How to Disable Saved Address and Credit Cards

During a client Audit earlier this week we were dinged on not having the option in Firefox ESR to block manually saving Addresses and Credit Cards. We have the autofill … (மேலும் படிக்க)

During a client Audit earlier this week we were dinged on not having the option in Firefox ESR to block manually saving Addresses and Credit Cards. We have the autofill disabled however users can still manually add credit cards and addresses and this poses an issue with our call center agents handling Credit Card info. I'd like to be able to gray out the Saved Addresses and Saved Credit Card boxes so as to prevent agents from manually entering card data into it using a GPO or Registry setting that we can push and apply to all our domain PCs. Ideally, if we could add an entry to the JSON preferences in the Mozilla GPO that would gray those options out that'd be best but any option that removes the users ability to add CC info would be acceptable.

Asked by rhall4 2 வாரங்களுக்கு முன்பு

Last reply by rhall4 3 நாட்கள் முன்பு

Looking to customize Firefox application via Intune Plist

Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet. I was able to create a plist file for macs, and it was "deployed successf… (மேலும் படிக்க)

Looking to specify homepage, homepage button, and new tab page within Firefox on our Mac fleet.

I was able to create a plist file for macs, and it was "deployed successfully" according to Intune, but no changes actually happened on my test machines.

I've uploaded a redacted version of the used plist.

Anyone out there have any ideas?

Asked by jmajors50 6 நாட்கள் முன்பு

Last reply by Mike Kaply 4 நாட்கள் முன்பு

Best Way to force firefox update without opening the application

We are currently looking at devices with out-of-date Firefox versions these are listed with vulnerabilities within our environment and need to be patched to the latest ve… (மேலும் படிக்க)

We are currently looking at devices with out-of-date Firefox versions these are listed with vulnerabilities within our environment and need to be patched to the latest version to cover those vulnerabilities.

With the volume of patching required, we want to be able to enable auto-update and allow the application to patch itself.

However, the current options via group policy don't seem to work as I've read on such threads https://bugzilla.mozilla.org/show_bug.cgi?id=1876302.

The application Autoupdate has been enabled within local group policy as a test and nothing seems to force the application to update unless a user enters the application and selects about.

Reading into how Firefox does this it doesn't seem viable to enable an auto-update feature without specifying the version it needs to upgrade to, we can currently patch to specific versions using SCCM.

Is anyone aware of a solution to this problem or another method?

Looked into calling updater.exe and the maintenance service but nothing i successful when trying to call on these.

Asked by oliver.gillman 2 வாரங்களுக்கு முன்பு

Last reply by zeroknight 2 வாரங்களுக்கு முன்பு

  • தீர்வுற்றது

Firefox ESR (Windows) Policy Wildcards - Is it possible?

Good afternoon, We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards. For example, we're tr… (மேலும் படிக்க)

Good afternoon,

We're currently trying to set up a Hardening Guide for Firefox ESR but are struggling with a few policies and setting wildcards.

For example, we're trying to set an origin in Cookies > Block Settings to something like "*", and we get the error "Ignoring parameter "*" - not a valid origin."

In Chrome / Edge you can set a wildcard like this: [*.]google.com for example - we receive the same error message for this.

Can you do such a thing for Firefox ESR without having to list every site you want to block?

ESR Version: 115.6.0esr (64-bit)

Kind Regards, Ethan Jerrum

Asked by ethan.jerrum 1 மாதத்திற்கு முன்பு

Answered by Mike Kaply 1 மாதத்திற்கு முன்பு

  • தீர்வுற்றது

HTTPs Only Mode

Hello, I have a problem with setting up HTTPs only Mode in my Organization, I read a lot about that, but I dont see the "dom.security.https_only_mode" switch in GPO, we h… (மேலும் படிக்க)

Hello, I have a problem with setting up HTTPs only Mode in my Organization, I read a lot about that, but I dont see the "dom.security.https_only_mode" switch in GPO, we have the newest admx for Firefox. We need that to specific container, but still I dont know how to set it up, even via regedit, or preferences. Can someone describe me when can I set it up ? It could be using json file (which exactly file and how?), registry or just gpo. Regards, M.

