Loading browser/app/profile/000-mullvad-browser.js 0 → 100644 +31 −0 Original line number Diff line number Diff line // Preferences specific to Mullvad Browser // Do not show the bookmark panel for now, because it makes the initial browser // window (about:home) bigger, and regular pages will show letterbox margins as // a result. pref("browser.toolbars.bookmarks.visibility", "never"); // mullvad-browser#19: Enable Mullvad's DOH pref("network.trr.uri", "https://dns.mullvad.net/dns-query"); pref("network.trr.default_provider_uri", "https://dns.mullvad.net/dns-query"); pref("network.trr.mode", 3); pref("doh-rollout.provider-list", "[{\"UIName\":\"Mullvad\",\"autoDefault\":true,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://dns.mullvad.net/dns-query\"},{\"UIName\":\"Mullvad (Ad-blocking)\",\"autoDefault\":false,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://adblock.dns.mullvad.net/dns-query\"}]"); // mullvad-browser#122: Audit DoH heuristics pref("doh-rollout.disable-heuristics", true); // mullvad-browser#87: Windows and Linux need additional work to make the // default browser choice working. // We are shipping only the portable versions for the initial release anyway, so // we leave this popup enabled only on macOS. #ifndef XP_MACOSX pref("browser.shell.checkDefaultBrowser", false); #endif // mullvad-browser#228: default to spoof en-US and skip showing the dialog pref("privacy.spoof_english", 2); // mullvad-browser#234: Do not spoof the OS in the User-Agent header pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false); // mullvad-browser#222: Hide "List all tabs" when the tabs don't overflow pref("browser.tabs.tabmanager.enabled", false); browser/app/profile/001-base-profile.js +4 −8 Original line number Diff line number Diff line Loading @@ -74,10 +74,10 @@ pref("browser.helperApps.deleteTempFileOnExit", true); pref("browser.download.enable_spam_prevention", true); // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); pref("signon.rememberSignons", false, locked); pref("browser.formfill.enable", false, locked); pref("signon.formlessCapture.enabled", false); // Added with tor-browser#41496 pref("signon.autofillForms", false); pref("signon.autofillForms", false, locked); pref("extensions.formautofill.available", ""); pref("extensions.formautofill.addresses.enabled", false); pref("extensions.formautofill.creditCards.enabled", false); Loading Loading @@ -368,7 +368,7 @@ pref("security.remote_settings.crlite_filters.enabled", false); pref("security.pki.crlite_mode", 0); // Disable website password breach alerts pref("signon.management.page.breach-alerts.enabled", false); pref("signon.management.page.breach-alerts.enabled", false, locked); // tor-browser#42814: Opt out from Firefox relay by default. // Firefox would normally assign disabled when a user has been presented the // opportunity to use the service and opted out (see firefox.js). Loading Loading @@ -537,7 +537,6 @@ pref("network.http.tailing.enabled", true, locked); // As of Firefox 118 (Bug 1843763), upstream does not add any protocol by // default, but setting it to blank seems a good idea (tor-browser#42054). pref("network.gio.supported-protocols", ""); pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces // Mullvad Browser enables WebRTC by default, meaning that there the following prefs // are first-line defense, rather than "in depth" (mullvad-browser#40) // tor-browser#41667 - Defense in depth: use mDNS to avoid local IP leaks on Android too if user enables WebRTC Loading @@ -549,9 +548,6 @@ pref("media.peerconnection.ice.default_address_only", true); pref("media.peerconnection.ice.no_host", true); pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // Disables media devices but only if `media.peerconnection.enabled` is set to // `false` as well. (see bug 16328 for