Initial commit

firefox/chrome/userChrome.css

@@ -0,0 +1,6 @@
+@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); /* only needed once */
+
+/* full screen toolbars */
+#navigator-toolbox[inFullscreen] toolbar:not([collapsed="true"]) {
+   visibility:visible!important;
+}

firefox/ublock-My_filters.txt

@@ -0,0 +1,51 @@
+! Replace third-party frames with a click2load banner
+*$3p,frame,redirect=click2load.html
+
+! click2load exceptions
+@@||viewscreen.githubusercontent.com^$3p,frame,domain=github.com
+@@||www.redditmedia.com^$3p,frame,domain=www.reddit.com
+@@||cdn.embedly.com^$3p,frame
+@@||imgur.com^$3p,frame
+
+! Bad TLDs (from https://github.com/DandelionSprout/adfilt/blob/master/Dandelion%20Sprout's%20Anti-Malware%20List.txt)
+||agency^
+||bid^
+||cf^
+||ga^
+||gdn^
+||gq^
+||ooo^
+||loan^
+||ml^,domain=~lingva.ml
+||pw^
+||tk^
+||top^
+
+! Hide GDPR consent banners
+sat1.de##cmp-banner
+!meteoblue.com##.gdpr_message
+askubuntu.com##.js-consent-banner
+stackexchange.com##.js-consent-banner
+stackoverflow.com##.js-consent-banner
+gitbook.io##.r-1yzf0co.r-ymttw5.r-18u37iz.r-1quu1zo.r-1i7sdiz.r-rs99b7.r-156hn8l.r-1habvwh.css-1dbjc4n
+www.morgenpost.de##.footer .no-js
+www.morgenpost.de##+js(remove-class, no-js, html)
+
+! Hide/Block annoying elements
+stackoverflow.com###saves-launch-popover
+
+! Hide/Block ad banners
+
+! Privacy
+||collector.github.com^
+||api.github.com/_private/browser/errors
+||cmp.zdf.de^
+||discord.com/api/v*/science
+
+! XSS hardening on codebergs login page
+||codeberg.org/user/login^$script
+||codeberg.org/user/login^$inline-script
+||codeberg.org/user/login^$third-party
+
+! Badfilters
+meteoblue.com#@#.social-wrapper

