This thread was archived. Please ask a new question if you need help.
Url bar only shows domain, not full path - makes browser unusable for me
I'm a Firefox for Android beta user. A couple days ago I did an update, and now when I go to a web site all I see the domain and not the full path. This makes no sense to me. What is the benefit? It also makes the browser unusable for my purposes. How can I tell where I am? If I click in the bar it reveals the full path, but I need to see it all the time. I looked in about:config and no setting changes seemed to change this behavior. Please help! I really would not like to have to use Chrome. Thanks.
All Replies (8)
This change was to help users understand the most important part of the host name, for phishing protection. Bug #1236431 – Make the origin (site) we are on clearer and less spoofable or phishing prone
On tablets, the full URL will still be displayed. Bug #1250671 – URL bar: Consider showing full URL on tablets
When the site has an EVSSL certificate, the owner name from the certificate may be displayed instead of the host name/URL (I'm not quite sure about tablets). Bug #1249594 – Show name of organization (EV certificate) in URL bar
I don't know whether anyone has filed a request to add a preference that phone users could toggle to show the full URL on phones. Probably the best thing to do is go ahead and file that bug now, referring to the first two I mentioned. https://bugzilla.mozilla.org/enter_bug.cgi
Thanks for your reply. I filed a bug.
I just can't see this as being a good thing! Unless I'm not understanding how this works, couldn't a malicious site just lie about their site/company name?
Forcing the display of the site or company name in the URL bar thus hiding the address isn't gonna work for me I'm afraid, I like to know right off the bat what site I'm at/visiting without having to click the URL Bar to show the address. Phishing and malicious sites will surely take advantage of this. Shhheeeeesh, this shouldn't even be an option, it simply shouldn't be, for security reasons.
I also filed a Bugzilla report at: https://bugzilla.mozilla.org/show_bug.cgi?id=1271030
Modified by PenTech Services
PenTech Services said
Unless I'm not understanding how this works, couldn't a malicious site just lie about their site/company name?
I don't think so. The two things you would normally expect to see are:
(1) base domain name - Firefox calculates this from the URL, so it's as real as the URL
(2) company name from an EVSSL certificate - the issuers have strict procedures for validating this information, so it seems unlikely that a phishing site would go through this process for the brief time before they are shut down
Thanks jscher2000! I'm still learning here. So this is now permanent in FF releases? Or is there a way I can force the urlbar to show full URLs instead of names? In about:config?
Your help is much appreciated.
Hi PenTech Services, this is the new normal. I think two different users said they filed bug reports to get a change made. I didn't actually read the bugs myself, but there's a link to one of them earlier in this thread.
Mr. jscher2000; The following either A: breaks the way the EVSSL thing works or B: disables the showing of the name instead of the url in the urlbar.
security.ssl.enable_ocsp_stapling = false security.OCSP.enabled = 0 Now, will doing the above cause me any issues with FF? Or should I be OK to use this as a fix?
And so FF doesn't grey out parts of the url & blocks the showing of the http:// part I also DISABLED both of these: browser.urlbar.trimURLs browser.urlbar.formatting.enabled
As you can see in my screenshot it no longer shows the name, it now shows the full URL, which I'm completely happy with, as long as it won't cause problems.
Hi Daniel, setting --
security.ssl.enable_ocsp_stapling = false
security.OCSP.enabled = 0
-- stops Firefox from checking the ongoing validity of SSL certificates, the revocation check is no longer performed. Keeping OCSP checks enabled is a good security practice.