Asked by marcin.markiewicz 1 மாதத்திற்கு முன்பு

Answered by Mike Kaply 1 மாதத்திற்கு முன்பு

  • தீர்வுற்றது

Extension GPO help

Hello, I am trying to create a deny all & white list only gpo for Firefox extensions. I am using the gpo; Computer Configuration/Policies/Administrative Templates/M… (மேலும் படிக்க)

Hello, I am trying to create a deny all & white list only gpo for Firefox extensions.

I am using the gpo; Computer Configuration/Policies/Administrative Templates/Mozilla/Firefox/Extensions/Extension Management

I started out simple using a template which worked.

{ "*": { "blocked_install_message": "Your Company Blocked Message", "installation_mode": "blocked" }, "uBlock0@raymondhill.net": { "installation_mode": "allowed" } }

However, when I tried to add in more allowed extensions it now longer worked and was able to install any extension.

{ "*": { "blocked_install_message": "Your Company Blocked Message", "installation_mode": "blocked" }, "uBlock0@raymondhill.net": { "installation_mode": "allowed" }, "querymoid@kaply.com": { "installation_mode": "allowed" } }

Asked by zick.rockco 2 மாதங்களுக்கு முன்பு

Answered by zick.rockco 2 மாதங்களுக்கு முன்பு

Disable Save menu entry from Firefox built-in PDF Viewer on local Linux system

I would like to prevent users to navigate on the Linux system when they view a PDF and then use the Save option. The "PDFjs" policy enables or disables the PDF Viewer but… (மேலும் படிக்க)

I would like to prevent users to navigate on the Linux system when they view a PDF and then use the Save option. The "PDFjs" policy enables or disables the PDF Viewer but does not control the built-in PDF Viewer menus.

Asked by InfoMaze 2 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 2 மாதங்களுக்கு முன்பு

Bypass UAC prompts through GPO settings

We are currently attempting to automate our Firefox update processes. Currently we use robocopy to push out new versions on release, but ideally we'd like to use the back… (மேலும் படிக்க)

We are currently attempting to automate our Firefox update processes. Currently we use robocopy to push out new versions on release, but ideally we'd like to use the background updater instead. We are currently on 64-bit 119.0.1, on Windows 10 Pro 22H2. We'd prefer not to switch over to ESR if at all possible. I've already reactivated the AppAutoUpdate and BackgroundAppUpdate policies, and DisableAppUpdate is disabled, but I'm still being hit with a UAC Admin prompt when I try to launch Firefox. I tried to bypass it through the registry at [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers], with "C:\Program Files\Mozilla Firefox\firefox.exe" = "RUNASINVOKER", but that also doesn't seem to have done anything. Any and all assistance would be appreciated

Asked by ddrake1 2 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 2 மாதங்களுக்கு முன்பு

install firefox

im tryin to instal firefox in a firm users are non admins, and i distributing from a network server made a json file with som changes and on my test machine is lookin goo… (மேலும் படிக்க)

im tryin to instal firefox in a firm users are non admins, and i distributing from a network server made a json file with som changes and on my test machine is lookin good but on a computer in the firm is startin to act funny creatin "Firefox Privat surfning.lnk" in "C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs" dont wont that changing my homepage settings showing "https://www.mozilla.org/en-US/privacy/firefox/ " dont want that how can i fix that try to google but no help there or is it another installer for enterprises? tryed this "https://www.mozilla.org/en-US/firefox/enterprise/#download" no diffrent

Asked by svensvensson487 3 மாதங்களுக்கு முன்பு

Last reply by svensvensson487 2 மாதங்களுக்கு முன்பு

Automatic updates

We have recently enabled background updates in our organization, however I noticed that a requirement for this to work is that Firefox needs to be run with the default pr… (மேலும் படிக்க)

We have recently enabled background updates in our organization, however I noticed that a requirement for this to work is that Firefox needs to be run with the default profile at least once after the feature is enabled. The issue we have is that not all users are actively using Firefox and therefore they are not being updated. I realize the security flaws won't be exposed if it's not in use, but management doesn't like seeing out of date browsers. Is there a way to force auto updates on all device where Firefox isn't not being used. Background updating is working for the majority of those that do use Firefox.

