Форум поддержки Корпоративный Firefox

Every time you open Firefox, you will prompt old version bookmarks, history, and passwords, and you can't use them. Choose to opt out or create a new personal file. There are also prompts for the upgrade, and the downgrading version is unsuccessful pls help me

I am trying to use a policies.json file to include a certificate for my own website using a certificate stored online, but not locally. Would it be possible to do so using code similar to below: {

   "policies": {
   "Certificates": {
       "ImportEnterpriseRoots": true,
       "Install" [
           "cert_name",
           "http://www.xxxxxxxx.com/xxxxx/xxxxx.der"
                  ]
            }
       }
   }

Any help would be greatly appreciated.

Forgive me if I am not describing this correctly but really need help, if you ask me questions back, I will be happy to answer once I find that answer to your question. The issue we are experiencing is not my area of expertiese but no one in my org can find an answer so here I am.

We have not migrated our enterprise above Firefox ESR 91.x as of yet, we have some internal sites that use IBM Webseal to provide SSO and some of that functionality is broken in version 102.x and above. There are three options on the frontend page to use RSA token, PKI logon and username/password: each one a separate choice for the end user experience. RSA and Username/password work without issue but PKI logon does not, once you click on the logon button it is supposed to grab the certificate from your PKI card and use it to logon to the web application, but it does not seem to complete this process instead it proceeds to another page almost immediately that reads Error An attempt to authenticate with a client certificate failed. A valid client certificate is required to make this connection. Click here to return to the authentication page. DPWWA1124W A client certificate could not be authenticated. Our web developers have opened a ticket with IBM and from what I was told after troubleshooting and traffic capture, they never see the certificate make it to the backend for authentication and it is a Firefox issue because Google and MS Edge work just fine. Because of this IBM closed the case.

Has anyone experienced this issue and know of a fix or is there any suggestions as to what we can look for as an attempt to fix this issue? What has changed between version 91.x to 102.x ESR (we have tried the RRs and it is an issue there also)? Is this a bug in Firefox?

Hello,

we have some trouble in our Enterprise Environment with tls 1.3 and 0rtt data. The integrated google search and other websites doesnt work as they should (Pages doesnt load and stay white).

So we want to turn of "security.tls.enable_0rtt_data" with Group Policy. But i cannot find a switch for this setting.

When i try to set security.tls.enable_0rtt_data with Preferences in GPO it doesnt work (old Preferences is empty) { "security.tls.enable_0rtt_data": { "Value": false, "Status": "locked" } }

With Preferences i am able to configure security.tls.hello_downgrade_check, but not security.tls.enable_0rtt_data

The only workaround would be to disable tls 1.3 completely and use tls 1.2. (security.tls.version.max = 3) Is there a solution for this?

Regards, Michael

Hello world,

This problem is sticking for a year now. We even switched to ESR thinking it will fixed the problem but to no avail. After a bunch of test, I've finally decided to post and ask for help. Tests have been done on macos 11.6 fresh vanilla install, no encryption (no filevault, I hate it), and Firefox 91.1.0esr (64 bits), but problem is the same since version 75 + (no problem seen on windows or linux) If I don't use Profiles Manager, at each launch of Firefox a new profile is created with no import from former profiles. If I do use Profiles Manager, I can keep on choosing my default profile, and no new ones are created, BUT new install is added to install.ini and profiles.ini. All tests have been done with the exact same firefox (i mean, application is the same and correctly installed in the /Applications of macos).

Here is the profiles.ini

[Install5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Profile0] Name=default-esr IsRelative=1 Path=Profiles/ucaeqkrb.default-esr Default=1

[General] StartWithLastProfile=0 Version=1

[InstallF5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Install7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

And the installs.ini

[5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[F5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

As you can see each launch of Firefox created a new hash of installation (even if same it's always the same firefox version). As long as I choose my default profile in profiles manager, I can keep it. If I switch to default comportment, I will get a new profile at each launch (as it see en new install hash) and it will not import former profiles (even if it's from the same or an older version).

So I'm wandering, why Firefox keeps on adding a news install hash on each launch, and/or how can I prevent it from doing it.

Hello, I ve tried to block file:///c:/ in Firefox Quantum release 60.4.0esr(32-bit) by the above .json with no results. I ve also tried to block it in a newer release and it was fine (78.15.0esr (32-bit)). Is anything i can do to block it in this particular version i m using(60.4.0esr(32-bit))?

Thank you

{ "policies": { "WebsiteFilter": { "Block": ["file:///C:/*"] } } }

Our enterprise is using Firefox ESR. We have had multiple users report that their Firefox will stop loading new tabs every once in a while - there doesn't seem to be an obvious pattern but it happens every few days. The user can open a new tab and type in a URL, but loading of the site will never complete (it just endlessly loads and nothing ever populates on the screen). If they try to open a bookmark it won't load at all. Preexisting tabs continue to function. The only way to remediate the issue is to close Firefox entirely and restart it, at which point a message indicates that Firefox is already running and asks whether you want to close it. If you say yes and then reopen Firefox again, it goes back to normal operation. How can we remediate this issue?

Hello,

I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?

Thank you!

Hi,

i'm running Firefox on +70 Windows 10 PCs in three labs in a university. I've applied a computer configuration GPO with AppAutoUpdate enabled, BackgroundAppUpdate enabled and DisableAppUpdate disabled to my PCs, but it looks like i don't get automatic updates. In my labs i see some workstations have Firefox 108.0.1, but most workstations still have Firefox 107.0.1...

