Mozilla Firefox is a popular, extensible, open source (mostly) web browser that is highly configurable and easy to use. Somewhat bare out of the box however, its functionality is easily extended with free 'add-ons', or 'extensions', of which there are many thousands on the Mozilla add-on repository at addons.mozilla.org (AMO).
Beware
With so many "free" add-ons you might be tempted to install lots of them, however i would strongly suggest installing only those you need since the potential to break things and compromise browser security and your privacy increases with every add-on you install.
HOW Browser Extensions Steal Your Data
Another problem is unethical developers who include unwanted and unnecessary functionality which is not relevant to the primary purpose of the add-on. Often this results in data collection, tracking your web activities, injecting unwanted content in pages, such as ads, or worse, all of which i categorize as malware.
The problem of malware at AMO has grown exponentially as a result of a very flawed automated review process for add-ons and the company's move to the WebExtension API which made it easy for unethical developers who have infected the Google Chrome Store with their garbage to port their add-ons to Firefox. Indeed, probably at least half of the add-ons at AMO are sketchy and the majority of the remainder are essentially useless. Although the Web Extensions API is greatly limited as opposed to the older XUL/XPCOM extension API, tracking, data collection and advertising are permitted and, on occasion, far more dangerous add-ons escape detection, some of which are used by millions of people.
Add-on selection guidelines
You've been warned! Many extensions are accompanied by a warning on their AMO pages which indicates that the extension is not monitored by Mozilla and therefore is more risky to install. While monitored extensions -- those with a 'recommended' label -- are scrutinized more carefully and may be more trustworthy in general, many others are perfectly fine as long as you trust the developer and/or review the code yourself.
Tool-bar or FOOL-bar? Be very wary of tool-bar add-ons since many of these contain 3rd party spyware/malware components for monetization purposes.
Who the hell are you??? Always check to see what other add-ons the developer has created and how those are rated. Be wary when the developer is named as a company and not an individual, or when their name is generic, such as "Firefox user" followed by a random number. See what kind of content is on the developers website if they link to one and look for marketing hype or unethical activity. Also be wary of developers that make it difficult or impossible to contact them or submit bug reports.
The 0-day 'bonus'. Never install newly released add-ons from a developer whom you're not familiar with, especially if it's their only add-on. Mozilla uses a deeply flawed automated system to evaluate add-ons, so wait at least a few days until others have had a chance to review it or flag it for removal. If the add-on quickly disappears or gets poor reviews, be thankful you didn't take the bait.
When "free" isn't. Always check the software license and be wary of developers who use a restrictive license. Most ethical developers will use a liberal, free software license, such as the General Public License (GPL) or the Mozilla Public License (MPL).
'We care about your privacy' ... LOL. If an add-on has a privacy policy, read it and see what data the add-on may collect, where it's sent, and how it's used. In general, if the document is a wall of legalese, it's probably a rotten privacy policy. One of the best privacy policies i've run across is that written by the developer for the Stylus add-on:
Unlike other similar extensions, we don't find you to be all that interesting. Your questionable browsing history should remain between you and the NSA. Stylus collects nothing. Period.
Yes it can/no it can't. The Mozilla add-on website lists the permissions that add-ons require, though there seems to be some problems at this time in that all permissions used by an add-on may not be listed, or permissions which the add-on does not use may be listed, so don't trust this completely. That said, look for permissions that seem unnecessary given the expected functionality of the add-on.
What's under the hood? In general it's best to avoid developers that attempt to hide their source code. Most ethical developers will publish their work on platforms like GitLab, GitHub or Codeberg where people can submit proper bug reports and feature requests. In such cases there is usually a homepage and/or support link on the add-on page, or a link somewhere in the add-on settings, menus, etc., that leads to the code repository. If the source code is not published, you can still view it by decompressing the add-on or by using the excellent Extension source viewer (CRX Viewer) add-on.
You should always check is the extensions manifest.json file and you don't have to be a geek to do so. Open the address about:debugging#/runtime/this-firefox in Firefox (or just remember the address about:about from where you will find the debugging page) and click on the 'Manifest URL' link for the extension you want to inspect. What you want to look for are any network links for unexpected addresses. For example, an add-on like Maximize All Windows (Minimalist Version) only modifies the behavior of Firefox, therefore there shouldn't be any remote addresses in the manifest. On the other hand, an add-on like uBlock Origin needs to intercept traffic for every website you open, as well as be able to download fresh filter lists and so on, and so its manifest contains http://*/*, https://*/*. and <all_urls>. Other add-ons may be dedicated to a single website, such as BitChute, and so bitchute.com should be the only remote address in the manifest. Also see the Extension source viewer add-on below which can be used to view the source code.