this defense-in-depth measure) pref("media.navigator.enabled", false); // GMPs (Gecko Media Plugins, https://wiki.mozilla.org/GeckoMediaPlugins) // We make sure they don't show up on the Add-on panel and confuse users. // And the external update/donwload server must not get pinged. We apply a Loading browser/config/mozconfigs/base-browser +0 −7 Original line number Diff line number Diff line Loading @@ -19,15 +19,10 @@ ac_add_options --enable-base-browser-update ac_add_options --enable-bundled-fonts # See bug #41587 ac_add_options --disable-updater ac_add_options --disable-tests ac_add_options --disable-debug ac_add_options --disable-crashreporter # Before removing, please notice that WebRTC does not work on mingw (Bug 1393901) ac_add_options --disable-webrtc ac_add_options --disable-parental-controls ac_add_options --enable-proxy-bypass-protection # See bugs #30575 and #32418: system policies are harmful either because they Loading @@ -50,5 +45,3 @@ fi # tor-browser#42337 ac_add_options --enable-geckodriver ac_add_options --with-relative-data-dir=BaseBrowser/Data/Browser browser/config/mozconfigs/mullvad-browser 0 → 100644 +10 −0 Original line number Diff line number Diff line . $topsrcdir/browser/config/mozconfigs/base-browser export MOZ_APP_BASENAME=MullvadBrowser mk_add_options MOZ_APP_DISPLAYNAME="Mullvad Browser" ac_add_options --with-user-appdir=Mullvad ac_add_options --with-relative-data-dir=../Data ac_add_options --with-distribution-id=net.mullvad browser/installer/package-manifest.in +1 −0 Original line number Diff line number Diff line Loading @@ -269,6 +269,7 @@ @RESPATH@/browser/defaults/permissions ; Remote Settings JSON dumps @RESPATH@/browser/defaults/settings @RESPATH@/browser/@PREF_DIR@/000-mullvad-browser.js @RESPATH@/browser/@PREF_DIR@/001-base-profile.js # channel-prefs.js has been removed on macOS. Loading Loading
browser/app/profile/000-mullvad-browser.js 0 → 100644 +31 −0 Original line number Diff line number Diff line // Preferences specific to Mullvad Browser // Do not show the bookmark panel for now, because it makes the initial browser // window (about:home) bigger, and regular pages will show letterbox margins as // a result. pref("browser.toolbars.bookmarks.visibility", "never"); // mullvad-browser#19: Enable Mullvad's DOH pref("network.trr.uri", "https://dns.mullvad.net/dns-query"); pref("network.trr.default_provider_uri", "https://dns.mullvad.net/dns-query"); pref("network.trr.mode", 3); pref("doh-rollout.provider-list", "[{\"UIName\":\"Mullvad\",\"autoDefault\":true,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://dns.mullvad.net/dns-query\"},{\"UIName\":\"Mullvad (Ad-blocking)\",\"autoDefault\":false,\"canonicalName\":\"\",\"id\":\"mullvad\",\"last_modified\":0,\"schema\":0,\"uri\":\"https://adblock.dns.mullvad.net/dns-query\"}]"); // mullvad-browser#122: Audit DoH heuristics pref("doh-rollout.disable-heuristics", true); // mullvad-browser#87: Windows and Linux need additional work to make the // default browser choice working. // We are shipping only the portable versions for the initial release anyway, so // we leave this popup enabled only on macOS. #ifndef XP_MACOSX pref("browser.shell.checkDefaultBrowser", false); #endif // mullvad-browser#228: default to spoof en-US and skip showing the dialog pref("privacy.spoof_english", 2); // mullvad-browser#234: Do not spoof the OS in the User-Agent header pref("privacy.resistFingerprinting.spoofOsInUserAgentHeader", false); // mullvad-browser#222: Hide "List all tabs" when the tabs don't overflow pref("browser.tabs.tabmanager.enabled", false);
