Ghacks user.js goes github
When Pants approached me in 2015 about publishing his Firefox user.js configuration file on Ghacks, I never imagined how far the project would come.
Now, 20 months later, the project has made a huge step by moving to GitHub. Among the many improvements are openness, better manageability, change tracking, faster releases, support for user contributions, and a lot more.
Pants was kind enough to keep the Ghacks name for the project, and I will publish information on new releases whenever they are made available here on Ghacks. This means that I will post a new article shortly after stable Firefox releases that highlight the changes of that particular release, and provide you with links to the latest versions of the user.js file on the Github project page.
You can use this link as an entry point on Github to explore the project there.
Without further Ado, here is Pants announcement:
Hi ghacks
After v11 (FF51), I decided to put the ghacks user.js on GitHub. This brings a lot of benefits that I don't need to list here. It's been a busy 6 weeks, and now that all the noise (number of posts and discussions and issues) have died down, I can tell you about it... here's what we've done... so far:
PS: I'm crap at writing, so I'm doing this bullet style
PPS: I just want to say thanks to the guys (and gals) who have been contributing at GitHub, but a MASSIVE thanks to Earthlng, who is the only MEMBER (and I am the owner) of the ghacksuserjs GitHub organization, and as such he has full control over the repository. His contributions have really helped bring the ghacks user.js to another level in so many ways, and the work put in with generating diffs, research, and the changelog are fantastic.
Readme
- I wrote a short little readme that outlines a few things. Go read it. Seriously, go read it.
- Default readme.md is shown on the home page here ( https://github.com/ghacksuserjs/ghacks-user.js )
- Sexier themed version is here ( https://ghacksuserjs.github.io/ghacks-user.js/ )
Ghacks User.js changes
- Changed version numbering to match Firefox stable (see the release section below)
- Stripped out all non essential sections, such as Firefox Add-ons and Test Sites to the wiki section, and Palemoon and Things to Investigate to issues
- Removed the troubleshooting list (see tags below)
- Super-simplified and shortened the original intro/readme - most of this moved to the "Wiki: Getting Started" pages
- Formatted the js so all multi-line text can collapse and fold
- Cleaned up all the typos, expanded acronyms, fixed grammar, used same syntax for parts (such as version start and end numbering)
- Added tags such as [WARNING], [SETUP], [SETTINGS], [TEST] and numbered references [1], [2] etc.
- As a result the entire js is much easier to visually parse, read, and search
- Revamped entire sections to be more logically ordered, with section sub-grouping if needed, and better explanations, including section descriptions when required. Even made some groupings and order based on commenting them out for more convenience. These sections include:
- 0800: location bar / search bar / forms etc
- 1000: cache
- 1200: https / ciphers etc
- 1600: headers / referers
- 2800: shutdown
- Section revamps included improving some preferences (some were found to be deprecated or legacy, others were changed, some preferences are new, better descriptions and all that)
- Created a new section 2697: UA Spoofing
- Compared ghacks vs pyllyukko: we added 4 minor obscure preferences. (Documented in issue #10). Created a diff for pyllyukko to compare, and so far they have added almost 2 dozen items from ghacks, and still going
- Compared ghacks values vs pyllyukko values for what we have in common: no changes. We differ on only 8 preferences due to a slightly different strategy. That's a good sign. (Documented in issue #18)
- Upgraded to Firefox 52 compliant
Wiki
- Add-ons Appendix is more informational with flags for e10s, WebExtension etc
- Test Sites Appendix expanded as well
- References Appendix (Mozilla, MDN, TOR, CVE etc sites) added
- The "readme section" from the old js has become an in-depth "Getting Started" wiki section, and expanded (with pictures!), including a full overview of how a user.js works, how to backup properly, an implementation page, and even how to troubleshoot a preference.
- The implementation page led me to create a How To section on working with multiple profiles for both installed and portable Firefox, and how to run concurrent profiles. I will create the Lock Pref pages in due time.
