• 已解决

Can I disable browser using http3 protocol externally ?

I know users are allow to disable http3 through "about:config", and it works. However, I have to apply to multiple devices by script and the risk page might be a challeng… (了解更多)

I know users are allow to disable http3 through "about:config", and it works.

However, I have to apply to multiple devices by script and the risk page might be a challenge for me.

I tried to edit prefs.js, but it will still be overwrite even I restart my device. (Re-install is not allowed)

Is there any alternative way to disable http3, such as regedit key?

Or is there method to keep pref.js unchangeable?

询问者 Dali 于 13 小时前

回答者 andmagdo 于 13 小时前

  • 已解决

Firefox tries to connect to high risk IP

We realized that our Firefox ESR 91.4.1 (installed on couple of hundreds of PCs) tries to connect to the IP 34.107.221.82 which is marked as high risk. How is it possibl… (了解更多)

We realized that our Firefox ESR 91.4.1 (installed on couple of hundreds of PCs) tries to connect to the IP 34.107.221.82 which is marked as high risk. How is it possible? What exactly wants Firefox to do with this IP.

It is strange that connection to this IP goes directly and be blocked on our corporate firewall. Why does it go directly even if proxy is enabled and works. ?

Kind regards Vladimir

询问者 dovlaze 于 1 周前

回答者 andmagdo 于 1 周前

  • 已解决

Does using policies.json turn of the effects of all about:config changes done before?

I just created a policies.json file in the appropriate distribution folder with ONE policiy, then restarted the browser, and now the browser shows: The browser is managed… (了解更多)

I just created a policies.json file in the appropriate distribution folder with ONE policiy, then restarted the browser, and now the browser shows: The browser is managed by your organisation. ("Der Browser wird durch Ihre Organisation verwaltet." in German.)

Now the question occured to me: Has this any effect on the changes I made before manually in the about:config section, or in the settings UI, other than the one change by the one policy I put in the policies.json?

Firefox 91.3.0esr (64-Bit)

询问者 Bill Smith 于 2 周前

回答者 Mike Kaply 于 2 周前

  • 已解决

Is there any way to set firefox config by active directory group policy?

Hello I'm Bae, and i'm sorry for my poor English. I want to make my users be able to use seamless single sign on to Microsoft Azure by setting Firefox config with Active … (了解更多)

Hello

I'm Bae, and i'm sorry for my poor English.

I want to make my users be able to use seamless single sign on to Microsoft Azure by setting Firefox config with Active Directory group policy.

First, I created the 'user.js' file and wrote 'user_pref("network.negotiate-auth.trusted-uris","https://autologon.microsoftazuread-sso.com");' and 'user_pref("network.negotiate-auth.delegation-uris","https://autologon.microsoftazuread-sso.com");' in it.

Second, I put this user.js file in the Firefox¥Profiles folder (such as xxx.default-release).

Third, I checked that the setting was changed on about:config.

Last, I also checked that I could use seamless single sign on to "www.office.com".

What I want to do is to distribute this user.js file to my domain users (exactly, to users' firefox profiles folder) by group policy. Please tell me how to do.

Or, if there is any way to set 'network.negotiate-auth.trusted-uris' and 'network.negotiate-auth.delegation-uris' without user.js file, such as Firefox group policy template, please tell me which one I should modify.

Thanks.

询问者 sherlocksh 于 1 个月前

回答者 Mike Kaply 于 1 个月前

  • 已解决

Block websites and exceptions to blocked websites not working

Hello, I have a series of laptops that I need to block access to all URLs and only allow access to one. These laptops are not joined to an AD domain so I downloaded the … (了解更多)

Hello, I have a series of laptops that I need to block access to all URLs and only allow access to one. These laptops are not joined to an AD domain so I downloaded the ADMX templates and copied them to c:\windows\policydefinitions. I ran gpedit.msc and added <all_urls> to the Blocked Websites policy and then added the specific URL to the Exceptions to Blocked Websites policy. However I am unable to access the allowed URL as Firefox is blocking it, despite having the URL defined in the exceptions policy.

