Showing questions tagged: Show all questions

Why does Copy Image make HEAD request to server and how to prevent it?

Hi! When I open Tools > Browser Tools > Browser Toolbox (Ctrl + Alt + Shift + I) and then go to Network tab then I see browser requests. When I right click image a… (read more)

Hi!

When I open Tools > Browser Tools > Browser Toolbox (Ctrl + Alt + Shift + I) and then go to Network tab then I see browser requests. When I right click image and then choose Copy Image it makes HEAD request to server. And then based on that result seems decide how to copy this image. For example if server responds with 403 to this head request I can still paste copied image to MS paint for example. But I can not paste such images to websites. Such as Yandex reverse image search for example.

Why does firefox behave like that and how to disable it?

To investigate the issue her is a sample clipboard event handler that can take image from clipboard: https://pastebin.com/KNKfPGcy

If HEAD request gets 403 response then this clipboard code will cause the following to be posted instead of image: <Error>AccessDenied<Message>Access Denied</Message><RequestId>6HRMZAKJPFCNZ6QS</RequestId><HostId>ANuZElpxuSerm5iGttCRay/SCAaDuc3Qv1WPxJGHQRJqsGISjyxxG68EFtw9xHDdgnmqtuAZqsg=</HostId></Error>

This situation can happen for example when I open image on new tab and then the server removes image or link gets expired and then I want to copy this image. It causes annoyance where when I want to paste it to some other web site I first have to paste it in MS Paint and then select all and copy in MS paint to finally get image that I can freely paste everywhere.

Seems like this is some deliberately made user hostile behavior in Firefox. How can I disable it? And besides, isn't it a privacy concern when every time I click Copy Image server is notified? I mean someone else should not know that I am about to copy their image.

Asked by wybqogzigoxruxdhnp 2 months ago

I no longer have access to the email account I used to create my Firefox account

Hi guys. I've recently retired and lost access to the email account I used to create my Firefox account. Thought I changed all the relevant sites/accounts but it appears … (read more)

Hi guys. I've recently retired and lost access to the email account I used to create my Firefox account. Thought I changed all the relevant sites/accounts but it appears I missed changing my email addy in Firefox. Now, when I try to login, the 2FA sends a code to my previous (and no longer accessible to me) email addy. I can't post anything on the Community area because I can't sign in. I've searched the Support pages and can't find any solution. Is there a way to add/change my old email to my new email?

I've created a new account in order to post this note.

Thx, Mike / farragut

Asked by Michael Gilmore 1 month ago

firefox browser sign-in

I want to use my 'esmail.hematdoost@gmail.com' instead of current 'hematdoostemail@gmail.com' on my firefox account, but it says that this account has already been confir… (read more)

I want to use my 'esmail.hematdoost@gmail.com' instead of current 'hematdoostemail@gmail.com' on my firefox account, but it says that this account has already been confirmed by another user and it has a data breach, apparently on linkedin. I do not understand. both emails belong to me but I cannot use it as secondary email on my firefox!?

Asked by Ismail 2 months ago

Internal Certs Untrusted and now can't access

I am just PO'd the latest update to windows broke my browser and I can't reach my internal CA sites because now my browser does not trust them. What a bunch of BS! I do… (read more)

I am just PO'd the latest update to windows broke my browser and I can't reach my internal CA sites because now my browser does not trust them. What a bunch of BS! I don't want to hear about time and all this other happy horse crap, that is not the issue the update is the issue. I got on a linux box and I can reach it just fine. My internal ESXI Lab I cannot connect to with the same issue. I did the security exception setting from true to false and that didn't fix. Just upsets me to no end when vendors do crap like this.

This is the error I receive with nothing to accept risk, so I am dead in the water until you fix this. Does the same with VMWare.

we could not verify the certificate: reason = untrusted

Asked by shawn30 2 months ago

Any way to disable visited link privacy settings in my firefox

Hi. I'm worinkg on my own userscript in tampermonkey and need to parse all my unvisited links. Is there any way to make visisted links accesible via JS only for my browse… (read more)

Hi. I'm worinkg on my own userscript in tampermonkey and need to parse all my unvisited links. Is there any way to make visisted links accesible via JS only for my browser or certain domain?

