From 6d0e41c7176489a0f03f0d99d07070c214714ab4 Mon Sep 17 00:00:00 2001 From: tilpner Date: Mon, 18 May 2020 13:07:00 +0200 Subject: Use NoScript fork to allow preconfiguration --- default.nix | 7 +-- profiles/addons/default.nix | 9 ++++ profiles/addons/noscript/config.json | 101 +++++++++++++++++++++++++++++++++++ 3 files changed, 114 insertions(+), 3 deletions(-) create mode 100644 profiles/addons/noscript/config.json diff --git a/default.nix b/default.nix index b7f291e..f986dcc 100644 --- a/default.nix +++ b/default.nix @@ -26,8 +26,9 @@ in rec { defaults addons.disableExtensionSignatureChecking - addons.privacybadger addons.noscript - # addons.borderify + addons.privacybadger + addons.noscriptFork + addons.qwantjuniorSystem minimalConnections minimalHome @@ -41,7 +42,7 @@ in rec { noTunnels noLocation safebrowsing.disableAll - restrict + # restrict # distrustUser ocsp.disabled diff --git a/profiles/addons/default.nix b/profiles/addons/default.nix index 0253026..2e648ce 100644 --- a/profiles/addons/default.nix +++ b/profiles/addons/default.nix @@ -40,6 +40,15 @@ in { sha256 = "0gb0a6pp0rj9jpg1094arqvcwxh1rd2m47ijawlidybm29qmyyay"; }; + noscriptFork = localAddon { + id = "{73a6fe31-595d-460b-a920-fcc0f8843232}"; + src = import (pkgs.fetchzip { + url = https://git.tx0.co/firefox-profiles/noscript/snapshot/noscript-63e23c676fb86f33e70d7362bf625b534ce65346.tar.xz ; + sha256 = "0f0hna8fjj7vdjgmnjkd567smg8gda8jp9sl21nz3dx0s5d0vw8f"; + }); + settings.defaultSettings = builtins.readFile ./noscript/config.json; + }; + ublock = addon { id = "uBlock0@raymondhill.net"; url = "https://addons.mozilla.org/firefox/downloads/file/3509800/ublock_origin-1.25.0-an+fx.xpi"; diff --git a/profiles/addons/noscript/config.json b/profiles/addons/noscript/config.json new file mode 100644 index 0000000..57e121d --- /dev/null +++ b/profiles/addons/noscript/config.json @@ -0,0 +1,101 @@ +{ + "policy": { + "DEFAULT": { + "capabilities": [ + "frame", + "fetch", + "other", + "script", + "object", + "font", + "media", + "webgl", + "ping" + ], + "temp": false + }, + "TRUSTED": { + "capabilities": [ + "script", + "object", + "media", + "frame", + "font", + "webgl", + "fetch", + "ping", + "other" + ], + "temp": false + }, + "UNTRUSTED": { + "capabilities": [], + "temp": false + }, + "sites": { + "trusted": [ + "§:addons.mozilla.org", + "§:afx.ms", + "§:ajax.aspnetcdn.com", + "§:ajax.googleapis.com", + "§:bootstrapcdn.com", + "§:code.jquery.com", + "§:firstdata.com", + "§:firstdata.lv", + "§:gfx.ms", + "§:google.com", + "§:googlevideo.com", + "§:gstatic.com", + "§:hotmail.com", + "§:live.com", + "§:live.net", + "§:maps.googleapis.com", + "§:mozilla.net", + "§:netflix.com", + "§:nflxext.com", + "§:nflximg.com", + "§:nflxvideo.net", + "§:noscript.net", + "§:outlook.com", + "§:passport.com", + "§:passport.net", + "§:passportimages.com", + "§:paypal.com", + "§:paypalobjects.com", + "§:securecode.com", + "§:securesuite.net", + "§:sfx.ms", + "§:tinymce.cachefly.net", + "§:wlxrs.com", + "§:yahoo.com", + "§:yahooapis.com", + "§:yimg.com", + "§:youtube.com", + "§:ytimg.com", + "§:qwantjunior.com", + "§:qwant.com" + ], + "untrusted": [], + "custom": {} + }, + "enforced": true, + "autoAllowTop": false + }, + "local": { + "debug": false, + "showCtxMenuItem": true, + "showCountBadge": true, + "showFullAddresses": false, + "storage": "local", + "uuid": "82ea8b50-5fb6-45c2-8748-0dc29c8d2e49" + }, + "sync": { + "global": false, + "xss": true, + "cascadeRestrictions": false, + "overrideTorBrowserPolicy": false, + "clearclick": true, + "storage": "sync" + }, + "xssUserChoices": {} +} \ No newline at end of file -- cgit v1.2.3