Privacy-Browser-Project

darktux · May 3, 2025, 4:18pm

Hello all,

with json options, a Google Chrome-based web browser can be easily configured globally on a Linux system. This allows you to enforce settings in all areas for all users of a Linux desktop/terminal server. This has the advantage that you don't have to worry about the user settings of each individual and that company-wide policies can be easily applied. In addition, you can have each extension installed automatically.

Since Google and now unfortunately also Firefox are becoming more and more intrusive
when it comes to advertising and skimming personal data, I thought I would disable some unnecessary (→ unwanted) features and increase privacy. It also annoyed me that sometimes new features were tried out and switches in Chrome/Chromium were activated without asking.

Click here for the project:

Neo · May 4, 2025, 1:25am

Hi @darktux

The first thing I noticed was the "out of spec comment" in this JSON object.

JSON OBJECT

{
  "BrowserSignin": 0,
  "SyncDisabled": true,
  "SpellcheckEnabled": false,
  "SafeBrowsingEnabled": false,
  "TranslateEnabled": false,
  "AutofillAddressEnabled": false,
  "AutofillCreditCardEnabled": false,
  "AutofillProfileEnabled": false,
  "AlternateErrorPagesEnabled": false,
  "SearchSuggestEnabled": false,
  "BlockThirdPartyCookies": true,
  "DefaultThirdPartyStoragePartitioningSetting": 2,
  "CloudPrintProxyEnabled": false,
  "ScreenCaptureAllowed": false,
  "LiveTranslateEnabled": false,
  "RemoteAccessHostAllowRemoteAccessConnections": false,
  "RemoteAccessHostAllowRemoteSupportConnections": false,
  "DisableScreenshots": true,
  "FeedbackSurveysEnabled": false,
  "DomainReliabilityEnabled": false,
  "DomainReliabilityAllowed": false,
  "PrivacySandboxEnabled": false,
  "BackgroundModeEnabled": false,
  "NetworkTimeQueriesEnabled": false,
  "DefaultAppsEnabled": false,
  "UrlKeyedAnonymizedDataCollectionEnabled": false,
  "NetworkPredictionOptions": 2,
  "MetricsReportingEnabled": false,
  //"DefaultCookiesSetting": 4,
  "PaymentMethodQueryEnabled": false,
  "EnableMediaRouter": false

}

Invalid JSON by definition:

//"DefaultCookiesSetting": 4,

is invalid in strict JSON. Comments are not allowed in JSON (per RFC 8259).

That line will cause a parse error in any parser that strictly adheres to the JSON spec. If you're using a tool or environment (like some Chrome policy files or JavaScript-based loaders) that tolerates or preprocesses comments, it might still work — but it's not valid JSON by definition

If you with to comment out lines in a config file, consider using YAML as the YAML spec permit comments.

darktux · May 4, 2025, 11:13am

Thanks for letting me know. Yep, it actually works anyway. I'll rewrite that.

Neo · May 4, 2025, 1:32pm

@darktux

You have a number of JSON files which have comments which are "out of spec" for JSON objects, for example:

{
  "ExtensionInstallForcelist": [
    "ddkjiahejlhfcafbddmgiahcphecmpfh", //Ublock Origin Lite
    "cimiefiiaegbelhefglklhhakcgmhkai", //Plasma Integration
    "oldceeleldhonbafppcapldpdifcinji", //LanguageTool
    "mlomiejdfkolichcflejclcbmpeaniij", //Ghostery Tracker & Ad Blocker | Privacy AdBlocker
    "doojmbjmlfjjnbmnoijecmcbfeoakpjm", //NoScript
    "nngceckbapebfimnlniiiahkandclblb", //Bitwarden Password-Manager
    "kplfenefaakjhjkklghidleljeocgdap" //Qwant - alternate Search-Engine
  ]
}

{
  "ExtensionInstallForcelist": [
    "cimiefiiaegbelhefglklhhakcgmhkai", //Plasma Integration
    "oldceeleldhonbafppcapldpdifcinji", //LanguageTool
    "doojmbjmlfjjnbmnoijecmcbfeoakpjm", //NoScript
    "nngceckbapebfimnlniiiahkandclblb" //Bitwarden Password-Manager
  ]

etc, etc.

These objects might work, but comments are not allowed in JSON (per RFC 8259).

darktux · May 11, 2025, 8:42pm

Done.