Pale Moon has a number of additional preferences in about:config (compared to Firefox) to control Pale Moon specific features. Here's an overview and brief explanation of them:
- browser.display.ignore_accessibility_theme (true/false, v25.0+): Allows the user to override the use of accessibility colors in browser content (web pages).
- browser.display.standalone_images.background_color (text, v15.1+): Determines the background color for stand-alone images in hex ("#rrggbb") or named color ("red", "blue").
- browser.padlock.shown (true/false, v15.2+): Controls display of the padlock for secure sites.
- browser.padlock.style (number, v15.2+): Controls the location and style of the padlock.
- browser.padlock.urlbar_background (number, v15.2+): Controls address bar shading for secure sites.
0 = no shading, 1 = shading for secure sites, 2 = shading for secure sites + mixed mode, 3 = shading for all https sites, including broken ones.
- browser.sessionstore.exactPos (true/false, v24.2+): Controls whether restored windows will be placed at the exact position they were at in the last session, even if that would be (partially or completely) off-screen. (hidden pref)
- browser.sessionstore.max_concurrent_tabs (number, v25.3+): Controls the number of tabs to be concurrently restored from a session. Accepts values 1-10, default is 3.
- browser.tabs.noWindowActivationOnExternal (true/false, v26.0+): Controls whether to give focus to the browser window when you send a URL to the browser from an external link or program. Default behavior is to bring the window to the front; setting this pref to true will keep your current program in the foreground, instead.
- browser.tabs.resize_immediately (true/false, v24.1.2+): Controls whether tabs will immediately resize to fill the tab bar when a tab is closed.
- browser.urlbar.rss (true/false, v24.1+): Controls whether the web feed icon is shown in the address bar or not when feeds are available.
- canvas.poisondata (true/false, v25.6+): Controls whether to mitigate browser fingerprinting through canvas rendering specifics.
This preference, when true, will poison data read from canvas areas with humanly-imperceptible variations in color and lightness.
Defaults to false; accurate reading of data is generally preferred, and poisoning severely impacts performance of reading data from canvas.
- dom.disable_beforeunload (true/false, v26.0+): Controls whether to disable the use of events when unloading a page (navigating away).
"onunload" is regularly used to prevent you from losing work if you accidentally try to navigate away from a site with unsaved changes to e.g. a post. It is also abused by websites trying to prevent you from easily leaving their site with the infamous "offer on the way out the door" pop-ups. This pref will control both scenarios (good and bad) so use with caution.
- lightweightThemes.animation.enabled (true/false, v24.6+): Controls whether animated personas (lightweight themes) are allowed.
- network.stricttransportsecurity.enabled (true/false, v25.2+): Controls whether HSTS (HTTP Strict Transport Security) is enabled. (hidden pref) R
- security.ssl.allow_unsafe_ocsp_response (true/false, v25.0+): Controls whether to ignore an expired state of stapled OCSP responses. If set to true, breaks with RFC6066 (like Firefox) and ignores the fact that stapled OCSP responses may be expired. If false (the default) aborts the connection. (hidden pref)
- signon.ignoreAutocomplete (true/false, v25.6+): Controls whether to completely ignore "autocomplete=off" on login fields.
- spellchecker.dictionary.override (string, v25.5+): Sets a preferred language for choice of spellchecking dictionary, overriding document/element language if set. (hidden pref)
Explanation of R: This preference, when changed, requires you to completely exit (Pale Moon Button -> Exit or File -> Exit) and restart the browser to come into effect.
v26.0 prefs are currently only active in the beta versions, so please be patient and don't try to use them on the current release versions. They won't work