He said, she said. Always read the user reviews to see how well an add-on is liked and be wary if it is rated 3 stars or less, or not rated at all, or was rated highly by only a few people. Sometimes a developer will be the first to "review" their add-on, giving it 5 stars. Regardless of the rating however, always check the comments of the people that gave it the lowest rating to see if their gripes seem legitimate (many aren't) and whether they were addressed. That said, there are many add-ons that have been rated very highly by hundreds or thousands of people that contain malware, so don't give too much weight to user ratings alone.
But everybody's using it! Many developers of hugely popular add-ons have been contacted by malware distributing 3rd parties wanting to buy their work or influence its development. Adblock Plus by Eyeo GmbH (Wladimir Palant) is used by millions of people, yet it is a glaring example of an unethical developer who created an "ad blocking" extension which allows ads by default. For larger entities, Eyeo GmbH charges advertisers 30% of the revenue from Adblock Plus users who click the ads, so not only does Adblock allow ads, it's also spying on its users and making a ton of money for the company. Giorgio Maone, the developer of the hugely popular NoScript add-on, engaged in similar chicanery a while back.
Should i or shouldn't i? If you're not sure whether you'll like an add-on, test it by downloading the .xpi file, then opening about:debugging#/runtime/this-firefox in Firefox and clicking the 'Load Temporary Add-on' button.
Automatic update MALWARE install. Automatic checking for add-on updates is fine, but always disable automatic installation of updated add-ons. Before updating an add-on, read the release notes to see what has changed and make sure the privacy policy, if there is one, remains strong. The problem with automatic add-on updates is that a developer may decide to monetize their work at any time and without warning, or sell their extension to an unethical party such as the developer of Stylish apparently did. Ingo Wennemaring, the much-liked developer of the once popular All-in-One Sidebar add-on, warned about this in a blog post:
It was always very important for me to be honest and fair to the users. I had very good offers to sell the extension, but I didn't want to see that AiOS turn into adware or spyware.
Have I got a DEAL FOR YOU! I would strongly suggest avoiding any add-on that asks for or requires personal information or other data which could be used to identify, track, or profile you, or which is designed around monetization. Such extensions include, but are not limited to, those which promote coupons, discounts and free services, certain automatic form fillers, any add-on which stores data remotely such as many password, bookmark and synchronization add-ons, cryptocurrency add-ons, banking and other financial related add-ons, website/service specific add-ons marketed by corporations and many VPN (Virtual Private Network) add-ons.
Hide and seek. Regarding VPN add-ons, there are 172 of them at the time of this writing and most of them are highly suspect, yet millions of clueless people use them. Furthermore, a VPN add-on for a web browser may protect only browser traffic while leaving all other network traffic unprotected, such as email and, potentially, DNS look-ups. If you want to use a VPN, and i would certainly recommend considering it, it should be incorporated at the system level or, even better, at the router level.
Add-ons
ClearURLs by Kevin R. [privacy/security]
ClearURLs automatically removes tracking parameters from clicked hyperlinks. This add-on is not needed if using uBlock Origin with the ClearURLs for uBo filter list (see the suggested settings for uBlock Origin page for more information).
Dark Background and Light Text by Mikhail Khvoinitsky [enhancement]
Dark Background and Light Text replaces Dark Reader as my preferred add-on for darkening the entire web. These 'darkify' add-ons, of which there are many, change the colors used by all websites to a darker theme and this one seems to be the best of those i have tested and i've tested many.
Caveats: All of these 'dark web' add-ons fail miserably in some cases and this one is no exception, however it seems to work better overall than all of the others i've tested and it does offer a few different styles that can be assigned to specific websites when the default style fails. Due to a shortcoming in the code, this add-on cannot be disabled for local content, such as paths beginning with file://.
Enforce Browser Fonts by Jayesh Bhoot [enhancement]
Enforce Browser Fonts allows one to choose whether to use the fonts specified by the website, or those that you have defined in Firefox preferences (Language and Appearance). Personally i hate when websites override my personal font choices and this extension takes care of that. Enforce Browser Fonts defaults to enabled and will remember the websites for which you disable it.
Caveats: For the privacy minded who enable privacy.resistFingerprinting, forcing the use of your preferred fonts will increase the likelihood of your browser being uniquely identified. It can also uglify some websites.
Extension source viewer by Rob W [enhancement]
Extension source viewer is a handy and well thought out utility to quickly view the source code of a Firefox extension right from the Mozilla add-ons website without having to download and unpack it manually. The extension has the ability to search the contents of the files in the source code by prefixing the search with '!'.
Caveats: For advanced users.
Flagfox by Dave G [enhancement]
Flagfox is a neat utility that adds an icon to the address bar which represents the flag of the country in which the web server is located. When the icon is right-clicked, a context menu is revealed with many more tools, such as a WHOIS lookup, URL shortening services and more. You can also add your own services.
Caveats: If you choose to display the menu icons, they are not stored locally and have to be fetched the first time you open the menu which some might see as a privacy issue.
