X
Tippen Sie hierhin, um die Version dieser Website für Mobilgeräte aufzurufen.

Hilfeforum

Have a help file that has 3 clicks, contents, index, and search. A recent Firefox update disabled this functionality. This functionality still works in IE.

Veröffentlicht

The question describes the problem

The question describes the problem
Angefügte Screenshots

Ausgewählte Lösung

Hi peterfairchild, Firefox 68+ contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info:

If your local help system uses scripts to change pages in frames, that would explain why it is affected. If it is unusable and critical to you, you could roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability:

If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attack page to find any valuable content using local file links.

Diese Antwort im Kontext lesen 1
Zitieren

Mehr Details zum System

Installierte Plugins

  • Shockwave Flash 32.0 r0

Anwendung

  • User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Weitere Informationen

jscher2000
  • Top 10 Contributor
8698 Lösungen 71098 Antworten
Veröffentlicht

Ausgewählte Lösung

Hi peterfairchild, Firefox 68+ contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info:

If your local help system uses scripts to change pages in frames, that would explain why it is affected. If it is unusable and critical to you, you could roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability:

If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attack page to find any valuable content using local file links.

Hi peterfairchild, Firefox 68+ contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them '''from a file:// URL'''. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: * https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp * https://www.mozilla.org/security/advisories/mfsa2019-21/#CVE-2019-11730 If your local help system uses scripts to change pages in frames, that would explain why it is affected. If it is unusable and critical to you, you could roll back the patch as follows: (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk. (2) In the search box above the list, type or paste '''uniq''' and pause while the list is filtered (3) Double-click the '''privacy.file_unique_origin''' preference to switch the value from true to false '''To mitigate the vulnerability:''' If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attack page to find any valuable content using local file links.
Hat Ihnen das weitergeholfen? 1
Zitieren

Fragesteller

Perfect! Thank you.

Peter

Perfect! Thank you. Peter
Hat Ihnen das weitergeholfen?
Zitieren
Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.