Showing questions tagged: Show all questions
  • Archived

Add exception to self-signed URL system wide

Hello everyone. We are using a software in my company that runs a local server with a self-signed certificate. In order to access the software right now we need to inst… (read more)

Hello everyone.

We are using a software in my company that runs a local server with a self-signed certificate. In order to access the software right now we need to instruct the users to manually bypass the warning page for potencial security risks.

Is there a way to use an autoconfig or policy to automatically add the exception to that specific URL? I see that copying the cert_override.txt file in users profiles will add the exception, but I'd like to avoid that. I've also looked at a question with a similar problem here, but I couldn't get this specific solution to work on my end (Firefox ESR 91): https://support.mozilla.org/en-US/questions/1287443

Asked by marcelohmoraes 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Symlink for policy.json disappears after an update

I've been using symlink policy.json for quite some time but I think ever since 91.x version of FF ESR, every incremental update removes symbolic link for policy.json. Any… (read more)

I've been using symlink policy.json for quite some time but I think ever since 91.x version of FF ESR, every incremental update removes symbolic link for policy.json. Any idea why that happens and how to fix that??

Asked by Serpher 1 year ago

Last reply by Mike Kaply 1 year ago

  • Solved
  • Archived

CA Signed Certificate shows as "not valid"

There is a certificate for an internal website that FireFox is saying is not valid/secure and it makes you add an exception. However, if you use IE, Edge or Chrome it loa… (read more)

There is a certificate for an internal website that FireFox is saying is not valid/secure and it makes you add an exception. However, if you use IE, Edge or Chrome it loads fine with the valid CA Certificate. I've cleared all data (cache/etc...) and it hasn't fixed it. Hopefully someone has a fix for this?

Getting "SEC_ERROR_UNKNOWN_ISSUER" for the certificate and its saying:

   Peer’s Certificate issuer is not recognized.
   HTTP Strict Transport Security: false
   HTTP Public Key Pinning: false


FireFox Version: 91.8.0esr (64-bit) Operating System: Windows 10 (64-bit)

Asked by jCubed 1 year ago

Answered by Mike Kaply 1 year ago

  • Archived

hide the three lines button

I would like to hide the menu button located at the top right (the three lines button) or hide the access to the firefox settings (about:preferences) but I cannot find an… (read more)

I would like to hide the menu button located at the top right (the three lines button) or hide the access to the firefox settings (about:preferences) but I cannot find any GPO to do this. How can I hide this button?

Thanks in advance

Asked by jmprieto 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Sparky build messed up - where my passwords?

So I have been some issues with my Debian bookworm (Gnome bugged out) and changed to Sparky ( not a massive update I know, it's the same repo anyway) . Once Sparky Firefo… (read more)

So I have been some issues with my Debian bookworm (Gnome bugged out) and changed to Sparky ( not a massive update I know, it's the same repo anyway) . Once Sparky Firefox upgraded to the latest version, I noticed some interesting behavior (tor running in the background and etc). I wasn't careful with playing gods with storage & cache, so had to again reinstall sparky. To my surprise my all passwords, bookmarks. add-ons are gone. I had just one account (was also using the dev browser for some time), so really it's awkward ad upsetting situation, any troubleshooting steps you can suggest?

Asked by nonzero 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

How to use variable like %LOCALAPPDATA% for path of handler

Hello all, We must use a third party application which can only be installed in user home directory. We'd like to create a GPO to manage user settings, and configure a h… (read more)

Hello all,

We must use a third party application which can only be installed in user home directory. We'd like to create a GPO to manage user settings, and configure a handler for this application.

Is it possible to use an environnement variable (for example %LOCALAPPDATA%) in the path of a handler ?

Thank you.

Asked by Mathieu78 1 year ago

Last reply by Mathieu78 1 year ago

  • Archived

GUI Bug When Applying GPO

Hello, Applying Preferences & Extension Management GPO's will bug certain GUI settings. The three examples I have are HTTPS-Only Mode & Forms and Autofill within… (read more)

Hello,

Applying Preferences & Extension Management GPO's will bug certain GUI settings. The three examples I have are HTTPS-Only Mode & Forms and Autofill within about:preferences, and Enable USB Devices within about:debugging.

When HTTPS-Only Mode is set to "Don't Enable HTTPS-Only Mode" and locked via Preferences GPO, Users can continue to toggle between the settings. Forms and Autofill settings will not populate within about:preferences if address and credit card formfill values are false and locked via Preferences GPO. However, when the same GPO is deployed from Active Directory, Forms and Autofill settings will populate with address available for User toggle. Key, the values within about:config reflect what is set via GPO, and do not change among toggle or User intervention.

When locking down Enable USB Devices within about:debugging by blocking the extension install via Extension Management GPO, Users can continue to toggle the button after the policy applied. Although, just as previously mentioned, the extension does not get installed and seems the policy intervenes.

My questions being, are these simply GUI bugs since the values respect group policy? Are there other methods to lock down these settings?

I understand this is quite a bit of information and appreciate your help and time!

