Firefox Support Forum

This has been going on for a length of times, the Privacy app or window keeping changing when I used it. This morning, it started back when trying to close it to go to another website. Also, the middle part of the privacy screen keeping changing.

Firefox is not secure because there is something going on every day with the settings. They keep changing on me.

When I go to Settings > Privacy & Security the only "autofill" setting is to import data from another browser. I am signed in, in the US, and my VPN is set to Seattle.

Good afternoon,

If necessary, I am available to add more information about this case (145005), in English or Portuguese.

Best regards,

Ana Patrícia Paquete Visual Designer

In Firefox 115.8.0esr on linux RHEL7, I am loading a local html page (using file:///...) that I created. Inside the html page, I have a tag "<object id="hiddenDataObj" data="abc.txt">" where abc.txt is a text file in the same directory as the html file. Using my default profile, the data is loaded and some downstream javascript runs as expected. When I use an alternate profile and try to load the exact same page, I get a javacscript error "Uncaught TypeError: hiddenDataObj.contentDocument is null." It is not null when I run my default profile.

I'm trying to figure out what setting in my profile is enabling/disabling the loading of the data so that I can change it. I've gone to about:preferences and scrolled through and it seems like all settings I see are the same between the two profiles.

Thanks for any help.

as you can see in the screenshot it says the mic is only"allowed temporarily" and when i go to permissions it doesn't let me add a site to grant perms i can just search for sites and thats it. its annoying cuz on textnow i have to keep granting perms

Hello,

My password saved are deleted every time I close FF. It used to be manageable because Google and other sites didn't require me to fill my passwords (cookies did the trick I suppose) but now I also loose access to gmail and Youtube every time I close FF. It's annoying to have to use 2FA every damn time. And keeping the passwords available.

I've tried every answer I found by looking around :

- tried to start in safe mode - disable hardware acceleration - I have no extensions

FF saves the passwords correctly (at least they appear in the saved password tab) but they are erased every time I restart FF. The cookies aren't automatically deleted (FF remembers my browsing history) but I need to relog into Google.

I getting frustrated.

When I click on a dropdown the settings automatically open in a new tab. For instance when logging into something and choosing my password and/or username from a dropdown, when I click on my choice a new tab suddenly opens with the settings menu - specifically the autofill thru permissions area in the "privacy and security" submenu. Just started doing this randomly the other day so I rebooted the computer and that fixed the problem, but its now started doing it again. Please help?

Firefox provides the option to Remember search and form history under custom settings. I want the browser to remember search history but not remember form history. Is there a way to separate these two settings?

In my settings under Connected Services there is a list of devices that have signed into my firefox account. I do not recognize one of them. The Connected Service listed name is Firefox Mobile 126, Android 14. How can I find out where this is coming from?

Thank you

TL;DR : Disqus comments used to work while using privacy Strict mode now it doesn't.

After years of it working out of the get-go while using Strict mode up till recently (about a year ago this was really low on my priority list) refused to work I though it was my Ad blocker was causing issues but after setting it in the filters to allow and even after turning it off still no dice.

Removed all add-ons tried again still Disqus comment section refused to load in the websites I regularly visit. So after giving up, I just look around in the browser setting to see if there is anything that may cause conflict with certain scripts from running.

Filled out a form on a Japanese Retail Store website to contact them and couldn't send the message. Message just hung up all day. I think the connection is secure (icon next to Firefox address bar does not have a slash thru it so I think connection is secure). That Firefox icon says it is blocking trackers and cookies on the website and "Enhanced Tracking Protection" is "On". And got message in bottom corner of website saying "ERROR for site owner: Invalid domain for site key". Using up-to-date Firefox browser, Windows 10 and Windows Defender Firewall. (Tried Windows Edge browser and it said connection was insecure so I followed steps to connect to it like changing Privacy settings and switching to a Private Window but it didn't help.) What else can I try to use this Japanese website? (Note: website does not have an email address listed anywhere.)

the only autoplay setting i can find is under privacy and security. the page shows DEFAULT FOR ALL WEBSITES: Block Audio and Video, but videos still open and play. the page does not retain the change when i select the button REMOVE ALL WEBSITES. this problem has not been happening for years. it may have begun about six months ago. thank you for your time

Hello,

I am unable to access x.com, and I think this is caused by hackers.

