How does FF determine what to block? Files under /css/apps/ blocked /css/applications/ not
On Firefox 31 specifically I've noticed that some desktops won't load a page that has resources linked to /css/apps/. Specifically I'll log into a website, see an intermediary waiting page, then the request for the home page is made and all of the content EXCEPT the css files under /css/apps/ is requested and returned. However, no message is ever rendered by FF 31 regarding any phishing or malware issue. It appears to invoke the goog safe-browsing/safe-search url and comes back with a malware response, but the tab spinner just spins and the status bar continues to say waiting and the page never loads.
What's worse is that there doesn't seem to be any set criteria where I can reproduce this except that it happens in Firefox 31 and Firefox 32 that has been upgraded on a FF31 that was already failing. Some machines work just fine, others do not. Some appear to self-heal one day and then later others spontaneously break.
It's only this single page using this single directory. So what's the criteria or is there something else I should be looking at?
I've been able to fix the problem by deleting goog-phish-shavar.pset on affected machines. But I feel like that might only temporarily fix things? What's the permanent solution for avoiding this problem.
All Replies (6)
That seems unusual, that one folder on a site would be blocked rather than the entire site.
Could you try reloading the page bypassing the cache (Ctrl+Shift+r) to rule out a cache problem?
If you watch the Browser Console (Ctrl+Shift+j) when loading the page, is there any indication there of a security-related reason that the content is not loaded?
Do you want to post a link to the site?
If you have any blocking software, check the settings.
The page is behind a login so I can't provide a link. It is odd that it's only this one directory. I've disabled caching, cleared the cache, tried private browsing, disabled every extension, started with a fresh install, watched the console logs, used fiddler2, etc.,.
Most of the time when you hit the page it will load all the files including the CSS just before this bunch of CSS files. Then it just stops, there's no request hitting the proxy, there's nothing in the console, and nothing in the net tab.
On some installations of FF31 we can uncheck the two security checkboxes about blocking malicious content and everything will load. But in other installations unchecking the boxes has no effect. On those installations all that seems to resolve the problem is clearing the profile or specifically deleting that goog pset file.
No blocking software
Try to use the Live Http Headers extension to see if that captures requests that are missed by the Web Console.
Also, as always should be done with mysterious crashes is a clean reinstall (delete the Firefox program folder) and possibly a new profile and a check for malware and reset the router.
Try to disable IPv6 (check for other possible causes as well).
I'll look into the http headers extension.
We have tried fresh installations, and deleting profiles. Deleting the profile seems to fix the problem, at least temporarily. However, one concern is that without knowing why it happens, the problem may just return at a later date. Additionally it may be hard to instruct all of the users of the site to take similar action.