Preferences JSON - { "extensions.formautofill.creditCards.available": {

   "Value": false,
   "Status": "locked"
 },

"extensions.formautofill.creditCards.enabled": {

   "Value": false,
   "Status": "locked"
 },
 "browser.formfill.enable": {
   "Value": false,
   "Status": "locked"
 },
 "extensions.formautofill.addresses.enabled": {
    "Value": false,
    "Status": "locked"
 }

}

Extension Management JSON - { "adb@mozilla.org": { "installation_mode": "blocked" } }

- Dom

Asked by Dom Langella 1 year ago

Last reply by Dom Langella 1 year ago

  • Solved
  • Archived

Captcha hidden with a screen

I am using Firefox ESR 102.2.0 version which I updated yesterday. Now when I try to login to my account on "https://myaccount.hdfclife.com/login", the captcha is covered … (read more)

I am using Firefox ESR 102.2.0 version which I updated yesterday. Now when I try to login to my account on "https://myaccount.hdfclife.com/login", the captcha is covered and I can not read it. See the attached file.

It was working fine in the previous esr release 102.1.0. I have tested it with a new profile and captcha is visible in 102.2.0 version.

My query is about the cause of this issue and how can I fix it. I have checked and found that this issue does not appear on other websites. If there is an issue with the profile it should be with other websites which is not the case.

Please help

Asked by AjayC 1 year ago

Answered by cor-el 1 year ago

  • Archived

Content doesn't fit Firefox window on Linux via VNC

Steps: Open Linux server via VNC Open Firefox Search the term "test" Issue: The google result page doesn't fit into the window and has a horizontal scrollba… (read more)

Steps:

  • Open Linux server via VNC
  • Open Firefox
  • Search the term "test"

Issue:

  • The google result page doesn't fit into the window and has a horizontal scrollbar to see content on the right hand side

Note: I need my website to fit into browser properly at 100%(default) zoom itself for the purpose of automation because changing zoom level via selenium automation to press ctrl and minus 3 times causes unexpected behavior like even though value is filled in a textbox, it doesn't get sent in the API request payload. (Python 3.4.3, Selenium 3.12.0, GeckoDriver 0.31.0)

Versions:

  • Ubuntu 14.04.6
  • Firefox 91.13.0ESR
  • VNC: Tight VNC Viewer 2.8.63 OR Real VNC Viewer 6.22.515

Asked by smita.v.patankar 1 year ago

Last reply by cor-el 1 year ago

  • Archived

Picture-in-picture window border-radius (rounded corners)?

Hello. I just wanted to add 8-10px border-radius and a thin 1px border. Just like all chromium browsers already have and even Waterfox did it too. I tried to do differe… (read more)

Hello. I just wanted to add 8-10px border-radius and a thin 1px border. Just like all chromium browsers already have and even Waterfox did it too. I tried to do different things already, but I couldn't find the way how to get rid of that background with square corners. See the attached image to better understand what I mean. My attempt on the left, and Chrome on the right. These square corners (green in this case) behind. Any ideas? Thanks in advance for any answer.

Asked by SkibV 1 year ago

Last reply by SkibV 1 year ago

  • Solved
  • Archived

Issue Policy ExtensionSettings - Lang pack

Hello, I'm trying to deploy Firefox with several languages. I followed the guide on [https://support.mozilla.org/en-US/kb/deploying-firefox-language-packs]. Everything… (read more)

Hello,

I'm trying to deploy Firefox with several languages.

I followed the guide on [https://support.mozilla.org/en-US/kb/deploying-firefox-language-packs].

Everything work fine until I set up ExtensionSettings policy. This policy hide and block languages menu.

After scratching my head for a while, I finally figured out how to do it. I would to like to know if an easier way to whitelist all locales and dictionaries. I would like to only control the extensions.

<enabled/> <data id="ExtensionSettings" value=' {

 "*": {
   "blocked_install_message": "Blocked by your administrator.",
   "installation_mode": "blocked",
   "allowed_types": ["extensions", "dictionary", "locale"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },

"qwantcomforfirefox@jetpack": {

   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/file/3658805/latest.xpi"

}, "langpack-en-CA@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-GB@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-US@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-AR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-CL@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-ES@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-MX@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-fr@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-BR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-PT@firefox.mozilla.org": {

 "installation_mode": "allowed"

} }'/>

Thank you

Asked by yann.yong 1 year ago

Answered by Mike Kaply 1 year ago

  • Archived

Local update server for both "Rapid release" and ESR channels

Hi, trying to setup local update server for Firefox, and I hit on a problem: Was testing on my PC which has for multiple reasons "normal" Firefox and get to the point wh… (read more)

Hi, trying to setup local update server for Firefox, and I hit on a problem:

Was testing on my PC which has for multiple reasons "normal" Firefox and get to the point where updates from local server are working, but then tried to test the PC where the ESR version is installed - was expecting the update will not be found, and I would download the MAR files for ESR, edit the update.xml.... but the ESR Firefox found and downloaded the "normal" update, but of course could not install it.

Is there a way to set in XML file that one update is only for ESR and another for Rapid release version of Firefox? How to setup local update server for both channels simultaneously?

Another minor question - is there a simple way how to get buildID for/from downloaded prebuild MAR file? Without it the in the XML file update process don't work correctly and only place I found it so far is in source code for that build.

