Firefox Support ƒe Forum

I was surprised today to visit a site and notice the "permissions" icon appear at the left of the address bar, showing me that cross-site cookies were allowed for this site. I have Enhanced Tracking Protection set to "Strict", so obviously this was a worrying thing to happen.

Looking into it a bit further, it seems Firefox provides a backdoor for cross-site cookies: https://support.mozilla.org/en-US/kb/third-party-trackers?as=u&utm_source=inproduct#w_managing-cross-site-cookies

• "While cross-site cookies from trackers are blocked in Firefox by default, a site may signal to the browser that it needs to use them for important functionality. In this case, Firefox will allow a third-party website to use cross-site cookies the first five times (or up to 1% of the number of unique sites you visit in a session, whichever is larger) without prompting you. After that, Firefox will prompt you to block these cookies. Without your consent, Firefox blocks these cookies from that point because a site requesting access that many times may be a tracker."

This is most definitely not what I want!

I want every cross-site cookie to be blocked by default, unless and until I explicitly approve it. Is there an about:config preference I can set to achieve this?

Hello I'm referencing the topic where TLS 1.0 and 1.1 support was removed but rolled back to accommodate some government agencies / sites and support for COVID-19 data

https://support.mozilla.org/en-US/questions/1290040#:~:text=Mozilla%20and%20other%20browser%20makers,and%20performance%20of%20Internet%20connections.

Quoted answer "Right, support for TLS 1.0 and TLS 1.1 has been removed few months ago, but we reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information."

Since it was referenced as "undermined amount of time", is there anything currently on your roadmap/release schedule in regards to removing support again? I have some cutover decisions I need to make and knowing if ESR for example will remove this support in 2 months may effect the direction of those. If you have anything to share, i'd really appreciate it.

Regards,

-Chad

I can't connect to my router using this same link I've always used: https://router.asus.com:8443/ I also tried: http://router.asus.com and: http://192.168.1.1/ Nothing has changed! I get a security error. See attachment. There is no "Proceed at your own risk" option. I've spent hours searching for a work around or fix. Nothing works! How in blue blazes am I supposed to connect to my ASUS Router's GUI. This is Windows 10, Firefox 104.0.2 (64-bit)

Hello,

I noticed that a setting on the about:config page was removed: the "security.csp.enable" setting. I was using this setting to disable CSP to be able to load local JS scripts on some non-locally hosted sites, for debugging and development, work related purposes.

Was this setting really removed? Is there a way to disable CSP on Firefox on the latest version?

Thanks! Gabriel.

This is a many years old account/install with Netscape/Firefox, now 116.0.1, 64-bit Windows.

When offered a box for email step 1 login -- this site, for example -- FF auto fill offers my correct address first, but then there are two offered below that in the auto fill offers that are not mine.

How can I access where those are stored and remove those erroneous or mal email addresses?

Searching here infers the Profile; yes, my first guess, but my Profile is 725 MB ... so any hints available?

Logins appear on log-in pages as soon as I type anything in the user box. I have not told Firefox to save any logins or passwords, I do not want it to do that. But on the "saved logins" page after going to the Passwords item on the main menu (three lines) it says No Logins Are Found. None. How do I make sure none are saved, since obviously some are being saved somewhere? And how can I get rid of the ones that appear, so must be saved somewhere? I use Windows 10, and Firefox with the latest updates as of August 2, 2023. Norton 360 is installed. Thank you for help with this.

I am a UK user and have just installed and started to use Firefox on a brand new Linux Mint installation. As I am transferring from a Windows/Chrome environment, there is a lot of setting up to do. Firefox transferred most of the chrome info for me, and so I was able to get up and running with bookmarks and logins quite quickly. However, there is one problem that I can't seem to resolve.

I have been able to set up my credit card details, and these are prompted when needed, BUT, Firefox will not remember my name, email, phone or address. Thus for every form that I have to fill, I have to enter these details, again and again (and again).

I have looked at settings and see that the 'Autofill Address' option is not present (see attachment).

I have followed and implemented the fix proposed elsewhere, to update/add GB as an address format. This has not made a difference.