I have added various other URLs to the exceptions policy like https://www.msn.com, https://www.yahoo.com, and https://www.mozilla.org, and all are blocked. I have tried different match patterns in the blocked policy and none blocked any URL, which I didn't expect them to anyway. I tried these patterns:

*://*.*.*
https://*.*.*
http://*.*.*
*

Also in my testing I added https://www.yahoo.com to the block policy, did not enable the exceptions policy and found Firefox did not block that site, which makes zero sense. Am I missing something? I was able to do something similar to this in Chrome with its ADMX templates copied locally to a non-domain joined PC, and it worked flawlessly.

询问者 mgorski10 于 1 个月前

回答者 mgorski10 于 1 个月前

  • 已解决

block file:///c:/ in Firefox Quantum release 60.4.0esr(32-bit)

Hello, I ve tried to block file:///c:/ in Firefox Quantum release 60.4.0esr(32-bit) by the above .json with no results. I ve also tried to block it in a newer release and… (了解更多)

Hello, I ve tried to block file:///c:/ in Firefox Quantum release 60.4.0esr(32-bit) by the above .json with no results. I ve also tried to block it in a newer release and it was fine (78.15.0esr (32-bit)). Is anything i can do to block it in this particular version i m using(60.4.0esr(32-bit))?

Thank you

{ "policies": { "WebsiteFilter": { "Block": ["file:///C:/*"] } } }

询问者 ThanosTh 于 3 个月前

回答者 Mike Kaply 于 2 个月前

  • 已解决

GPO (Group Policy) Change security.tls.enable_0rtt_data

Hello, we have some trouble in our Enterprise Environment with tls 1.3 and 0rtt data. The integrated google search and other websites doesnt work as they should (Pages do… (了解更多)

Hello,

we have some trouble in our Enterprise Environment with tls 1.3 and 0rtt data. The integrated google search and other websites doesnt work as they should (Pages doesnt load and stay white).

So we want to turn of "security.tls.enable_0rtt_data" with Group Policy. But i cannot find a switch for this setting.

When i try to set security.tls.enable_0rtt_data with Preferences in GPO it doesnt work (old Preferences is empty) { "security.tls.enable_0rtt_data": { "Value": false, "Status": "locked" } }

With Preferences i am able to configure security.tls.hello_downgrade_check, but not security.tls.enable_0rtt_data

The only workaround would be to disable tls 1.3 completely and use tls 1.2. (security.tls.version.max = 3) Is there a solution for this?

Regards, Michael

询问者 michael.reiter 于 4 个月前

回答者 Mike Kaply 于 3 个月前

  • 已解决

Migrating normal Firefox profiles to Firefox ESR ones

We have around 1000 Firefox installations on our government organization, all installed via the Firefox MSI installer. Unfortunately, we came late to realize that the Fir… (了解更多)

We have around 1000 Firefox installations on our government organization, all installed via the Firefox MSI installer. Unfortunately, we came late to realize that the Firefox ESR would be a much more suitable product, compared to the normal Firefox branch.

Now, some years ago we would simply mass uninstall the normal Firefox and mass install the (latest) ESR version and all would be well. Problem is that we have to keep existing profiles (including passwords/bookmarks etc), something that is not supported in the latest Firefox builds.

Can anyone offer some advice/"hacks" to accomplish this? Note that whatever we'll do, we'll have to do it automatically, we lack the man-power to do this manually on a system by system basis...

Thanks in advance for any information provided.

询问者 Michail Pappas 于 3 个月前

回答者 Mike Kaply 于 2 个月前

  • 已解决

Firefox resetting profiles after each launch. Keeps creating new install even if same version launched

Hello world, This problem is sticking for a year now. We even switched to ESR thinking it will fixed the problem but to no avail. After a bunch of test, I've finally deci… (了解更多)

Hello world,

This problem is sticking for a year now. We even switched to ESR thinking it will fixed the problem but to no avail. After a bunch of test, I've finally decided to post and ask for help. Tests have been done on macos 11.6 fresh vanilla install, no encryption (no filevault, I hate it), and Firefox 91.1.0esr (64 bits), but problem is the same since version 75 + (no problem seen on windows or linux) If I don't use Profiles Manager, at each launch of Firefox a new profile is created with no import from former profiles. If I do use Profiles Manager, I can keep on choosing my default profile, and no new ones are created, BUT new install is added to install.ini and profiles.ini. All tests have been done with the exact same firefox (i mean, application is the same and correctly installed in the /Applications of macos).

