All Products Community Forum

We recently update Firefox with version 138.0 and now getting the message "Gah. Your tab just crashed" when opening the browser.

We attempted to update and install version 138.0.1 only resulting with the same error. We also found and attempted the following all resulting with the same error: - change the about:config page for settings to false for both browser.tabs.remote.autostart and browser.tabs.remote.autostart.2

- clear browser cache.

- enable Temporary Mode in the Help menu. This appears to fix the problem but only for the current browser session. When a new Firefox window is opened, the error reappears.

What is needed to resolve this error or is there a way to permanently enable Temporary Mode or some similar setting? Thanks for all your help with this.

Hello. I know how to define a server certificate exception to avoid browser warnings in case of certificate issue with a website (see attachment). However, I'd like to apply that exception for all users with access to my machine using a GPO (for user or local machine). This is also a requirement in my work where many users run Firefox from a server and the face browser warnings all the time (related to self-signed certificates) so it would be great to apply an exception for all users through a GPO specifying the self-signed certificate warning we want Firefox to ignore. Thanks.

I am having the same issue as this other user here: https://www.reddit.com/r/sysadmin/comments/17wvuwh/help_pinning_extension_in_firefox_with_gpo/

Preliminaries -- Initially (before trying to force-pin), I had these GPOs enabled:

Extensions to Install -> https://addons.mozilla.org/firefox/downloads/file/4410896/bitwarden_password_manager-2024.12.4.xpi

Prevent extensions from being disabled or removed ->

• {446900e4-71c2-419f-a6a7-df9c091e268b}
• {3f6129fb-6c55-4452-ab6f-7c109b2301df}
• https://addons.mozilla.org/firefox/downloads/file/4410896/bitwarden_password_manager-2024.12.4.xpi

(Those GPOs above all work.)

What I'm trying to do: Force-pin Bitwarden.

I believe I've followed the documentation correctly (except for not including a "*" case): https://mozilla.github.io/policy-templates/#extensionsettings

I've enabled this GPO with this value:

Extension Management ->

{

 "{446900e4-71c2-419f-a6a7-df9c091e268b}": {
   "default_area": "navbar"
 }

}

After running various "GPUpdate"s and whatnot, the option to uncheck "Pin to toolbar" is still available to click.

I've verified in "about:policies#active" that the JSON item appears next to "ExtensionSettings" and that there are no errors listed in the "Errors" tab.

I've also verified that it appears in the correct location in the Registry.

Since another user had the same issue (Reddit link above), I figured it'd be a good idea to check in with y'all to see if we are missing something.

Thanks for your help!

After updating to v132 I have noticed a significant increase in the load times for some websites that our users connect to. Using v131.0.3 I usually see < 1 second load times for the two websites I am monitoring but after upgrading to v132 it is consistently taking 18-19 seconds for the same page. I have tried uninstalling v132 and reverting to v131 and it immediately goes back to the much faster load times. I have also tried installing various v133 releases and I see the same performance issue as for v132.

The environment I am working in is behind a network firewall with relatively restrictive internet access and I am wondering whether there are sites that Firefox is trying to connect to for the new anti-tracking or suspicious activity features (or anything else) that are being blocked and are therefore causing timeouts and retries that are bumping the total load time up.

Can anyone think of anything else I could check or change?

We're exploring adopting a default deny policy for Firefox extensions in our enterprise. However when I tested this by creating a custom policies.json Firefox unexpectedly removed all extensions for me, including the ones I thought I had allow listed. Here is my policies.json but just keeping in the Facebook Container add-on to illustrate:

{

   "policies": {
       "ExtensionSettings": {
           "*": {
               "blocked_install_message": "Only approved Firefox extensions can be installed, please email your request to itdept@example.org",
               "installation_mode": "blocked",
               "allowed_types": ["theme", "dictionary", "locale"]
           },
           "@contain-facebook.xpi": { "installation_mode": "allowed" }
       }
   }

}

What I would like is to to allow pre-approved extensions (including if they already are installed) and all other types of add-on, but remove and prohibit installation of unapproved extensions.

Can anyone assist, please?

I would like to know how the Firefox CVEs are affected on its version which are mentioned in NVD.

