Showing questions tagged: Show all questions
  • Solved

about:preferences " What should Firefox do with other files?" change with mozialla.cfg / How can I control this setting using mozilla.cfg?

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version. "What should Firefox do with other files?" ("Wie… (read more)

From my point of view, the setting " What should Firefox do with other files?" has been added in the current ESR version.

"What should Firefox do with other files?" ("Wie soll Firefox mit anderen Dateien verfahren?") . "Save files" ("Dateien speichern") . "Ask whether to open or save files" ("Fragen, ob Dateien geöffnet oder gespeichert werden sollen")


How can I control/change this setting using mozilla.cfg?


By the way:

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", false);

// What should Firefox do with other files? - Wie soll Firefox mit anderen Dateien verfahren? lockPref("applications-ask-before-handling", true);

works detectably via about:config but does not change the setting for "What should Firefox do with other files?".

Asked by bzam 4 days ago

Answered by bzam 1 day ago

Unable to configure the firefox policy for Proxy in Intune

OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string): <enabled/> <data id="ProxyLocked" value="true | false"/> <data id=… (read more)

OMA-URI:

./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy Value (string):

<enabled/> <data id="ProxyLocked" value="true | false"/> <data id="ConnectionType" value="none | system | manual | autoDetect | autoConfig"/> <data id="HTTPProxy" value="https://httpproxy.example.com"/> <data id="UseHTTPProxyForAllProtocols" value="true | false"/> <data id="SSLProxy" value="https://sslproxy.example.com"/> <data id="FTPProxy" value="https://ftpproxy.example.com"/> <data id="SOCKSProxy" value="https://socksproxy.example.com"/> <data id="SOCKSVersion" value="4 | 5"/> <data id="AutoConfigURL" value="URL_TO_AUTOCONFIG"/> <data id="Passthrough" value="<local>" >="" <data="" <="" p=""></data>


This has mixure of String and Integer , when we configure as string and use one from the above or leaving blank or setting only string , it failed the policy with error - -2016281112

Asked by kamal.manoranjith 1 week ago

Last reply by Mike Kaply 6 days ago

Group Policy is applied but no changes

We use GPO to push out our Firefox homepage and bookmarks. I get totally different results for each user, some will make changes right away if I add a new book marks, but… (read more)

We use GPO to push out our Firefox homepage and bookmarks. I get totally different results for each user, some will make changes right away if I add a new book marks, but they don't see older ones?

I decided to build a few test machines (we don't have time to build a dev envir) and it applies the GPO for the home page but not the bookmarks, I can see the book marks in the registry even but nothing on firefox. Anyone have a guess?

thanks David

Asked by david.kafrissen 1 month ago

Last reply by Mike Kaply 4 weeks ago

Automatic FF Updates needing user to log in

We have several servers with Firefox installed and automatic updates enabled to include "When Firefox is not running". However, our security scans indicate that the versi… (read more)

We have several servers with Firefox installed and automatic updates enabled to include "When Firefox is not running". However, our security scans indicate that the version is out of date. We have to connect to the box and finish the updates. The current version is at 103.0.1 and the previous version was above 100 (failing to remember exact version). Is there a way to ensure that Firefox remains up to date without connecting to the server?

Asked by vince321 1 month ago

Last reply by vince321 1 month ago

  • Solved

deploying firefox-add-ons via group policies doesn't work anymore after proxy-change

Hello, I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: … (read more)

Hello,

I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: User configuration, administrative templates, mozilla, firefox, add-ons --> install add-ons --> https://addons.mozilla.org/firefox/downloads/file/1234567/goodaddon-1.0.01.xpi

A few months ago, we had to change our network-configuration. We were using a proxy before, but our proxy had direct access to the internet. Now our proxy forwards everything to another proxy. Since about that time, add-on-deployment via gpo doesn't work anymore. It could be something else, but i suspect the proxy-change.

I tried to deploy unc-paths, internal websites and different syntaxes; none of this works:

  • http://192.168.100.10/goodaddon-1.0.01.xpi
  • http://internalwebsite/goodaddon-1.0.01.xpi
  • https://192.168.100.10/goodaddon-1.0.01.xpi
  • https://internalwebsite/goodaddon-1.0.01.xpi
  • \\192.168.100.20\netshare\goodaddon-1.0.01.xpi
  • \\internalfileserver\netshare\goodaddon-1.0.01.xpi
  • file://///192.168.100.20/netshare/goodaddon-1.0.01.xpi
  • file://///internalfileserver/netshare/goodaddon-1.0.01.xpi

As you can see I tried using internal sites, so that no proxy would be needed. And I also added these sites to the allowed add-on-installation-sites (computer configuration, same group policy). The sites are all accessible; if I enter these addresses as url, firefox can access the xpi-file.