Format Link by Hiroaki Nakamura [enhancement]
Format Link offers flexible solutions for copying content and formatting it in different ways, such as HTML, markdown, plain text, , etc., before pasting it somewhere.. I don't like it as much as Link Text and Location Copier, however that add-on is unmaintained and buggy.
Caveats: Format Link is a little buggy and needs some attention, but it's still a better solution than Link Text and Location Copier. If you have trouble copying content, try pausing for just a second after initiating Format Link. I've found that if you switch tabs too soon, the content may not be placed on the clipboard.
LibRedirect by alefvanoon, ManeraKai [privacy]
LibRedirect redirects many websites, such as YouTube, Twitter, Instagram, Reddit, TikTok, etc., to alternative front-ends that are more respective of user privacy. While there are many such add-ons, LibRedirect is perhaps the best of them due to its many configuration options, its ability to automatically switch instances when a service is not responding, update the list of instances, add your own instances, etc..
Caveats: While most/all alternative front-ends are built with free, open source software and are more respective of user privacy, it is possible that those running the service may have modified the code to act in a malicious manner. Many/most of these alternative front-ends will work without enabling JavaScript however.
List Feeds by igorlogius [enhancement]
List Feeds detects news feeds (RSS, ATOM, etc.). Some time ago the M&Ms (Morons at Mozilla, corporate) decided to strip all support for detecting and reading news feeds at a crucial time when news feeds were never more important. Their excuse for doing so was a lack of money and user interest, however there is little doubt in my mind that this was done in order to sway people to get their news from "trusted" sources rather than independent journalists. List Feeds essentially restores and enhances the feed detection capability which Mozilla removed. Also see: How to access RSS feeds for websites that don't advertise one.
LocalCDN by nobody42 [privacy]
LocalCDN, a fork of Decentraleyes, can increase privacy and decrease page load time for many websites which depend on 3rd party Content Delivery Networks (CDNs). It accomplishes this by storing and loading several common JavaScript and font libraries locally instead of having to fetch them from the server.
From a privacy point of view, LocalCDN is not strictly needed if using the 'arkenfox' user.js or appropriate settings.
Caveats: Can break some websites, though this seems to happen very rarely in my experience. There are 'Filter HTML source code' and whitelist options to address such problems.
Mark-It by Matt [enhancement]
UPDATE: This extension is no longer available. I'm currently searching for a viable replacement. If anyone has any ideas,please leave a comment.
Mark-It is a simple, handy add-on that replaces your new tab page with one that allows you to write notes in markup format. I find this add-on to be really handy for storing commonly used bookmarks, notes and text that i paste frequently in forums and such.
You could play with the CSS i use to divide the page into two columns for less wasted space, plus make some other changes. You'll need to open about:debugging#/runtime/this-firefox and replace <Internal UUID> in the first line with the the Internal UUID for Mark-It. If the CSS doesn't load, be sure toolkit. is set to true in about:config:
Click to expand...
@-moz-document url("moz-extension://<Internal UUID>/newTab/newTab.html") {
/* display notes */
html.dark, body.dark, textarea.dark {
background-color: #252525 !important;
color: #c8c8c8 !important;
}
#markdownTarget {
width: 90% !important;
padding-left: 1% !important;
padding-right: 1% !important;
font-family: unset !important;
font-size: unset !important;
}
a {
color: #97ff8d !important;
text-decoration: none !important;
}
code {
background-color: #000 !important;
color: #ffa93b;
}
ul, ol {
padding: 0 !important;
margin-left: 20px !important;
}
#changeModeButton {
background-color: #929292 !important;
left: unset !important;
font-family: unset !important;
right: 33px !important;
bottom: 90px !important;
}
#savingIndicator {
bottom: 0px !important;
left: unset !important;
right: 0px !important;
}
/*columns*/
.left {
display: block;
float: left;
width: 49%;
}
.right {
display: block;
float: right;
width: 49%;
}
/* edit notes */
textarea {
width: 90% !important;
padding-left: 5% !important;
padding-right: 5% !important;
font-size: unset !important;
font-family: unset !important;
}
}
mozlz4-edit by Siarhei Kuzeyeu [enhancement]
mozlz4-edit allows one to edit, format and otherwise manipulate several types of compressed files including the search.json.mozlz4 file which is where Firefox stores all of its search engine plugins. If this is too much for you, try the Search Engines Helper add-on below.
Caveats: For advanced users.
Privacy-Oriented Origin Policy by claustromaniac [privacy/security]
Privacy Oriented Origin Policy (POOP) helps protect your privacy by preventing Firefox from sending Origin headers, though how it works is configurable.
Caveats: For advanced users. May break some websites, though it is easily disabled and sites can be whitelisted. There is a lengthy discussion about what led to the development of this add-on on GitHub if you're interested.
Redirector by Einar Egilsson [enhancement]
Redirector automatically redirects selected pages, links and more to another resource of your choosing. For some examples of how you can use Redirector, see the Redirecting this to that section of the Firefox Tweaks and Fixes and Styles and Things page.
