me/omegafox
1
0
Fork 0
mirror of https://forge.fsky.io/oneflux/omegafox.git synced 2026-02-10 16:32:05 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

enable Encrypted Client Hello

Browse source
This commit is contained in:
oneflux 2025-04-22 10:16:43 -07:00
parent cc8c694545
commit 3f822176dd
2 changed files with 9 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -20,6 +20,7 @@
- Weak ciphers and outdated TLS versions disabled by default - Weak ciphers and outdated TLS versions disabled by default
- Hardened compilation configuration - Hardened compilation configuration
- Bundled with [hardened_malloc](https://github.com/GrapheneOS/hardened_malloc) - Bundled with [hardened_malloc](https://github.com/GrapheneOS/hardened_malloc)
- Uses Mullvad's adblock DNS-over-HTTPS to provide Encrypted Client Hello
- More to come - More to come
## Building ## Building

21
settings/omegafox.cfg
View file

@ -1,7 +1,3 @@
// =================================================================
// CAMOUFOX FUNCTIONALITY
// =================================================================
// Use dark theme // Use dark theme
defaultPref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org"); defaultPref("extensions.activeThemeID", "firefox-compact-dark@mozilla.org");
@ -382,10 +378,6 @@ defaultPref("datareporting.policy.dataSubmissionEnabled", false);
defaultPref("datareporting.policy.dataSubmissionPolicyAccepted", false); defaultPref("datareporting.policy.dataSubmissionPolicyAccepted", false);
defaultPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true); defaultPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true);
// -------
// CAMOUFOX: Removed pref to disable pdf.js
// -------
// Disable BFCache in parent process. // Disable BFCache in parent process.
// We also separately disable BFCache in content via docSchell property. // We also separately disable BFCache in content via docSchell property.
defaultPref("fission.bfcacheInParent", false); defaultPref("fission.bfcacheInParent", false);
@ -455,10 +447,6 @@ defaultPref("security.enterprise_roots.enabled", true);
defaultPref("toolkit.shutdown.fastShutdownStage", 0); defaultPref("toolkit.shutdown.fastShutdownStage", 0);
// -------
// CAMOUFOX: Removed pref to use light theme by default (make less like headless)
// -------
// Do not use system colors - they are affected by themes. // Do not use system colors - they are affected by themes.
defaultPref("ui.use_standins_for_native_colors", true); defaultPref("ui.use_standins_for_native_colors", true);
@ -673,4 +661,11 @@ defaultPref("security.tls.version.max", 4); // 4 = TLS 1.3
defaultPref("security.ssl3.rsa_rc4_128_sha", false); defaultPref("security.ssl3.rsa_rc4_128_sha", false);
defaultPref("security.ssl3.rsa_des_ede3_sha", false); defaultPref("security.ssl3.rsa_des_ede3_sha", false);
defaultPref("security.ssl3.dhe_rsa_aes_128_sha", false); defaultPref("security.ssl3.dhe_rsa_aes_128_sha", false);
defaultPref("security.ssl3.dhe_rsa_aes_256_sha", false); defaultPref("security.ssl3.dhe_rsa_aes_256_sha", false);
// Enable Encrypted Client Hello
defaultPref("network.trr.enabled", true);
defaultPref("network.trr.uri", "https://adblock.dns.mullvad.net/dns-query");
defaultPref("network.trr.mode", 2);
defaultPref("network.dns.echconfig.enabled", true);
defaultPref("network.trr.bootstrapAddress", 194.242.2.3);