|
|
@@ -1334,8 +1334,8 @@ user_pref("ui.use_standins_for_native_colors", true);
|
|
|
* [3] CVE-2017-5383: https://www.mozilla.org/security/advisories/mfsa2017-02/
|
|
|
* [4] https://www.xudongz.com/blog/2017/idn-phishing/ ***/
|
|
|
user_pref("network.IDN_show_punycode", true);
|
|
|
-/* 2620: enable Firefox's built-in PDF reader
|
|
|
- * This setting controls if the option "Display in Firefox" in the above setting is available
|
|
|
+/* 2620: enable Firefox's built-in PDF reader [SETUP-CHROME]
|
|
|
+ * This setting controls if the option "Display in Firefox" is available in the setting below
|
|
|
* and by effect controls whether PDFs are handled in-browser or externally ("Ask" or "Open With")
|
|
|
* PROS: pdfjs is lightweight, open source, and as secure/vetted as any pdf reader out there (more than most)
|
|
|
* Exploits are rare (1 serious case in 4 yrs), treated seriously and patched quickly.
|
|
|
@@ -1344,7 +1344,7 @@ user_pref("network.IDN_show_punycode", true);
|
|
|
* CONS: You may prefer a different pdf reader for security reasons
|
|
|
* CAVEAT: JS can still force a pdf to open in-browser by bundling its own code (rare)
|
|
|
* [SETTING] General>Applications>Portable Document Format (PDF) ***/
|
|
|
-user_pref("pdfjs.disabled", false);
|
|
|
+user_pref("pdfjs.disabled", false); // [DEFAULT: false]
|
|
|
/* 2621: disable links launching Windows Store on Windows 8/8.1/10 [WINDOWS]
|
|
|
* [1] https://www.ghacks.net/2016/03/25/block-firefox-chrome-windows-store/ ***/
|
|
|
user_pref("network.protocol-handler.external.ms-windows-store", false);
|
Thorin-Oakenpants