Can anyone please help.

Regards,

Mark

I have my Firefox Firefox Privacy & Security History settings set to 'Always Use Private Browsing Mode.' Yet every time I open Firefox and visit the History tab, 'Recently Closed Tabs' shows a history of the websites I've visited. How do I disable this feature?

No matter what I try, I can't allow any sites to present my screen or a window, I can't find an option in settings neither in the option to allow in the tab. The "allow" button is simply not available at all. How do I solve that? The problem happens in all sites that I've tried: focusmate, cofocus, discord, google meet, etc

Firefox is set to remember history, but every time I close it and re-open it, links in websites that once had purple text is now back to white, so I don't know what link I'm on, Firefox remembers this through history saved, why does it reset back to white text? Does it have something to do with bitdefender or bitdefender VPN? Can anyone else test thie out with firefox and bitdefenders full security on? Firefox is set to save everything by the way. Only started happening after installing bitdefender.

I tried to log in to a website that requires access to my location. I'm using Firefox 114.02 on an iMac running Monterey 12.6.7. I was able to get in to Firefox's Location settings and now have the website listed with "Allow" noted. This was not enough, and for some time I didn't understand why. Then I discovered the Mac's System Preferences' Security and Privacy section, where Location Services are one category under Privacy. Selecting Location Services brings up a list of apps that are allowed to provide location information. For some reason, other browsers are on the list and can be turned on or off, but Firefox is not on the list of apps that can be selected as permitted. Am I missing something here? I can't find any way to add apps to the list so that they can actually be selected. Any advice?

i need set a default exception website for pop-up blocker settings fore every firefox install. or completely disable pop-up blocker settings as default.

what can i do for this purpose?

I am receiving the message Did Not Connect: Potential Security Issue ... requires a secure connection ... when trying to access my Shopify website AngelFallsHomes.com. This ONLY happens with Firefox; all other browsers are working fine. What do I do to fix this because obviously it is a huge concern.

Hello I want to disable/hide or at leas make smaller the GIANT "detail" bar that shows up on the history manager and difficults reading trough the history. There seems to be no options available in the toolbar and can't find any on about:config either. Perhaps there's a key I can add in about:config to change this?

Thank you

When using the Export Logins feature to create a .csv file, the last few fields don't seem to translate into any known date-stamp format in Excel. The data seems to have relative chronological value, but I can't make sense of it in a spreadsheet.

Can a developer check this and modify the output of those fields so it's more compatible?

Example:

 Header             Cell data
 ----------------------------

timeCreated 1675178753239 timeLastUsed 1684763722184 timePasswordChanged 1675178753239

I'm unable to verify my Mac to log into my Chase bank account, since I last cleaned out my cookies. When I enter my verification code and password, the fields revert to blank rather than submitting. I've cleaned my cache and cookies, restarted my browser, spoken to Chase reps... but it seems the issue is the browser. Firefox is the only browser I have this problem with.

It was suggested to me that Total Cookie Protection is not allowing Chase to verify, but I toggled off Enhanced Tracking Protection on the site, as well as adding exceptions as many of Chase's secure servers as I've seen (the exceptions in the attached screenshot go way past 7...), and I still can't verify and log in.

Hello,I'm wondering whether there's a difference between having Enhanced Tracking Protection on on Strict and Custom with the settings for Custom being:

• Cookies All cross-site cookies (may cause websites to break)
• Tracking content In all windows
• Cryptominers

and

• Fingerprinters.

Dear Sirs,

today i did lockout everybody on a test server of a web application while playing with CSP on the server side. no modern browser was able to open the page anymore. but the real problem was that the configuration interface was also not accessable anymore.

the option security.csp.enable is long gone since FF 99 and i had to ""downgrade to FF 98"" to be able to access the misconfigured server.

please enable that security.csp.enable in about:config back again at least for the development version of FF. someone might need it. other options are to install risky extensions and i would like to avoid that in the future.

Yours

E

When I start typing, there's a feature that is not very good for my privacy: "Firefox Suggest" - it shows off my web history to anyone looking at my screen, complete with thumbnails for all the websites. How can we stop it?