- Added a "Scripts" section, including some greasemonkey (or similar) scripts and pointers for NoScript, uBlock Origin and uMatrix (this is a work in progress)
- Note: There are "sticky" issues for various wiki section suggestions
- Future plans include expanding the wiki even further with Tutorials and Articles and more How To's
Releases
- As mentioned, we changed the version number to match Firefox stable
- You can read all about how we manage "releases" here ( https://github.com/ghacksuserjs/ghacks-user.js/issues/54 )
- Basically, the current "live" master user.js is always current stable and always being improved
- At the end of stable life-cycle, we now archive off a "release" for legacy and archival reasons
- Then we change the master version number and as quickly as we can test and add preferences and deprecate items as per the new stable version. We know in advance a lot of the changes due to Earthlng's diffs
- As soon as we have worked through all the changes, we create a "pre-release", and from this we can generate a user friendly changelog (Earthlng authors these, and they use the changelog label in issues). You can click labels to filter issues. We will always have an open "Changelog" issue, and older ones will be closed, but there for historical pruposes. They are a lot more user friendly than the atomic level commit history.
- Martin will republish Earthlng's changelog here at ghacks as soon as we do them, just like he does a "What's new in Firefox X", there will be a "What's new in ghacks user,js X"
- The delay last time was around 7 days from when stable landed. So expect that to be the approximate time frame, as we have to upgrade ourselves, test items and so on.
- Again, the "Pre-release" is a snapshot, the master user.js (here: https://github.com/ghacksuserjs/ghacks-user.js/blob/master/user.js ) is the one always being worked on.
Future Plans
- Besides the obvious
- stable compliant releases
- improving the js
- improving tags and info on breakage and setup
- updating and improving the wiki
- Providing branches
- preset versions eg: "Relaxed", "Hardened", "Social Media" etc for use with multiple profiles
- when Firefox 57 lands, maybe start an ESR branch
That's about all. Everyone is welcome to come visit and contribute.
Regards
Thorin-Oakenpants
Well done!
I thought Pants was a “her”. No?
It’s a well known fact that Dwarves like their wimmins stout and hairy!
“… female Dwarves look and sound (and dress, if journeying—which is rare) so alike to Dwarf-males that other folk cannot distinguish them, and thus others wrongly believe Dwarves grow out of stone” – Tolkien
ROTFL! Pants, outside of your amazing brain, your stoutness and hairiness make you a beautiful woman… I mean wommin.
You know, sooner or later, we are going to insist on a photo. As the kids say, pics or fake.
<3 btw., the editor used here is Atom?! Notepad++ (& Notepadqq) and Kate (KDE) are nice; but, eye like that THEME – the dark won, w/the colors.. although all of these programs *do* have lang. highlighting.
v1adimir – its Notepad++ and the Theme is Obsdian (and the font is Hack)
@Pants Hey, um… Thanks (so much!) for the reply!.. I’d been here earlier, but haven’t said anything. Anyway, thank you!! :))
Cool cool, but where are the previews? How do I know that I would like to try this user.js without previews? Or is this just a security mod, not something to make Firefox look good?
The user.js config file changes Firefox configuration. It focuses heavily on privacy and security, and not looks. So, if you want to harden your browser, this is the thing you need.
There are not any images because it does not really change how Firefox looks at all.
Firefox has a Profile Manager, “In the Run dialog box, type in: firefox.exe -P (Note: You can use -P, -p or -ProfileManager (any of them should work))” @support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles
That would be the easiest way to test and see. Under Linux, bash shell, it’s: “firefox –ProfileManager”. :)
True story .. If you play the punch card (https://github.com/ghacksuserjs/ghacks-user.js/graphs/punch-card) backwards in a pianola (like the one in Westworld), you will unlock your conscious and become self-aware
When I see what happened to Lucy in Besson’s movie when she hit the 100% of her brain potential I’m not truly in a hurry to unlock my conscious. But increasing from 10% to, say, 15% would be helpful!
Not to mention that imperfection is so delightful.
It’s an old concept, today we know that the (human) brain is utilized to the full potential. Any reserves that there might be are just that – reserves, in case of damage for example. Just, btw.
I’ve been reading about Pants’s user.js on here for a while, but haven’t really taken the time to dig into it and see which parts I want to implement. I surely will now, though.
