Firefox Support Forum

Hi! After a routine update today to Mozilla Firefox 127.0 for Linux Mint, Firefox is asking for my master password before letting me continue. Sync does not appear to be enabled.

I'd really rather it didn't do this, because my password manager is now always open and accessible. Previously, the master password request was only triggered when I came on a site that needed a password.

Anything I can do to fix this?

Thanks for any pointers!

For about 24hr now, every time I clear cookies and cache data, 20kB remain. I clear this data often, and the cookie and cache data always registers "0kB" after I click on "Clear Data", until yesterday. My OS is Ubuntu 22.04. Where can I find that file so I can delete it?

when i wanna open a page on youtube, i got some errors like below in my console window:

``` Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://rr3---sn-p5qlsndd.googlevideo.com/videoplayback?expire=1716635853&ei=bXRRZsXhJonb6dsPr4S9gAo&ip=104.237.233.106&id=o-AAWbYs_c1wgN4MrU7OqKDoN_4E89qYQsMLYgu196ZLvi&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Wx&mm=31%2C26&mn=sn-a5msenle%2Csn-p5qlsndd&ms=au%2Conr&mv=u&mvi=4&pl=25&spc=UWF9f9R71vLfm1F-HqlKYmIsTmmQ76vISxWKiaa8DnBJ1RFYdP1uqbuRYDqk&svpuc=1&ns=nZ43uaQFzt5gq9VgUw-rDA0Q&sabr=1&rqh=1&mt=1716613539&fvip=3&keepalive=yes&c=WEB&smc=1&n=DtTlBfhfTkjbJA&sparams=expire%2Cei%2Cip%2Cid%2Csource%2Crequiressl%2Cxpc%2Cspc%2Csvpuc%2Cns%2Csabr%2Crqh&sig=AJfQdSswRQIgBpryxlELSlbPjito5Ju6_RfQzqVcw10u03ydIYI41lcCIQCgk-eJSUpHsjpfCC08Zif4lFJZY3GVMbfofGXPQsdZcw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AHWaYeowRgIhAPqP6gckt5GXH-fLEv5Cg2vcg7upBxPU4Doh2zshdgCNAiEAqrP-9k3ySo7QyYhqQCESvz0lC8laHox06_kyE8r-oYo%3D&cpn=RZMRM0hX5vjkksRu&cver=2.20240524.00.00&fallback_count=1&rn=27. (Reason: CORS request did not succeed). Status code: (null).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://rr4---sn-a5msenle.googlevideo.com/videoplayback?expire=1716635853&ei=bXRRZsXhJonb6dsPr4S9gAo&ip=104.237.233.106&id=o-AAWbYs_c1wgN4MrU7OqKDoN_4E89qYQsMLYgu196ZLvi&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=Wx&mm=31%2C26&mn=sn-a5msenle%2Csn-p5qlsndd&ms=au%2Conr&mv=u&mvi=4&pl=25&spc=UWF9f9R71vLfm1F-HqlKYmIsTmmQ76vISxWKiaa8DnBJ1RFYdP1uqbuRYDqk&svpuc=1&ns=nZ43uaQFzt5gq9VgUw-rDA0Q&sabr=1&rqh=1&mt=1716613539&fvip=3&keepalive=yes&c=WEB&smc=1&n=DtTlBfhfTkjbJA&sparams=expire%2Cei%2Cip%2Cid%2Csource%2Crequiressl%2Cxpc%2Cspc%2Csvpuc%2Cns%2Csabr%2Crqh&sig=AJfQdSswRQIgBpryxlELSlbPjito5Ju6_RfQzqVcw10u03ydIYI41lcCIQCgk-eJSUpHsjpfCC08Zif4lFJZY3GVMbfofGXPQsdZcw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AHWaYeowRgIhAPqP6gckt5GXH-fLEv5Cg2vcg7upBxPU4Doh2zshdgCNAiEAqrP-9k3ySo7QyYhqQCESvz0lC8laHox06_kyE8r-oYo%3D&cpn=RZMRM0hX5vjkksRu&cver=2.20240524.00.00&rn=1. (Reason: CORS request did not succeed). Status code: (null). ```

hi, when starting firefox, it makes some connections to

   firebaseinstallations.googleapis.com
   detectportal.firefox.com
   app.adjust.com
   o1069899.ingest.sentry.io
   assets.mozilla.net
   contile.services.mozilla.com
   firefox.settings.services.mozilla.com
   incoming.telemetry.mozilla.org
   location.services.mozilla.org

without user-consent. so this is not gdpr-compliant. how can i tell firefox not to connect to these sites? thanks t.