firefox/ublock-My_rules.txt

@@ -0,0 +1,158 @@
+!! This is not a comment, this is a invalid line which gets silently dropped
+!! by uB if you paste into your dynamic filter rules
+
+!! Blocking mode: hard mode with click2load 3p-frames
+* * * noop
+* * 1p-script noop
+* * 3p block
+* * 3p-frame noop
+* * 3p-script block
+* * image noop
+* * inline-script noop
+behind-the-scene * * block
+
+!! Global CDN noops for common CDNs (mostly via CNAME)
+* akamai.net * noop
+* akamaiedge.net * noop
+* akamaihd.net * noop
+* akamaized.net * noop
+* b-cdn.net * noop
+* cdn.cloudflare.net * noop
+* cloudfront.net * noop
+* discourse-cdn.com * noop
+* edgecastcdn.net * noop
+* global.fastly.net * noop
+* hwcdn.net * noop
+* kxcdn.com * noop
+* bootstrapcdn.com * noop
+* map.fastly.net * noop
+* netdna-ssl.com * noop
+* wp.com * noop
+* ajax.googleapis.com * noop
+* jsdelivr.net * noop
+* unsplash.com * noop
+* cdn.embedly.com * noop
+* wixmp.com * noop
+
+!! Website building/caching tools
+* cloudflare.com * noop
+* prismic.io * noop
+* googlehosted.com * noop
+
+!! Website 3rd party utilities (trusted or simply necessary things)
+* maps.googleapis.com * noop
+* recaptcha.net * noop
+* imgur.com * noop
+* shields.io * noop
+* gravatar.com * noop
+
+!! Explicit blocks (even though we block all 3rd parties, explicitly block these to signify that they're evil)
+* fonts.googleapis.com * block
+* doubleclick.net * block
+* sentry.io * block
+* servedby-buysellads.com * block
+* facebook.com * block
+* facebook.net * block
+
+!! Per-site (mostly noop) settings
+
+! GitHub
+github.com avatars.githubusercontent.com * noop
+github.com githubassets.com * noop
+
+! Google
+accounts.google.com googleusercontent.com * noop
+accounts.google.com gstatic.com * noop
+accounts.google.com signaler-pa.googleapis.com * noop
+accounts.google.com youtube.com * noop
+
+developers.google.com gstatic.com * noop
+developers.google.com googleusercontent.com * noop
+
+drive.google.com googleusercontent.com * noop
+drive.google.com gstatic.com * noop
+
+docs.google.com googleusercontent.com * noop
+docs.google.com gstatic.com * noop
+
+mail.google.com googleusercontent.com * noop
+mail.google.com gstatic.com * noop
+
+translate.google.com googleusercontent.com * noop
+translate.google.com gstatic.com * noop
+
+www.youtube.com ggpht.com * noop
+www.youtube.com google.com * noop
+www.youtube.com googleusercontent.com * noop
+www.youtube.com googlevideo.com * noop
+www.youtube.com gstatic.com * noop
+www.youtube.com jnn-pa.googleapis.com * noop
+www.youtube.com ytimg.com * noop
+
+! Microsoft crap
+login.live.com * 3p noop
+login.live.com * 3p-frame noop
+login.live.com * 3p-script noop
+
+login.microsoftonline.com * 3p noop
+login.microsoftonline.com * 3p-frame noop
+login.microsoftonline.com * 3p-script noop
+
+outlook.live.com * 3p noop
+outlook.live.com * 3p-frame noop
+outlook.live.com * 3p-script noop
+
+outlook.office365.com * 3p noop
+outlook.office365.com * 3p-frame noop
+outlook.office365.com * 3p-script noop
+
+! Protonmail
+mail.proton.me * 3p noop
+mail.proton.me * 3p-frame noop
+mail.proton.me * 3p-script noop
+
+! Reddit
+www.reddit.com redditmedia.com * noop
+www.reddit.com redditstatic.com * noop
+www.reddit.com redd.it * noop
+
+! StackExchange
+stackexchange.com sstatic.net * noop
+stackexchange.com stackoverflow.com * noop
+
+stackoverflow.com sstatic.net * noop
+stackoverflow.com stackexchange.com * noop
+
+askubuntu.com sstatic.net * noop
+askubuntu.com stackexchange.com * noop
+askubuntu.com stackoverflow.com * noop
+
+superuser.com sstatic.net * noop
+superuser.com stackexchange.com * noop
+superuser.com stackoverflow.com * noop
+
+serverfault.com sstatic.net * noop
+serverfault.com stackexchange.com * noop
+serverfault.com stackoverflow.com * noop
+
+! Simplelogin
+app.simplelogin.io simplelogin.co * noop
+
+! Privacyguides
+www.privacyguides.org github.com * noop
+www.privacyguides.org privacyguides.github.io * noop
+www.privacyguides.org privacyguides.net * noop
+
+! Fontawesome
+fontawesome.com algolia.net * noop
+fontawesome.com algolianet.com * noop
+fontawesome.com fortawesome.com * noop
+
+! IMDb
+www.imdb.com media-amazon.com * noop
+www.imdb.com media-imdb.com * noop
+
+! Others
+docs.gtk.org gnome.org * noop
+letsgetrusty.com kartra.com * noop
+* readthedocs.io * noop

