Komunitné fórum Firefox pre podniky

Hello,

support.mozilla.org/kb/website-translation says, when you do not have downloaded translation packs, parts of the packs will be downloaded when you first use the translation function.

My questions about this feature: - How does this work exactly? - Will the words from the website which i try to translate be collected and "downloaded"? - How are the translation language packs parted? - What information will be used and sent to servers/cloud to request these parts of the translation packs?

Thank you in advance for your help.

Best Regards

Bjoern

Hi,

In the latest firefox update 149, no start pages are displayed that were distributed with a registry key via group policy. It only works again if you change this setting manually in the Firefox settings.

In Version 148 it´s fine.

Jan

Hi,

just downloaded the latest Policy Templates in Version 7.7 and installed them in our Central Policy Store. I went through all the settings but cannot find a configuration allowing us to block downloads of eg. executable files .

Even safebrowsing is not included to configure.

Any ideas?

I am trying to use group policy to block all extensions from being installed and only allow approved extensions.

I have followed the article:

https://firefox-admin-docs.mozilla.org/reference/policies/extensionsettings/

And here is my JSON config but it doesnt seem to be working and I can still install any extension.

{

 "*": { 

"blocked_install_message": "Please email the IT Helpdesk if you think an extension should be unblocked.", "installation_mode": "blocked" }, "com.abr.startapp@adminbyrequest.com": { "installation_mode": "force_installed", "install_url": "https://addons.mozilla.org/firefox/downloads/latest/admin-by-request/latest.xpi" } }

Please can anyone advise or confirm if this is a bug.

We are using firefox version 147.0.4 (64-bit)

Thanks

Hello, For FF on Linux running in KIOSK mode, is there a way to allow the user to perform a refresh like you can do in normal mode by pressing F5 ? This seems to be disabled in KIOSK mode.

Thank you, Tom

Hi All, this question seems to come up on various forums, but I cannot find a definitive answer.

We run the Enterprise version of FF (140.7.0esr (32-bit)), the product installs and includes the scheduled task that checks for updates at a regular interval. This works, but the update only ever seems to be applied once the browser is launched.

According to the documentation there is the following setting:

Software\Policies\Mozilla\Firefox\AppAutoUpdate = 0x1 | 0x0

• If set to true, application updates are installed without user approval within Firefox.
• If set to false, application updates are downloaded but the user can choose when to install the update.

We have a number of users that do not frequently open FF and therefore our reporting shows that they are running an out of date version of the browser.

Has anyone managed to get this auto update mechanism to work without opening the browser? Is it even possible?

Thanks

We are currently rolling out a profile management solution based on Ivanti User Environment Manager. In order to configure file includes and excludes in the profile management tool, we have to “standardize” the Firefox profile path in the filesystem. We have implemented a PowerShell script, which reads the currently used profile from %appdata%\Mozilla\Firefox\install.ini, renames the appropriate profile subfolder to “firefox.default-esr” and replaces the entries in installs.ini and profiles.ini.

The script seems to be reliable. However, for around 10% of the users, we are seeing issues when the user launches Firefox after the “firefox profile migration” happened. Firefox opens but none of the GUI controls is accessible. Firefox is completely unusable. See screenshot attached.

We do have workarounds to resolve this issue, such as completely wiping the %appdata%\Mozilla\Firefox folder and let Firefox re-build everything from scratch. But we are still trying to find the root cause the issue, because our customers have more than 100k clients, what will be a big impact and hard to handle for the helpdesk.

We are currently unable to reproduce the issue on test clients. Even copied Firefox profile folders form affected clients don’t show the issue on other clients.

Therefore we want to find out and ask for your help:

- Is there a supported way to “standardize” the filesystem folder name of the Mozilla Firefox (ESR) profile of a user? - What are the files within a Firefox profile that are required for the profile and the application itself to properly start? - Do you have any idea which files in a Firefox profile (in a corrupted state) could cause our issue?

Cree una política para filtrado web donde bloquea por ejemplo páginas de juegos de azar, sin embargo, varias páginas las está dejando abrir, para contrarestar eso, por medio de indicadores bloquee las páginas que deja pasar pero aún así está dejando abrir ciertas páginas, por ejemplo betplay, para solventar eso apliqué una política de filtrado web, para esto importé el admx de Mozilla, sin embargo en Mozilla todavía está dejando entrar a esa página.

I've been tasked with removing Firefox from all Windows workstations in our enterprise environment. Our users don't have local admin, so when they install Firefox, it is installed in the user's profile.

I've just installed Firefox 143.0.1 in my own user profile for testing purposes. However, when I attempt to uninstall, either from Control Panel or by running %localappdata%\Mozilla Firefox\uninstall\helper.exe manually, UAC prompts for elevation, even though I installed without elevating.

I've dug in a bit more, and I found this was an issue five years ago as well:

https://support.mozilla.org/en-US/questions/1286070

According to that post, the issue was resolved, but it seems to have come back.

Any help would be appreciated.

Hello Everyone,

I am seeking assistance to configure Firefox browser so that internet access is blocked when the browser cannot download or access the proxy Auto-configuration (PAC) file. Our organisation enforces all web traffic through proxy servers defined by a PAC file. For compliance and security reasons, users should not have any direct internet access unless the browser is able to successfully retrieve and apply the PAC file.