I’m also excited to see a section of the wiki devoted to extension tips for UBlock Origin. I’ve been keen lately on finding ways to harden my browser, yet allow “harmless” advertisements (those that don’t track me, etc) to abide freely. I don’t want to adversely impact content providers (such as Martin!) who rely on ad revenue.
That’s very kind of you Andy, thanks ;)
“Martin Brinkmann at ghacks
100% genuine super-nice all-round good guy”
I’m now imagining Martin as a sphere, like PacMan…
“Thorin-Oakenpants”
Gives ZERO fkcus (misspelled purposefully so that it isn’t removed) and has a funny avatar.
Who is “earthlng “?
in the original Aug 2015 article, you can see “earthling” ‘s comments over the last 18 months ( a couple of hundred of them). On GitHub his/her handle is earthlng (without the i) as seen here: https://github.com/orgs/ghacksuserjs/people
I’m sorry if this is not the best way to contact you…but I have a question. In a recent post to https://www.ghacks.net/2018/10/21/mozilla-tests-premium-vpn-service/
There were some comments regarding traffic to various hostnames.
I spent a moment and gathered the information from these comments as well as from about:config and came up with the following list. I use your user.js file that you have developed (thank you very much). I wondered if these hostnames are a security risk, in your opinion, and if you think any of them should be restricted. I’m still kind of new to Firefox and all the options so if I’m going down a path that’s just going to cause problems just let me know.
accessibility.support.ur supporgt.mozilla.org
app.feedback.baseUR input.mozilla.org
app.normandy.shieldLearnMoreUr supporgt.mozilla.org
app.productInfo.baseUR http://www.mozilla.org
app.releaseNotesUR http://www.mozilla.org
app.support.baseUR supporgt.mozilla.org
app.update.ur aus5.mozilla.org
app.update.url.detail http://www.mozilla.org
app.update.url.manua http://www.mozilla.org
browser.chrome.errorReporter.infoUR supporgt.mozilla.org
browser.contentblocking.reportBreakage.ur tracking-protection-issues.herokuapp.com
browser.dictionaries.download.ur addons.mozilla.org
browser.geolocation.warning.infoUR http://www.mozilla.org
browser.newtabpage.activity-stream.default.site http://www.youtube.com/,www.facebook.com/,www.amazon.com/,www.reddit.com/,www.wikipedia.org/,twitter.com/
browser.newtabpage.activity-stream.fxaccounts.endpoin accomunts.firefox.com
browser.newtabpage.activity-stream.telemetry.ping.endpoin tiles.services.mozilla.com
browser.ping-centre.production.endpoin tiles.services.mozilla.com
browser.ping-centre.staging.endpoin onyx_tiles.stage.mozaws.net
browser.safebrowsing.provider.google.advisoryUR developers.google.com
browser.safebrowsing.provider.google.gethashUR safebrowsing.google.com
browser.safebrowsing.provider.google.updateUR safebrowsing.google.com
browser.safebrowsing.provider.google4.advisoryUR developers.google.com
browser.safebrowsing.provider.google4.gethashUR safebrowsing.googleapis.com
browser.safebrowsing.provider.google4.updateUR safebrowsing.googleapis.com
browser.safebrowsing.provider.mozilla.gethashUR shavar.services.mozilla.com
browser.safebrowsing.provider.mozilla.updateUR shavar.services.mozilla.com
browser.search.searchEnginesUR addons.mozilla.org
browser.uitour.themeOrigi addons.mozilla.org
datareporting.healthreport.infoUR http://www.mozilla.org
datareporting.policy.firstRunUR http://www.mozilla.org
devtools.devices.ur comde.cdn.mozilla.net
