From 0fa4ecb891cff6b674a0bbb643be60994af63794 Mon Sep 17 00:00:00 2001 From: "Gerd v. Egidy" Date: Sat, 1 Jan 2022 12:43:30 +0100 Subject: [PATCH] improve Firefox default settings - disable telemetry and studies, remove notice tab about telemetry - force off DNS-over-HTTPS and always use the local dns resolver. This allows for example to access websites in the local part of a split dns setup - set the default search engine to DuckDuckGo - change the homepage to the internal firefox homepage (shows a searchbar and buttons). This doesn't load an external page (DuckDuckGo previously) without user consent/action, but still provides a convenient way to search via DuckDuckGo. --- airootfs/opt/firefox-esr/distribution/policies.json | 7 ++++++- airootfs/opt/firefox-esr/sysrescue.js | 11 ++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/airootfs/opt/firefox-esr/distribution/policies.json b/airootfs/opt/firefox-esr/distribution/policies.json index f366220..7938997 100644 --- a/airootfs/opt/firefox-esr/distribution/policies.json +++ b/airootfs/opt/firefox-esr/distribution/policies.json @@ -1,5 +1,10 @@ { "policies": { - "DisableAppUpdate": true + "DisableAppUpdate": true, + "DisableFirefoxStudies": true, + "DisableTelemetry": true, + "SearchEngines": { + "Default": "DuckDuckGo" + } } } diff --git a/airootfs/opt/firefox-esr/sysrescue.js b/airootfs/opt/firefox-esr/sysrescue.js index fdcf8f9..df24770 100644 --- a/airootfs/opt/firefox-esr/sysrescue.js +++ b/airootfs/opt/firefox-esr/sysrescue.js @@ -10,4 +10,13 @@ defaultPref("browser.shell.checkDefaultBrowser", false); pref("browser.EULA.override", true); // SystemRescue settings pref("browser.startup.homepage_override.mstone", "ignore"); -pref("browser.startup.homepage", "https://duckduckgo.com/"); +pref("browser.startup.homepage", "about:home"); +// disable Firefox telemetry and surveys, don't annoy the user with it +pref("app.shield.optoutstudies.enabled", false); +pref("datareporting.healthreport.uploadEnabled", false); +pref("datareporting.policy.dataSubmissionEnabled", false); +pref("datareporting.policy.dataSubmissionPolicyBypassNotification", true); +// don't ever use DNS-over-HTTPS, we always want use the local resolver +// this is necessary for being able to resolve local hostnames e.g. in a split dns setup +// 5 means "off by choice" +pref("network.trr.mode", 5);