Privacy Capabilities Overview

Note

This page is auto-generated by docs/_addons/etp_matrix.py from browser/app/profile/firefox.js, modules/libpref/init/all.js, and modules/libpref/init/StaticPrefList.yaml during the documentation build. To modify the content, update the extension or the source files.

This page documents Firefox desktop privacy features and their default configurations.

Quick Navigation:

Enhanced Tracking Protection (ETP)

Enhanced Tracking Protection features that change between Standard and Strict modes. Users select their ETP mode in Firefox Settings.

The Normal and Private columns indicate whether each feature is enabled in normal browsing and private browsing modes, respectively.

Pref defaults are sourced from StaticPrefList.yaml, all.js, and firefox.js (applied in that order). ETP Strict additionally enables features based on the browser.contentblocking.features.strict string in firefox.js.

Feature

Standard Normal

Standard Private

Strict Normal

Strict Private

Tracking Protection
Blocks resources from domains on the Disconnect tracking protection list.
privacy.trackingprotection.enabled: StaticPrefList.yaml
privacy.trackingprotection.pbmode.enabled: StaticPrefList.yaml

false

true

true

true

Fingerprinting Blocking
Blocks resources from domains on the Disconnect fingerprinting list.
privacy.trackingprotection.fingerprinting.enabled: StaticPrefList.yaml, firefox.js

true

true

Fingerprinting Protection
Applies fingerprinting protections including canvas randomization and reducing exposed system info.
privacy.fingerprintingProtection: StaticPrefList.yaml
privacy.fingerprintingProtection.pbmode: StaticPrefList.yaml

false

true

true

true

Cryptominer Blocking
Blocks resources from domains on the Disconnect cryptomining list.
privacy.trackingprotection.cryptomining.enabled: StaticPrefList.yaml, firefox.js

true

true

Social Tracker Blocking
Blocks resources from domains on the Disconnect social tracking list.
privacy.trackingprotection.socialtracking.enabled: StaticPrefList.yaml

false

true

Email Tracking Protection
Blocks resources from domains on the email tracking list.
privacy.trackingprotection.emailtracking.enabled: StaticPrefList.yaml
privacy.trackingprotection.emailtracking.pbmode.enabled: StaticPrefList.yaml

false

true

true

true

Cookie Behavior
Controls third-party cookie blocking strategy. See Bug 2016714 for value definitions.
network.cookie.cookieBehavior: StaticPrefList.yaml, firefox.js
network.cookie.cookieBehavior.pbmode: StaticPrefList.yaml, firefox.js

5

5

5

5

Query Parameter Stripping
Strips known tracking query parameters from URLs during navigation.
privacy.query_stripping.enabled: StaticPrefList.yaml
privacy.query_stripping.enabled.pbmode: StaticPrefList.yaml

false

false

true

true

Level 2 Tracking List
Annotates channels with the Level 2 (strict) Disconnect tracking list in addition to Level 1.
privacy.annotate_channels.strict_list.enabled: StaticPrefList.yaml

false

true

Strict Referrer Policy
Prevents referrer policy from being relaxed to unsafe-url for cross-site requests.
network.http.referer.disallowCrossSiteRelaxingDefault: StaticPrefList.yaml

true

true

Strict Referrer Policy (Top Nav)
Applies strict referrer policy to top-level navigation (not just subresources).
network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation: StaticPrefList.yaml

false

true

OCSP Cache Partitioning
Partitions OCSP cache by top-level origin key.
privacy.partition.network_state.ocsp_cache: StaticPrefList.yaml

true

true

Bounce Tracking Protection
Clears state for sites used as bounce trackers. See Bounce Tracking Protection docs for mode values.
privacy.bounceTrackingProtection.mode: StaticPrefList.yaml

[1]

[1]

Local Network Access Blocking
Blocks public websites from making requests to private IP ranges (RFC1918, loopback, link-local).
network.lna.blocking: StaticPrefList.yaml

