Firefox Advance Settings(about:config)(Secret Menu)

-
firefox browser image
Firefox Browser Logo
Firefox browser has many features which makes it unique. It is one of major (widely recognised) alternatives to the Chromium based browsers in the market. The browser has many good and bad features and the decisions of its parent organisation's management who claim to be privacy friendly and not for profit, is often questionable.

One of the unique features of the browser is its advanced settings, found by typing "about:config".
As of 2025, this can be accessed on any version of firefox on desktop but on android, it is only found in the Beta and Nightly versions.

To access this secret menu on regular Firefox on Android , type in search bar
"chrome://geckoview/content/config.xhtml"
Often people find it difficult to understand what these settings do because there is no official list of these and all information related to the settings are scattered in the web.

So, here are some important settings with their descriptions. Please note , some of them may change or get removed (Mozilla's old bad habit). 
Therefore, user caution is required.


Prefetching

Link prefetching

Firefox will prefetch certain links if any of the websites you are viewing uses the special prefetch-link tag. To disable Link prefetching:
In the about:config page, search for the preference network.prefetch-next.

Observe the Value column of the network.prefetch-next row.
If it is set to false then do nothing.
If it is set to true, double-click it to set it to false.

DNS prefetching

In order to reduce latency, Firefox will proactively perform domain name resolution on links that the user may choose to follow as well as URLs for items referenced by elements in a web page. To disable DNS prefetching:
In the about:config page, search for the preference network.dns.disablePrefetch.
Observe the Value column of the network.dns.disablePrefetch row.
If it is set to true then do nothing.
If it is set to false, double-click it to set it to true.

Speculative pre-connections


To improve the loading speed, Firefox will open predictive connections to sites when the user hovers their mouse over thumbnails on the New Tab page or the user starts to search in the Search Bar, or in the search field on the Home or the New Tab page. In case the user follows through with the action, the page can begin loading faster since some of the work was already started in advance.
To disable this feature:In the about:config page, search for the preference network.http.speculative-parallel-limit.

Observe the Value column of the network.http.speculative-parallel-limit row.

If it is set to 0 then do nothing.
If it is set to a different value, double-click it to set it to 0


Experiments or studies

To disable new feature experiments, set messaging-system.rsexperimentloader.enabled to false.

To disable the running of experiments, set app.shield.optoutstudies.enabled to false. This is not necessary if app.normandy.enable is also set to false.

To disable studies, feature rollouts and emergency hotfixes related to Normandy, set app.normandy.enabled to false.

Some other settings for more privacy or reduce informaion being sent by your browser

browser.tabs.crashReporting.sendReport

set to  false

toolkit.telemetry.server

set to  "(empty)"

toolkit.telemetry.server_owner

set to  "(empty)"


toolkit.telemetry.unified 
set to false

browser.newtabpage.activity-stream.section.highlights.includePocket 
set to false

services.sync.prefs.sync.browser.newtabpage.activity-stream.section.highlights.includePocket 
set to false

extensions.pocket.enabled 
set to false

network.dns.disablePrefetch 
set to true

network.prefetch-next 
set to false

geo.enabled

Determines if location aware browsing is enabled.
True: Location Aware browsing is enabled. (default)
False: The feature is disabled which means that you won't get prompts on websites it.

webgl.disabled  = true

general.useragent.override "Enter useragent"
it works only when resistfingerprinting is disabled



network.http.referer.XOriginPolicy

Defines when to set the referrer (the page a visit originated from).0: Never send it.
1: only send if the base domain matches.
2: only send if hosts match.

network.http.referer.spoofSource

Whether the real or a fake referrer is used by Firefox.
False: The real referrer is used. (default)
True: Spoof the referrer.

network.http.referer.trimmingPolicy

Defines whether the referrer is trimmed or not.0: send the full URI (default).
1: Send schema+host+port+path
2: Send schema+host+port

network.http.sendRefererHeader

Controls when to send the referer header and document.referrer is set.0: Never send the Referer header or set document.referrer.
1: Send it after clicking on links.
2. Send if after clicking on links or loading an image (default).

network.http.sendSecureXSiteReferrer

Defines whether a Referer header is sent when you are navigating from one secure site to another.True: The Referer header is added to connections (default).
False: The Referer header is not added.

network.http.use-cache

Defines whether Firefox caches http requests.True: Enables caching in Firefox. (default)
False: Disables the caching of http requests.

network.prefetch-next

Defines whether Firefox will accept link prefetching directives by websites.
True: Link Prefetching is enabled. (default)
False: The feature is disabled.

