Firefox Community Forum

Hi all,

I have a question regarding the permission requests of the Simple Tab Groups extension by Drive4ik.

As I'm sure many of you know, this extension needs to: This add-on needs to:

• Download files and read and modify the browser’s download history
• Monitor extension usage and manage themes
• Display notifications to you
• Access recently closed tabs
• Hide and show browser tabs
• Access browser tabs
• Store unlimited amount of client-side data
• Access your data for all websites

This add-on may also ask to: Read and modify bookmarks

Theoretically, I find this extension useful but I am concerned about the "Access your data for all websites" requirement. I read through Mozilla's permission request messages for Firefox extensions documentation and it seems like granting this extension these permissions would be a huge risk for the work I do– investigative journalism. It seems like I'll trade organizational benefits for a wider attack surface.

Can anyone speak more about the risks involved with using this extension, the trustworthiness of the developer, and why it needs the "Access your data for all websites" capability?

Thank you.

Now that Mozilla/Firefox have joined Google on the dark side, who is everyone switching to? I would like something that works well in both Windows and android. I hear Opera can't be trusted and I don't like how there are like 6 difference versions of Opera in the android app store. DuckduckGo is just badly made IMO. Edge causes some glitches with one of the sites I use most. Should I try Brave? I just want a browser to BROWSE the web. I don't want AI. I don't need a VPN or adblock built in. I don't want a "gamer" browser. A decent local password manager would be nice but I don't want to have to make an account to use it. I know if the product is free, you are the product, so I would almost prefer a browser you pay for but oddly that doesn't seem to be a popular option. Probably because the user data the companies collect makes them more money then people would be willing to pay. Sad times. I miss the 90's.

When I visit the web site virtueonline.org using Firefox browser, the Disqus comment section does not appear below articles on the site. Sometimes, when I go in and out of the article, the Disqus comment section will appear, but not always. When I use Microsoft Edge, the Disqus comment sections appear.

getting "SYSTEM WARNING" , " McAfee license expired " , " Trojan Detected " popup notifications continually after following a link on Linked In . Windows finds no threat in its quick scan . Popups occur even when Mozilla closed .

Popups for Smithsonian magazine keep appearing, sometimes 2 at a time, despite having popups blocked. I need them to stop. They are annoying and cover up content of web pages.

Firefox 125.0.1 update breaks all self signed certificates

After the latest auto update I can no longer access any of my management screens on my private network with self signed certificates. This is a real problem. I have attached a couple error screen grabs, but ALL of themn are the same. The information link says there is no workaround!

So how do I recover access? Chrome works just fine ... so it is def. a Firefox problem.

Hi,

Please tell me exactly WHAT AI, WHERE that AI is, and EXACTLY what DATA is transmitted, on an option that's enabled BY DEFAULT on Firefox.

"Use AI to suggest tabs and a name for tab groups"

And the same question for ALL other AI features.

There is ZERO transparency on this issue, and I'm mightily disgusted that you feel the need to, by default, force share the EVERY WEBSITE VISITED with a third party AI system.

Regards

D

Yahho search is on my home screen but not on my app list. I suspect malware. I use Bitdefender free for antivirus and scans sho no problem. I read that yahoo search can be hacked.What can I do

i need set a default exception website for pop-up blocker settings fore every firefox install. or completely disable pop-up blocker settings as default.

what can i do for this purpose?

Why does Mozilla's new CEO feel the need to bloat and mine data in the browser I downloaded to escape that in other browsers? Can I not escape AI in one place? I come to Mozilla Firefox for one reason and one reason alone and y'all suddenly seem very keen on getting rid of this reason.

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

Below is the content-security-policy Firefox loads for chatGPT:

default-src 'self'; script-src 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'wasm-unsafe-eval' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; script-src-elem 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'sha256-RvbVrdDS11FSnQaULCOgXPA5u0nMP2Im1d2pGiRBGC4=' 'sha256-eMuh8xiwcX72rRYNAGENurQBAcH7kLlAUQcoOri3BIo=' auth0.openai.com challenges.cloudflare.com chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://apis.google.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://docs.google.com https://jidori.g1.internal.services.openai.org https://js.live.net/v7.2/OneDrive.js https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www-onepick-opensocial.googleusercontent.com wss://*.chatgpt.com wss://*.chatgpt.com/; img-src * 'self' blob: data: https: https://docs.google.com https://drive-thirdparty.googleusercontent.com https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; font-src 'self' data: https://*.oaistatic.com https://fonts.gstatic.com; connect-src 'self' *.oaiusercontent.com api-iam.intercom.io api-js.mixpanel.com browser-intake-datadoghq.com chatgpt.com/ces fileserviceuploadsperm.blob.core.windows.net http://0.0.0.0:* http://localhost:* https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.onedrive.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://content.googleapis.com https://docs.google.com https://events.statsigapi.net https://featuregates.org https://graph.microsoft.com https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www.googleapis.com o33249.ingest.sentry.io statsigapi.net wss://*.chatgpt.com wss://*.chatgpt.com/ wss://*.intercom.io wss://*.webpubsub.azure.com; frame-src challenges.cloudflare.com https://*.sharepoint.com https://content.googleapis.com https://docs.google.com https://onedrive.live.com https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ js.stripe.com; worker-src 'self' blob:; media-src blob: 'self' *.oaiusercontent.com fileserviceuploadsperm.blob.core.windows.net https://cdn.openai.com https://persistent.oaistatic.com; frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj; report-to chatgpt-csp-new; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1f79f8ac903a5872ae5f53026d20a77c&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=version%3Achatgpt-csp-new

Notice that it includes " frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj"

Would this extension be installed in the computer, kind of like the extensions that are loaded from Chrome (i.e., C:\Users\myUser\AppData\Local\Google\Chrome\User Data\extensions_crx_cache)?

Thanx

I have a question about using Firefox PDF Editor. I copied some text from a PDF document that is on my computer, by highlighting the text and then hitting Ctrl+C. The text copied onto my clipboard OK. Then I opened a blank PDF document in the Firefox PDF Editor and tried to paste that text into the blank document, but I wasn't able to do so because when I right-clicked on the blank document and then clicked on "paste", nothing happened. This apparently is because the word "paste" is faded-out in the drop-down menu (i.e., it does not appear in prominent bold print). Google's Artificial Intelligence seems to indicate that the technique I used would work (see screenshot which I've uploaded). But it didn't work, so can anyone please tell me how can I paste text into that blank document?

From: [ or ] To: "Conrad Szablewski" <etcetcetc73@earthlink.net> Subject: [ DuckDuckGo Privacy Weekly ] For Aug 28, 2025 Date: Aug 28, 2025 8:43 AM

DuckDuckGo Privacy Weekly

   DuckDuckGo Privacy Features: The Fire Button [duckduckgo.com]
   Ever wish you could wipe the slate clean online? Our Fire Button burns away traces of websites that you’ve visited (like cookies and website caches), browsing session information (like open tabs and URL history), and permissions you’ve granted to websites (like geolocation, camera, and microphone settings).

I've seen cites that prove that Mozilla's latest policy updates (thanks for no notice) are now positioning Firefox to sell our data for both ad targeting and AI training purposes. I oppose both, and have no use for Firefox if it joins those already disrespecting and monetizing user privacy in those regards. How do I a) ensure I'm getting the plain language notices of further policy updates, and b) register my dismay with Firefox for this betrayal? While you're coming up with an answer, I'll be discontinuing my monthly support for the Mozilla Foundation. I have HAD IT with the greed people ruining everything.