Hi there, this is going to be my first post. So first off - thanks for PM - I use it on win7, mint, arch, and the atom-specific builds as browser of choice.
I've noticed that the "Pale Moon Tweak Guide" has been stagnant for a while, and there isnt a separate equivalent over here in the linux room (not sure if there needs to be). In any case- since I have mainly tested these tweaks on linux, and this first set is going to come pretty much entirely from the manjaro wiki compilation I thought to post here.
And please remember the normal 'there be dragons here' about:config caveats apply.
######
But on to the fun bits:
######
DOM Storage
*This WILL break some functionality on some websites.*
DOM storage has become a much bigger threat to our privacy than the dreaded cookies were.
about:config Name: dom.storage.enabled
Default value: true
Modified value: false
Referrer Control
about:config Name: network.http.sendRefererHeader
Default Value: 2
Modified Value: 0
By setting network.http.sendRefererHeader in about:config to 0, whenever you visit a link from one site, the destination site doesn't know the original site you were referred from.
This in effect makes the Firefox add-on RefControl (& others) redundant.
From the Knowledgebase:
network. http. sendRefererHeader Integer
Determines when to send the Referer HTTP header.
0: Never send the referring URL
1: Send only on clicked links
2 (default): Send for links and image
If you find that you can't get into your online banking (or other) site, it can be due to you having set the integer to 0. You would then be best off using the integer value of 1. & Under such circumstances use the likes of RefControl as you can use whatever options you choose for your normal surfing & then choose a specific option that works with specific troublesome sites.
Silent Requests
about:config Name: network.http.speculative-parallel-limit
Default Value: 6
Modified Value: 0
By setting network.http.speculative-parallel-limit to 0, we are controlling the following:
Unlike older versions of Firefox, more recent versions will make a request to a destination server just by hovering over a link. No CSS, no JavaScript, no prefetch required.
Enable Spell Checking In All Text Fields
about:config Name: layout.spellcheckDefault
Default Value: 1
Possible Values:
0 - disable spell checker.
1 - spell check multi-line text boxes only.
2 - enable spell checker for all text boxes.
The default spell checking function only checks for multi-line text boxes. You can get it to spell-check for single line text box as well.
Session Store Interval
about:config Name: browser.sessionstore.interval
Default Value: 60,000
Modified Value: XXX,XXX
This value sets the interval at which sessions will be committed to storage for recall (eg: after recovering from a crash).
If you dont need or use this feature, increasing the value can help performance especially on underpowered machines.
This comes with the risk of losing open tabs or other data if the value is set too high and the browser closes before the allotted time.
Open Search Box Results In New Tab
about:config Name: browser.search.openintab
Default Value: false
Modified Value: true
When you search using the search box at the top right hand corner of the browser, it will display the search results in the current tab.
If you don’t want the search to interfere with your current tab, you can tweak the browser.search.openintab to make it open in a new tab.
Prevent child windows from spawning
about:config Name: dom.disable_window_open_feature.resizable
Default Value: true
Modified Value: false
Turning off the above should prevent most, if not all tabs being spawned in a new Firefox window.
Some websites like to do this to us & some of us don't like it!
Disable less secure encryption protocols
*This WILL break some reputable sites*
Many encryption experts consider them broken. It is not necessary to disable them.
If some of the websites you visit via HTTPS/SSL do not work anymore, please enable these protocols again:
about:config Name: security.ssl3.rsa_aes_128_sha
Default Value: true
Modified Value: false
about:config Name: security.ssl3.rsa_aes_256_sha
Default Value: true
Modified Value: false
about:config Name: security.ssl3.rsa_des_ede3_sha
Default Value: true
Modified Value: false
Highlight everything in the address bar by a single click
about:config Name: browser.urlbar.clickSelectsAll
Default Value: true
If you prefer to click once for url editing, instead of auto-highlighting, you'll know what to do.
Tab Animation
browser.tabs.animate
Default Value: true
Modified Value: false
...thats it for now . Once again, do not blindly enable all these settings. I do not use all of them and you probably dont want to either. While all those listed can be considered 'safe', user experience for some websites will be effected. As with all about:config edits - these are options for users who need them or otherwise know what they are doing.
Hi - heres some updates for Pale Moon config
Moderator: trava90
Forum rules
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
Hi - heres some updates for Pale Moon config
Last edited by cscs+ on 2016-04-01, 20:24, edited 5 times in total.
Re: Hi - heres some updates for Pale Moon config
A quick note that the defaults are there for a reason.
e.g.: Turning off DOM storage and sending of referrers not only can, but will break an increasing number of websites.
e.g.: The "least secure" cipher suites are still secure, and disabling what you suggest would break perfectly good sites as well. And you're falling in the trap of disabling good features just because they happen to be at the bottom of the list. After all, after these are disabled, some other suite will be "least secure". The browser already uses sane priority.
Also, you suggest prefetching pages as a good thing, but want to prevent speculative connections (without actual requests) at the same time -- that's kind of paradoxical?
etc.
e.g.: Turning off DOM storage and sending of referrers not only can, but will break an increasing number of websites.
e.g.: The "least secure" cipher suites are still secure, and disabling what you suggest would break perfectly good sites as well. And you're falling in the trap of disabling good features just because they happen to be at the bottom of the list. After all, after these are disabled, some other suite will be "least secure". The browser already uses sane priority.
Also, you suggest prefetching pages as a good thing, but want to prevent speculative connections (without actual requests) at the same time -- that's kind of paradoxical?
etc.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Hi - heres some updates for Pale Moon config
Moonchild wrote:Also, you suggest prefetching pages as a good thing, but want to prevent speculative connections (without actual requests) at the same time -- that's kind of paradoxical?
Actually he is suggesting the opposite, that it should be disabled. It appears that he is suggesting changing it, making it easy to think he is suggesting to enable it, because he has the incorrect default value posted. This is actually false by default, not true. I haven't checked to see if the other defaults are correct or not.cscs+ wrote: Prefetch Control
about:config Name: network.prefetch-next
Default Value: true
Modified Value: false
By setting network.prefetch-next to false, we are controlling the following:
Link prefetching, is when a web page hints to the browser that certain pages are likely to be visited, so the browser downloads them immediately so they can be displayed immediately when the user request
Re: Hi - heres some updates for Pale Moon config
I agree. I prefer DOM off on some of my setups - but dont generally suggest it to folks who cant troubleshoot things themselves or arent security freaks, etc. The cipher suites are included should someone be interested in them, not as a suggestion for smooth browsing - I dont use those changes. (Actually in the cited page, those configs were preceded by 4 other similar changes which are already included in PaleMoon [over ff], so kudos to you). As for the prefetching - everyone has different needs but I actually prefer to disable prefetching and speculative connections and DO use those changes.(edit - oops, that was the incorrect default and should not have been included)Moonchild wrote:A quick note that the defaults are there for a reason.
e.g.: Turning off DOM storage and sending of referrers not only can, but will break an increasing number of websites.
e.g.: The "least secure" cipher suites are still secure, and disabling what you suggest would break perfectly good sites as well. And you're falling in the trap of disabling good features just because they happen to be at the bottom of the list. After all, after these are disabled, some other suite will be "least secure". The browser already uses sane priority.
Also, you suggest prefetching pages as a good thing, but want to prevent speculative connections (without actual requests) at the same time -- that's kind of paradoxical?
etc.
I apologize if I was not clear that I did not *recommend or *endorse any of these changes - just thought some interested folks might find them easier on the forums. I've also updated the original post to reflect some warnings and removed the reference to prefetching.