privacy.donottrackheader.enabled

Sets the Do Not Track header which informs websites and services about the tracking preference.
False: Do Not Track Header is not added to connections. (default)
True: Do Not Track Header is used.

privacy.sanitize.sanitizeOnShutdown

Whether the browsing history is automatically cleared on shutdown.
False: It is not cleared (default).
True: It is cleared.

privacy.trackingprotection.enabled

Defines whether Firefox's Tracking Protection feature is enabled.
False:Tracking Protection is disabled.
True: The feature is enabled.

security.OCSP.enable

Defines if OCSP Stapling is enabled in Firefox which determines how certificate information are retrieved (check Firefox 25 gets OCSP Stapling which improves privacy for detailed information).0: Disable OSCP Stapling
1: Firefox will use OCSP Stapling. (default)

security.tls.version.min and security.tls.version.max


Defines the minimum and maximum allowed version of SSL or TSL when communicating with encrypted servers. Setting it to 0 is not recommended because of known vulnerabilities.0: SSL 3.0 (minimum)
1: TSL 1.0 (default)
2: TSL 1.1
3: TSL 1.2 (default maximum)


media.peerconnection.enabled

This preference determines whether WebRTC is enabled in Firefox. WebRTC is used for telephony and video chat functionality but leaks local and remote IP addresses as well. May also be used in browser fingerprinting.

True: WebRTC is enabled (default).
False: WebRTC is disabled. Note: you need to set loop.enabled to False as well.

media.video_stats.enabled

Provides web applications with information about video playback statistics such as the framerate.
True: Web applications can access statistics (default).
False: Statistics cannot be accessed.

network.cookie.alwaysAcceptSessionCookies

Determines whether Firefox will accept so-called session cookies (removed when browser exits) automatically. Depends on network.cookie.lifetimePolicy set to 1.
True: Firefox will accept session cookies.
False: Firefox won't accept them. (default)

network.cookie.cookieBehavior

Defines if cookies are allowed in Firefox.0: All cookies are allowed.
1: Only cookies from the first-party server are allowed.
2: Block all cookies.
3: Third-party cookies are only allowed if cookies from the site are already stored by Firefox. (default)

network.cookie.lifetime.days

Defines the number of days that cookies are stored by Firefox if network.cookie.cookieBehavior is set to 3.
90: days by default.

network.cookie.lifetimePolicy

This defines when cookies expire in Firefox.0: The originated server sets the cookie lifetime. (default)
1: Firefox prompts the user (unless network.cookie.alwaysAcceptSessionCookies is set to true).
2: Cookie expires at the end of the session.
3: The cookie lasts for the days specified in network.cookie.lifetime.days.

network.dnsCacheEntries

Defines how many entries Firefox will keep in the browser's DNS cache.400: the default number of cached DNS entries.

network.dnsCacheExpiration

The time cached DNS entries will be saved by Firefox.60: value in seconds.


dom.event.contextmenu.enabled

Determines whether websites are allowed to block access to the right-click context menu.
True: Websites may manipulate the context menu. (default)
False: Web pages won't be allowed to manipulate or block the context menu

dom.event.clipboardevents.enabled

True: Websites may read or modify clipboard events. (default)
False: Blocks access.


dom.battery.enabled

Gives web applications access to the battery status of mobile devices. May be used in fingerprinting techniques.
True: Allows web applications to retrieve the battery status (default).
False: Disables the functionality.


browser.urlbar.autocomplete.enabled


Whether Firefox will display auto-complete suggestions when you type in the address bar.
True: Firefox will use auto-complete. (default)
False: Auto-complete won't be used.


browser.search.suggest.enabled

Defines whether search suggestions are displayed in Firefox.
True: Search suggestions are displayed (default).
False: Search suggestions are disabled.

browser.send_pings

Informs servers about links that get clicked on by the user.
True: Feature is enabled.
False: Pings are not enabled.

browser.sessionhistory.max_entries

The number of previous pages that Firefox keeps saved for every open site in the browser (back and forward functionality).50: The default value.


browser.formfill.enable

Defines whether Firefox will save text entered into web forms.
True: Text that a user enters into forms and the browser's search bar will be saved. (default)
False: The data won't be saved.

places.history.enabled

Defines if Firefox should remember visited pages.
True: The browser will remember pages you have visited. (default)
False: History will not be recorded.

browser.privatebrowsing.autostart

Defines if Firefox is started in private browsing mode on start.False: Firefox is started normally (default).
True: Private Browsing mode is used automatically.




beacon.enabled

Sends data to servers when leaving pages.
True: Feature is enabled and web apps can make use of it (default).
False: Disables the feature.