I am running Firefox 126.0-1 on an Arch Linux system. Most websites are failing to connect for security reasons.

Some sites, including google.com and nytimes.com, fail with an "SEC_ERROR_UNKNOWN_ISSUER" error, and their certificates confirm that they are respectively issued by Google Trust Services LLC and DigiCert Inc.

The website archlinux.org errors with "MOZILLA_PKIX_ERROR_MITM_DETECTED", stating that "Software is Preventing Firefox From Safely Connecting to This Site", citing in particular ISRG Root X1 as the problem. The certificate confirms that it is issued by Let's Encrypt.

The website duckduckgo.com simply errors with "SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID" and states "Secure Connection Failed"

I have confirmed in preferences that my proxy settings are set to "No proxy" and the problem persists across troubleshooting mode and making a new profile. I have also tried removing the cert9.db file in a given profile folder.

I am trying to configure Firefox on macOS to not prompt the user to make it the default browser.

I am using the following script to create the profile and set the user preferences after installing Firefox by copying `Firefox.app` from the downloaded DMG: ```

1. !/bin/sh

open -a Firefox.app --args -CreateProfile default sleep 1

write_userpref() { USER=$(whoami) PROFILE=$(ls -1 "/Users/${USER}/Library/Application Support/Firefox/Profiles/" | grep -E "\.default$") cat << EOF > "/Users/${USER}/Library/Application Support/Firefox/Profiles/${PROFILE}/user.js" // mandatory comment? user_pref("app.update.auto", false); user_pref("app.update.disable_button.showUpdateHistory", false); user_pref("app.update.enabled", false); user_pref("breakpad.reportURL", ""); user_pref("browser.newtabpage.activity-stream.feeds.topsites", false); user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false); user_pref("browser.tabs.crashReporting.sendReport", false); user_pref("browser.discovery.enabled", false); user_pref("browser.defaultbrowser.notificationbar", false); user_pref("browser.shell.checkDefaultBrowser", false); user_pref("browser.shell.didSkipDefaultBrowserCheckOnFirstRun", false); user_pref("browser.shell.skipDefaultBrowserCheckOnFirstRun", true); user_pref("browser.newtabpage.enabled", false); user_pref("experiments.enabled", false); user_pref("extensions.pocket.enabled", false); user_pref("toolkit.telemetry.enabled", false); user_pref("update_notifications.enabled", false); EOF }

write_userpref

open -a Firefox.app --args -new-tab -P default "about:blank" sleep 3 osascript -e 'quit app "Firefox"' sleep 2

open -a Firefox.app --args -P default about:blank ```

Here's the behaviour I'm seeing:

1. Firefox starts to an `about:blank` tab, however there is a second "Firefox Privacy Notice" tab
2. AppleScript quits Firefox
3. Firefox starts to an `about:blank` tab, however it is now prompting me to make it the default browser

I do not want Firefox to prompt the user to become the default browser.

My ideal scenario is that Firefox starts without the "Firefox Privacy Notice" tab and without prompting me to make it the default browser. From the observed behaviour, this doesn't seem possible.

Can anyone tell me how I can accomplish this without user interaction or MDM?

Hello, I administer a small fleet of Ubuntu desktops. For a variety of reasons we avoid using Canonical's Snap package version of Firefox.

Currently the fleet is using Firefox installed from the Mozilla Team PPA repo. However that repo can be incredibly slow and after reading about the new Firefox deb packages [1] from the Mozilla APT repository we would like to move to them. The problem is that these packages lack Apparmor profiles, so unfortunately my security team won't let me use them.

Would it be possible to add Apparmor profiles to these packages please? They would need to be applied only when an OS has Apparmor enabled, which may not be the default for Debian.

Thank you!

[1]: https://blog.mozilla.org/en/products/4-reasons-to-try-mozillas-new-firefox-linux-package-for-ubuntu-and-debian-derivatives/

I using kubuntu (ubuntu with kde) 22.04 and firefox will not recognize my security key. There is a really good thread on this here. It is now closed.

https://support.mozilla.org/en-US/questions/1412073

One of the solutions is to install firefox from the mozilla server. On other forums, this is referred to removing snap and installing the debs. I haven't tried this.

Reading through the thread however, it seems like the snap version should work. The manufacurers id and product code for my Thetis FIDO2 usb key are present in the etc/udev/rules.d/70-snap.firefox.rules

This answer says to disable apparmor. I tried that, but it didn't work.

