3.1 Disable Network Prefetch

Information

This setting configures if Firefox is allowed to make URL requests without user consent.

Rationale:

Prefetching URLs could lead to misinformation on browser history such a a website that was not visited but the user hovered over the URL link. This can be misleading in a forensic investigation.

In addition, there is a chance that information can be leaked about a local network if connected to a public network.

Impact:

None - This is the default behavior.

Solution

To establish the recommended configuration, set Network.dns.disablePrefetch to true:

Type about:config in the address bar

Type Network.dns.disablePrefetch in the filter

Ensure the setting is set as prescribed.

OR

Open the mozilla.cfg file in the installation directory with a text editor

Add the following lines to mozilla.cfg:

lockPref('Network.dns.disablePrefetch', true);

Default Value:

False (Enabled).

See Also

https://workbench.cisecurity.org/files/4299

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(3), 800-53|SC-7(4)

Plugin: Windows

Control ID: 05b80e9fa0fc83d98515a709c792231dc9fdac3ed629b1a9ade0b03cf06e9701