Below I try to explain the facts (or information) that leads me to this conclusion.

After I enter the x.com in Firefox's address, in the developer drawer Network tab I can see the content-security-policy as:

content-security-policy: connect-src 'self' blob: https://api.x.ai https://api.x.com https://*.pscp.tv https://*.video.pscp.tv https://*.twimg.com https://api.twitter.com https://api.x.com https://api-stream.twitter.com https://api-stream.x.com https://ads-api.twitter.com https://ads-api.x.com https://aa.twitter.com https://aa.x.com https://caps.twitter.com https://caps.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton.twitter.com https://ton.x.com https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://twitter.com https://x.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://accounts.google.com/gsi/status https://accounts.google.com/gsi/log https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com ws://localhost:8008/v2/ipc https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com  ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443; font-src 'self' https://*.twimg.com; frame-src 'self' https://twitter.com https://x.com https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://cards-frame.twitter.com https://accounts.google.com/ https://client-api.arkoselabs.com/ https://iframe.arkoselabs.com/ https://vaultjs.apideck.com/ https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' blob: data: https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct; manifest-src 'self'; media-src 'self' blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://*.twimg.com https://recaptcha.net/recaptcha/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://client-api.arkoselabs.com/ https://www.google-analytics.com https://twitter.com https://x.com https://accounts.google.com/gsi/client https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://static.ads-twitter.com 'nonce-ZDFkNGU5ZjQtYjdkZC00ZjhmLWFhMmMtZGIwMmY5ZGM2N2E4'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false

NOTICE THE script source policy: script-src 'self' 'unsafe-inline'

NONETHELESS, when I look at x.com source, I see:

<script nonce="NmM2ZWZkMWMtZTdmOC00YmE5LWI1Y2YtNTQ4NDIzMzFkZDUy">

window.__runPxScript = function() {

 delete window.__runPxScript;
 !function(e,t,n,s,u,a){e.twq||(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);
 },s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',
 a=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');
 twq('config','ogf5s');twq('config','o8zly');

} </script>

<script type="text/javascript" charset="utf-8" nonce="NmM2ZWZkMWMtZTdmOC00YmE5LWI1Y2YtNTQ4NDIzMzFkZDUy">location.assign("/account/access")</script>

Also, the developer drawer Console tab issues this error before being redirected to x.com/account/access:

Content-Security-Policy: Ignoring “'unsafe-inline'” within script-src: nonce-source or hash-source specified

I think the HTML that loads in Firefox is corrupted or tampered.

Could I get some feedback?

My FF version 126.0.1 browser history file size is stuck at 10,240 KB. Until recently it was 54,000 KB and change. I would like to get it larger. I've tried all the recent help postings relating to places.history.expiration.max_pages, places.history.expiration.transient_current_max_pages, browser.history_expire_days, browser.sessionhistory.max_entries or browser.sessionhistory_max_entries, and so on. Nothing seems to be able to change the "places" file size. Anyone have any more info on this topic?

Discovered that until now I had been unable to store passwords on this browser, and discovered I would need to set a Primary Password before being able to set any. I followed the recommended instructions to set one, but no matter what I entered, it would be unable to set. (Password quality meter was not full (75-80%~), if that is significant.)

After this, I would receive continuous pop-up windows asking to set a Primary Password, but all attempts to set such a password would fail (Window named :"Alert", with text stating "Unable to Change Password.") These would persist until I shut down my computer, and I stopped receiving these popup windows, but ultimately, I am still unable to set a primary password., and thus, am unable to save passwords.

(Pop-up Windows were labelled "Change Password", and had text stating "Security Device: Software Security Device", along with having the password change form)

I'm hoping to get some help with disabling the Insecure connection password warning in Firefox version 115.11.0.

In previous versions, I could disable this warning through the about:config settings. However, I couldn't find the specific setting (security.insecure_field_warning.contextual.enabled) that was mentioned in some online resources.

I understand the security risks involved in disabling these warnings, and I only intend to do this on a trusted website on my local network.

Could you please advise on the best approach for achieving this in Firefox 115.11.0, or any alternative solutions to manage insecure connection warnings for trusted local sites?

Thanks in advance for your help!