//      firefox.cfg
//
//
//      (1) Step 1: Recommended configuration
//
//      Firefox is configured by using two configuration files (a system-wide installation):
//
//      OS                  Original name   Path and file name
//
//      Windows:
//
//      Windows             prefs.js        %programfiles(x86)%\Mozilla Firefox\defaults\pref\prefs.js
//      Windows             firefox.cfg     %programfiles(x86)%\Mozilla Firefox\firefox.cfg
//
//      Windows             prefs.js        C:\Program Files (x86)\Mozilla Firefox\defaults\pref\prefs.js
//      Windows             firefox.cfg     C:\Program Files (x86)\Mozilla Firefox\firefox.cfg
//
//      Linux:
//
//      Linux               prefs.js        Either this file is not required or is copied to ~/.mozilla/firefox/*.default/prefs.js
//      Linux               firefox.cfg     /etc/firefox/firefox.js
//      Linux (Debian)	    firefox.cfg     /etc/firefox-esr/firefox-esr.js
//      Linux (CentOS 6.3)  firefox.cfg     /usr/l/usr/lib64/firefox/defaults/preferencesib64/firefox/defaults/preferences/your_site.js
//
//      OS X:
//
//      OS X                prefs.js        /Applications/Firefox.app/Contents/Resources/defaults/pref/prefs.js
//      OS X                firefox.cfg     /Applications/Firefox.app/Contents/Resources/firefox.cfg
//
//      Build a lock file with computer wide settings (prefs.js) containing only two rows of actual data (in addition to the comments, 
//      listed below starting with "pref(") and a configuration file (firefox.cfg) containing all the many configuration settings in 
//      accordance with the settings listed further down below starting with "lockPref(". These files should contain the settings which 
//      the organisation wishes to configure and enforce. The files are then deployed to the EUDs in %programfiles(x86)%\Mozilla Firefox\firefox.cfg 
//      and %programfiles(x86)%\Mozilla Firefox\defaults\pref\prefs.js in Windows – for the file locations and file names in other platforms, 
//      please see the tables above. Please note, that a prefs.js file inside a Mozilla Firefox user profile directory (the path to a user 
//      profile directory is mentioned in the optional Step 2) shouldn't be altered, since that file with the same name (which resides inside 
//      a Mozilla Firefox user profile directory) is generated automatically by the program itself. The main difference between these files, 
//      which have a common name (prefs.js) is that the other resides inside the program installation folder (target) and the other is found 
//      under user profiles (not to be changed).
//
//      prefs.js (lock file) content:
//
//      pref('general.config.filename', 'firefox.cfg');
//      pref('general.config.obscure_value', 0);
//
//
//
//
//      (2) Step 2: Optional configuration (concerning a single Firefox user profile):
//
//      Alternatively, if a computer-wide installation is not preferred, Firefox can be configured with a single configuration file, 
//      where the installation will concern only a single Firefox user profile.
//
//      N.B.:   Please read https://developer.mozilla.org/fi/docs/Mozilla/Preferences/A_brief_guide_to_Mozilla_preferences   
//      N.B.:   In this option before doing any modifications that concern an existing Firefox user profile (for instance in Windows 
//              %APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\), it is highly recommended to backup the whole existing 
//              Firefox user profile directory before anything is copied to or otherwise altered inside the Firefox user profile directory, 
//              since the settings listed below may alter the browser behaviour quite a bit.
//      N.B.:   In this option it is highly recommended to create a completely new user profile to use with the custom configuration settings.
//      N.B.:   Please note, that a prefs.js file inside a Mozilla Firefox user profile directory shouldn't be altered, since that file (which 
//              resides inside a Mozilla Firefox user profile directory) is generated automatically by the program itself.
//      N.B.:   In this option it is mandatory to follow option 3 below.
//
//      File (user.js) location
//
//      OS                          Original name   Path and file name
//
//      Windows                     firefox.cfg     %APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\user.js
//      Linux                       firefox.cfg     ~/.mozilla/firefox/[a_profile_name]/user.js
//      OS X                        firefox.cfg     ~/Library/Application Support/Firefox/Profiles/[a_profile_name]/user.js
//      Android                     firefox.cfg     /data/data/org.mozilla.firefox/files/mozilla/[a_profile_name]/
//      Sailfish OS + Alien Dalvik  firefox.cfg     /opt/alien/data/data/org.mozilla.firefox/files/mozilla/[a_profile_name]
//      Windows (portable)          firefox.cfg     [firefox directory]\Data\profile\
//
//      Build a configuration file called user.js containing all the many configuration settings in accordance with the settings listed further 
//      down below starting with "lockPref(". The file should contain the settings which the organisation wishes to configure and enforce. 
//      Please notice that since lockPref() may be called only in the configuration file (firefox.cfg), and user.js can only contain pref(), 
//      user_pref() and sticky_pref() calls, it is mandatory to follow the Step 3 below before deployment. The file is then deployed to the EUDs 
//      in %APPDATA%\Roaming\Mozilla\Firefox\Profiles\[a_profile_name]\user.js in Windows – for the file locations and file names in other 
//      platforms, please see the table above. Please note, that a prefs.js file inside a Mozilla Firefox user profile directory shouldn't be 
//      altered, since that file which resides inside a Mozilla Firefox user profile directory is generated automatically by the program itself.
//
//
//
//
//      (3) Step 3: Tweaking the settings: Setting the settings settable rather than in a locked state
//
//      In the firefox.cfg file, if the settings are preferred to be still controllable (not locked) on the about:config -page, please change every
//
//      lockPref("
//
//      to
//
//      pref("
//
//      Please notice that lockPref() may be called only in the configuration file (firefox.cfg), and user.js can only contain pref(), user_pref() 
//      and sticky_pref() calls.
//
//
//
//
//      (4) Step 4: Additional notes 
//
//      For disabling the Pocket integration, please start by removing the "pocket" icon from the toolbar.
//
//
//
//
//      Homepage: https://github.com/auberginehill/firefox-customization-files/
//      Short URL: http://tinyurl.com/hc7uvh9
//      Source: http://kb.mozillazine.org/Locking_preferences
//      Source: http://kb.mozillazine.org/About:config_entries
//      Source: http://kb.mozillazine.org/User.js_file
//      Source: https://gist.github.com/haasn/69e19fc2fe0e25f3cff5
//      Source: https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72
//      Source: https://github.com/amq/firefox-debloat
//      Source: http://practical-admin.com/blog/firefox-customization-file/
//      Source: http://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/
//      Source: http://www.ghacks.net/2015/11/09/how-to-disable-the-firefox-saved-telemetry-pings-and-archive-folder/
//      Source: https://www.gov.uk/government/publications/browser-security-guidance-mozilla-firefox/browser-security-guidance-mozilla-firefox