Reverse Image Search by Andreas Bielawski [enhancement]
Reverse Image Search is a privacy friendly add-on used to find different versions of a given image using 3rd party services such as TinEye. Reverse image searching is a great way to find higher resolution versions of an image or to find when an image may have first been published to the web, the latter of which can be beneficial for researchers. Reverse Image Search also allows to add custom services to its menu.
Scroll Up Folder by Bruce Bujon [enhancement]
Scroll Up Folder adds an icon in the address bar that, when clicked, opens a list of the segments of the current document address. Clicking the list items makes it really easy to navigate up to a higher level of the address without having to manually edit it.
Search Engines Helper by Soufiane Sakhi [enhancement]
Search Engines Helper makes it really easy to add, import and export custom search engines for Firefox. It also allows using base64 code (data URLs) for the site icons.
Skip Redirect by Sebastian Blask [privacy]
Redirects sometimes happen when you click on a hyperlink expecting to go directly to the destination and, instead, your request is passed through an intermediary. Redirects are often used to track your browsing history or display ads before you are forwarded to the target domain. Skip Redirect simply tries to bypass this annoying behavior. I would suggest keeping the notification enabled when Skip Redirect does its thing as this makes it easy to troubleshoot a problem.
Caveats: May break the functionality of some websites in which case they can be added to a whitelist.
Smart RSS Reader by zakius [enhancement]
Smart RSS Reader is a well-rounded, multi-pane news feed reader and a pretty good one at that. There are a few little niggles with it, but overall it functions very well and the developer is friendly and open to suggestions. If you subscribe to multiple feed from the same domain, i might suggest setting the "Concurrent downloads:" preference to "1" in order to potentially prevent problems retrieving feeds.
While there is no dark theme option for Smart RSS, it does have an option to add your own CSS. Here's my CSS for a dark theme if you wish to use it. This works for the vertical 3-pane layout:
Smart RSS Reader dark theme
/*
* Smart RSS Reader (v2.*) - dark theme for 3-pane layout |feeds|titles|content|
*/
/*
* GLOBAL
*/
html, body {
color: lightgray;
background: #242424;
}
.context-menu {
background: black;
}
.region:not(.focused) .selected {
background: black;
}
a {
color: lightgreen;
}
#properties {
background: black !important;
}
#properties input, #properties select {
background: #67ff91 !important;
}
/*
* TOP TOOLBAR
*/
.toolbar {
background: lightgreen;
}
.toolbar > .button {
border: 1px solid #242424;
}
.input-search {
background: black;
color: white;
}
input[type="search"] {
max-width: 260px;
width: 260px;
border: unset;
}
/*
* FEEDS PANE
*/
.has-unread .source-title {
font-weight: unset;
}
.source-title {
font-size: unset;
}
.source-counter {
color: black;
background: lightgreen;
}
.sources-list-item {
font-size: unset;
}
.sources-list-item.selected:hover .source-title {
color: white;
}
#indicator-progress {
background: black !important;
}
#indicator-stop {
background-color: red !important;
}
#indicator {
background: #242424;
color: lightgray;
}
/*
* TITLES PANE
*/
.date-group {
background: black;
}
.item-title {
font-size: unset;
}
.full-headline > .item-title {
white-space: break-spaces !important;
overflow: hidden;
}
#article-list > .unvisited, .unvisited .articles-list-item-author {
color: lightgray;
}
#article-list > .unread {
font-weight: normal;
color: lightgreen;
}
#article-list > .region:not(.focused) .selected {
background: #242424;
border-bottom-color: unset;
}
#article-list > .selected * {
color: lightgray;
}
#article-list .item-author {
color: darkgray;
font-weight: normal;
}
#article-list .item-date {
color: darkgray;
}
/*
* CONTENT PANE
*/
#content h1 {
color: #fdfdfd;
font-size: 1rem;
max-height: unset;
}
#content > header p {
color: darkgray;
padding-bottom: 10px;
}
#content > header .pin-button {
opacity: 1;
}
#smart-rss-article-body {
color: #c1c1c1;
background: #242424;
font-family: unset;
font-size: unset;
line-height:1.3;
}
#smart-rss-content > p > span {
color: #c1c1c1 !important;
}
#smart-rss-content > .more-link {
color: lightgreen;
}
#smart-rss-content-footer {
border-top: 2px dashed darkgray;
margin-top: 20px;
}
#smart-rss-content-footer a {
background: #242424;
}
Stylus by Armin Sebastian [enhancement]
Stylus is used to write, store and inject custom CSS styles into websites, or even the entire web if you wish. Though you can use FireMonkey for this, working with Stylus is so much nicer. Note: Do not use Stylish, a similar add-on which the developer sold to an unethical party.