I know how to pack add-ons into the firefox-setup-file; that still works. But first of all, firefox is already installed on most of my clients. Second, after a fresh installation of firefox with this self-created package, all add-ons are installed, but not activated. And I would like to restrict activation/deactivation of add-ons via gpo.

  1. 1 Are there other ways to deploy add-ons in a domain-network (e.g. script-based)?
  2. 2 Are there any logs where I could find out what exactly goes wrong?
  3. 3 Are there any other syntaxes I could try (group policy urls)?
  4. 4 Can anyone guess what the problem is (why it is not working anymore)?

Help would be very much appreciated.

Best regards.

Asked by mozilla355 2 months ago

Answered by mozilla355 1 month ago

Hardening Firefox browser

Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one. Thanks Raju … (read more)

Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one.

Thanks Raju

Asked by raju.singanna 2 months ago

Last reply by Mike Kaply 2 months ago

  • Solved

Access to about:debugging while blocking all extensions via GPO

Hello, As the title mentions, applying a block to all extensions via "*" by utilizing Extension Management GPO will block about:debugging. Is there a way to simultaneousl… (read more)

Hello,

As the title mentions, applying a block to all extensions via "*" by utilizing Extension Management GPO will block about:debugging.

Is there a way to simultaneously have all extensions blocked and about:debugging available?

Here's the JSON - { "*": { "installation_mode": "blocked" } }


Appreciate your time and help, - Dom

Asked by Dom Langella 2 months ago

Answered by Mike Kaply 2 months ago

Completely remove address bar

I would like to completely remove the address bar (url bar?) from Firefox 78 64bit. We had to update our Firefox at work and the old way of doing it through the userChrom… (read more)

I would like to completely remove the address bar (url bar?) from Firefox 78 64bit. We had to update our Firefox at work and the old way of doing it through the userChrome.css file doesnt seem to work with the newer versions.

Asked by pingaaron 4 months ago

Last reply by Mike Kaply 3 months ago

Silent Auto Update for Firefox ESR

Hi All- I am in charge of deploying Firefox ESR to my company and trying to get it to silently auto update on it's on with user interaction. We have policies in place (GP… (read more)

Hi All- I am in charge of deploying Firefox ESR to my company and trying to get it to silently auto update on it's on with user interaction. We have policies in place (GPO) that prevent it at this point. I need some guidance on whether I should use just GPOs to manage this or should I go the route of the .cfg file? If someone has a step by step on how to best achieve this I would appreciate it. I am currently using the .msi installer.

Here is settings in an old .cfg file that I am testing with:

lockPref("app.update.mode", 1); lockPref("app.update.service.enabled", true); lockPref("extensions.update.enabled", false); lockPref("extensions.update.autoUpdateEnabled", false);

// Set default homepage - users can change // Requires a complex preference defaultPref("browser.startup.homepage","data:text/plain,browser.startup.homepage=http://workday");

// Don't ask to install the Flash plugin lockPref("plugins.notifyMissingFlash", false);

// Disable Search Engine automatic updates lockPref("browser.search.update", false);

//Disable telemetry lockPref("toolkit.telemetry.prompted", 2); lockPref("toolkit.telemetry.rejected", true); lockPref("toolkit.telemetry.enabled", false);

// Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); lockPref("datareporting.healthreport.logging.consoleEnabled", false); lockPref("datareporting.healthreport.uploadEnabled", false);

// Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false);

// Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

// Don't show WhatsNew on first run after every update pref("browser.startup.homepage_override.mstone","ignore");

// Don't show 'know your rights' on first run pref("browser.rights.3.shown", true);

Asked by CherishYourLife 4 months ago

Last reply by cor-el 4 months ago

How do I configure kiosk mode?

Mozilla's website states: "Numerous features of the kiosk mode are configurable through policy or command line parameters when launching the browser." However, other tha… (read more)

Mozilla's website states:

"Numerous features of the kiosk mode are configurable through policy or command line parameters when launching the browser."

However, other than a single example to run kiosk mode as a private window, it doesn't seem to provide any information on how to access such configuration. I couldn't seem to find the information anywhere else either.

How can I configure kiosk mode? Preferably via the CLI, but I'd be interested also to learn what is meant by "configurable through policy".