Thanks.

Asked by Andrej Mrázik 1 year ago

Last reply by Andrej Mrázik 1 year ago

  • Solved
  • Archived

Firefox 102.3.0 ESR, installs extension without permission

Hello, I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional a… (read more)

Hello,

I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?

Thank you!

Asked by antoniu-laurentiu.imbrea 1 year ago

Answered by antoniu-laurentiu.imbrea 1 year ago

  • Archived

Disable creation of private browsing shortcut

Im working on a deployment package for Mozilla Firefox 106.0.1 when launching Firefox on a brand new user it automatically creates a shortuct for private browsing. Im loo… (read more)

Im working on a deployment package for Mozilla Firefox 106.0.1 when launching Firefox on a brand new user it automatically creates a shortuct for private browsing. Im looking for a way to disable this as the package im creating is an appv package and this new shortcut installs in users profile, so it won't be uninstalled. I have searched google but cant find any hits.

We have the following for customization: Application directory\defaults\pref: localsettings.js with these settings: pref("general.config.obscure_value", 0); // only needed if you do not want to obscure the content with ROT-13 pref("general.config.filename", "mozilla.cfg");

Application directory\mozilla.cfg with these settings: // Don't show WhatsNew on first run after every update pref("browser.startup.homepage_override.mstone","ignore");

// Don't show 'know your rights' on first run pref("browser.rights.3.shown", true);

// Disable Policy Notice on First Run pref("toolkit.telemetry.reportingpolicy.firstRun", false);

// Disable checkDefaultBrowser lockPref("browser.shell.checkDefaultBrowser", false);

Application directory\distribution\policies.json with the following settings: {

 "policies": {
   "DisableAppUpdate": true,

"DontCheckDefaultBrowser": true } }

Asked by Max J 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Corresponding GPO for the Windows SSO in Settings?

Is there a corresponding GPO for this setting? I have been unable to find it and searching hasn't yielded much help. I'm on 102 ESR with up to date admx files. This wou… (read more)

Is there a corresponding GPO for this setting? I have been unable to find it and searching hasn't yielded much help.

I'm on 102 ESR with up to date admx files. This would be super helpful!


Thanks!

Asked by TurkeyG 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Firefox 102 with IBM Webseal PKI logon

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. T… (read more)

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. The issue we are experiencing is not my area of expertiese but no one in my org can find an answer so here I am.

We have not migrated our enterprise above Firefox ESR 91.x as of yet, we have some internal sites that use IBM Webseal to provide SSO and some of that functionality is broken in version 102.x and above. There are three options on the frontend page to use RSA token, PKI logon and username/password: each one a separate choice for the end user experience. RSA and Username/password work without issue but PKI logon does not, once you click on the logon button it is supposed to grab the certificate from your PKI card and use it to logon to the web application, but it does not seem to complete this process instead it proceeds to another page almost immediately that reads Error An attempt to authenticate with a client certificate failed. A valid client certificate is required to make this connection. Click here to return to the authentication page. DPWWA1124W A client certificate could not be authenticated. Our web developers have opened a ticket with IBM and from what I was told after troubleshooting and traffic capture, they never see the certificate make it to the backend for authentication and it is a Firefox issue because Google and MS Edge work just fine. Because of this IBM closed the case.

Has anyone experienced this issue and know of a fix or is there any suggestions as to what we can look for as an attempt to fix this issue? What has changed between version 91.x to 102.x ESR (we have tried the RRs and it is an issue there also)? Is this a bug in Firefox?

Asked by JohnVee 1 year ago

Last reply by JohnVee 1 year ago

  • Archived

Auto Updates with Firefox ESR

I recently deployed Mozilla Firefox 102.4 ESR here in our environment expecting that when a new version is released Firefox would automatically update on clients computer… (read more)

I recently deployed Mozilla Firefox 102.4 ESR here in our environment expecting that when a new version is released Firefox would automatically update on clients computers. Well today I noticed at a new release is out but isn't automatically updating on end users workstations. Does Firefox ESR not automatically update?

Asked by thomas.williams1156 1 year ago

Last reply by Mike Kaply 7 months ago

  • Archived

How do you Disable Open previous windows and tabs via GPO

Currently we are setting our GPO to set users homepage to our intranet. The issue is in Firefox i can't see how to disable Open previous windows and tabs in the Genral Se… (read more)

Currently we are setting our GPO to set users homepage to our intranet. The issue is in Firefox i can't see how to disable Open previous windows and tabs in the Genral Settings .

Asked by Menesh Harji 1 year ago

Last reply by Mike Kaply 1 year ago

  • Archived

Disable update popup?

So we update Firefox via PatchMyPC from SCCM. We don't want to disable Firefox Updates. The issue is how do you stop the Update notification popup every time you start Fi… (read more)

So we update Firefox via PatchMyPC from SCCM. We don't want to disable Firefox Updates. The issue is how do you stop the Update notification popup every time you start Firefox. You don't have this issue on Edge and Chrome

Asked by Menesh Harji 1 year ago

Last reply by Mike Kaply 1 year ago