//      Recommended configuration


//      Disable telemetry and health reporting
//      https://www.mozilla.org/en-US/privacy/firefox/#health-report
//      https://www.mozilla.org/en-US/privacy/firefox/#telemetry
//      https://gecko.readthedocs.io/en/latest/toolkit/components/telemetry/telemetry/internals/preferences.html
lockPref("breakpad.reportURL", "");
lockPref("browser.tabs.crashReporting.sendReport", false);
lockPref("datareporting.healthreport.documentServerURI", "");
lockPref("datareporting.healthreport.service.enabled", false);
lockPref("datareporting.healthreport.uploadEnabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled", false);
lockPref("datareporting.policy.dataSubmissionEnabled.v2", false); //      Firefox 43+ ?
lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false);
lockPref("dom.ipc.plugins.reportCrashURL", false);
lockPref("toolkit.telemetry.archive.enabled", false);
lockPref("toolkit.telemetry.cachedClientID", "");
lockPref("toolkit.telemetry.enabled", false);
lockPref("toolkit.telemetry.prompted", 2);
lockPref("toolkit.telemetry.rejected", true);
lockPref("toolkit.telemetry.server", "");
lockPref("toolkit.telemetry.unified", false);
lockPref("toolkit.telemetry.unifiedIsOptIn", true);
lockPref("toolkit.telemetry.optoutSample", false);

