commit 2d46d0be07b18e5b1f54f0528e1c7f89516c2d2d Author: David Fifield <david@bamsoftware.com> Date: Sun Aug 25 19:06:02 2019 -0600 Add a suggested user.js file for Firefox. This is copied from projects/tor-browser/Bundle-Data/PTConfigs/meek-http-helper-user.js in tor-browser-build.git commit 4792ed5246d389caad036290e9ed34ff0ae1f0ad. --- webextension/README | 3 ++- webextension/firefox-user.js | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) diff --git a/webextension/README b/webextension/README index 2b40172..7cb5267 100644 --- a/webextension/README +++ b/webextension/README @@ -43,7 +43,8 @@ These instructions require Firefox 65. 4. Run Firefox in a terminal so you can see its stdout. In Firefox, go to about:config and set browser.dom.window.dump.enabled=true - This enables the extension to write to stdout. + This enables the extension to write to stdout. See firefox-user.js + for other prefs you may want to set. 5. In Firefox, go to about:debugging and click "Load Temporary Add-on...". Find browser/manifest.json and click Open. diff --git a/webextension/firefox-user.js b/webextension/firefox-user.js new file mode 100644 index 0000000..fa13a9c --- /dev/null +++ b/webextension/firefox-user.js @@ -0,0 +1,42 @@ +// This is a user.js file for Firefox that sets preferences related to the +// meek-http-helper extension. The only preference essential to the operation of +// the extension is browser.dom.window.dump.enabled=true. The others provide +// failsafes and disable features that are not wanted in a headless browser. +// http://kb.mozillazine.org/User.js_file + +// The meek-http-helper extension uses dump to write its listening port number +// to stdout. +user_pref("browser.dom.window.dump.enabled", true); + +// Enable TLS session tickets (disabled by default in Tor Browser). Otherwise +// there is a missing TLS extension. +// https://trac.torproject.org/projects/tor/ticket/13442#comment:1 +user_pref("security.ssl.disable_session_identifiers", false); + +// Disable safe mode. In case of a crash, we don't want to prompt for a +// safe-mode browser that has extensions disabled. +// https://support.mozilla.org/en-US/questions/951221#answer-410562 +user_pref("toolkit.startup.max_resumed_crashes", -1); + +// Don't raise software update windows in this browser instance. +// https://trac.torproject.org/projects/tor/ticket/14203 +user_pref("app.update.enabled", false); + +// Set a failsafe blackhole proxy of 127.0.0.1:9, to prevent network interaction +// in case the user manages to open this profile with a normal browser UI (i.e., +// not headless with the meek-http-helper extension running). Port 9 is +// "discard", so it should work as a blackhole whether the port is open or +// closed. network.proxy.type=1 means "Manual proxy configuration". +// http://kb.mozillazine.org/Network.proxy.type +user_pref("network.proxy.type", 1); +user_pref("network.proxy.socks", "127.0.0.1"); +user_pref("network.proxy.socks_port", 9); +// Make sure DNS is also blackholed. network.proxy.socks_remote_dns is +// overridden by meek-http-helper at startup. +user_pref("network.proxy.socks_remote_dns", true); + +user_pref("extensions.enabledAddons", "meek-http-helper@bamsoftware.com:1.0"); + +// Ensure that distribution extensions (e.g., Tor Launcher) are not copied +// into the meek-http-helper profile. +user_pref("extensions.installDistroAddons", false);