Also, we do have a couple of users reporting a credential prompt when updating from 119 to 119.0.1. These same users had no issues updating from 118 to 119. I have not figured out why this is happening just yet and why only for a handful of users so far. Would anyone have an idea why that is happening?

Asked by rob.scott1 3 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 3 மாதங்களுக்கு முன்பு

Configuration via Windows GPO -> exclude second Firefox installation

Hi, we want to switch our Firefox configuration from file-based (policies.json) to GPO-based. We rolled out the GPO on some test clients and it worked like a charm. But… (மேலும் படிக்க)

Hi,

we want to switch our Firefox configuration from file-based (policies.json) to GPO-based. We rolled out the GPO on some test clients and it worked like a charm.

But... It shows that there are some clients which need a second firefox installation for a special purpose, which is not allowed to enter the internet or update itself.

The file-base configuration can handle these to different installations with two differend policies.json files.

Is there a way to accomplish this scenario with the use of GPOs? The GPO-base configuration seems to be global for every client.

At this moment i don't see a solution for our problem. Do you see one?

Asked by maik.w 3 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 3 மாதங்களுக்கு முன்பு

  • தீர்வுற்றது
  • Archived

deploying firefox-add-ons via group policies doesn't work anymore after proxy-change

Hello, I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: … (மேலும் படிக்க)

Hello,

I used to deploy add-ons via group policies - this worked like a charm: Firefox esr (91.11.0esr x64), ADMX-templates in Sysvol\PolicyDefinitions, Group Policies: User configuration, administrative templates, mozilla, firefox, add-ons --> install add-ons --> https://addons.mozilla.org/firefox/downloads/file/1234567/goodaddon-1.0.01.xpi

A few months ago, we had to change our network-configuration. We were using a proxy before, but our proxy had direct access to the internet. Now our proxy forwards everything to another proxy. Since about that time, add-on-deployment via gpo doesn't work anymore. It could be something else, but i suspect the proxy-change.

I tried to deploy unc-paths, internal websites and different syntaxes; none of this works:

  • http://192.168.100.10/goodaddon-1.0.01.xpi
  • http://internalwebsite/goodaddon-1.0.01.xpi
  • https://192.168.100.10/goodaddon-1.0.01.xpi
  • https://internalwebsite/goodaddon-1.0.01.xpi
  • \\192.168.100.20\netshare\goodaddon-1.0.01.xpi
  • \\internalfileserver\netshare\goodaddon-1.0.01.xpi
  • file://///192.168.100.20/netshare/goodaddon-1.0.01.xpi
  • file://///internalfileserver/netshare/goodaddon-1.0.01.xpi

As you can see I tried using internal sites, so that no proxy would be needed. And I also added these sites to the allowed add-on-installation-sites (computer configuration, same group policy). The sites are all accessible; if I enter these addresses as url, firefox can access the xpi-file.

I know how to pack add-ons into the firefox-setup-file; that still works. But first of all, firefox is already installed on most of my clients. Second, after a fresh installation of firefox with this self-created package, all add-ons are installed, but not activated. And I would like to restrict activation/deactivation of add-ons via gpo.

  1. 1 Are there other ways to deploy add-ons in a domain-network (e.g. script-based)?
  2. 2 Are there any logs where I could find out what exactly goes wrong?
  3. 3 Are there any other syntaxes I could try (group policy urls)?
  4. 4 Can anyone guess what the problem is (why it is not working anymore)?

Help would be very much appreciated.

Best regards.