browser.cache.check_doc_frequency

Determines how often Firefox checks if a newer than cached version is available.0: check once per session
1: check every time the page is opened
2: always use cached version never check
3: automatically determine (default)

browser.cache.disk.capacity

The maximum space that Firefox uses for the disk cache.0: Don't use the disk cache.
256000: default value in Kilobyte.

browser.cache.disk.enable

Defines Firefox's use of the disk cache.
True: Firefox uses disk cache. The capacity of the cache is set in the browser.cache.disk.capacity preference. (default)
False: Disk cache is not used.

browser.cache.disk_cache_ssl

Defines whether contents of SSL (https) web pages get cached by Firefox on disk.
True: Firefox will cache contents of https websites. (default)
False: Firefox will not cache https website contents.

browser.cache.memory.max_entry_size

The maximum size of a single entry in the memory cache in Kilobyte.-1: no limit
5120: default size.

browser.cache.memory.enable

Whether a memory cache is used by the browser.
True: Firefox will make use of a memory cache.
False: The browser's memory cache is disabled and thus not used.

browser.cache.offline.capacity

The capacity of the offline cache. Needs browser.cache.offline.enable set to true.512000: the default cache size in Kilobyte.
 
  • browser.newtabpage.enabled = false
  • browser.newtab.preload = false
  • browser.newtabpage.activity-stream.feeds.telemetry = false
  • browser.newtabpage.activity-stream.telemetry = false
  • browser.newtabpage.activity-stream.feeds.snippets = false
  • browser.newtabpage.activity-stream.feeds.section.topstories = false
  • browser.newtabpage.activity-stream.section.highlights.includePocket = false
  • browser.newtabpage.activity-stream.feeds.discoverystreamfeed = false
  • browser.newtabpage.activity-stream.showSponsored = false
  • browser.newtabpage.activity-stream.showSponsoredTopSites = false
  • browser.newtabpage.activity-stream.default.sites = ""

Geolocation

  • geo.provider.network.url = ""
Disable using the OS’s geolocation service:
  • geo.provider.ms-windows-location = false
  • geo.provider.use_corelocation = false
  • geo.provider.use_gpsd = false
  • geo.provider.use_geoclue = false
Disable region updates:
  • browser.region.network.url = ""
  • browser.region.update.enabled = false
Language 
  • Set language for displaying web pages:
  • intl.accept_languages = "en-US, en-GB"
  • javascript.use_us_english_locale = true

Disable auto-installing Firefox updates:
  • app.update.background.scheduling.enabled = false
  • app.update.auto = false
Disable addons recommendations :
  • extensions.getAddons.showPane = false
  • extensions.htmlaboutaddons.recommendations.enabled = false
  • browser.discovery.enabled = false

Telemetry

Disable telemetry:

  • datareporting.policy.dataSubmissionEnabled = false
  • datareporting.healthreport.uploadEnabled = false
  • toolkit.telemetry.enabled = false [Default: false]
  • toolkit.telemetry.unified = false
  • toolkit.telemetry.server = "data:,"
  • toolkit.telemetry.archive.enabled = false
  • toolkit.telemetry.newProfilePing.enabled = false
  • toolkit.telemetry.shutdownPingSender.enabled = false
  • toolkit.telemetry.updatePing.enabled = false
  • toolkit.telemetry.bhrPing.enabled = false
  • toolkit.telemetry.firstShutdownPing.enabled = false
  • toolkit.telemetry.coverage.opt-out = true
  • toolkit.coverage.opt-out = true
  • toolkit.coverage.endpoint.base = ""
  • browser.ping-centre.telemetry = false
  • beacon.enabled = false

Studies
Disable studies:

  • app.shield.optoutstudies.enabled = false
  • services.sync.prefs.sync.app.shield.optoutstudies.enabled= false
Disable Normandy/Shield:
  • app.normandy.enabled = false
  • app.normandy.api_url = ""
Crash Reports
Disable crash reports:
  • breakpad.reportURL = ""
  • browser.tabs.crashReporting.sendReport = false
browser.cache.offline.enable
Whether web applications and sites can use an offline cache on the local system.
True: Web applications may use an offline cache (default)
False: Offline cache functionality is disabled
 
network.predictor.enable-prefetch
network.predictor.enable-prefetch


Captive Portal Detection / Network Checks
Disable captive portal detection:
  • captivedetect.canonicalURL = ""
  • network.captive-portal-service.enabled = false

Disable network connections checks:
  • network.connectivity-service.enabled = false
Network: DNS, Proxy, IPv6
Disable link prefetching:
  • network.prefetch-next = false