Caveats: For advanced users that have at least a basic knowledge of CSS.
uBlock Origin by Raymond Hill [privacy/security]
uBlock Origin is a superior content filter (or firewall, if you like) that can replace several other content/ad blockers including Adblock Plus/Edge, NoScript, etc.. It is capable of using the same filter lists as Adblock Plus/Edge as well as many more that they cannot. Two of the most welcome differences with uBlock Origin is that it does not slow page loading to any noticeable degree and it uses less memory then the competition. Another major advantage is that it can block both 1st and 3rd party requests for images, scripts and frames when configured to use its advanced mode. See my Firefox Configuration Guide for Privacy Freaks and Performance Buffs article for more information regarding uBlock Origin. Lastly, use only uBlock Origin by Raymond Hill and not any other ripoff.
Caveats: For advanced users. As with any content filtering extension, uBlock Origin has the potential to break website functionality until it is configured correctly.
Web Archives by Armin Sebastian [enhancement]
Web Archives makes it easy to find archived version of webpages. It is fairly configurable, though it does not have an option to add your own archive resources, nor does it have an option to send a webpage to an archive, however i find the latter unnecessary since the archive sites i use allow you easily archive a page if one isn't isn't found.
Enabling add-ons for addons.mozilla.org
By default Firefox does not allow add-ons to run on https://addons.mozilla.org/. if you want to override this behavior you can add the the following preferences to your user.js file or your user-overrides.js file if you're using the 'arkenfox' user.js:
user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
user_pref("extensions.webextensions.restrictedDomains", "");
See Firefox Tweaks and Fixes and Styles and Things.
Listing removed add-ons
While i'm sure there's a more geeky way of listing extensions which one has removed, this one works for me: In your Firefox profile folder, navigate to /extensions/staged and there should be folders with the names of the removed extensions. You can delete this folder if you like.
Doing it without an add-on
The fewer add-ons you install, the better, and there's a lot you can do to customize Firefox without add-ons. See the Firefox Tweaks and Fixes and Styles and Things page.
Enhancing privacy and security
See: Firefox Configuration Guide for Privacy Freaks and Performance Buffs or The Firefox Privacy Guide For Dummies!
Giving back
If you like an add-on, or any other free and open source software, please donate to the developer. Trust me when i tell you that most developers of free software usually receive little or nothing for all the days/months/years of hard work they invest and the support they provide. Developers are usually very appreciative of a donation regardless of how small it may be.
Recent changes
3-Jun-2023
- trivial edit
Nice list!
Personally I’d replace Adblock Edge for the vastly superior (even in this Beta state) “uBlock” https://github.com/gorhill/uBlock
and HTTP UserAgent cleaner for the “Random Agent Spoofer”: https://addons.mozilla.org/el/firefox/addon/random-agent-spoofer/ (Github version is better)
hi Shadylayman – funny you mention uBlock as i looked at it a short while ago, but too quickly to realize it’s advantages
uBlock will certainly replace both Adblock Edge and Element Hiding Helper as it is a much more capable extension in every way
thanks for mentioning it :)
regarding HTTP UserAgent cleaner however, that one stays – it covers a whole lot more than just the user-agent string
For some time now, I’ve been using these Greasemonkey scripts: Anti-Adblock Killer 8.1, AdsBypasser 5.24.0 (gets around the very annoying Ad.fly, Linkbucks, etc. pages), and Ad Host Cleaner 1.3.4 — the last version I could find of this. Its motto was “Bye Bye Download Accelerator/Manager”, and for awhile it thwarted file hosts that wanted to force you to accept an .Exe file version each time, rather than a standard .Rar piece of an archive. Of course, this is very bad practice, easily giving a free ride to malware or who knows what. However, Ad Host Cleaner seems to no longer be effective. I was hoping you might know of some later script or extension (for FireFox or for Chrome) that still provides control over this ?
Can you share your complete settings (screenshot would be easier) for Clean Links addon? I used to use your recommendation of Pure-URL with its default settings because I haven’t had the time or knowledge to configure it to find a good balance between privacy and usability and apparently Clean Links is better than Pure-URL in every way. Cheers.
i have event delegation mode enabled – all of the rest is personal preference
so event delegation mode means that links are not rewritten (cleaned) when the page loads, but rather only when you actually click on a link that needs to be rewritten
i much prefer the other mode, but the developer says the code driving it is not maintained – the non-event mode rewrites links at page load time and therefore you can make use of the CSS (highlight style) to give a visual cue as to what links on the page were rewritten
if you need help with anything else, let me know
I noticed that you recommended Shim Storage, then it was replaced with HTTP UserAgent, which was eventually dropped because development was abandoned. Do you still use Shim Storage? If not, how do manage DOM storage (if you bother)? For example, uMatrix clears DOM storage of the webpage if the cookies was blocked, but if it isn’t the storage is created–do you simply let it persist throughout the session? I don’t feel comfortable with that (I have cookies and cache deleted every 30 minutes), but haven’t found a way to clear DOM storage throughout the session.