I have quoted this answer below.

This isn't actually a firefox problem. KDE Neon uses the firefox package from the Mozilla Team PPA and there's nothing wrong with that package. The problem is that Neon enables app armor on firefox which breaks access to password managers and security keys. sudo aa-disable usr.bin.firefox works around the problem by disabling app armor for firefox. aa-complain was not sufficient in this case.

Is there anything else I can try?

Hello, By default, DoH fails on Max Protection in the latest OS versions listed above. The workaround I've discovered is using https://1.1.1.1/dns-query, but I would rather use the default settings.

I heard that the newest version of Firefox (which I have not upgraded to yet) has a feature that makes it easier to accidentally visit a website whose URL is on the clipboard. I googled to find out how to disable it, and the Featured Snippet said "go to about:config and change clipboard.autocopy to false." Sounded simple, so I did it, but subsequently found out that the article it quotes from is 10 years of age!

My first question, then, is: what does changing "clipboard.autocopy" to false do if it doesn't turn off the brand-new feature?

The second question is, how do I disable the new URL Paste Suggestion feature? Will setting "clipboard.autocopy" disable it? In particular, I want to make sure that the browser does not pre-load or pre-fetch the clipboard URL, and in fact, I wish to pop up a dialog box any time I do "paste and go." People often copy URLs from e-mails to research them before visiting them directly; jumping directly will increase the likelihood of visiting an imposter site.

The story is when I accidentally clicked on a sick video, YouTube start to recommend me similar sick videos.

So my question is how does YouTube get my identity?

I'm not logged in. my profile is actually a snapshot, so when I restart Firefox, it go back to the snapshot. I even restarted my ISP router to get a new IP address. This did not work.

Only when I create a new profile with "firefox -P" does YouTube start to see me as a new person.

So how does YouTube identify my Firefox profile? I don't think it's in the https request headers. Weird.

I'm new to firefox and would like to set cloudflare for DNS over HTTPS but there seems to be an issue. If I set it to NextDNS the connection stays active. But if I set it to cloudflare it goes inactive with the error (NS_ERROR_NET_TIMEOUT_EXTERNAL). I tried setting a custom DNS to OpenDNS and got the same error.

I'm running Manjaro Linux if that make a difference.

Hi I have been using firefox on linux for a while without updating it. We are artsellers and I used to be able to log in and out of an artplatform without any problems. It's now been a few weeks since logging out is not possible any more on this platform which means that I am constantly logged in which I really do not want. The menu does not work anymore on this side whereas it works with other browers. I already contacted the platform. They cannot do anything about it themselves and asked me to contact your team. Please help. Thank you Best regards from Germany C. Marsac

#!/bin/bash

# Verzeichnis erstellen
mkdir FoxyAddOnFirewall
cd FoxyAddOnFirewall || exit

# package.json erstellen
cat <<EOF > package.json
{
  "title": "Foxy AddOn Firewall",
  "name": "foxy-addon-firewall",
  "description": "A Firefox addon to control internet access for other addons",
  "author": "Your Name",
  "version": "1.0.0",
  "license": "MIT"
}
EOF

# background.js erstellen
cat <<EOF > background.js
var permissionManager = Components.classes["@mozilla.org/permissionmanager;1"]
                        .getService(Components.interfaces.nsIPermissionManager);

// Addon-Liste abrufen
function getAllAddons() {
    var {AddonManager} = Components.utils.import("resource://gre/modules/AddonManager.jsm", {});
    return new Promise(function(resolve, reject) {
        AddonManager.getAllAddons(function(addons) {
            resolve(addons);
        });
    });
}

// GUI aktualisieren
function updateUI() {
    getAllAddons().then(function(addons) {
        var addonList = document.getElementById("addon-list");
        addonList.innerHTML = ""; // Zurücksetzen der Liste

        addons.forEach(function(addon) {
            var listItem = document.createElement("li");
            listItem.textContent = addon.name;
            
            var blockButton = document.createElement("button");
            blockButton.textContent = "Block";
            blockButton.addEventListener("click", function() {
                blockInternetAccessForAddon(addon);
            });

            listItem.appendChild(blockButton);
            addonList.appendChild(listItem);