//      Disable sync
lockPref("identity.fxaccounts.auth.uri", "");
lockPref("identity.fxaccounts.remote.force_auth.uri", "");
lockPref("identity.fxaccounts.remote.signin.uri", "");
lockPref("identity.fxaccounts.remote.signup.uri", "");
lockPref("identity.fxaccounts.settings.uri", "");
lockPref("services.sync.autoconnect", false);
lockPref("services.sync.engine.addons", false);
lockPref("services.sync.engine.bookmarks", false);
lockPref("services.sync.engine.history", false);
lockPref("services.sync.engine.passwords", false);
lockPref("services.sync.engine.prefs", false);
lockPref("services.sync.engine.tabs", false);
lockPref("services.sync.serverURL", "");

//      Turn on Do not Track
lockPref("privacy.donottrackheader.enabled", true);
lockPref("privacy.donottrackheader.value", 1);

//      Disable features that have an impact on privacy
//      https://www.mozilla.org/en-US/firefox/geolocation/
lockPref("accessibility.typeaheadfind", false);
lockPref("geo.enabled", false);
lockPref("geo.wifi.logging.enabled", false);
lockPref("geo.wifi.uri", "");
lockPref("layout.spellcheckDefault", 0);

//      Disable certificate warning bypass
lockPref("browser.xul.error_pages.enabled", false);

//      Enable support for Content Security Policy
lockPref("security.csp.enable", true);

//      Disable Safe Browsing anti-malware
//      Safe Browsing communicates with a third party and leaks the browsing history and also sends metadata about the downloads made.
//      https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work
lockPref("browser.safebrowsing.enabled", false);
lockPref("browser.safebrowsing.downloads.enabled", false);
lockPref("browser.safebrowsing.malware.enabled", false);

//      Turn on XSS Filter
lockPref("browser.urlbar.filter.javascript", true);

//      Restrict third party cookies
lockPref("network.cookie.cookieBehavior", 1);

//      Enable Flash as it's in a sandbox
lockPref("plugin.state.flash", 2);

//      Disable Java unless required
lockPref("plugin.state.java", 0);
lockPref("plugin.state.npdeployjava1", 0);

//      Disable webcam and microphone unless necessary
lockPref("media.navigator.enabled", false);
lockPref("media.navigator.video.enabled", false);

//      Disable Firefox Hello
//      Firefox connects to third-party (Telefonica) servers without asking for permission.
//      https://support.mozilla.org/en-US/kb/firefox-hello-video-and-voice-conversations-online
lockPref("loop.enabled", false);


//      Optional configuration


//      Clear personal and temporary data on shutdown
lockPref("privacy.clearOnShutdown.cache", true);
lockPref("privacy.clearOnShutdown.cookies", true);
lockPref("privacy.clearOnShutdown.downloads", true);
lockPref("privacy.clearOnShutdown.formData", true);
lockPref("privacy.clearOnShutdown.history", true);
lockPref("privacy.clearOnShutdown.offlineApps", true);
lockPref("privacy.clearOnShutdown.openWindows", false);
lockPref("privacy.clearOnShutdown.passwords", true);
lockPref("privacy.clearOnShutdown.sessions", true);
lockPref("privacy.clearOnShutdown.siteprefs", true);
lockPref("privacy.clearOnShutdown.siteSettings", true);
lockPref("privacy.cpd.cache", true);
lockPref("privacy.cpd.cookies", true);
lockPref("privacy.cpd.downloads", true);
lockPref("privacy.cpd.formdata", true);
lockPref("privacy.cpd.history", true);
lockPref("privacy.cpd.offlineApps", true);
lockPref("privacy.cpd.openWindows", false);
lockPref("privacy.cpd.passwords", true);
lockPref("privacy.cpd.sessions", true);
lockPref("privacy.cpd.siteprefs", true);
lockPref("privacy.cpd.siteSettings", true);
lockPref("privacy.sanitize.sanitizeOnShutdown", true);

