Skip to main content

Firefox Configurations for Web Developers

Summary

Recommended changes to Firefox's default settings for improved privacy, security, and performance, including adjustments for session storage, URL display, file access policies, user-agent spoofing, referrer handling, and disabling WebRTC to prevent IP leaks.

Introduction #

In this article I want to share my changes to the default configuration of Mozilla Firefox, an browsers based on Firefox, e.g. LibreWolf and Firefox Developer Edition, with other web developers. Most of these changes should also be interesting for the average user. I hope you find them useful.

Session Store Interval #

The browser.sessionstore.interval setting determines how frequently the browser saves session data, including open tabs, windows, and browsing history. Its value is specified in milliseconds. The default setting (15 sec) can eat up SSD drives and seems unnecessarily short.

Set to something more suitable, e.g. 30 min (1800000 ms)

  1. type about:config
  2. lookup browser.sessionstore.interval
  3. set to 1800000

Show Protocol in Location Bar #

The browser.urlbar.trimURLs setting controls whether the browser trims certain parts of URLs, e.g. the protocol, displayed in the address bar.

  1. type about:config
  2. lookup browser.urlbar.trimURLs
  3. toggle to false to enable protocols in location bar

Domain Name Highlighting #

The browser.urlbar.formatting.enabled setting controls whether the address bar formats URLs for easier readability by visually highlighting the domain name.

  1. type about:config
  2. lookup browser.urlbar.formatting.enabled
  3. toggle to false to disable highlighting

Local Files Security Policy #

The security.fileuri.strict_origin_policy setting controls whether the same-origin policy is enforced for files accessed via the file:// protocol. This policy restricts how local files can interact with each other, enhancing security by preventing unauthorized access.

  1. type about:config
  2. lookup security.fileuri.strict_origin_policy
  3. toggle to false
  4. restart the browser

User-agent Spoofing #

The general.useragent.override setting allows users to manually set a custom User-Agent string, which identifies the browser and operating system to websites. This can be useful for testing, debugging, or bypassing website restrictions based on browser type.

  1. type: about:config
  2. lookup general.useragent.override
  3. set string to, e.g. Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/118.0
  4. afterwards, reset to default, Boolean

Privacy Risk: Changing the User-Agent string can expose you to browser fingerprinting techniques if the value is inconsistent with your actual browser setup.

Set Referrer Policy #

The network.http.referer.defaultPolicy setting in Firefox controls how the Referer header is sent with HTTP requests. The Referer header contains the URL of the previous page from which the request was made, allowing websites to know where traffic is coming from.

  1. type: about:config
  2. lookup network.http.referer.defaultPolicy
  3. Set value to 2 for no-referrer (at least for privacy mode (pbmode))

2 sends the Referer header only if the request is made to a same-origin resource and only if the request is made from a secure origin (HTTPS). Cross-origin requests from HTTP to HTTPS or HTTPS to HTTP do not include the Referer header.

Disable WebRTC #

The media.peerconnection.enabled setting controls whether the browser enables or disables WebRTC (Web Real-Time Communication). WebRTC allows peer-to-peer communication between browsers, enabling features like video calls, voice chats, and file sharing directly between users without needing a server for the media stream.

  1. type: about:config
  2. lookup media.peerconnection.enabled
  3. toggle to false

Privacy Risk: Allowing WebRTC (true) can lead to potential IP address leaks, where your local IP address might be exposed during WebRTC communications even if you are using a VPN (Virtual Private Network).


Further readings #

Sources and recommended, further resources on the topic:

Author

Jonas Jared Jacek • J15k

Jonas Jared Jacek (J15k)

Jonas works as project manager, web designer, and web developer since 2001. On top of that, he is a Linux system administrator with a broad interest in things related to programming, architecture, and design. See: https://www.j15k.com/

License

License: Firefox Configurations for Web Developers by Jonas Jared Jacek is licensed under CC BY-SA 4.0.

This license requires that reusers give credit to the creator. It allows reusers to distribute, remix, adapt, and build upon the material in any medium or format, for noncommercial purposes only. To give credit, provide a link back to the original source, the author, and the license e.g. like this:

<p xmlns:cc="http://creativecommons.org/ns#" xmlns:dct="http://purl.org/dc/terms/"><a property="dct:title" rel="cc:attributionURL" href="https://www.ditig.com/instructions/web-development-browser-adjustments">Firefox Configurations for Web Developers</a> by <a rel="cc:attributionURL dct:creator" property="cc:attributionName" href="https://www.j15k.com/">Jonas Jared Jacek</a> is licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/" target="_blank" rel="license noopener noreferrer">CC BY-SA 4.0</a>.</p>

For more information see the DITig legal page.


“There are only two hard things in Computer Science: cache invalidation and naming things.”

Philip Lewis Karlton, American computer scientist and programmerWord of mouth, - IT quotes