Let take mfsa2025-59, for example CVE-2025-8040, as per the NVD its says Firefox ESR < 140.1 is affected so does that mean it affect all the version which are lower than 140.1 which included the ESR 128 and ESR 115 versions or just the ESR 140 version series? then it raise on more question check this cve-2025-8029 in NVD it has specifically mentioned it only affect "Firefox ESR < 128.13, Firefox ESR < 140.1" and not the ESR 115 versions. Could anyone confirm it does not affect the ESR 115 versions or it affect all the versions? Now check this one cve-2025-8027, NVD clearly mentioned "Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1" are affected so what I understand is that if the Firefox ESR 115 is vulnerable to any CVE it would be mentioned in the NVD specifically.

My point is that if any Firefox CVEs are listed in NVD and it specify only one version like “Firefox ESR < 140.1” what does that mean? Does it affect all the versions which include ESR 128 and ESR 115 or just the ESR 140 series version only affected? If any CVEs are affected on the ESR 115 and ESR 128 does Mozilla specifically mentioned those versions are affected right? Just like its mentioned in the cve-2025-8027

Any help would be appreciated to clarify this.

Dear Team,

When my Client device installs From Firefox 102.7.0 ESR to Firefox 128.7.0 from SCCM. (The case is First install the Version 102.7.0 then save the Bookmarks and then uninstall. Second Install the 128.7.0 then check the bookmarks)

user profile Bookmarks are not mapped in Firefox. When I check C:\Users\Tests\AppData\Roaming\Mozilla\Firefox\Profiles I can see the xxxx.defaultesr

I don't understand why the bookmarks are not linked in Firefox. Can you please help? I would be thankful to you if you could share me the .bat script

Thank you

Hi All, I want to block traffic on firefox externally for managed devices via Intune, following the import of the ADMX/ADML files into intune.

I have set '\Mozilla\Firefox\Exceptions to blocked websites' to the following

• //*.mydomain.com/*

which works, however, I also want to add hosts that are only resolving on IPs and not DNS. I can add specific IPs if known, but is there a way I can allow IP ranges? Ie

• //10.10.*/* (this doesn't currently work)

Of the included screenshot, only the wildcard for mydomain.com and the specific IP currently work

If there is a better way to do this via intune for firefox only, please let me know.

Thanks

I look after about 20 PCs. All Windows 10. All were running Firefox ESR ranging from 115 - 128. As I get time I update each to the latest 128.x. Using group policies I've disabled all update settings.

However, on two of the PCs, they have updated to v139.0.1. Both of the users swear they did not manually do any update. I can't figure out how they got downgraded to the retail channel.

So my question is, since 128 < 139 how can I get them back on to the ESR channel, without loosing history, bookmarks, passwords and saved logins? I gather FF's installer will detect 128 as an older version and throw an error?

ESR -> Retail to me is a downgrade. So is it possible then to upgrade back to 128.11.x?

Each PC is refreshed annually and the only backup of the profile folder I have is from the last refresh, which in most cases in 8-9 months old.

Is there any way to find out why the downgrade happened when group policy forbids it, and the user did not manually download and install the latest version?

When these downgrades happen they break things. For example, when one PC was downgraded to retail his outlook.com email no longer works. If he uses his laptop which is on 128.11.0 it works fine.

Hey everyone. I am automating end-to-end testing with playwright for python, using the official Docker image from the microsoft artifact repository (using `playwright/python:v1.49.1`).

As I have signed certificates for my local domains with my own certificate authority, I am trying to have Firefox automatically install the certificates via a policies file. However, Firefox seems to ignore the policies file no matter what.

To ensure that the file itself is used, I simplified it to a single boolean value, and ensured that it's copied correctly inside the container via the `cat` command. Here are the current contents:

{

 "policies": {
   "DisableTelemetry": true

}

I know that the CA certificate is installed correctly, as it works out of the box using the WebKit browser and Curl command. I have gotten it to work in Chromium by installing it to nssdb using `certutil`.

I have converted the file from ASCII to the `utf-8` charset.