Asked by duulket 2 months ago

How to stop websites from seeing what you're typing so they don't autosuggest which slows things down?

With ever letter you type it reevaluates everything you're entered thus far. So for 100 characters it could be checking 100 times. This hugely slows things down. I'd l… (read more)

With ever letter you type it reevaluates everything you're entered thus far. So for 100 characters it could be checking 100 times. This hugely slows things down. I'd like to block the website from being able to see what I'm typing. Only when I've clicked SEARCH do I want it to do its thing. I don't even know what this is called so I can't search about:config for it. It's really bad on Facebook as well as even Ebay now.

I did notice that in about:config when I search for suggestions a lot comes up. These are my settings so far.

browser.search.suggest.enabled false browser.search.suggest.enabled.private false browser.urlbar.maxCharsForSearchSuggestions 100 browser.urlbar.maxHistoricalSearchSuggestions 2 browser.urlbar.quicksuggest.allowPositionInSuggestions true browser.urlbar.quicksuggest.blockingEnabled true browser.urlbar.quicksuggest.dataCollection.enabled false browser.urlbar.quicksuggest.enabled false browser.urlbar.quicksuggest.impressionCaps.nonSponsoredEnabled false browser.urlbar.quicksuggest.impressionCaps.sponsoredEnabled false browser.urlbar.quicksuggest.migrationVersion 2 browser.urlbar.quicksuggest.nonSponsoredIndex -1 browser.urlbar.quicksuggest.remoteSettings.enabled true browser.urlbar.quicksuggest.scenario history browser.urlbar.quicksuggest.shouldShowOnboardingDialog true browser.urlbar.quicksuggest.showOnboardingDialogAfterNRestarts 0 browser.urlbar.quicksuggest.sponsoredIndex -1 browser.urlbar.richSuggestions.tail true browser.urlbar.showSearchSuggestionsFirst true browser.urlbar.suggest.addons true browser.urlbar.suggest.bestmatch true browser.urlbar.suggest.bookmark false browser.urlbar.suggest.calculator false browser.urlbar.suggest.clipboard true browser.urlbar.suggest.engines false browser.urlbar.suggest.history false browser.urlbar.suggest.mdn true browser.urlbar.suggest.openpage false browser.urlbar.suggest.pocket true browser.urlbar.suggest.quicksuggest.nonsponsored false browser.urlbar.suggest.quicksuggest.sponsored false browser.urlbar.suggest.remotetab true browser.urlbar.suggest.searches true browser.urlbar.suggest.topsites false browser.urlbar.suggest.trending true browser.urlbar.suggest.weather true dom.security.https_only_mode_error_page_user_suggestions false services.sync.prefs.sync.browser.urlbar.showSearchSuggestionsFirst false services.sync.prefs.sync.browser.urlbar.suggest.bookmark true services.sync.prefs.sync.browser.urlbar.suggest.engines true services.sync.prefs.sync.browser.urlbar.suggest.history true services.sync.prefs.sync.browser.urlbar.suggest.openpage true services.sync.prefs.sync.browser.urlbar.suggest.searches true services.sync.prefs.sync.browser.urlbar.suggest.topsites true signon.suggestImportCount 0

Asked by moz2u 2 months ago

账户丢失 Account lost

我原来有一个mozilla账户,于 ⁨8/27/2022⁩注册,邮箱是934101587@qq.com,我9/30/2023想在firefox android登录这个账户,用934101587@qq.com,但是却注册了一个新的账户,无法登录我原来的账户,我现在的诉求是,恢复我原来的旧帐户,不需要新账户 "I used to have … (read more)

我原来有一个mozilla账户,于 ⁨8/27/2022⁩注册,邮箱是934101587@qq.com,我9/30/2023想在firefox android登录这个账户,用934101587@qq.com,但是却注册了一个新的账户,无法登录我原来的账户,我现在的诉求是,恢复我原来的旧帐户,不需要新账户

"I used to have a Mozilla account, registered on August 27, 2022, with the email address 934101587@qq.com. On September 30, 2023, I tried to log in to this account on Firefox Android using 934101587@qq.com, but inadvertently created a new account. I am unable to access my original account. My current request is to recover my old account; I do not need the new account."