Asked by davidecl175 4 months ago

Last reply by Mike Kaply 4 months ago

  • Archived

Extension Management via GPO not working

Trying to block all but allow specific plugins. I have the okta one and the web password filler working, but not the logon assist. I've tried putting in (secret-server-l… (read more)

Trying to block all but allow specific plugins. I have the okta one and the web password filler working, but not the logon assist. I've tried putting in (secret-server-logon-assist-ff57@thycotic.com), and {secret-server-logon-assist-ff57@thycotic.com}, and also without any extras. These codes come from just the numeric URL (ie https://addons.mozilla.org/firefox/downloads/file/1747490) which says "Secret Server Login Assist (secret-server-logon-assist-ff57@thycotic.com) is blocked by your system administrator. Extension not on OAI allowed list". Am I misreading this message, or missing something on this specific one?

{ "*": { "blocked_install_message" : "Extension not on OAI allowed list", "installation_mode": "blocked" }, "dd1e31d5-3623-45cb-b1ad-64074d36b360@thycotic.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/3906662/secret_server_web_password_filler-3.2-fx.xpi" }, "secret-server-logon-assist-ff57@thycotic.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/1747490/secret_server_login_assist-2.1.1-an+fx.xpi" }, "plugin@okta.com": { "installation_mode": "allowed", "install_url": "https://addons.mozilla.org/firefox/downloads/file/3901586/okta_browser_plugin-6.8.0-an+fx.xpi" } }

Asked by mhunt3 6 months ago

Last reply by trackcourier1 5 months ago

  • Solved
  • Archived

Can I disable browser using http3 protocol externally ?

I know users are allow to disable http3 through "about:config", and it works. However, I have to apply to multiple devices by script and the risk page might be a challeng… (read more)

I know users are allow to disable http3 through "about:config", and it works.

However, I have to apply to multiple devices by script and the risk page might be a challenge for me.

I tried to edit prefs.js, but it will still be overwrite even I restart my device. (Re-install is not allowed)

Is there any alternative way to disable http3, such as regedit key?

Or is there method to keep pref.js unchangeable?

Asked by Dali 8 months ago

Answered by Amelia 8 months ago

  • Archived

Extensions -> can't auto enable them

Hi, I'm trying to auto enable 2 extensions for my users, and after hours on the issue, I cannot find any fix. We are using: ESR 91.4 32 bits I've tried to use: - Group Po… (read more)

Hi,

I'm trying to auto enable 2 extensions for my users, and after hours on the issue, I cannot find any fix.

We are using: ESR 91.4 32 bits

I've tried to use: - Group Policy -> ExtensionSettings {

 "policies": {
   "ExtensionSettings": {

"uBlock0@asipsante.fr": { "installation_mode": "force_installed", "install_url": "file:///c:/Program Files (x86)/Ivanti/Workspace Control/Data/DBCache/Resources/custom_resources/Logiciels/Mozilla/extensions/CPS2ter-2020_Firefox@asipsante.fr.xpi" }, "uBlock1@netsoins.org": { "installation_mode": "force_installed", "install_url": "https://maintenance.netsoins.org/cpsvitale/firefox.xpi" } } } }

- and Registry HKCU\Software\Policies\Mozilla\Firefox -> ExtensionSettings (REG_MULTI_SZ): { "uBlock0@asipsante.fr": { "installation_mode": "force_installed", "install_url": "file:///c:/Program Files (x86)/Ivanti/Workspace Control/Data/DBCache/Resources/custom_resources/Logiciels/Mozilla/extensions/CPS2ter-2020_Firefox@asipsante.fr.xpi" }, "uBlock1@netsoins.org": { "installation_mode": "force_installed", "install_url": "https://maintenance.netsoins.org/cpsvitale/firefox.xpi" } }

-> HKCU\Software\Policies\Mozilla\Firefox\Extensions\Install 1 (REG_SZ): c:\Program Files (x86)\Ivanti\Workspace Control\Data\DBCache\Resources\custom_resources\Logiciels\Mozilla\extensions\CPS2ter-2020_Firefox@asipsante.fr.xpi 2 (REG_SZ): https://maintenance.netsoins.org/cpsvitale/firefox.xpi


The result is: extension are installed, but always disabled. I have to manually enable them.

Would you have any idea?

thanks for help

Asked by pierre.rodriguez 9 months ago

Last reply by Mike Kaply 8 months ago

  • Archived

Mendeley plugin installed via registry setting pointing to plugin file has stopped working

I make the Mendeley Firefox plugin available to managed windows 10 workstations by downloading the plugin file to this location on a workstation: C:\Program Files (x86)\M… (read more)

I make the Mendeley Firefox plugin available to managed windows 10 workstations by downloading the plugin file to this location on a workstation:

C:\Program Files (x86)\Mendeley Desktop\Firefox Importer\mendeley_web_importer-3.2.65-fx.xpi

and then add a registry setting to the machine as follows:

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions] "@mendeleyimporter"="C:\\Program Files (x86)\\Mendeley Desktop\\Firefox Importer\\mendeley_web_importer-3.2.65-fx.xpi"

This method worked for previous versions of Firefox and Mendeley Importer, but for the latest versions of both the plugin no longer appears in Firefox.