The file has the expected content, and I have copied it to both `/etc/firefox/policies/policies.json` and `/ms-playwright/firefox-1466/firefox/distribution/policies.json` (the path to the binary is `/ms-playwright/firefox-1466/firefox/firefox`).

Opening `about:policies` shows the text "The Enterprise Policies service is inactive.", which is sadly not very informative. It would be nice to have a list of locations it looks in, and any problems it encountered.

The container uses Firefox Nightly 132.

Are these locations incorrect? Is there any way to debug this? Does anyone have any other suggestions? If you need any more info (Dockerfile, etc.), please let me know.

Thanks in advance.

Recently we've began installing Firefox 140.2.0esr to our environment via the .msi file that Mozilla provides, however we're running in to a very odd incident.

After approximately 24 hours from installing Firefox esr to devices, it appears that the application is "updating" to 141.0.3 on the "release" channel. As far as I'm aware, this shouldn't be possible to begin with. But we've applied these settings via GPO:

Computer Config > Policies > Admin Templates > Mozilla > Firefox Application Autoupdate = Disabled Pin updates to a specific version = Enabled = Set to 140.2.0 Background updater = Disabled Disable Update = Enabled Manual Update Only = Enabled

After applying the GPO, confirmed this appears within the registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Mozilla\Firefox\ AppAutoUpdate = 0 AppUpdatePin = 140.2.0 BackgroundAppUpdate = 0 DisableAppUpdate = 1 ManualAppUpdateOnly = 1

At this point, I'm at a loss. We cannot have rapid release be what's installed in our environment. Is there something broken with 140.2.0 or are we doing something wrong here?

I have a lot of Firefox windows and tabs open, and I really don't want to lose my session.

I wanted to open a webpage in Firefox in fullscreen mode. But evidently there's some kind of serious flaw in Firefox that makes it incapable of opening webpages in fullscreen mode. Everyone says the only workaround is to open the webpage in kiosk mode. So I tried it.

But now I have two big problems:

1. One of my Firefox windows, with all its tabs, is stuck in kiosk mode. (Even if I close the window and then restore it with Ctrl+Shift+T, it's still in kiosk mode.)

2. All new Firefox windows I open with Ctrl+N are also stuck in kiosk mode.

I don't know what to do, and I'd really appreciate any help. Thanks!

Hi All, I want to block traffic on firefox externally for managed devices via Intune, following the import of the ADMX/ADML files into intune.

Having read https://support.mozilla.org/en-US/kb/managing-firefox-intune I have set '\Mozilla\Firefox\Exceptions to blocked websites' to the following; //*.mydomain.com/*

Which works, however, I also want to add hosts that are only resolving on IPs and not DNS. I can add specific IPs if known, but is there a way I can allow IP ranges? Ie

//10.10.*/* (this doesn't currently work) Of the included screenshot, only the wildcard for mydomain.com and the specific IP currently work

I've looked over the link that is recommened in the policy (indirectly) and can't see an option for allowing an IP range. https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns

If there is a better way to do this via intune for firefox only, please let me know.

Thanks

Firefox version

   128.2.0esr (64-bit)

Operating system

   Windows 10/Windows11 23H2 Septembre patch

Hello everyone,

maybe you can tell me/explain what the problem could be.

In our company we had Firefox version 115.14.0esr (64-bit) and then we updated to 128.2.0esr (64-bit).

Since version 128.2 ESR we have experienced problems in Firefox when trying to access DNN+ pages (with login). https://www.dnn.de/sport/regional/dresdner-sc-denkt-ueber-uebernahme-der-margon-arena-nach-C3IC74MZ6FE43AKGCZJSKUXA3I.html

In Firefox the content is cut off, in Edge it is displayed normally.

With Edge and Firefox 115.14.0esr the page is displayed normally. No AdBlock installed.

In developer mode I see the errors in the versions, so it shouldn't be that.

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://gum.criteo.com/sid/json?origi...AAAAAAAA&gdpr=1. (Reason: CORS request failed). Status code: (null).

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://id5-sync.com/api/config/prebid. (Reason: CORS request failed). Status code: (null).

Any ideas? Thank you very much! :)

Hello,

New subscriber here. I have been given the task to test the install and uninstall of the Purview Firefox browser extension using Intune. I created 2 groups in EntraID, one for each (install and uninstall).