//      Prevent the use of SPDY, Websockets and WebRTC if not supported by the web proxy
//      https://wiki.mozilla.org/Media/WebRTC
lockPref("media.http.spdy.enabled", false);
lockPref("media.peerconnection.enabled", false);
lockPref("media.websocket.enabled", false);
lockPref("network.websocket.enabled", false);

//      Disable automatic form filling
lockPref("signon.autofillForms", false);
lockPref("signon.prefillForms", false);
lockPref("signon.rememberSignons", false);

//      Disable Pocket integration
//      https://support.mozilla.org/en-US/kb/save-web-pages-later-pocket-firefox
//      A third-party service (proprietary) for managing a reading list of articles.
//      For disabling the Pocket integration, please start by removing the "pocket" icon from the toolbar.
//      extensions.pocket.enabled:  https://github.com/auberginehill/firefox-customization-files/issues/1
//                                  https://snakerl.blogspot.com/2017/11/pocket-erweiterung-in-firefox-57.html
lockPref("browser.pocket.enabled", false);
lockPref("extensions.pocket.enabled", false);

//      Disable Firefox's new Screenshot tool (requires at least Firefox 55)
//      https://github.com/auberginehill/firefox-customization-files/issues/1
//      https://www.ghacks.net/2017/08/12/how-to-disable-firefoxs-new-screenshot-tool/
lockPref("extensions.screenshots.disabled", true);

//      Expire master password
lockPref("signon.expireMasterPassword", true);

//      Disable the version updated page
lockPref("browser.startup.homepage_override.mstone", "ignore");

//      Disable default browser check
lockPref("browser.shell.checkDefaultBrowser", false);

//      Set disk cache to 1MB
lockPref("browser.cache.disk.capacity", 1024);
lockPref("browser.cache.disk.smart_size.enabled", false);
lockPref("browser.cache.disk.smart_size.first_run", false);
lockPref("browser.cache.disk.smart_size.use_old_max", false);


//      Ideas (not enabled nor disabled)


//      Disable updates and notifications
// lockPref("app.update.auto", false);
// lockPref("app.update.autoUpdateEnabled", false);
// lockPref("app.update.enabled", false);
// lockPref("app.update.mode", 1);
// lockPref("app.update.service.enabled", false);
// lockPref("app.update.silent", true); // disables the update service UI?
// lockPref("update_notifications.enabled", false);

//      Disable unnecessary protocols
//      This disables older protocols that are known to be weak or entirely broken (3DES, RC4 and MD5).
// lockPref("security.ssl3.rsa_rc4_128_sha", false);
// lockPref("security.ssl3.rsa_rc4_128_md5", false);
// lockPref("security.ssl3.rsa_des_ede3_sha", false);
// lockPref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false);
// lockPref("security.ssl3.ecdhe_rsa_rc4_128_sha", false);
// lockPref("app.update.auto", false);

//      Disable device sensors
// lockPref("device.sensors.enabled", false);
// lockPref("camera.control.face_detection.enabled", false);
// lockPref("camera.control.autofocus_moving_callback.enabled", false);

//      Disable JavaScript fingerprinting and/or data collection
// lockPref("dom.event.clipboardevents.enabled", false);
// lockPref("dom.battery.enabled", false);
// lockPref("browser.send_pings", false);
// lockPref("webgl.disabled", false);

//      Disable search suggestions
// By default everything that is typed in the search box is sent to the search engine.
// If disabled, suggestions based on local history will still work.
// lockPref("browser.search.suggest.enabled", false);

//      Turn on tracking protection
// This makes Firefox block known tracking domains by default.
// lockPref("privacy.trackingprotection.enabled", true);

//      For more ideas, please see http://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/