João Freitas

The following is the story on how the author managed to create a JavaScript free experience while browsing the web with Firefox. He has done this by having a main profile with JS disabled and maintaining multiple profiles for websites that require JavaScript for login and etc.

Honestly, I disagree with the author take on this. I wish I could also browse without minimal or none JavaScript execution, but it’s painful having to change my environment each time I want to access a website that does require JavaScript.

At the moment I have two main browser instances, both using Firefox. My primary browsing is in my customized Firefox, with assorted strict settings and extensions that result in it mostly not running JavaScript, being logged in to places, and so on. Since browsing with JavaScript off can be annoying, I have a second Firefox instance that’s my ‘just make it work’ browser; it runs JavaScript, accepts and gives back all of those cookies, and so on, and then it throws cookies and everything away when I close it.

(I implement this second stock Firefox environment not with a profile but by changing the $HOME environment variable before I run this Firefox. Firefox on Unix helpfully respects $HOME and having the two environments be completely separate avoids various potential problems.)

This second ‘JavaScript’ Firefox environment is what I normally use when I need to log in to sites I don’t like (especially if they want to use JavaScript, which they usually do); I log in, do whatever, and close the browser, flushing my login session along with all of the other cookies. However, for my sins I use a number of websites that require both JavaScript and logins, and that have annoying or painful login procedures. These sites do things such as requiring multi-factor authentication every time with a physical token, or sending email every time I log in (or just a tediously long and slow multi-step login process). As a result I want to log in to them as infrequently as possible, which means keeping their login cookies.

(For some of these sites, I also don’t want to casually browse other places while logged in to them, because they have some degree of important privileges. Otherwise, for some sites I could start my JavaScript Firefox environment at the start of the day and only exit it at the end, letting cookies and so on accumulate (only) over the course of the day. It’s not perfect, but it is lazy.)

My solution to this is a set of additional profiles in the ‘JavaScript’ Firefox setup, one per annoying website. Each profile gets a standard set of Firefox addons, of which the critical ones are uBlock Origin and Cookie AutoDelete. In each profile, I set Cookie AutoDelete to keep the necessary cookies for the particular website (or related set of them), and then clean up everything else. Those additional cookies come from various things, including me browsing off that site by following links on it. It generally takes a little bit of initial work to figure out what sites need their cookies retained, but once that’s set up, all of these profiles have been stable and trouble-free.

(In theory I could try to put limits of what websites can use JavaScript in these profiles, but in practice it’s too much of a pain in the rear.)

In theory perhaps I could use something like Firefox Multi-Account Containers for this, but I prefer separate profiles. They’re probably more work to set up in the beginning, but I feel more confident about what they’re doing and how various aspects interact with each other. Profiles are definitely completely separate from each other, including for extension settings and so on. Containers, well, it depends.

In addition to uBlock Origin and Cookie AutoDelete, I also add Foxy Gestures (which is a critical part of my Firefox experience), Cookie Quick Manager, and generally Certainly Something (for TLS certificate viewing). Some of these profiles have accumulated additional addons over time, usually ones that mitigate tracking. These days I also install my bookmarklet buttons (for readable and fixed).

#reads #chris siebenmann #firefox #hack #browser #javascript