Disable DNS prefetching:
  • network.dns.disablePrefetch = true
Disable predictor:
  • network.predictor.enabled = false
Disable link-mouseover opening connection to linked server:
  • network.http.speculative-parallel-limit = 0

Disable mousedown speculative connections on bookmarks and history:
  • browser.places.speculativeConnect.enabled = false

Disable IPv6:
  • network.dns.disableIPv6 = true

Disable GIO protocols as a potential proxy bypass vectors:
  • network.gio.supported-protocols = ""

Disable using UNC (Uniform Naming Convention) paths (prevent proxy bypass):
  • network.file.disable_unc_paths = true

Remove special permissions for certain mozilla domains:
  • permissions.manager.defaultsUrl = ""
Use Punycode in Internationalized Domain Names to eliminate possible spoofing:
  • network.IDN_show_punycode = true
Search Bar: Suggestions, Autofill
Disable search suggestions:
  • browser.search.suggest.enabled = false
  • browser.urlbar.suggest.searches = false

Disable location bar domain guessing:
  • browser.fixup.alternate.enabled = false

Display all parts of the url in the bar:
  • browser.urlbar.trimURLs = false

Disable location bar making speculative connections:
  • browser.urlbar.speculativeConnect.enabled = false

Disable form autofill:
  • browser.formfill.enable = false
  • extensions.formautofill.addresses.enabled = false
  • extensions.formautofill.available = "off"
  • extensions.formautofill.creditCards.available = false
  • extensions.formautofill.creditCards.enabled = false
  • extensions.formautofill.heuristics.enabled = false

Disable location bar contextual suggestions:
  • browser.urlbar.quicksuggest.scenario = "history"
  • browser.urlbar.quicksuggest.enabled = false
  • browser.urlbar.suggest.quicksuggest.nonsponsored = false
  • browser.urlbar.suggest.quicksuggest.sponsored = false
Passwords
Disable saving passwords:
  • signon.rememberSignons = false

Disable autofill login and passwords:
  • signon.autofillForms = false

Disable formless login capture for Password Manager:
  • signon.formlessCapture.enabled = false

Hardens against potential credentials phishing: 0 = don’t allow sub-resources to open HTTP authentication credentials dialogs
  • 1 = don’t allow cross-origin sub-resources to open HTTP authentication credentials dialogs
  • 2 = allow sub-resources to open HTTP authentication credentials dialogs (default)
  • network.auth.subresource-http-auth-allow = 1
Disk Cache / Memory
Disable disk cache:
  • browser.cache.disk.enable = false
Disable storing extra session data: 0 = everywhere
1 = unencrypted sites
2 = nowhere
browser.sessionstore.privacy_level = 2

Disable resuming session from crash:
  • browser.sessionstore.resume_from_crash = false

Disable page thumbnail collection
  • browser.pagethumbnails.capturing_disabled = true

Disable favicons in profile folder
  • browser.shell.shortcutFavicons = false

Delete temporary files opened with external apps:
  • browser.helperApps.deleteTempFileOnExit = true
Audio/Video: WebRTC, WebGL, DRM
Disable WebRTC:
  • media.peerconnection.enabled = false

Force WebRTC inside the proxy:
  • media.peerconnection.ice.proxy_only_if_behind_proxy = true

Force a single network interface for ICE candidates generation:
  • media.peerconnection.ice.default_address_only = true

Force exclusion of private IPs from ICE candidates:
  • media.peerconnection.ice.no_host = true

Disable WebGL (Web Graphics Library):
  • webgl.disabled = true
Disable autoplay of HTML5 media: 0 = allow all
1 = block non-muted media (default)
5 = block all
media.autoplay.default = 5
Disable DRM Content: media.eme.enabled = false
Downloads
Always ask you where to save files:
  • browser.download.useDownloadDir = false
Disable adding downloads to system’s “recent documents” list:
  • browser.download.manager.addToRecentDocs = false
Cookies
Enable ETP (Enhanced Tracking Protection), ETP strict mode enables Total Cookie Protection (TCP):
  • browser.contentblocking.category = "strict"

Enable state partitioning of service workers:
  • privacy.partition.serviceWorkers = true
Enable APS (Always Partitioning Storage)
  • privacy.partition.always_partition_third_party_non_cookie_storage = true
  • privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage = true
UI Features
Block popup windows:
  • dom.disable_open_during_load = true

Limit events that can cause a popup:
  • dom.popup_allowed_events = click dblclick mousedown pointerdown

