A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.Cross-site scripting carried out on websites Policies can be specified using the Group Policy templates on Windows, Intune on Windows, configuration profiles on macOS, or by creating a file called policies.json. WebGL is part of some fingerprinting scripts used in the wild. This will send everything typed or pasted in the search field to the chosen search engine, even when you did not press enter. Disable firefox intro tabs on the first start Disable the first run tabs with advertisements for the latest firefox features. Disable Firefox Accounts integration (Sync). This setting disables it and sets the mode to explicit opt-out (5). Safari: Disabling same-origin policy in Safari If this value is false, it works the same as if DisableMasterPasswordCreation was true and removes the primary password functionality. I've also created an extension that makes it easy to find the ID of extensions on AMO. CCK2 Equivalent: disableFormFill Userscript to bypass same-origin policy for accessing nested iframes. The domains value must be a domain, not a URL pattern. Disable geolocation tracking geo.enabled = false. According to caniuse it seems that it doesn't need those prefixes anymore. This name can be used as the target attribute of or