What can lead to a CRSF authentication error (FF only) that is related to the FF profile?
The hint here
https://support.mozilla.org/en-US/questions/1207335
is to create a blank profile if I get access denied for a CRSF (FF only). This hint worked for me, while it still keeps me puzzled. In the original profile even if I disabled all the addons, I could still reproduce the CRSF issue. There are also extensions though. I could not identify the external site using the dev tools / network. At least it showed me just a single url source.
Question: Is there blacklist of addons/extensions/plugins doing CRSF? Do you have any suggestion how I could spot the reason? Is there a way to step by step building up the profile e.g. with sqlite while keeping it consistent?
FF 65.02 x64 win
All Replies (1)
A CSRF (Cross-Site Request Forgery) token is used by websites to make sure that there isn't tampered with this request (i.e. the request isn't coming from another server/website).
You can see these tokens in the page source of this page (right-click -> "View Page Source") as hidden input fields. If these tokens are missing or corrupted then the server knows something is wrong.
If this isn't a problem with Firefox then maybe your security software is causing this issue.
You can create a new profile to test if your current profile is causing the problem.
See "Creating a profile":
- https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles
- http://kb.mozillazine.org/Standard_diagnostic_-_Firefox#Profile_issues
If the new profile works then you can transfer files from a previously used profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over problems.
If you use extensions ("3-bar" menu button or Tools -> Add-ons -> Extensions) that can block (wanted) content (Adblock Plus, NoScript, Disconnect, Ghostery, Privacy Badger, uBlock Origin) always make sure such extensions do not block (wanted) content.
- make sure your extensions and filters are updated to the latest version
- https://support.mozilla.org/en-US/kb/troubleshoot-extensions-themes-to-fix-problems
You can try these steps in case of issues with web pages:
You can reload web page(s) and bypass the cache to refresh possibly outdated or corrupted files.
- hold down the Shift key and left-click the Reload button
- press "Ctrl + F5" or press "Ctrl + Shift + R" (Windows,Linux)
- press "Command + Shift + R" (Mac)
Clear the Cache and remove the Cookies from websites that cause problems via the "3-bar" Firefox menu button (Options/Preferences).
"Remove the Cookies" from websites that cause problems:
- Options/Preferences -> Privacy & Security
Cookies and Site Data -> Manage Data
"Clear the Cache":
- Options/Preferences -> Privacy & Security
Cookies and Site Data -> Clear Data -> Cached Web Content: Clear
Start Firefox in Safe Mode to check if one of the extensions ("3-bar" menu button or Tools -> Add-ons -> Extensions) or if hardware acceleration is is causing the problem.
- switch to the DEFAULT theme: "3-bar" menu button or Tools -> Add-ons -> Themes
- do NOT click the "Refresh Firefox" button on the Safe Mode start window