Disable Pocket extension:
  • extensions.pocket.enabled = false

Disable Screenshots extension:
  • extensions.Screenshots.disabled = true

Disable PDJFS scripting:
  • pdfjs.enableScripting = false

Enable Containers and show the UI settings:
  • privacy.userContext.enabled = true
Extensions
Set extensions to work on restricted domains, and their scopeis to “profile+applications”:
  • extensions.enabledScopes = 5
  • extensions.webextensions.restrictedDomains = ""

Display always the installation prompt:
  • extensions.postDownloadThirdPartyPrompt = false
Shutdown Settings
Clear history, cookies and site data when Firefox closes:
  • network.cookie.lifetimePolicy = 2
  • privacy.sanitize.sanitizeOnShutdown = true
  • privacy.clearOnShutdown.cache = true
  • privacy.clearOnShutdown.cookies = true
  • privacy.clearOnShutdown.downloads = true
  • privacy.clearOnShutdown.formdata = true
  • privacy.clearOnShutdown.history = true
  • privacy.clearOnShutdown.offlineApps = true
  • privacy.clearOnShutdown.sessions = true
  • privacy.clearOnShutdown.sitesettings = false
  • privacy.sanitize.timeSpan = 0
Fingerprinting (RFP)
Enable RFP:
  • privacy.resistFingerprinting = true

Set new window size rounding max values:
  • privacy.window.maxInnerWidth = 1600
  • privacy.window.maxInnerHeight = 900

Disable mozAddonManager Web API:
  • privacy.resistFingerprinting.block_mozAddonManager = true 

Disable using system colors:
  • browser.display.use_system_colors = false

Disable showing about:blank page when possible at startup
  • browser.startup.blankWindow = false

Disable using system colors:
  • browser.display.use_system_colors = false

Keep DarkMode with resistfingerprinting feature

  • privacy.fingerprintingProtection.overrides
  • privacy.fingerprintingProtection.enable= true
  • privacy.resistfingerprinting.enable=false

🛈 If you know about any other preferences and what it does, then feel free to post in the comments. Please donot follow these settings blindly, as it may break some sites. Only change according to your requirement.  

All preferences list 🛈

🔗https://searchfox.org/mozilla-release/source/modules/libpref/init/StaticPrefList.yaml 
🔗https://searchfox.org/mozilla-release/source/browser/app/profile/firefox.js
🔗https://searchfox.org/mozilla-release/source/modules/libpref/init/all.js

If you want to know latest prefs then search the Firefox source code. 🛈
🔗https://searchfox.org/mozilla-release 
 
🕸Sites to check what info your browser usually shares(⚠ use at your own risk)
🔗https://coveryourtracks.eff.org/
🔗https://browserleaks.com/
🔗https://arkenfox.github.io/TZP/tzp.html 

Read an old article on https://mantlematrix.blogspot.com/2022/10/firefox-settings-for-privacy-aboutconfig.html. Click to Read Now 

USER CAUTION IS REQUIRED WHILE CHANGING ANY OF THESE SETTINGS.(You have been warned)

 

Comments

Post a Comment

Popular posts from this blog

Great Indian 'Silent' Bank Loot

-
Image
Are Banks "Silently" Looting You?   Main concept of a Bank:- The main concept of a bank is based on "trust" between the bank and the depositor and between the bank and loane(one who takes a loan) . Basically,people keep their money in banks for safety, security & to get interest while the banks use this money to give loans to others and make a profit from it. And from the profit , it gives a share to its depositors and keeps the lion's share with itself. So, the bank is  happy and depositors are  happy and it will be a win- win situation for all. But,does it always work this way? Not Necessarily. If you have paid keen attention to your account balance in banks in the last few years then you might have noticed many unnecessary debits(reductions) in the balance. These debits are nothing but the various charges that banks levy on their customers such as 1. Late Fees 2. Debit Card Annual Fees 3. SMS Fees 4. Fees for not balance below minimum mon...
Read More

Act & Model:An Art

-
Acting and Modelin g Acting and modeling are two fields that are related to name, fame and money. Attracted by the glamour and glitz of this field, lakhs of young people try their luck and spend their time to get entry into this coveted field. Once they have achieved an acclaimed position, they can expect to see their names in the international circuits of acting field. However, only a few succeed as most of them do not have access to proper information about how to approach this career.  Acting is a job where a person acts like the character they are playing. Actor and actresses work in theatres, films, television programs and any other story telling medium. They portray the character by enacting; speaking or singing in movie, play or other forms they are working in.  Modeling is the career that is in great demand as models are the professionals who help promote the products of any business by posing for them. Models are one of the most sought after people in th...
Read More