- Solved
- Locked
klam karne
ok# Numbered list item
ok# Numbered list item
the settings ExtessionSettings does not show up to be able to modify even tho it is on the ADMX file (5.11)? Should I use the older Extensions policies? I want to install… (read more)
the settings ExtessionSettings does not show up to be able to modify even tho it is on the ADMX file (5.11)? Should I use the older Extensions policies? I want to install and pin an extension from the store.
I need to be able to hide the Extensions button from the toolbar. Is there a way to do that outside of the user.js or prefs.js? Preferably I'd like to do this though the … (read more)
I need to be able to hide the Extensions button from the toolbar. Is there a way to do that outside of the user.js or prefs.js? Preferably I'd like to do this though the policies.json file though I could not find any options for this.
I'm a security analyst. I would like to get email notifications on security advisories, alerts and vulnerability information regarding Firefox to stay up to date. Please … (read more)
I'm a security analyst. I would like to get email notifications on security advisories, alerts and vulnerability information regarding Firefox to stay up to date. Please help on how I can get the subscription?
Good afternoon, We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards. For example, we're tr… (read more)
Good afternoon,
We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards.
For example, we're trying to set an origin in Cookies > Block Settings to something like "*", and we get the error "Ignoring parameter "*" - not a valid origin."
In Chrome / Edge you can set a wildcard like this: [*.]google.com for example - we receive the same error message for this.
Can you do such a thing for Firefox ESR without having to list every site you want to block?
ESR Version: 115.6.0esr (64-bit)
Kind Regards, Ethan Jerrum
Hello, I have a problem with setting up HTTPs only Mode in my Organization, I read a lot about that, but I dont see the "dom.security.https_only_mode" switch in GPO, we h… (read more)
Hello, I have a problem with setting up HTTPs only Mode in my Organization, I read a lot about that, but I dont see the "dom.security.https_only_mode" switch in GPO, we have the newest admx for Firefox. We need that to specific container, but still I dont know how to set it up, even via regedit, or preferences. Can someone describe me when can I set it up ? It could be using json file (which exactly file and how?), registry or just gpo. Regards, M.
Hello, I am trying to create a deny all & white list only gpo for Firefox extensions. I am using the gpo; Computer Configuration/Policies/Administrative Templates/M… (read more)
Hello, I am trying to create a deny all & white list only gpo for Firefox extensions.
I am using the gpo; Computer Configuration/Policies/Administrative Templates/Mozilla/Firefox/Extensions/Extension Management
I started out simple using a template which worked.
{ "*": { "blocked_install_message": "Your Company Blocked Message", "installation_mode": "blocked" }, "uBlock0@raymondhill.net": { "installation_mode": "allowed" } }
However, when I tried to add in more allowed extensions it now longer worked and was able to install any extension.
{ "*": { "blocked_install_message": "Your Company Blocked Message", "installation_mode": "blocked" }, "uBlock0@raymondhill.net": { "installation_mode": "allowed" }, "querymoid@kaply.com": { "installation_mode": "allowed" } }
In my environment, we have Firefox version 117. Users get this pop up "You must log in to this network before you can access the Internet" (see snip 1) when they launch f… (read more)
In my environment, we have Firefox version 117. Users get this pop up "You must log in to this network before you can access the Internet" (see snip 1) when they launch firefox. In order to get rid of we can toggle this preference setting to TRUE ""network.captive-portal-service.enabled" in the user's browser, which works fine. But i want to control this setting from GPO. I'm unable to find the GPO for the same in the GPO hive for FF. See snip 2 for 'Preferences' related GPOs.
Locking this thread.Please continue here: [/questions/1430409] In my environment, we have Firefox version 117. Users get this pop up "You must log in to this network befo… (read more)
Locking this thread.
Please continue here: [/questions/1430409]
In my environment, we have Firefox version 117. Users get this pop up "You must log in to this network before you can access the Internet" (see snip 1) when they launch firefox. In order to get rid of we can toggle this preference setting to TRUE ""network.captive-portal-service.enabled" in the user's browser, which works fine.
But i want to control this setting from GPO. I'm unable to find the GPO for the same in the GPO hive for FF. See snip 2 for 'Preferences' related GPOs.
Hi! Using Intune, we are setting some settings in Firefox. One that is a bit troublesome is the ExtensionSettings Currently looks like this: { "*": { "blocked_ins… (read more)
Hi!
Using Intune, we are setting some settings in Firefox. One that is a bit troublesome is the ExtensionSettings
Currently looks like this:
{
"*": { "blocked_install_message": "Blocked.", "installation_mode": "blocked" }, "uBlock0@raymondhill.net": { "installation_mode": "allowed" }, "addon@darkreader.org": { "installation_mode": "allowed" }, "@react-devtools": { "installation_mode": "allowed" }
}
I get the Blocked message if I try any of the allowed extentions like uBlock, Dark Reader or React Dev Tools.
I can add that uBlock had "force_installed" (With URL since that is required for force) and that worked fine.
Hello I have installed german Firefox Version 117.0 (Build-ID 20230824132758) on Windows 10. The following ExtensionSettings policy works as expected. The addons ublock … (read more)
Hello I have installed german Firefox Version 117.0 (Build-ID 20230824132758) on Windows 10.
The following ExtensionSettings policy works as expected. The addons ublock and TreeTabs are both installed automatically.
{
"*": { "blocked_install_message": "My Message", "install_sources": ["https://addons.mozilla.org/"], "installation_mode": "blocked", "allowed_types": ["locale", "extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi", "default_area": "navbar" }, "TreeTabs@jagiello.it": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/tree-tabs/latest.xpi" }
}
But I don't want TreeTabs to be installed automatically on all workstations. So I want to change installation_mode to allowed.