devtools.gcli.imgurUploadUR api.imgur.com
devtools.gcli.jquerySr cdnjs.cloudflare.com
devtools.gcli.lodashSr cdnjs.cloudflare.com
devtools.gcli.underscoreSr cdnjs.cloudflare.com
devtools.webide.adbAddonUR http://ftp.mozilla.org
devtools.webide.templatesUR comde.cdn.mozilla.net
extensions.blocklist.detailsUR blocked.cdn.mozilla.net
extensions.blocklist.itemUR blocked.cdn.mozilla.net
extensions.blocklist.ur blocklists.settings.services.mozilla.com
extensions.getAddons.compatOverides.ur services.addons.mozilla.org
extensions.getAddons.get.ur services.addons.mozilla.org
extensions.getAddons.langpacks.ur services.addons.mozilla.org
extensions.getAddons.link.ur addons.mozilla.org
extensions.getAddons.search.browseUR addons.mozilla.org
extensions.getAddons.themes.browseUR addons.mozilla.org
extensions.update.background.ur versioncheck-bg.addons.mozilla.org
extensions.update.ur versioncheck.addons.mozilla.org
extensions.webcompat-reporter.newIssueEndpoin webcommpat.com
gecko.handlerService.schemes.irc.0.uriTemplat http://www.mibbit.com
gecko.handlerService.schemes.ircs.0.uriTemplat http://www.mibbit.com
gecko.handlerService.schemes.mailto.0.uriTemplat commpose.mail.yahoo.com
gecko.handlerService.schemes.mailto.1.uriTemplat mail.google.com
gecko.handlerService.schemes.webcal.0.uriTemplat 30boxes.com
geo.wifi.ur location.services.mozilla.com
identity.fxaccounts.auth.ur api.accomunts.firefox.com
identity.fxaccounts.remote.oauth.ur oauth.accomunts.firefox.com
identity.fxaccounts.remote.profile.ur profile.accomunts.firefox.com
identity.fxaccounts.remote.roo accomunts.firefox.com
identity.mobilepromo.androi http://www.mozilla.org
identity.mobilepromo.io http://www.mozilla.org
identity.sync.tokenserver.ur token.services.mozilla.com
lightweightThemes.getMoreUR addons.mozilla.org
media.decoder-doctor.new-issue-endpoin webcommpat.com
network.trr.ur mozilla.cloudflare-dns.com
NO ABOUT CONFIG ENTRY activations.cdn.mozilla.net
NO ABOUT CONFIG ENTRY balrog-aus5.r53-2.services.mozilla.com
NO ABOUT CONFIG ENTRY crash-stats.mozilla.com
NO ABOUT CONFIG ENTRY detectportal.firefox.com
NO ABOUT CONFIG ENTRY experiments.mozilla.org
NO ABOUT CONFIG ENTRY fhr.cdn.mozilla.net
NO ABOUT CONFIG ENTRY getpocket.cdn.mozilla.net
NO ABOUT CONFIG ENTRY incoming.telemetry.mozilla.org
NO ABOUT CONFIG ENTRY olympia.prod.mozaws.net
NO ABOUT CONFIG ENTRY qsurvey.mozilla.com
NO ABOUT CONFIG ENTRY search.r53-2.services.mozilla.com
NO ABOUT CONFIG ENTRY search.services.mozilla.com
NO ABOUT CONFIG ENTRY self-repair.mozilla.org
NO ABOUT CONFIG ENTRY self-repair.r53-2.services.mozilla.com
NO ABOUT CONFIG ENTRY services.addons.mozilla.org
NO ABOUT CONFIG ENTRY shavar.prod.mozaws.net
NO ABOUT CONFIG ENTRY shield-normandy-elb-prod-2099053585.us-west-2.elb.amazonaws.com
NO ABOUT CONFIG ENTRY telemetry.mozilla.org
NO ABOUT CONFIG ENTRY telemetry-experiment.cdn.mozilla.net
NO ABOUT CONFIG ENTRY tiles.r53-2.services.mozilla.com
NO ABOUT CONFIG ENTRY versioncheck.prod.mozaws.net
privacy.trackingprotection.introUR http://www.mozilla.org
services.settings.serve firefox.settings.services.mozilla.com
services.sync.fxa.privacyUR accomunts.firefox.com
services.sync.fxa.termsUR accomunts.firefox.com
toolkit.crashreporter.infoUR http://www.mozilla.org
toolkit.datacollection.infoUR http://www.mozilla.org
webextensions.storage.sync.serverUR webextensions.settings.services.mozilla.com
xpinstall.signatures.devInfoUR wiki.mozilla.org