browser/app/profile/001-base-profile.js +4 −8 Original line number Diff line number Diff line Loading @@ -74,10 +74,10 @@ pref("browser.helperApps.deleteTempFileOnExit", true); pref("browser.download.enable_spam_prevention", true); // Misc privacy: Disk pref("signon.rememberSignons", false); pref("browser.formfill.enable", false); pref("signon.rememberSignons", false, locked); pref("browser.formfill.enable", false, locked); pref("signon.formlessCapture.enabled", false); // Added with tor-browser#41496 pref("signon.autofillForms", false); pref("signon.autofillForms", false, locked); pref("extensions.formautofill.available", ""); pref("extensions.formautofill.addresses.enabled", false); pref("extensions.formautofill.creditCards.enabled", false); Loading Loading @@ -368,7 +368,7 @@ pref("security.remote_settings.crlite_filters.enabled", false); pref("security.pki.crlite_mode", 0); // Disable website password breach alerts pref("signon.management.page.breach-alerts.enabled", false); pref("signon.management.page.breach-alerts.enabled", false, locked); // tor-browser#42814: Opt out from Firefox relay by default. // Firefox would normally assign disabled when a user has been presented the // opportunity to use the service and opted out (see firefox.js). Loading Loading @@ -537,7 +537,6 @@ pref("network.http.tailing.enabled", true, locked); // As of Firefox 118 (Bug 1843763), upstream does not add any protocol by // default, but setting it to blank seems a good idea (tor-browser#42054). pref("network.gio.supported-protocols", ""); pref("media.peerconnection.enabled", false); // Disable WebRTC interfaces // Mullvad Browser enables WebRTC by default, meaning that there the following prefs // are first-line defense, rather than "in depth" (mullvad-browser#40) // tor-browser#41667 - Defense in depth: use mDNS to avoid local IP leaks on Android too if user enables WebRTC Loading @@ -549,9 +548,6 @@ pref("media.peerconnection.ice.default_address_only", true); pref("media.peerconnection.ice.no_host", true); pref("media.peerconnection.ice.proxy_only_if_behind_proxy", true); // Disables media devices but only if `media.peerconnection.enabled` is set to // `false` as well. (see bug 16328 for this defense-in-depth measure) pref("media.navigator.enabled", false); // GMPs (Gecko Media Plugins, https://wiki.mozilla.org/GeckoMediaPlugins) // We make sure they don't show up on the Add-on panel and confuse users. // And the external update/donwload server must not get pinged. We apply a Loading
browser/config/mozconfigs/base-browser +0 −7 Original line number Diff line number Diff line Loading @@ -19,15 +19,10 @@ ac_add_options --enable-base-browser-update ac_add_options --enable-bundled-fonts # See bug #41587 ac_add_options --disable-updater ac_add_options --disable-tests ac_add_options --disable-debug ac_add_options --disable-crashreporter # Before removing, please notice that WebRTC does not work on mingw (Bug 1393901) ac_add_options --disable-webrtc ac_add_options --disable-parental-controls ac_add_options --enable-proxy-bypass-protection # See bugs #30575 and #32418: system policies are harmful either because they Loading @@ -50,5 +45,3 @@ fi # tor-browser#42337 ac_add_options --enable-geckodriver ac_add_options --with-relative-data-dir=BaseBrowser/Data/Browser
browser/config/mozconfigs/mullvad-browser 0 → 100644 +10 −0 Original line number Diff line number Diff line . $topsrcdir/browser/config/mozconfigs/base-browser export MOZ_APP_BASENAME=MullvadBrowser mk_add_options MOZ_APP_DISPLAYNAME="Mullvad Browser" ac_add_options --with-user-appdir=Mullvad ac_add_options --with-relative-data-dir=../Data ac_add_options --with-distribution-id=net.mullvad
browser/installer/package-manifest.in +1 −0 Original line number Diff line number Diff line Loading @@ -269,6 +269,7 @@ @RESPATH@/browser/defaults/permissions ; Remote Settings JSON dumps @RESPATH@/browser/defaults/settings @RESPATH@/browser/@PREF_DIR@/000-mullvad-browser.js @RESPATH@/browser/@PREF_DIR@/001-base-profile.js # channel-prefs.js has been removed on macOS. Loading