firefox/user-overrides.js

@@ -0,0 +1,76 @@
+/* --------------- PERSONAL ARKENFOX OVERRIDES --------------- ***/
+user_pref("_overrides.parrot", "Custom: Arkenfox overrides");
+
+/* Re-enabled single perf features ***/
+user_pref("keyword.enabled", true);                     // 0801 Enable searching from location bar (I trust my search engine)
+// user_pref("browser.search.suggest.enabled", true);      // 0804 Enable search suggestions
+// user_pref("browser.urlbar.suggest.searches", true);     // 0804 Enables search suggestions in the url-bar
+user_pref("network.http.referer.XOriginPolicy", 0);     // 1601 Allow cross origin referrers (disabling breaks too much), I use Smart Referer extension instead
+user_pref("privacy.clearOnShutdown.sessions", true);    // 2811 Retain HTTP Basic Auth on shutdown
+user_pref("signon.rememberSignons", false);             // 5003 Disable saving passwords to FF, there's Bitwarden
+user_pref("security.nocertdb", true);                   // 5005 Don't cache certificates (stores them session-only)
+user_pref("browser.download.folderList", 1);            // 5016 Always use default downloads folder, not previous folder for download location
+
+/* override recipe: enable session restore ***/
+user_pref("browser.startup.page", 3);                   // 0102 Enable session restore
+user_pref("privacy.clearOnShutdown.history", false);    // 2811 Don't clear history on exit
+user_pref("privacy.cpd.history", false);                // 2812 To match when you use Ctrl-Shift-Del
+user_pref("places.history.enabled", false);             // 5013 Disable browsing and download history (allows no history with session restore)
+
+/* --------------- PERSONAL PRIVACY RULES --------------- ***/
+user_pref("_overrides.parrot", "Custom: Privacy rules");
+
+/* Deny some permission requests by default (prevent ask popups) ***/
+user_pref("permissions.default.microphone", 2);                 // Microphone
+user_pref("permissions.default.desktop-notification", 2);       // Notifications
+user_pref("permissions.default.geo", 2);                        // Location
+
+/* Disable safebrowsing (sends data to google) ***/
+user_pref("browser.safebrowsing.downloads.remote.enabled", false);
+user_pref("browser.safebrowsing.phishing.enabled", false);
+user_pref("browser.safebrowsing.malware.enabled", false);
+
+/* Javascript hardening (might cause slowdowns/breakage) ***/
+// user_pref("javascript.options.ion", false);             // Might cause slowdowns/breakage
+// user_pref("javascript.options.asmjs", false);           // Might cause slowdowns/breakage
+// user_pref("javascript.options.wasm", false);            // Completely disables WASM, for the security gain and speed benefit
+// user_pref("javascript.options.baselinejit", false);     // Disable JIT compilation - usually breaks sites with a lot of javascript but is a huge security gain
+
+/* Mark Quad9 as trusted recursive resolver (TRR) for DNS over HTTPS (DoH) ***/
+user_pref("network.trr.mode", 2);                                         // Use TRR first, and only if the secure resolution fails use the operating system resolver.
+user_pref("network.trr.uri", "https://dns.quad9.net:5053/dns-query");     // Resolver we want to use
+user_pref("network.trr.bootstrapAddress", "9.9.9.9");                     // Address to lookup the quad9 DoH address (only used once for this lookup)
+
+/* Other Privacy hardenings ***/
+user_pref("geo.enabled", false);                            // Fully disable location access
+user_pref("media.hardwaremediakeys.enabled", false);        // Disable control via media keys (some websites might be stealing these)
+user_pref("dom.webaudio.enabled",false);                    // Old, mostly unused API, likely utilized for fingerprinting, hasn't broken anything FOR ME
+
+/* --------------- PERSONAL NON-PRIVACY RULES --------------- ***/
+user_pref("_overrides.parrot", "Custom: Non-privacy rules");
+
+/* Annoyances ***/
+user_pref("browser.tabs.firefox-view", false);          // Don't show firefox view tab
+user_pref("extensions.pocket.enabled", false);          // Disable pocket
+user_pref("extensions.abuseReport.enabled", false);     // Disable report extension to mozilla
+user_pref("identity.fxaccounts.enabled", false);        // Disable sync entirely
+
+/* Urlbar suggestions ***/
+user_pref("browser.urlbar.suggest.openpage", false);        // Disable suggestions of open pages
+user_pref("browser.urlbar.suggest.engines", false);         // Disable suggestions of search engines
+user_pref("browser.urlbar.suggest.topsites", false);        // Disable suggestions of top sites
+
+/* Styling changes ***/
+user_pref("browser.fullscreen.autohide", false);                                // Don't auto-hide tabs when firefox is in fullscreen
+user_pref("browser.toolbars.bookmarks.visibility", "always");                   // Always show bookmarks toolbar
+user_pref("toolkit.legacyUserProfileCustomizations.stylesheets", true);         // Enable profile customization with userChrome.css and userContent.css
+user_pref("ui.systemUsesDarkTheme", 1);                                         // Enables `prefers-color-scheme` CSS media feature
+
+/* Other changes ***/
+user_pref("browser.preferences.experimental", true);      // Show experimental options in about:preferences
+user_pref("browser.urlbar.suggest.calculator", true);     // Calculator in urlbar
+user_pref("layout.spellcheckDefault", 2);                 // Enable spellcheck by default for all inputs
+user_pref("browser.quitShortcut.disabled", true);         // Disable Ctrl+Q browser quit shortcut
+
+/* --------------- END --------------- ***/
+user_pref("_overrides.parrot", "Custom: success");