user.js

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README
commit 9f43d48a3222ac6f8980c4f3b1b23b7e45b0bce0
parent 6077d09b9fc1ef613f674074e3cfece3fde85a92
Author: Thorin-Oakenpants <Thorin-Oakenpants@users.noreply.github.com>
Date:   Wed, 25 Aug 2021 14:09:39 +0000

targetBlankNoOpener -> don't touch
Diffstat:

Muser.js | 10+++++-----


1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/user.js b/user.js
@@ -728,14 +728,11 @@ user_pref("dom.disable_window_move_resize", true);
 user_pref("dom.disable_open_during_load", true);
 /* 2404: limit events that can cause a popup [SETUP-WEB] ***/
 user_pref("dom.popup_allowed_events", "click dblclick mousedown pointerdown");
-/* 2405: enable (limited but sufficient) window.opener protection [FF65+]
- * Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
-user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+]
-/* 2406: disable website access to clipboard events/content
+/* 2405: disable website access to clipboard events/content
  * Requires user interaction. Applies to onCut/onCopy/onPaste events
  * [SETUP-HARDEN] Will break some sites' functionality e.g. Outlook, Twitter, Facebook, Wordpress ***/
    // user_pref("dom.event.clipboardevents.enabled", false);
-/* 2407: disable clipboard commands (cut/copy) from "non-privileged" content [FF41+]
+/* 2406: disable clipboard commands (cut/copy) from "non-privileged" content [FF41+]
  * this disables document.execCommand("cut"/"copy") to protect your clipboard
  * [1] https://bugzilla.mozilla.org/1170911 ***/
 user_pref("dom.allow_cut_copy", false);
@@ -1245,6 +1242,9 @@ user_pref("security.mixed_content.block_active_content", true); // [DEFAULT: tru
  * string is restored if the tab reverts back to the original page. This change prevents some cross-site attacks
  * [TEST] https://arkenfox.github.io/TZP/tests/windownamea.html ***/
 user_pref("privacy.window.name.update.enabled", true); // [DEFAULT: true FF86+]
+/* 6007: enforce window.opener protection [FF65+]
+ * Makes rel=noopener implicit for target=_blank in anchor and area elements when no rel attribute is set ***/
+user_pref("dom.targetBlankNoOpener.enabled", true); // [DEFAULT: true FF79+]
 
 /*** [SECTION 7000]: DON'T BOTHER ***/
 user_pref("_user.js.parrot", "7000 syntax error: the parrot's pushing up daisies!");