Asked by 934101587 2 months ago

trying to login to Newton

Im trying to login into web.newton.co When I click the FingerPrint or Face recognition option Use fingerprint or face recognition to login Press the button below and fol… (read more)

Im trying to login into web.newton.co When I click the FingerPrint or Face recognition option Use fingerprint or face recognition to login

Press the button below and follow your browser's steps to log in. I get asked for my PIN. I clicked the option "I forgot my PIN (see screen shot) i get the You Can Reset your pin. it's instructing me to go to Settings/Accounts/Signin Options in Firefox.

But when I go to Settings in FF I see no such a thing...thoughts? Rob

Asked by robprov 2 months ago

Is there a way to disable the Mozilla Firefox file dialog like in Google Chrome?

I'm looking for a way to disable the file dialog popup that appears when a user clicks on, for instance, an "Upload File" button on a website. In Google Chrome, we achie… (read more)

I'm looking for a way to disable the file dialog popup that appears when a user clicks on, for instance, an "Upload File" button on a website.

In Google Chrome, we achieve this by setting the "AllowFileSelectionDialogs" policy to 0 in the registry. Unfortunately, it seems that Firefox does not offer a similar functionality. The operating system will be Windows 10.

Is there any way to achieve this in Firefox?

Asked by Daniel Mählmann 2 months ago

Firefox no longer can handle secure websites (spontaneous failure).

I was listening to Pandorda and the music spontaneously stopped. The following message was displayed: Secure Connection Failed An error occurred during a connection to … (read more)

I was listening to Pandorda and the music spontaneously stopped. The following message was displayed:

Secure Connection Failed

An error occurred during a connection to www.pandora.com. PR_CONNECT_RESET_ERROR

Error code: PR_CONNECT_RESET_ERROR

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

As a test, I switched over to Chrome and it is fully operational. I prefer to use Firefox, but it now rejects all secure websites. Help, please.

Thank you, Ron Kinder

Asked by k7vmn 2 months ago

Clear single cache entry and/or link cache file content to subject website

I know typing in the browser about:cache one can see cache entries stored in memory or disk. Other way to see cache entries is to follow path %LOCALAPPDATA%\Mozilla\Fire… (read more)

I know typing in the browser about:cache one can see cache entries stored in memory or disk. Other way to see cache entries is to follow path %LOCALAPPDATA%\Mozilla\Firefox and find cache folder.

The first way to me appears a "read-only" option. The second way of course give the user the possibility to clear all, but without having a clue of content of each entry.

Is there a way to see Cache as in about:cache, but have possibility to edit/delete manually one or more entry anmd being informed of what's inside that entry?

Hope question is clear. Open to suggestions.

Asked by stefanog.rinaldo 2 months ago

Sending cross site fetch with credentials sends credentials with Chrome, but not Firefox, CORS passes, respone.ok true

Firefox 102.15.1esr(64-bit) on linux. Using Chrome 117.0.5938.62 on the same machine I can see the cookie from Webkeycard.com being passed in a request from keyboxmail.co… (read more)

Firefox 102.15.1esr(64-bit) on linux. Using Chrome 117.0.5938.62 on the same machine I can see the cookie from Webkeycard.com being passed in a request from keyboxmail.com in a fetch call to webkeycard. In Firefox, there are no cors errors, the response.ok is true, but the credentials are *NOT* included in the fetch. Not in the headers, not in the cookie tab. There is absolutely nothing I can find that shows something is wrong.

The call to fetch(): credentials: "include" method post headers {"content-type": application/json"}


My webkeycard cookies (examined in a webkeycard session) seems good.

httponly is true,  (but I don't support http)

secure true, samesite none.

The cors response does include "keyboxmail.com"

HTTP/2 204 No Content date: Thu, 12 Oct 2023 13:51:39 GMT vary: Origin access-control-allow-origin: https://keyboxmail.com access-control-allow-credentials: true access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: content-type xcontent-security-policy: default-src 'self'; content-security-policy: connect-src 'self'; script-src https://webkeycard.com; cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl1Y6Om7%2Bse%2Bl%2FIck8uQxTceVHCL%2F9tRBu%2BhBycJiARr4Q1dXEy9KxvU%2BRWocq0tX3fuAYRm%2FcBR%2FhtvFQsjvdzPqxwGLqo%2FlOVF%2F4GJzBpN3ANUyYkDlmC9Z%2BNd5TmQvg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 814fd19d791bc3f3-EWR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

One final note is that this is *NOT* user initiated. When the keyboxmail ui starts, it immediately attempts to find out if there is an account on webkeycard.

