1 files changed, 118 insertions, 0 deletions
diff --git a/webbrowser/branding/shared/pref/preferences.inc b/webbrowser/branding/shared/pref/preferences.inc
new file mode 100644
index 0000000..9f7c7d8
--- /dev/null
+++ b/webbrowser/branding/shared/pref/preferences.inc
@@ -0,0 +1,118 @@
+// ===| General |==============================================================
+
+pref("startup.homepage_welcome_url",	"");
+
+//pref("app.vendorURL", "http://www.palemoon.org/");
+
+
+// User Interface
+pref("browser.identity.ssl_domain_display", 1); //show domain verified SSL (blue)
+
+// ============================================================================
+
+// ===| Application Update Service |===========================================
+
+// Disable application auto-update
+pref("app.updated.enabled",		false);
+
+// The time interval between the downloading of mar file chunks in the
+// background (in seconds)
+//pref("app.update.download.backgroundInterval", 600);
+
+// Give the user x seconds to react before showing the big UI. default=48 hours
+//pref("app.update.promptWaitTime", 172800);
+
+// ============================================================================
+
+// ===| Add-ons Manager |======================================================
+
+// Add-on window fixes
+pref("extensions.getMoreThemesURL",	"https://addons.palemoon.org/themes/");
+
+pref("extensions.update.autoUpdateDefault", true); // Automatically update extensions by default
+pref("extensions.getAddons.maxResults", 10);
+pref("extensions.getAddons.cache.enabled", false);
+
+// ============================================================================
+
+// ===| DOM |==================================================================
+
+// Set max script runtimes to sane values
+pref("dom.max_chrome_script_run_time", 90); //Some addons need ample time!
+pref("dom.max_script_run_time", 20); //Should be plenty for a page script to do what it needs
+
+// ============================================================================
+
+// ===| Plugins |==============================================================
+
+pref("plugin.default.state", 2); //Allow plugins to run by default
+pref("plugin.expose_full_path", true); //Security: expose the full path to the plugin
+pref("dom.ipc.plugins.timeoutSecs", 20);
+
+// ============================================================================
+
+// ===| Graphics |=============================================================
+
+pref("nglayout.initialpaint.delay", 300);
+
+// Force enable accelerated graphics
+pref("gfx.direct2s.force-enabled",		true);
+pref("layers.acceleration.force-enabled",	true);
+
+// ============================================================================
+
+// ===| Image |================================================================
+
+pref("image.mem.max_ms_before_yield", 50);
+pref("image.mem.decode_bytes_at_a_time", 65536); //larger chunks
+
+// ============================================================================
+
+// ===| Sync |=================================================================
+
+// Pale Moon Sync server URLs
+//pref("services.sync.serverURL","https://pmsync.palemoon.org/sync/index.php/");
+//pref("services.sync.jpake.serverURL","https://keyserver.palemoon.org/");
+//pref("services.sync.termsURL", "http://www.palemoon.org/sync/terms.shtml");
+//pref("services.sync.privacyURL", "http://www.palemoon.org/sync/privacy.shtml");
+//pref("services.sync.statusURL", "https://pmsync.palemoon.org/status/");
+//pref("services.sync.syncKeyHelpURL", "http://www.palemoon.org/sync/help/recoverykey.shtml");
+//
+//pref("services.sync.APILevel", 1); // FSyncMS doesn't support 'info/configuration' requests
+
+// ============================================================================
+
+// ===| Misc. |================================================================
+
+// Make sure we shortcut out of a11y to save walking unnecessary code
+pref("accessibility.force_disabled", 1);
+
+// ===| Privacy |==============================================================
+// Disable OCSP Stapling which sends every website visited to the CA's server
+// and is easily defeatable by sending a '3' response code making the whole
+// standard meaningless to protect against MITM attacks with stolen privkeys.
+// see https://tools.ietf.org/html/rfc6960#section-4.2
+pref("security.ssl.enable_stapling",	false);
+pref("security.OCSP.enabled",		0);
+
+// Force a successful staple if user turns OCSP back to prevent '3' response
+// code bypass. keep in mind you'll be sending all the domains you vist to the
+// CA's OCSP endpoint.
+pref("security.ssl.must_staple",	true);
+pref("security.OCSP.require",		true);
+
+// Enable Oppurtunistic encryption for HTTP/2 alt-service by default
+pref("network.http.altsvc.oe",		true);
+
+// Do not preload exceptions for anybody to capture screen
+pref("media.getusermedia.screensharing.allowed_domains",	"");
+
+// ============================================================================
+
+// ===| DevTools |=============================================================
+
+// Number of usages of the web console or scratchpad.
+// If this is less than 5, then pasting code into the web console or scratchpad is disabled
+pref("devtools.selfxss.count", 100);
+
+// ============================================================================