I’m also interested in the specifics of your Clean Links settings–do you mind posting a full screenshot of it? I’m not technical or patient enough to personalize my own settings and it would help a lot if I can use your specific configuration and then remove or add things as needed if things break for me (couldn’t find much information of other people’s configurations because it doesn’t seem to be a popular addon). Have you configured it to at least replace the defaults of Pure-URL addon?
hi Yuri – no, i don’t use Shim Storage and actually development has been resumed on HTTPUserAgent Cleaner (update: and then removed again) – although i think this extension is a worthwhile addition, there’s 3 reasons i’m no longer using it; 1), i wrote the English manual for it and found it very difficult (to put it mildly) to work with the dev because of the language barrier (he can barely understand/write EN) and his lack of helpfulness in providing answers to questions, 2), because it’s yet another extension that people will have to fiddle with when something breaks and 3), given the capability of uMatrix and the other add-ons listed here, i think it’s usefulness is somewhat limited, particularly as far as spoofing certain system and browser details – for example, spoofing your display/browser resolution will often render a page that will look horrible
regarding uMatrix and DOM storage, i disallow cookies by default (as per the guide) and only allow them for the few domains i visit were they are actually needed – all of this is dumped when the browser exits as per my settings
privacy.clearOnShutdown.*– so no, i don’t clear at regular intervals, but i will occasionally do a manual clear with the built-in history manager (selected are: cookies, cache, active logins, offline website data and site preferences)regarding Clean Links, the default settings are OK – the only real thing to be aware of is whether you enable Event Delegation Mode (it is enabled by default) – if you do not enable it, then you can take advantage of real-time link highlighting which i much prefer, however the dev has told me that the code driving this mode is not maintained, so i use the default mode (i’m trying to persuade him to work on this) – Redirect Watcher, HTTP Observer, CopyLink Controller and Link Tracking are also enabled
Highlight Cleaned Links, Highlight Style and Replay Delay are all either of limited use or not used at all when running in Event Delegation Mode
i think it is important to understand how to add strings to the Remove From Links regular expression, as well as what to look for in a URL that can be removed – unfortunately, learning regular expressions will present a lot more hassle than it’s worth for the average user and so i’d like to see a UI incorporated for building them where no knowledge of RegEx is necessary
hope that answers your questions
So to clarify, for the Clean Links addon, Event Delegation Mode is purely cosmetics and enabling/disabling it doesn’t affect the fact that links will always be cleaned when entered into the browser or clicked to go to that page? Is the only reason they want to disable it is that you want to see the clean version of links just because it looks nicer? Lastly, were you able to convert the garbage fields from Pure-URL addon to rules for Clean Links and if so, can you share them?
Garbage fields from Pure-URL:
utm_source, utm_medium, utm_term, utm_content, utm_campaign, utm_reader, utm_place, ga_source, ga_medium, ga_term, ga_content, ga_campaign, ga_place, yclid, openstat, feature@youtube.com, fb_action_ids, fb_action_types, fb_ref, fb_source, action_object_map, action_type_map, action_ref_map, ref@facebook.com, fref@facebook.com, hc_location@facebook.com, ref<ref_@imdb.com, src@addons.mozilla.org
Thank you.
actually the DOM traversal mode is cosmetic because it allows you to see what links are rewritten before clicking on them, but yes, basically you are right in that links are cleaned in either mode, however Event Delegation Mode is recommended by the dev
i haven’t bothered incorporating the Pure URL garbage fields and, so far, haven’t seen a need to
I last posted here on 6/6/15 (above). Awhile ago, when the switch to semi-mandatory Signed extensions came along, many developers (such as for the excellent ‘DownThemAll’) started making noises about dropping out entirely. However, it turned out that we users still had the option of circumventing this issue via a setting in About:Config.
I don’t know how many of you are aware of it, but there is an even bigger sea change fast approaching, and it looks to be HUGE. Check out the following:
http://www.zdnet.com/article/new-versions-of-firefox-prepare-for-its-biggest-change-ever/#comments-1e50e84a-27cb-4d26-b723-1f3fd3ffbe05
and a discussion thread I started in response
https://portableapps.com/node/54471
So, if you didn’t know before now you do, and won’t be shocked when this occurs. A whole lot of our favorite extensions may simply be going away, for good. Some very major ones like Greasemonkey may avoid that, adapting with special updates. I don’t know what the implications may be for various scripts we may be running under GM . . . .
If you have some encouraging words to add — maybe some positive details that have not yet come to light — I’d be very glad to read them.
hi Gene – i’m aware of E10S and also what appear to be other major changes coming regarding extensions
i don’t know how this will pan out, but, to be honest, i’m ready to get of the FF bus anyway and maybe this will be the push that does it
however this seems to suggest that there is a method to disable the feature…
Hi,
What do you think about this new extension? https://addons.mozilla.org/fr/firefox/addon/behavioral-keyboard-privacy/?src=search
It seems interesting but how to check if it does work?