What makes this hard is that chrome (which I don't like but need to support) works

Any ideas, lines of attack?

On a broader note, webkeycard is something like "login with apple" but with anonymity. I have a working implementation using an "intent" kind of mechanism. keyboxmail server does a fetch to webkeycard server on receipt of a "getuser()" request. An "intent" is stored in a db on kbx, the user is sent a url, goes to wkc, blah, blah blah. I am trying to replace this complex interaction with the kbx user just fetching a token from wkc. Maybe this is a bad idea?

Thanks

Asked by tab43 2 months ago

Mutual TLS on Firefox ARM64 on Windows ARM is not working with Microsoft Base Smart Card Cryptographic Service Provider but working with pkcs11

Hello Team, I have installed Smart Card Minidriver on Windows Intel and installed firefox 64 bit version intel based. Mutual TLS is working as expected with Minidriver (… (read more)

Hello Team,

I have installed Smart Card Minidriver on Windows Intel and installed firefox 64 bit version intel based. Mutual TLS is working as expected with Minidriver (Microsoft Base Smart Card Cryptographic Service Provider). Tried to use PKCS#11 dll and it is also working.

In the same way,

I have installed Smart Card Minidriver on Windows ARM64 and installed firefox ARM64 bit version ARM based. Mutual TLS is not working as expected with Minidriver (Microsoft Base Smart Card Cryptographic Service Provider). But when tried to use PKCS#11 dll and it is working.

I have questions here:

Firefox ARM64 on Windows ARM is not working mutual TLS with Microsoft Base Smart Card Cryptographic, Service Provider, Is this supported?

Asked by kapil.kumar 2 months ago

"we could not verify the certificate: reason = untrusted" trying to access my LAN connected devices

Something in the last few Firefox updates is now preventing me from logging into the admin interface of my home router (Sonicwall TZ570) and wifi access point controller … (read more)

Something in the last few Firefox updates is now preventing me from logging into the admin interface of my home router (Sonicwall TZ570) and wifi access point controller (Unify Cloud Key). I have had these devices for several years and Firefox has always allowed me to make an exception and connect to the "unsecure device. Microsoft Edge is giving me the same problem which started about the same time a couple of weeks ago. I am on the latest version of Windows 10 64bit and Firefox is up to date. The Brave browser still works as it should (see first screenshot), but Firefox gives me the "we could not verify the certificate: reason = untrusted" error with no way around it (see second screenshot). I do not have HTTPS Only Mode enabled (see last screenshot) and I don't see any other security setting that should affect this.

This is my home, not a business and I do not have a domain nor a SSL certificate and I should not need one.

Any help will be greatly appreciated. Thanks!

Asked by ppappas1959 2 months ago

My existing account has a wrong password , which I can't change because when I try, it says wrong password

I have a new laptop. I want to load up my account but because my password is wrong, I can't. What can I do? When I try to change my password, I'm told it's the wrong pass… (read more)

I have a new laptop. I want to load up my account but because my password is wrong, I can't. What can I do? When I try to change my password, I'm told it's the wrong password.

Asked by jbacun 2 months ago

edge/android/mozilla/authenticator

I can log into mozilla and edge browser on this pc. I can log into mozilla on Android app. I CANNOT LOG INTO MOZILLA ON THE MOZILLA BROWSER ON PC. I have changed my pass… (read more)

I can log into mozilla and edge browser on this pc. I can log into mozilla on Android app. I CANNOT LOG INTO MOZILLA ON THE MOZILLA BROWSER ON PC.

I have changed my password multiple times and had to use 2 backup codes all to install google authentification app on my phone. I cannot do this from my edge browser. I also have tried multiple times to install the vpn but that hasn't been successful either.

Mozilla needs a video tutorial on how to do this successfully especially when you don't have a QR code. Im just glad that i saved my backup codes.

Asked by Natalie W. 2 months ago