As my users can switch between workstations and labs, this leads to the annoying 'older version' message box when a user worked on a PC which already got the update and later uses another PC which didn't get the update. The users are also forced to create a 'new' profile then, which is quite problematic because of the size of the roaming profiles.

Any hints?

I am trying to package an add-on that I created with a custom installer for firefox nightly, but the add-on is not being automatically installed with the browser.

I followed the instructions at https://support.mozilla.org/en-US/kb/repackaging-windows-installer and at https://support.mozilla.org/en-US/kb/deploying-firefox-with-extensions, but to no avail.

Any help would be greatly appreciated.

This might be a simple question. Does Firefox ESR still supports NTLM v1 ? Can we still add the value "network.negotiate-auth.delegation-uris" in preference. Does that enabled NTLM v1. Is there any document or release notes that states Firefox is disabling this setting from Firefox 78 and later. Some how I am not able to find it in release notes.

Hello everyone.

We are using a software in my company that runs a local server with a self-signed certificate. In order to access the software right now we need to instruct the users to manually bypass the warning page for potencial security risks.

Is there a way to use an autoconfig or policy to automatically add the exception to that specific URL? I see that copying the cert_override.txt file in users profiles will add the exception, but I'd like to avoid that. I've also looked at a question with a similar problem here, but I couldn't get this specific solution to work on my end (Firefox ESR 91): https://support.mozilla.org/en-US/questions/1287443

So we update Firefox via PatchMyPC from SCCM. We don't want to disable Firefox Updates. The issue is how do you stop the Update notification popup every time you start Firefox. You don't have this issue on Edge and Chrome

We have configured Windows Single Sign On to Microsoft 365 in Firefox 102.6.0esr (64-Bit).

We have embedded a Video from the new Microsoft Stream on SharePoint Online into a SharePoint 2019 onpremise Site via the provided iFrame. Here every user gets an endless Login Loop (see Screenshot).

If you open the deeplink to the video, Single Sign On works perfectly.

And this also works in Microsoft Edge, why the Microsoft support is not willing to analyse this issue further.

Do you have any ideas how to narrow down the problem?

Hello,

I am currently having an issue with Firefox 78.8 not reading .conf file.

i detected that the options bellow are not working now. We had it working with 52.9

Someting changed in the code? What am i missing?

//HM-Popup Exceptions Components.utils.import("resource://gre/modules/Services.jsm"); var uri = Services.io.newURI("http://site.example.net", null, null); Services.perms.add(uri, "popup", 1);

//userchrome and usercontent // const Cc = Components.classes; const Ci = Components.interfaces; Components.utils.import("resource://gre/modules/Services.jsm"); var profileDir = Services.dirsvc.get("ProfD", Ci.nsILocalFile); profileDir.append("chrome"); if( !profileDir.exists() || !profileDir.isDirectory() ) {

 profileDir.create(Components.interfaces.nsIFile.DIRECTORY_TYPE, 0777);

} profileDir.append("userChrome.css"); var fos = Cc["@mozilla.org/network/file-output-stream;1"].createInstance(Ci.nsIFileOutputStream); fos.init(profileDir, -1, -1, false); var css = "#nav-bar { display: none !important; } #toolbar-context-menu {display:none !important;} #TabsToolbar {display:none !important;}"; fos.write(css, css.length); fos.close();

We realized that our Firefox ESR 91.4.1 (installed on couple of hundreds of PCs) tries to connect to the IP 34.107.221.82 which is marked as high risk. How is it possible? What exactly wants Firefox to do with this IP.

It is strange that connection to this IP goes directly and be blocked on our corporate firewall. Why does it go directly even if proxy is enabled and works. ?

Kind regards Vladimir

There is a certificate for an internal website that FireFox is saying is not valid/secure and it makes you add an exception. However, if you use IE, Edge or Chrome it loads fine with the valid CA Certificate. I've cleared all data (cache/etc...) and it hasn't fixed it. Hopefully someone has a fix for this?

Getting "SEC_ERROR_UNKNOWN_ISSUER" for the certificate and its saying:

   Peer’s Certificate issuer is not recognized.
   HTTP Strict Transport Security: false
   HTTP Public Key Pinning: false

FireFox Version: 91.8.0esr (64-bit) Operating System: Windows 10 (64-bit)

I am using Firefox ESR 102.2.0 version which I updated yesterday. Now when I try to login to my account on "https://myaccount.hdfclife.com/login", the captcha is covered and I can not read it. See the attached file.

It was working fine in the previous esr release 102.1.0. I have tested it with a new profile and captcha is visible in 102.2.0 version.

My query is about the cause of this issue and how can I fix it. I have checked and found that this issue does not appear on other websites. If there is an issue with the profile it should be with other websites which is not the case.

Please help

I recently deployed Mozilla Firefox 102.4 ESR here in our environment expecting that when a new version is released Firefox would automatically update on clients computers. Well today I noticed at a new release is out but isn't automatically updating on end users workstations. Does Firefox ESR not automatically update?

Hey there

I am running Firefox on a lot of touchpanels in kiosk mode. It works really great and is rather reliable.

The only problems are tabs from firefox opening. Like the tab advertising the firefox account, first start tab, update tab and the tab to recreate a session after a powerloss.

As it is a kiosk, I dont want any of the users to see these things.

Yet though I did not find a way to disable these tabs/ functions.

Is there a way to do so? If yes then your help would appreciated a lot!

Sincerely Alessio