Neueste Antworten auf Firefox will no longer load fonts!https://support.mozilla.org/de/questions/12651242019-07-20T02:06:25-07:00Hi digitatum, Firefox 68 contains a security patch which restricts the kinds of files that pages can2019-07-20T02:06:25-07:00jscher2000https://support.mozilla.org/de/questions/1265124#answer-1239009<p>Hi digitatum, Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them <strong>from a file:// URL</strong>. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info:
</p>
<ul><li> <a href="https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp" rel="nofollow">https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp</a>
</li><li> <a href="https://www.mozilla.org/security/advisories/mfsa2019-21/#CVE-2019-11730" rel="nofollow">https://www.mozilla.org/security/advisories/mfsa2019-21/#CVE-2019-11730</a>
</li></ul>
<p>There will be an exception in Firefox 70 for font files; that might also make it into Firefox 69. For now, through, you could consider rolling back the patch as follows:
</p><p>(1) In a new tab, type or paste <strong>about:config</strong> in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
</p><p>(2) In the search box above the list, type or paste <strong>uniq</strong> and pause while the list is filtered
</p><p>(3) Double-click the <strong>privacy.file_unique_origin</strong> preference to switch the value from true to false
</p><p>To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.
</p>