showPane" = false; + + # 0321: disable recommendations in about:addons Extensions and Themes panes "extensions.htmlaboutaddons.recommendations.enabled" = false; + + # 0322: disable personalized Extension Recommendations "browser.discovery.enabled" = false; - "browser.shopping.experience2023.enabled" = false; + + # 0335: disable Firefox Home (Activity Stream) telemetry + "browser.newtabpage.activity-stream.feeds.telemetry" = false; + "browser.newtabpage.activity-stream.telemetry" = false; + + # 0340: disable Studies + "app.shield.optoutstudies.enabled" = false; + + # 0341: disable Normandy/Shield + "app.normandy.enabled" = false; + "app.normandy.api_url" = ""; + + # 0350: disable Crash Reports + "breakpad.reportURL" = ""; + "browser.tabs.crashReporting.sendReport" = false; + + # 0351: enforce no submission of backlogged Crash Reports + "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; + + # 0360: disable Captive Portal detection + "captivedetect.canonicalURL" = ""; + "network.captive-portal-service.enabled" = false; + + # 0361: disable Network Connectivity checks + "network.connectivity-service.enabled" = false; + + # 8500: disable new data submission "datareporting.policy.dataSubmissionEnabled" = false; + + # 8501: disable Health Reports "datareporting.healthreport.uploadEnabled" = false; + + # 8502: disable telemetry "toolkit.telemetry.unified" = false; "toolkit.telemetry.enabled" = false; "toolkit.telemetry.server" = "data:,"; @@ -14,16 +52,12 @@ "toolkit.telemetry.updatePing.enabled" = false; "toolkit.telemetry.bhrPing.enabled" = false; "toolkit.telemetry.firstShutdownPing.enabled" = false; + + # 8503: disable Telemetry Coverage "toolkit.telemetry.coverage.opt-out" = true; "toolkit.coverage.opt-out" = true; "toolkit.coverage.endpoint.base" = ""; - "browser.newtabpage.activity-stream.feeds.telemetry" = false; - "browser.newtabpage.activity-stream.telemetry" = false; - "app.shield.optoutstudies.enabled" = false; - "app.normandy.enabled" = false; - "app.normandy.api_url" = ""; - "breakpad.reportURL" = ""; - "browser.tabs.crashReporting.sendReport" = false; - "network.captive-portal-service.enabled" = false; - "network.connectivity-service.enabled" = false; + + # Shopping experience (deprecated in FF140) + "browser.shopping.experience2023.enabled" = false; }