Thanks
fingerprinting by analyzing keystroke timings doesn’t sound like a far-fetched idea, but this attack relies on JavaScript which means it wouldn’t work for sites where JS is disabled (and it should be disabled globally by default in my opinion)
also, unless the extension randomizes the dwell and gap times, i would think that its effectiveness would be very limited since your dwell and gap times are now perfectly consistent and therefore quite unique assuming that few people use the extension (currently only 20 for Firefox), however even if a lot of people used it, you could still be easily fingerprinted if you set the timings to something other than the defaults – assuming the min and max values are 0 to 99, and assuming i’m calculating correctly, that allows for 9800 unique possibilities (excluding the default of 50-50) and if the max were 999, then 998,000 possibilities (excluding the default of 50-50)
even given the above, i’m not sure it’s a bad thing, but i think you would really want to change the dwell-gap times once in a while
Hi, do you do recommend any form to save bookmarks online? i was using gmakrs with google marks but was discontinued long ago.
in the interest of privacy, i would personally recommend against doing this unless you’re going to use your own server, unless you find a service with a strong privacy policy and will encrypt your data
BetterStop is unmaintained for five years. Is there any alternative (WebExtension or not)?
none that i’m aware of – if you find something, let me know :)
Follow-on to my post from 6/27/16: The End is near. XUL extensions end in August for the ESR branch of FF — which is where you have had to be for awhile now in order to continue using them. (And we’ve already seen where you had to revert Greasemonkey back to v. 3.17, in order to retain the use of many existing scripts. Even the possibility of that reversion became much more difficult, outside of ESR.) Every other discussion of extensions or scripts now becomes tantamount to rearranging deck chairs on the Titanic. I read the blog from the developers of the excellent DownThemAll extension, who stated that the replacement APIs are **feeble** in comparison to what was in place before, very much calling in to question the future of such extensions, and pointing the way towards these developers simply quitting altogether. And I take them at their word. This is all supposedly in the service of browser security, but then you really have to ask “At What Price, Security ?|
thanks for the comment Gene
i suspect there are others besides myself who have become disillusioned with Firefox – i’ve been using it since before the 1.0 stable release and, for a long time, enjoyed watching its growth – at this point however, the only reason i still use it is because there is nothing else out there that can match its functionality given its extensibility and Google Chrome is out of the question – and actually i don’t use FF, but rather Waterfox which will apparently continue to support XUL extensions into the foreseeable future – the problem with that is, although all is ok now, the developers of the XUL extensions who can’t port their work to web extensions because of the feeble API, aren’t going to continue to develop their extensions
Yes, the term ‘disillusion’ is the proper one. I’m looking at Palemoon, GNU Icecat and the slow development of K-Meleon as alterantives.
i actually went back to using Firefox for now – Pale Moon is based on very old code – i thought Icecat was dead, but apparently it’s still developed
Icecat is a fork I had not previously heard of, but I’ll check into it.
I’m continuing to use the final “5290 / Legacy” release of Portable FF — because the functionality provided by certain extensions is absolutely essential to my use of a browser — and will continue using it to the *bitter end*, whatever that may be. (Quite possibly a comparable situation to my use of Win 7, which supports some key software that the W-10 I happen to despise does not.) At some point, I suppose that stance could become untenable. Already some hints on that: e.g., a leading VPN product reports that it requires FF 57 or later. But I’ll cross that bridge when I must.
Others I correspond with on some mailing lists and online forums, both here and abroad, are in agreement on this. I’ve had major arguments about the prior XUL extensions with the proprietor over at portableapps.com, who maintained the FF portables and others. He’d say things like, “Well, that extension only had 50K users.” Even if that were true, the dude just does not get it ! And, from what I saw of the crop of current, suggested “instead of” extensions, they are simply pathetic and woefully inadequate.
One partial silver lining here is that we may be able to cope by doing something that is arguably necessary, anyway. There is no reason why we must be restricted to one browser, particularly since the portable editions make this coexistence a lot easier. The OS is minimally aware of their presence, and so they should not clash. Depending on which computer it is, I run a mix of FF, Opera, and Chrome. (IE too. Although I never could stand it, sometimes you just can’t avoid having to use it.) Either due to poor web-page design, errors, or browser-centric formatting, it often happens that a particular page will not display or print properly in one or more browsers, but will in another. All too often, text will be super-imposed over other text making it unreadable, or will run off of the margins, now matter how you adjust your screen, etc. So, having alternatives becomes a virtual necessity. Even if their functionality begins to erode, the longer I can continue to use those FF extensions — at least in some places — the better.
i thought the same thing, but i managed to find WebExtensions to replace nearly all of the XUL add-ons – if you want i can try and find replacements for you if you tell me what you need
that sounds strange – no VPN should have any dependency on any browser since the browser is not in the VPN loop, unless you’re referring to a VPN browser add-on, in which case i wouldn’t recommend that – if you’re looking for a VPN, have a look at AirVPN – that’s my referral link which helps me out a little bit – also NordVPN – i’m just testing out their service now
The link to smooth scrolling tweaks on this page (https://12bytes.org/tech/firefox/firefox-extensions-my-picks) doesn’t list any smooth scrolling.