No error messages are generated.

Is this method still supported by Firefox?

Thanks Mike

Asked by alder-woolf 9 months ago

Last reply by cor-el 9 months ago

  • Archived

MDM Management - 'Open Links in tabs instead of new windows'

Hi Looking to control the following tab options via Intune but i cannot seem to identify the OMI-url settings. Are these setting manageable via OMI-url? Settings>Tabs&… (read more)

Hi Looking to control the following tab options via Intune but i cannot seem to identify the OMI-url settings. Are these setting manageable via OMI-url?

Settings>Tabs>Open links in tabs instead of a new window Settings>Tabs>When you open a link or media in a new tab, switch to it immediately

Thanks in advance

Asked by russell.stead 10 months ago

Last reply by Mike Kaply 10 months ago

  • Solved
  • Archived

GPO Settings

Good Afternoon Im currently configuring OKTA for SSO, part of this setup is to configure a FireFox option, for people that use this particular browser. These are the inst… (read more)

Good Afternoon

Im currently configuring OKTA for SSO, part of this setup is to configure a FireFox option, for people that use this particular browser.

These are the instructions provided by OKTA:- Open the Firefox web browser, enter about:config in the Address bar. If the Proceed with Caution message appears, click Accept the Risk and Continue. In the Search preference name field, enter network.negotiate-auth.trusted-uris. Click Edit, enter <org>.kerberos.okta.com, and click Save.

This works fine when i manually edit the config for myself to test, but i need to deploy this across our org, i downloaded the Mozilla GPOS but i cannot find anywhere i can set this particular setting.

Is it possible to set this particular setting in the GPOs? so i can deploy across our org.


Thanks.

Asked by richard.rostron 1 year ago

Answered by jscher2000 - Support Volunteer 1 year ago

  • Archived

I want a option to disable entering URL manually for users

I want a option to disable entering URL manually for users. I'll be publishing Mozilla in Citrix with URL bind with it, and need to disable adding tab or editing URL from… (read more)

I want a option to disable entering URL manually for users. I'll be publishing Mozilla in Citrix with URL bind with it, and need to disable adding tab or editing URL from address bar. How can I achieve that?

Asked by sudipto.pal 12 months ago

Last reply by cor-el 12 months ago

  • Solved
  • Archived

Kiosk Usage

I am currently creating new Images for our touch kiosks and would like to use Firefox. Sadly I am confronted with some problems / strange behaviour. I want to set up a wi… (read more)

I am currently creating new Images for our touch kiosks and would like to use Firefox.

Sadly I am confronted with some problems / strange behaviour.

I want to set up a windows Kiosk with Firefox as shell application. So far this worked but the Firefox window opens around 5 times at every restart, also it does not open again if it is closed. The reopening is a feature of the eshell which reacts to the exit code of the Application. Is there anything you know what causes these behaviours? Google chrome does nothing of these things and simply gets restarted if it is closed, as it should.

The second thing is, the built in Kiosk mode is great but our Application at least needs tabs. Is it possible without too much of a hassle to create such a locked down experience? I'd like to do it with a policy or settings file and not to create my own browser out of firefox, maybe there's a way I have overseeen.

I'd really like to do it with firefox as I personally always had a great experience and I trust the team behind it. Thank you for your support beforehand!

Asked by Ale 1 year ago

Answered by Mike Kaply 1 year ago

  • Solved
  • Archived

How to find the URL to use for ExtensionSettings?

I am using group policy, extension settings. I want to block all extensions, require 1, and allow a handful. I think I have the JSON figured out but finding the URL to … (read more)

I am using group policy, extension settings. I want to block all extensions, require 1, and allow a handful. I think I have the JSON figured out but finding the URL to use is escaping me.

I can find the site in the Mozilla addons, https://addons.mozilla.org/en-US/firefox/addon, but how do I find the exact filename to use? I see that many end in latest.xpi but I'm unsure what that means or how I should know which is correct. I know how to find it in Chrome but I'm now trying for FireFox. I've had a hard time and it's not as clear as the direct GPO implementation as Chrome uses.

My next thing to figure out is when extension settings are mentioned in multiple levels of the GPO hierarchy. That's a separate question and not needed for an answer to this question. I only mention it as someone who knows one part is likely to know the other as well.

Thanks, -g

Asked by GrumpyGreg 1 year ago

Answered by cor-el 1 year ago