{
"*": { "blocked_install_message": "My Message", "install_sources": ["https://addons.mozilla.org/"], "installation_mode": "blocked", "allowed_types": ["locale", "extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi", "default_area": "navbar" }, "TreeTabs@jagiello.it": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/tree-tabs/latest.xpi" }
}
But with this setting I'm unable to install it manually from https://addons.mozilla.org/de/firefox/addon/tree-tabs/ The message "An unexpected error occurred during installation." and a popup with the "blocked_install_message" "My Message" is displayed.
The same error occurs without the line (and the comma) "install_url": "https://addons.mozilla.org/firefox/downloads/latest/tree-tabs/latest.xpi"
I don't know why this does not work. Please help. Thank you.
One of our vendors websites does not load under Firefox ESR, with errors in the console pointing to CSP. Error is: Content Security Policy: The page's settings blocked th… (read more)
One of our vendors websites does not load under Firefox ESR, with errors in the console pointing to CSP. Error is: Content Security Policy: The page's settings blocked the loading of a resource at inline ("default-src")
However if I load the site under the normal Firefox release, it displays correctly. When looking at errors in console, it is showing 3 errors for CSP, however it does not stop the site from working correctly. Content-Security-Policy: The page's settings blocked the loading of a resources at https://..... ("connect-src") or ("img-src")
The site is https://app.approvalmax.com If you get the login screen then the site is working otherwise just getting a green background when it is not working.
I am unsure why ESR and RR versions are behaving differently in this case. Using the latest versions of each.
I need to set the max TLS version to 1.3 and the min version to 1.2 on my shstems. The max and min TLS versions are set to 4 and 3 by default in about:config. If I use lo… (read more)
I need to set the max TLS version to 1.3 and the min version to 1.2 on my shstems. The max and min TLS versions are set to 4 and 3 by default in about:config. If I use lockPref(“security.tls.version.max”,”3”), it is still 4 in about:config for some reason. If I set the min version to 2, it is still 3. This also doesn’t work if I use “SSLVersionMin”: “tls1.2” how can I fix this issue? Thank you in advance!
I am using the intune preview feature which allows you to import admx/adml instead of using the custom injection method. Everything works far better then with the inject… (read more)
I am using the intune preview feature which allows you to import admx/adml instead of using the custom injection method. Everything works far better then with the injection method, except for one settings:
ExtensionSettings this setting is working when I have only one setting set (ex):
{"someplugin@test.com": { "installation_mode" : "allowed" }}
If I add a second line to the entry:
{"someotherplugin@test.com":{ "installation_mode" : "allowed"}}
I understand this is a new feature, but if I had the correct format that would work for HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ExtensionSettings to allow two plugins to work I belive I shouldn't have any issue getting the admx feature to do this, I even tried manually editing the registry setting and it breaks whenever I add the second line to it.
Hi All, I have recently been enhaciing our security posture and have started sorting out our browser extensions, however I seem to be having errors allowing 2 extensions… (read more)
Hi All,
I have recently been enhaciing our security posture and have started sorting out our browser extensions, however I seem to be having errors allowing 2 extensions
This is my json:
{ "*": { "blocked_install_message": "version 0.4 - Addon or Extension is not approved. Please submit a ticket to Help Desk if you need access to this extension.", "install_sources": ["https://addons.mozilla.org/"], "installation_mode": "blocked" }, "{bc8367b6-d946-484e-8da6-37691f23ee64}": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi" }, "{2a28e7e4-64c9-4e7f-81fb-0475af840c0f}": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi" } }
I have tried the obvious and removed the {} from both extensions, however still having troubles.
Is someone able to point me in the right direction?
Version: Firefox ESR 102.9.0 (64-bit) - Windows 10 Enterprise 22H2 Customers have been complaining for about 6 months that they can no longer drag and drop email attach… (read more)
Version: Firefox ESR 102.9.0 (64-bit) - Windows 10 Enterprise 22H2
Customers have been complaining for about 6 months that they can no longer drag and drop email attachments from Outlook (Microsoft Office Professional Plus 2019 - Exchange) into a Help Desk formula. I tested dragging from Outlook desktop and from the web version.
Drag and Drop works when using Edge and Chrome.
This is not a major issue, since customers can use the other browsers, but since they would prefer to use Firefox, a fix would really be appreciated. :-)
Hello, I am trying to manage Firefox Extension using "Extension Setting" via Intune. Source: https://github.com/mozilla/policy-templates/blob/master/README.md#extensions… (read more)
Hello, I am trying to manage Firefox Extension using "Extension Setting" via Intune. Source: https://github.com/mozilla/policy-templates/blob/master/README.md#extensionsettings I am testing below JSON for testing. <enabled/> <data id="ExtensionSettings" value=' {
"*": { "blocked_install_message": "Not Allowed contact HelpDesk.", "install_sources": ["https://www.example.com/*"], "installation_mode": "blocked", "allowed_types": ["extension"] }, "uBlock0@raymondhill.net": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" }, "https-everywhere@eff.org": { "installation_mode": "allowed" }, "jetpack-extension@dashlane.com": { "installation_mode": "allowed", "install_url": "https://prod.extensions.dashlane.com/downloads/firefox/dashlane-latest-fx.xpi" }
}'/>
When deployed to test devices, all extension previously installed get removed and Ublock get installed, seem like working as intended but when I try to install any "Allowed" I get the block installed message. I see no error in "about:policies". I don't know where else to look for why its getting blocked?
Any help will be much appreciated.
Hello, I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional a… (read more)
Hello,
I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?
Thank you!
I need an OFFICAL time line of your release dates for ESR releases. Specifically, 3rd and 4th quarter. Where do I find the list?