Asked by mozilla355 1 வருடத்திற்கு முன்பு

Answered by mozilla355 1 வருடத்திற்கு முன்பு

  • Archived

ESR 91 downloads files after it is blocked

Hi Anyone experiencing an issue with Firefox 91 ESR on Win10 with blocking downloads? We have the desktop blocked with controlled folder access and a plugin loaded wh… (மேலும் படிக்க)

Hi

  Anyone experiencing an issue with Firefox 91 ESR on Win10 with blocking downloads?  We have the desktop blocked with controlled folder access and a plugin loaded which stops downloads of most file types, but when clicked on, the box appears to save the file after regardless.  The user cannot select a file location, but if they just click save it saves to the desktop anyway.  Cannot seem to stop firefox doing this. Anyone know a fix ?

Thanks,

      Jon Dickens

Asked by jon.dickens 1 வருடத்திற்கு முன்பு

Last reply by jon.dickens 1 வருடத்திற்கு முன்பு

  • Archived

Hardening Firefox browser

Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one. Thanks Raju … (மேலும் படிக்க)

Hi, I am looking for a security Hardening guidelines for Firefox from Mozilla. Could you please guide me to the right direction where I can find one.

Thanks Raju

Asked by raju.singanna 1 வருடத்திற்கு முன்பு

Last reply by Mike Kaply 1 வருடத்திற்கு முன்பு

  • தீர்வுற்றது
  • Archived

AutoConfig Alert

Good morning, I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues … (மேலும் படிக்க)

Good morning,

I'm reaching out to see if I can get some assistance with Firefox on of our network. I'm System Admin at Goodfellow AFB. I've tried searching this issues on the web and found similar issues but solutions that were recommend online have not worked for us. Yes I have uninstalled Firefox completely and installed it from scratch. I know it has something to do with autoconfig file but not sure what exactly I'm looking for. Thanks.

Asked by Chase Cathey 1 வருடத்திற்கு முன்பு

Answered by jscher2000 - Support Volunteer 1 வருடத்திற்கு முன்பு

What does pref.browser.language.disable_button.remove do?

I am reviewing my user.js and pref.js files in anticipation of deploying policy settings in GPO. As a part of the review, I am trying to document what each of the prefere… (மேலும் படிக்க)

I am reviewing my user.js and pref.js files in anticipation of deploying policy settings in GPO. As a part of the review, I am trying to document what each of the preferences in those files actually do, in order to be able to see in the future why a setting was set the way it was.

I am presently at the preference "pref.browser.language.disable_button.remove". Based on the name of the preference, I would think that if set to true, it would disable the remove button in the Webpage Language Settings window. (Hamburger menu -> Settings -> General -> Language -> Choose your preferred language for displaying pages)

When I set it to true, it does not disable the remove button but when I use the remove button, the preference is set to false.

Am I misunderstanding the purpose of this preference or is there more to using this preference than just setting its value in about:config?

Also, I see there are a number of other preferences that contain disable_button but that only one, "pref.privacy.disable_button.view_passwords", has a GPO policy for setting. I would expect that these preferences containing disable_button would all work in a similar way just each for a different button in the Firefox GUI.

If it matters, I'm running Firefox 115.3.1esr 64-bit en-ca on Windows 10.

Asked by Numbers 4 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 4 மாதங்களுக்கு முன்பு

Official Documentation required: Export Control Classification Number (ECCN)

My company needs to follow regulation on Export rules. I need to provide our ITAR regulation team "Vendor documentation" regarding the Export Control Classification Numb… (மேலும் படிக்க)

My company needs to follow regulation on Export rules. I need to provide our ITAR regulation team "Vendor documentation" regarding the Export Control Classification Number (ECCN) for Mozilla Firefox ESR. They will not accept a blog or article. Any one from Mozilla able to provide this in an official capacity?

Asked by Michael.Klein2 4 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 4 மாதங்களுக்கு முன்பு

in a corporate environment, using Kerberos authentication to authenticate AD user to OKTA (IdP) via Firefox

We have used Firefox in our environment for well over a year in the configuration explained here: https://help.okta.com/en-us/content/topics/directory/ad-dsso-configure-b… (மேலும் படிக்க)

We have used Firefox in our environment for well over a year in the configuration explained here: https://help.okta.com/en-us/content/topics/directory/ad-dsso-configure-browsers.htm

OKTA is our Identity provider to do Single Sign on to our SaaS applications.

today when version 118 rolled out, this functionality stopped working. Can you help me to get this working again. Chrome and Edge are not affected, so we have options, but we would really like to use Firefox.