I have no issues with the installation. Initially, I left the test device in the install group and then added it to the uninstall group to remove it. (this usually works with other apps, it worked this way with the Purview Chrome browsing extension as well other apps) but when I do this, nothing happens.

Next, I removed the device from the install group and added it to the uninstall group only. Once the configuration profile applies to the test device, it allows the user to remove it manually (before it did not) but the extension remains installed.

I have created a policy using the administrative template extension uninstall option as well as with the OMA-URI settings but the same happens. When i check the device configuration for the device in Intune, it says it succeeded but that is not the case. The OMA-URI setting I was not too sure about, but gave it a shot. I used the UUID value for the Purview Firefox extension

I am attaching some pictures and hope someone can tell me what I am doing wrong. I can add additional information, if needed. I have opened a ticket with Microsoft last week but have not called me yet. I ran into this forum today.

Thanks in advance

Hello. When navigating YouTube on the main page, if you simply Hover the mouse over "Previous page (Alt+Left)", then SOMETIMES strange music or some strange video plays. Important: there is no video of this unknown video, just the sound plays. Other browser tabs are closed, only the YouTube tab is open. I use Firefox ESR, since I have Windows 7, I use the latest version of Firefox ESR. The extensions that are installed are Ublock origin and uvpn. I don't know if it could have been infected by an unknown virus? I scanned with ESET, installed Comodo, but the problem was not solved. I would really like you to sort this out. Please don't ignore me. I want to understand what's going on. I am open to new questions on this topic that will help resolve this situation.

Until recently the Firefox docs described how to use the CDP-based Remote Agent at [this url](https://firefox-source-docs.mozilla.org/remote/cdp/Usage.html), now defunct. Here is the latest archive version I can find from the end of last year: https://web.archive.org/web/20241126214503/https://firefox-source-docs.mozilla.org/remote/cdp/Usage.html

One usage example looked like this:

% firefox --remote-debugging-port DevTools listening on ws://localhost:9222/devtools/browser/7b4e84a4-597f-4839-ac6d-c9e86d16fb83

I have tried the same but get no websocket address returned:- ``` % firefox-esr Mozilla Firefox 128.11.0esr ``` ``` % firefox-esr -h ... ... --remote-debugging-port [<port>] Start the Firefox Remote Agent,

                    which is a low-level remote debugging interface used for WebDriver
                    BiDi and CDP. Defaults to port 9222.

... ... ```

`% firefox-esr --remote-debugging-port` command exits with nothing returned

I have `remote.active-protocols` set to 3 in my Firefox prefs.

Please advise how I get the Remote Agent to return a websocket address for use with BiDi with FF 128. My OS is Debian-based Linux.

TIA

In /Library/Preferences/org.mozilla.firefox.plist:

``` <plist version="1.0"> <dict> <key>EnterprisePoliciesEnabled</key> <true /> <key>ExtensionSettings</key> <dict> <key>cloudmetering@snowsoftware.com</key> <dict> <key>install_url</key> <string>https://raw.githubusercontent.com/SnowSoftware/agent-firefox-extension/refs/heads/main/cloudmetering-v1.2.3.xpi</string> <key>installation_mode</key> <string>force_installed</string> </dict> </dict> </dict> </plist>```

In about:policies: {"cloudmetering@snowsoftware.com":{"installation_mode":"blocked","install_url":"https://raw.githubusercontent.com/SnowSoftware/agent-firefox-extension/refs/heads/main/cloudmetering-v1.2.3.xpi"}}

The plist file did read "blocked" at one point, but it no longer does. Why isn't firefox picking up the new value from the plist file? Restarting/refresing FF has not helped so far.

Greetings!

I am using the firefox enterprise version and I have noticed an issue that the browser does not capture mouse events when the pointer is at rightmost edge of the firefox window. For example, on this website near the edge the pointer would initially focus on the scroll bar and then lose focus at the edge (see attached images).

This issue does not persist on x11, and only seems to exist on wayland. It also exists on other flavours of firefox on wayland.

If more information is required, feel free to send me a ping.