Am I missing it?
thanks for pointing that out – i corrected the issue – you can find the scroll tweak code here
Useful collection on extensions! I have it linked to go over more carefully – there were a few I have never seen before, including “Toggle fonts” which I have already installed:-) and ‘Site Bleacher’ which I want to study more carefully as a replacement for some add-ons I already use.
One that I find very useful is: “Drag-Select Link Text” by Kestrel
It’s a productivity add-on which lets you select/highlight text within a link. This has been a personal FF annoyance of mine for too many years and the extension has worked flawlessly in the many months I’ve used it.
re: Site Bleacher – it’s the only cleaner i’m aware of that can remove IndexedDB storage, other than something like Temporary Containers, but that creates new problems
re: Drag-Select Link Text – press the Alt key while dragging the cursor over a link – you can do this even in the middle of a link
About indexedDB, have you tried Forget Me Not?
hi Ray – Forget Me Not, and all other cleaners with the exception of Site Bleacher, only clean IDB storage on browser start, close, or manually – Site Bleacher is the only one i know of that cleans automatically per-domain
maybe one day, far far away, Mozilla will FINALLY improve the WebExtension API to allow proper auto-cleaning of IDB… maybe (not holding breath)
thanks for mentioning though :)
I would use Site Bleacher, but it doesn’t offer enough options for whitelisting, etc. I’m actually looking for an addon that clears indexedDB manually. Got any recommendations? I used to use StoragErazor, but that appears to no longer work for v65 and up.
I do use Site Bleacher on Chromium though due to the lack of options there.
hi Ray – you can whitelist sites with Site Bleacher, though i suspect you already know this
as for alternatives for manual cleaning, search AMO for ‘indexeddb’ – there are a few – also see if Cookie AutoDelete can do IDB
just know that only SB will auto-clean by domain – all others will only clean manually or at browser start/exit
ever heard of Nuke Anything? If so, thoughts on it?
as far as privacy and tracking, i believe it’s useless – all it seems to do is hide page elements (and only temporarily) which i assume it does with CSS – it doesn’t prevent resources from being downloaded
I use Noscript, it does a great job to prevent malware, it has been proven and Edward Snowden, Tells people to use it.
i prefer uBlock and uMatrix, but it’s a personal choice – in my case uBO (and uM to an extent) is mandatory, so i see NS as largely redundant, plus i’m a fan of simplicity and don’t care for any “suite” software – also the NS developer pulled some very unethical crap a while back
that Snowden recommends NS carries little weight in my book – has he compared it to uBO/uM? if you’re using the Tor browser, then yes, you’ll be using NS since it comes bundled with it
that said, NS may offer some additional protection against XSS, but JS, malware and CSRF are all covered by Firefox and/or uBO/uM with the proper lists enabled
Thank for everything…
What is you opinion about addons Don’t Track Me Google and Google Analytics Blocker?
i would advise against any security/privacy extension that is domain specific – my thinking here is, what’s the point of sanitizing google if you allow everyone else to track you?
if you use uBlock Origin and/or uMatrix, you can filter or block any domain you want – with uBlock you can subscribe to a variety of filter lists that also protect against google and other domain tracking
lastly, i would advise against using any google services directly – if you want to use their search engine, consider doing so through a proxy, such as DuckDuckGo, Startpage, etc. (there are many) – if you do use google directly, at least disable cookies and JavaScript for their domains
12bytes,
What’s your opinion on Tampermonkey as an alternative to Firemonkey? We already know that Greasemonkey is bad privacy, but is Tampermonkey better?
hi Dan – regarding privacy i think TM is next in line after FM, however regarding functionality it appears GM offers the most and it’s the one recommended by the ‘arkenfox’ crew since one or more of their privacy scripts depend on it (more info here)
Thanks 12B for the prompt reply.
I kind of like FM more, and the developer seems like a stand up guy. I’ll probably stick with FireMonkey.
i agree – i use FM also, though only for a couple scripts at the moment
If I may ask, what scripts do you use?
On greasyfork.org it’s a mess of scripts for kid’s games. A useful script in there is like finding a needle in a hay stack.
i’m actually aiming to dump my script manager so i only have 2 scripts at the moment; ‘ig-shutup’ by ‘tlrib’ which hides some junk on Instagram (and which i can replace with my own CSS) and YouTube: Age Verification Bypass (https://greasyfork.org/en/users/221926) which i need to find a replacement for in the form of an extension