1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
// ===| General |==============================================================
pref("startup.homepage_welcome_url", "");
//pref("app.vendorURL", "http://www.palemoon.org/");
// User Interface
pref("browser.identity.ssl_domain_display", 1); //show domain verified SSL (blue)
// ============================================================================
// ===| Application Update Service |===========================================
// Disable application auto-update
pref("app.updated.enabled", false);
// The time interval between the downloading of mar file chunks in the
// background (in seconds)
//pref("app.update.download.backgroundInterval", 600);
// Give the user x seconds to react before showing the big UI. default=48 hours
//pref("app.update.promptWaitTime", 172800);
// ============================================================================
// ===| Add-ons Manager |======================================================
// Add-on window fixes
pref("extensions.getMoreThemesURL", "https://addons.palemoon.org/themes/");
pref("extensions.update.autoUpdateDefault", true); // Automatically update extensions by default
pref("extensions.getAddons.maxResults", 10);
pref("extensions.getAddons.cache.enabled", false);
// ============================================================================
// ===| DOM |==================================================================
// Set max script runtimes to sane values
pref("dom.max_chrome_script_run_time", 90); //Some addons need ample time!
pref("dom.max_script_run_time", 20); //Should be plenty for a page script to do what it needs
// ============================================================================
// ===| Plugins |==============================================================
pref("plugin.default.state", 2); //Allow plugins to run by default
pref("plugin.expose_full_path", true); //Security: expose the full path to the plugin
pref("dom.ipc.plugins.timeoutSecs", 20);
// ============================================================================
// ===| Graphics |=============================================================
pref("nglayout.initialpaint.delay", 300);
// ============================================================================
// ===| Image |================================================================
pref("image.mem.max_ms_before_yield", 50);
pref("image.mem.decode_bytes_at_a_time", 65536); //larger chunks
// ============================================================================
// ===| Sync |=================================================================
// Pale Moon Sync server URLs
//pref("services.sync.serverURL","https://pmsync.palemoon.org/sync/index.php/");
//pref("services.sync.jpake.serverURL","https://keyserver.palemoon.org/");
//pref("services.sync.termsURL", "http://www.palemoon.org/sync/terms.shtml");
//pref("services.sync.privacyURL", "http://www.palemoon.org/sync/privacy.shtml");
//pref("services.sync.statusURL", "https://pmsync.palemoon.org/status/");
//pref("services.sync.syncKeyHelpURL", "http://www.palemoon.org/sync/help/recoverykey.shtml");
//
//pref("services.sync.APILevel", 1); // FSyncMS doesn't support 'info/configuration' requests
// ============================================================================
// ===| Misc. |================================================================
// Make sure we shortcut out of a11y to save walking unnecessary code
pref("accessibility.force_disabled", 1);
// Disable OCSP Stapling which sends every website visited to the CA's server
// and is easily defeatable by sending a '3' response code making the whole
// standard meaningless to protect against MITM attacks with stolen privkeys.
// see https://tools.ietf.org/html/rfc6960#section-4.2
pref("security.ssl.enable_stapling", false);
pref("security.OCSP.enabled", 0);
// Force a successful staple if user turns OCSP back to prevent '3' response
// code bypass. keep in mind you'll be sending all the domains you vist to the
// CA's OCSP endpoint.
pref("security.ssl.must_staple", true);
pref("security.OCSP.require", true);
// ============================================================================
// ===| DevTools |=============================================================
// Number of usages of the web console or scratchpad.
// If this is less than 5, then pasting code into the web console or scratchpad is disabled
pref("devtools.selfxss.count", 100);
// ============================================================================
|