We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Accept-language header in private mode

more options

Is there any setting to stop accept-language header request, or change it to default in Private mode, with tracking protection enabled.

from https://w3ctag.github.io/private-mode/ drafts Browsers in private mode MUST NOT emit any of the following request header fields: Accept, Accept-Language ...

Is there any setting to stop accept-language header request, or change it to default in Private mode, with tracking protection enabled. from https://w3ctag.github.io/private-mode/ drafts Browsers in private mode MUST NOT emit any of the following request header fields: Accept, Accept-Language ...

All Replies (1)

more options

Whose draft is that? It seems rather extreme, but I guess that would be a comment for the discussion thread: https://github.com/w3ctag/design-reviews/issues/101

I notice the stated purpose of that section of restrictions is:

Maintaining server privacy means limiting its ability to identify the user, through "fingerprinting" the client, or associating the user's behavior on one site with that on another (using a mechanism like cookies).

I'm not aware of any preferences that modulate the HTTP headers sent in private mode. There may be extensions that can do that.

There is a preference in testing called privacy.resistFingerprinting which may have some of those effects. However, users have reported some website breakage with that setting, so it probably needs further development. It is expected to be "turned on" in Firefox 59.

More info: https://wiki.mozilla.org/Security/Fingerprinting