        });
    });
}

// Internetzugriff für ein bestimmtes Addon blockieren
function blockInternetAccessForAddon(addon) {
    var host = addon.getResourceURI("").host;
    permissionManager.remove(host, "allAccess");
    console.log("Internetzugriff für " + addon.name + " wurde blockiert.");
}

document.addEventListener("DOMContentLoaded", function() {
    updateUI(); // GUI beim Laden der Seite aktualisieren
});
EOF

# index.html erstellen
cat <<EOF > index.html
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Foxy AddOn Firewall</title>
  <link rel="stylesheet" href="style.css">
</head>
<body>
  <h1>Foxy AddOn Firewall</h1>
  <p>Welcome to Foxy AddOn Firewall!</p>

  <h2>Installed Addons:</h2>
  <ul id="addon-list">
    <!-- Addon-Liste wird hier eingefügt -->
  </ul>

  <script src="background.js"></script>
</body>
</html>
EOF

# style.css erstellen
cat <<EOF > style.css
body {
  font-family: Arial, sans-serif;
  background-color: #f0f0f0;
  text-align: center;
}

h1 {
  color: #007bff;
}

h2 {
  margin-top: 20px;
}

ul {
  list-style-type: none;
  padding: 0;
}

li {
  margin-bottom: 10px;
}

button {
  background-color: #007bff;
  color: white;
  border: none;
  padding: 5px 10px;
  border-radius: 5px;
  cursor: pointer;
}

button:hover {
  background-color: #0056b3;
}
EOF

# manifest.json erstellen
cat <<EOF > manifest.json
{
  "manifest_version": 2,
  "name": "Foxy AddOn Firewall",
  "version": "1.0",
  "description": "A Firefox addon to control internet access for other addons",
  "icons": {
    "48": "icon.png"
  },
  "permissions": [
    "management"
  ],
  "browser_action": {
    "default_popup": "index.html",
    "default_icon": "icon.png"
  }
}
EOF

# Icon herunterladen
wget -O icon.png "https://img.icons8.com/ios-filled/50/000000/firewall.png"

# Installationsanweisungen anzeigen
echo "FoxyAddOnFirewall wurde erfolgreich initialisiert!"
echo "Um das Addon in Firefox zu installieren:"
echo "1. Öffnen Sie Firefox und geben Sie 'about:debugging' in die Adressleiste ein."
echo "2. Klicken Sie auf 'Dieses Firefox installieren' unter 'Temporäre Add-ons laden'."
echo "3. Navigieren Sie zum Verzeichnis 'FoxyAddOnFirewall' und wählen Sie die 'manifest.json' Datei aus."
echo "4. Das Addon wird nun installiert und kann verwendet werden."

Please see the attached image.

Firefox believes I have a security key.

What is a security key? Where do I find it? Why does Firefox think I have one?

And why is there no helpful information to explain this confusing UX?

hello, I've been trying to follow Firefox's official guide in the docs and ready 3rd party articles in order to enable payment method auto-fill in Firefox. however, this section seems to be missing from my settings page.

under Privacy and Security, I cannot find anything to do with saved payment methods or the checkbox to enable payment method auto-fill.

how can I resolve it?

v155.9.1esr Debian 12

I'm testing different Debian 12 on multiple VMs, it came to my surprise to see that my VPN hash I used on a website the day before was saved by Firefox on the new VM.

The Sync was on but then which one saved my form (hash)?

1. Numbered list item Logins & Passwords ? note: The hash was not a login but a form. If Firefox saves all the form, you should explicitly rename Logins by any forms/inputs.
2. Numbered list item History? note: I hope this is only URLs.

If Firefox is savings "forms" (input fields) not just "logins" then it should be explicitly written. Is it an expected behavior?

On the page listing passwords, it was possible to sort them by "Alerts".

In settings, there is an option to enable checking the vulnerable passwords: https://support.mozilla.org/en-US/kb/firefox-password-manager-alerts-breached-websites

On my other laptop using Firefox v121, the alerts are properly displayed. But on my second laptop using Firefox v124, the alerts are gone. I can't sort password by "Alerts", the option isn't there. Both laptops share the same Firefox account and have password synchronized between each other.

Obviously, I ticked the "Show alerts about passwords for breached websites" box in the settings but it looks like it does not nothing. I also checked in "about:config" and everything seems good.

Is this feature gone?

Revision: 115.9.1esr (64-Bit) for openSUSE Leap (15.5)

Some months ago, I unfortunately typed a password in the username field of a local page (access to my Internet box, oh Noes).

Since then, it appears each time I remove the access data in the Firefox settings. When entering data again for a login without password enquiry, the password becomes invisible again, and vice-versa.

It is impossible to show the phenomenon using a screenshot, as the password immediately disappears.