X
Tap here to go to the mobile version of the site.

Support Forum

Firefox will no longer load fonts!

Posted

I create the occasional website, purely amateur. For some reason Firefox will no longer load fonts. The fonts load just fine on the internet, ie. once the webpage is loaded onto the server, but won't load while I'm editing the webpages on my computer. Stylesheets, scripts, images load with no problem. This just started happening, never had this problem with Firefox before and every other major browser is still loading the fonts just fine (?). I prefer to work with Firefox, but this is an issue.

I create the occasional website, purely amateur. For some reason Firefox will no longer load fonts. The fonts load just fine on the internet, ie. once the webpage is loaded onto the server, but won't load while I'm editing the webpages on my computer. Stylesheets, scripts, images load with no problem. This just started happening, never had this problem with Firefox before and every other major browser is still loading the fonts just fine (?). I prefer to work with Firefox, but this is an issue.

Chosen solution

Hi digitatum, Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info:

There will be an exception in Firefox 70 for font files; that might also make it into Firefox 69. For now, through, you could consider rolling back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

Read this answer in context 0
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0

More Information

jscher2000
  • Top 10 Contributor
8591 solutions 70247 answers

Chosen Solution

Hi digitatum, Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info:

There will be an exception in Firefox 70 for font files; that might also make it into Firefox 69. For now, through, you could consider rolling back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

Hi digitatum, Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them '''from a file:// URL'''. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: * https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp * https://www.mozilla.org/security/advisories/mfsa2019-21/#CVE-2019-11730 There will be an exception in Firefox 70 for font files; that might also make it into Firefox 69. For now, through, you could consider rolling back the patch as follows: (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk. (2) In the search box above the list, type or paste '''uniq''' and pause while the list is filtered (3) Double-click the '''privacy.file_unique_origin''' preference to switch the value from true to false To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.