Thanks so much for your help

Scott

Asked by Scott Voll 5 மாதங்களுக்கு முன்பு

Last reply by Mike Kaply 4 மாதங்களுக்கு முன்பு

Firefox conflict with Windows HTTPS (DoH) -> Requipred DoH

When setting Windows to "Require DoH", firefox will not resolve DNS addresses, regardless of which "Enable secure DNS" setting is picked in FireFox security settings tab.… (மேலும் படிக்க)

When setting Windows to "Require DoH", firefox will not resolve DNS addresses, regardless of which "Enable secure DNS" setting is picked in FireFox security settings tab.

I expected at least "Off -- Use your default DNS resolver" to work.

If Windows is configured to just "Allow DoH", Firefox has no issues resolving DNS addresses, for any of the Firefox policy settings.

For reference, you can find the DoH policy setting in windows group policy editor, here:

gpedit.msc

Computer Configuration -> Administrative Templates -> Network -> DNS Client -> Configure DNS over HTTPS

(Have to enable it, then select Configure DoH options: Require DoH.)

you may need to issue a gpupdate /force for the setting to be picked up quickly.

Asked by s189 5 மாதங்களுக்கு முன்பு

Last reply by Valentin 4 மாதங்களுக்கு முன்பு

  • தீர்வுற்றது

What is the proper format for the ExtensionSettings policy registry key/value that is used to manage browser extension settings?

When looking at the ExtensionSettings page for Firefox or Chrome they both use an example that shows the registry key Software\Policies\Mozilla\Firefox\ExtensionSettings… (மேலும் படிக்க)

When looking at the ExtensionSettings page for Firefox or Chrome they both use an example that shows the registry key Software\Policies\Mozilla\Firefox\ExtensionSettings (REG_MULTI_SZ) being set to a long JSON string with every extension ID and the settings for that particular ID. For example...

{

 "*": {
   "blocked_install_message": "Custom error message.",
   "install_sources": ["https://yourwebsite.com/*"],
   "installation_mode": "blocked",
   "allowed_types": ["extension"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },
 "https-everywhere@eff.org": {
   "installation_mode": "allowed"
 }

}

The problem with this method is that if I am installing an extension, and I overwrite what already exists in Software\Policies\Mozilla\Firefox\ExtensionSettings then all of those other settings get removed. So even if I am a non-malicious actor and just make a mistake with my installer I can easily delete every other extension's settings. Instead what I have to do is during install I have to read the current value of Software\Policies\Mozilla\Firefox\ExtensionSettings and then insert my extension's settings into the JSON blob.

So the examples that Firefox and Chrome provides do of course work, however they do not make very much sense to me. Why would it be formatted this way since all of those are additional key/value pairs and that is exactly what the registry excels at storing. So why put all of those into a single key/value instead of breaking them into multiple?

Additionally breaking them a part into multiple key/value pairs does work! So if instead of the example above I were to split them into multiple key value pairs it works just fine!

Software\Policies\Mozilla\Firefox\ExtensionSettings

   uBlock0@raymondhill.net
       "installation_mode": "force_installed",
       "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"

So knowing that this way with multiple key/value pairs works why am I bothering to ask this question at all instead of just doing it the way that makes sense to me? Well the issue is that by breaking it up into multiple key value pairs it actually overrides the other method and makes it so that all those registry settings are ignored. So it doesn't delete them but it still leaves me with nearly the exact same problem.

While I believe "my" way is superior because it uses the registry in a more common sense route, if that is not what the majority of extension developers do then it doesn't matter and I should be conforming to the other way.

As I am typing this question up I did realize just how hard/annoying it is to properly format and make it clear and digestible what the multi key/value format of the registry would look like instead of being a JSON string. So perhaps that is the reason why all the documentation puts it all as one JSON string?

Asked by perihwk+firefox 5 மாதங்களுக்கு முன்பு

Answered by Mike Kaply 5 மாதங்களுக்கு முன்பு