@IS_NIGHTLY_BUILD@

@IS_NIGHTLY_BUILD@

Consent Manager Skipping
Skips blocking for known consent management platform domains.
privacy.trackingprotection.consentmanager.skip.enabled: StaticPrefList.yaml
privacy.trackingprotection.consentmanager.skip.pbmode.enabled: StaticPrefList.yaml

false

true

false

false

[1] privacy.bounceTrackingProtection.mode has build-specific defaults:

#ifdef NIGHTLY_BUILD
  value: 1
#else
  value: 3
#endif

Safe Browsing

Feature

Normal

Private

Malware Protection
Checks URLs against Google Safe Browsing malware list.
browser.safebrowsing.malware.enabled: StaticPrefList.yaml

true

Phishing Protection
Checks URLs against Google Safe Browsing phishing list.
browser.safebrowsing.phishing.enabled: StaticPrefList.yaml

true

Downloads Protection
Checks downloaded file hashes against Google Safe Browsing download protection lists.
browser.safebrowsing.downloads.enabled: all.js

true

Block Potentially Unwanted Software
Blocks downloads flagged as potentially unwanted programs (PUPs) by Safe Browsing.
browser.safebrowsing.downloads.remote.block_potentially_unwanted: all.js

true

Private Browsing

Feature

Normal

Private

Reset Private Browsing
Clears all private browsing mode data when last private window is closed.
browser.privatebrowsing.resetPBM.enabled: firefox.js

[2]

Show Reset Confirmation
Shows confirmation dialog before clearing private browsing data on window close.
browser.privatebrowsing.resetPBM.showConfirmationDialog: firefox.js

true

[2] browser.privatebrowsing.resetPBM.enabled has build-specific defaults:

#if defined(NIGHTLY_BUILD)
pref("browser.privatebrowsing.resetPBM.enabled", true);
#else
pref("browser.privatebrowsing.resetPBM.enabled", false);
#endif

Privacy Headers

Feature

Normal

Private

Do Not Track
Sends DNT: 1 HTTP header with all requests.
privacy.donottrackheader.enabled: StaticPrefList.yaml

false

Global Privacy Control
Sends Sec-GPC: 1 HTTP header and exposes navigator.globalPrivacyControl=true.
privacy.globalprivacycontrol.enabled: StaticPrefList.yaml
privacy.globalprivacycontrol.pbmode.enabled: StaticPrefList.yaml, firefox.js

false

true

GPC Functionality
Master switch that controls whether GPC signals are sent (requires .enabled to also be true).
privacy.globalprivacycontrol.functionality.enabled: StaticPrefList.yaml, firefox.js

true

Fingerprinting Resistance

Feature

Normal

Private

Resist Fingerprinting
Enables comprehensive fingerprinting resistance including canvas noise, reduced timer precision, and spoofed system info.
privacy.resistFingerprinting: StaticPrefList.yaml
privacy.resistFingerprinting.pbmode: StaticPrefList.yaml

false

false

Anti-fraud

Feature

Normal

Private

Skip Anti-fraud Resources
Exempts domains with ‘fingerprinting’ or ‘tracking’ annotations from blocking if they have ‘anti-fraud’ annotation.
privacy.trackingprotection.antifraud.skip.enabled: StaticPrefList.yaml
privacy.trackingprotection.antifraud.skip.pbmode.enabled: StaticPrefList.yaml

false

true

Other Privacy Features

Feature

Normal

Private

Cookie Banner UI
Shows cookie banner reduction controls in Firefox settings.
cookiebanners.ui.desktop.enabled: firefox.js

false

Network State Partitioning
Partitions HTTP cache, connection pools, and other network state by top-level site.
privacy.partition.network_state: StaticPrefList.yaml

true

Strip on Share
Strips tracking query parameters when copying URLs via context menu ‘Copy Link’.
privacy.query_stripping.strip_on_share.enabled: StaticPrefList.yaml, firefox.js

true

Sources: browser/app/profile/firefox.js, modules/libpref/init/StaticPrefList.yaml, modules/libpref/init/all.js