The desired behaviour is:

1. Firefox attempts to download the PAC file from a defined URL. 2. If the PAC file is unreachable or fails to load (e.g., due to network restrictions or the device being outside the corporate network), Firefox should "fail closed" - meaning it should not allow any direct internet traffic. 3. This is effectively a "fail-block" mode: no fallback to direct connections, and no cached or bypassed proxy settings should allow internet browsing.

This behaviour is critical to prevent devices from accessing the internet without applying corporate proxy rules. I would like to know:

1/ Whether Firefox currently supports a setting or policy that enforces this fail-block condition when the PAC file is unavailable. 2/ If not, whether there are recommended configurations or enterprise policies (e.g., via `policies.json` or Group Policy templates) that could achieve equivalent enforcement.

Thank you for your assistance and guidance.

I previously posted this question: https://support.mozilla.org/en-US/questions/1495577

Asking how to use the "intl.accept_languages" setting within the JSON for the new preferences setting within group policy.

A moderator posted this as a comment which I have only just noticed: "The value is a string, so it has to be in quotes "en-GB"" - the post is now too old for me to reply.

I'm still having issues using this setting even after putting the name in quotes. I've tried:

"intl.accept_languages": { "Value": "en-GB", "Status": "user" }

"intl.accept.languages": { "Value": "en-GB", "Status": "user" }

But neither work, please can someone clarify what exactly needs to be used within the JSON?

I would like to know how the Firefox CVEs are affected on its version which are mentioned in NVD.

Let take mfsa2025-59, for example CVE-2025-8040, as per the NVD its says Firefox ESR < 140.1 is affected so does that mean it affect all the version which are lower than 140.1 which included the ESR 128 and ESR 115 versions or just the ESR 140 version series? then it raise on more question check this cve-2025-8029 in NVD it has specifically mentioned it only affect "Firefox ESR < 128.13, Firefox ESR < 140.1" and not the ESR 115 versions. Could anyone confirm it does not affect the ESR 115 versions or it affect all the versions? Now check this one cve-2025-8027, NVD clearly mentioned "Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1" are affected so what I understand is that if the Firefox ESR 115 is vulnerable to any CVE it would be mentioned in the NVD specifically.

My point is that if any Firefox CVEs are listed in NVD and it specify only one version like “Firefox ESR < 140.1” what does that mean? Does it affect all the versions which include ESR 128 and ESR 115 or just the ESR 140 series version only affected? If any CVEs are affected on the ESR 115 and ESR 128 does Mozilla specifically mentioned those versions are affected right? Just like its mentioned in the cve-2025-8027

Any help would be appreciated to clarify this.

I am working on a stig for Mozilla Firefox and I'm trying to do a scap compliance scan but or some reason I am getting a score of zero on all systems. We do patch regularly and at some point one of the version upgrades caused our compliance scans stopped working. I need a fix and cannot find anything when searching for this issue.

I am logged on to my Credit Union and attempt to download my statements. When using Firefox I get the message: {"Errors":["Authorization has been denied for this request."]}

When I contacted my CU, they said to add an URL to the Manage Exceptions. This worked, but I want to know why Firefox needs this but Chrome doesn't.

Hello,

I had issue to verify the cert on android app for https://partners-enrichment.heytelecom.be. On Windows I didn't have the same issue.

version 144.0.2 / build id 20251027123126 / target arm64-v8a armeabi-v7a x86_64 Device: Samsung S22 / One UI 7.0 / Android version 15 / version S901U1UES8FYI2 / Security patch level September 1, 2025

Error: Secure Connection Failed, because its certificate issuer is unknown, the certificate is self-signed, or the server is not sending the correct intermediate certificates.

CertChain RCA: DigiCert Global Root G2 DCA: DigiCert Global G2 TLS RSA SHA256 2020 CA1 cert: partners-enrichment.heytelecom.be

1) I couldn't check the cert from the gui as on windows. Shield in search bar / Connection not secure doesn't opened the cert. Is it expected?

2) I found this helppage: https://support.mozilla.org/en-US/kb/setting-certificate-authorities-firefox

Unfortunately about:preferences isn't available on android (ref. https://www.reddit.com/r/firefox/comments/u593x0/how_to_access_to_aboutpreferences_on_android/)

I see in about:certificate which is the correct RCA (I verified the pem file with the root). DigiCert Global Root G2

Where do I check the Intermediate CA's (DCA)?

3) When exporting the RCA it has been download as: digicert-global-root-g2.pem.txt Why the txt at the end?

On Windows it downloads as digicert-global-root-g2.pem

Kind regards,

I have several users that are running Firefox 137. When attempting to update, they get the message that the organization has blocked updates. There is nothing I can see that we have done. Attempted to update registry and .json file. I cannot find where the block is coming from. Do I need to delete and reinstall?

Hello

We want to set up a GPO that when users exit their Firefox browser, all of there cookies and cache gets deleted.

How do we do this?

Thanks

How do I lock the Microsoft Purview settings in the attached image using intune, so users cannot change them.

I have been able to make it that they cant disable or remove the extension but cannot figure out how to make it that they cant change the settings. I did try making a json file but it does not seem like Firefox uses it.

I've been tasked with removing Firefox from all Windows workstations in our enterprise environment. Our users don't have local admin, so when they install Firefox, it is installed in the user's profile.

I've just installed Firefox 143.0.1 in my own user profile for testing purposes. However, when I attempt to uninstall, either from Control Panel or by running %localappdata%\Mozilla Firefox\uninstall\helper.exe manually, UAC prompts for elevation, even though I installed without elevating.

Is this a known issue? If yes, is there a workaround?

Thanks!