Here is the profiles.ini

[Install5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Profile0] Name=default-esr IsRelative=1 Path=Profiles/ucaeqkrb.default-esr Default=1

[General] StartWithLastProfile=0 Version=1

[InstallF5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[Install7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

And the installs.ini

[5A291CFD23D97DBF] Default=Profiles/ucaeqkrb.default-esr Locked=1

[F5B6C4E8673B7987] Default=Profiles/ucaeqkrb.default-esr Locked=1

[7F9608401B386673] Default=Profiles/ucaeqkrb.default-esr Locked=1

As you can see each launch of Firefox created a new hash of installation (even if same it's always the same firefox version). As long as I choose my default profile in profiles manager, I can keep it. If I switch to default comportment, I will get a new profile at each launch (as it see en new install hash) and it will not import former profiles (even if it's from the same or an older version).

So I'm wandering, why Firefox keeps on adding a news install hash on each launch, and/or how can I prevent it from doing it.

询问者 firefox1540 于 4 个月前

回答者 Mike Kaply 于 3 个月前

  • 已解决

prevent firefox tabs from opening

Hey there I am running Firefox on a lot of touchpanels in kiosk mode. It works really great and is rather reliable. The only problems are tabs from firefox opening. Like… (了解更多)

Hey there

I am running Firefox on a lot of touchpanels in kiosk mode. It works really great and is rather reliable.

The only problems are tabs from firefox opening. Like the tab advertising the firefox account, first start tab, update tab and the tab to recreate a session after a powerloss.

As it is a kiosk, I dont want any of the users to see these things.

Yet though I did not find a way to disable these tabs/ functions.

Is there a way to do so? If yes then your help would appreciated a lot!

Sincerely Alessio

询问者 Ale 于 3 个月前

回答者 Mike Kaply 于 3 个月前

  • 已解决

GPO Settings

Good Afternoon Im currently configuring OKTA for SSO, part of this setup is to configure a FireFox option, for people that use this particular browser. These are the inst… (了解更多)

Good Afternoon

Im currently configuring OKTA for SSO, part of this setup is to configure a FireFox option, for people that use this particular browser.

These are the instructions provided by OKTA:- Open the Firefox web browser, enter about:config in the Address bar. If the Proceed with Caution message appears, click Accept the Risk and Continue. In the Search preference name field, enter network.negotiate-auth.trusted-uris. Click Edit, enter <org>.kerberos.okta.com, and click Save.

This works fine when i manually edit the config for myself to test, but i need to deploy this across our org, i downloaded the Mozilla GPOS but i cannot find anywhere i can set this particular setting.

Is it possible to set this particular setting in the GPOs? so i can deploy across our org.


Thanks.

询问者 richard.rostron 于 4 个月前

回答者 jscher2000 于 4 个月前

  • 已解决

policies.json WebsiteFilter does not block website properly

Suppose I have a "policies.json" file in the "distribution" subdirectory of my Firefox installation. And suppose "policies.json" file contains this: { "policies": { … (了解更多)

Suppose I have a "policies.json" file in the "distribution" subdirectory of my Firefox installation.

And suppose "policies.json" file contains this:

{

 "policies": {
     "WebsiteFilter": {
         "Block": [
           "youtube.com",
           "www.youtube.com",
           "http://www.youtube.com",
           "https://www.youtube.com",
         ]
     }
 }

}


Now if I type "youtube.com" in the address bar, it shows "Your organisation has blocked access to this page or web site." It means firefox blocks "youtube.com" correctly. Meanwhile the url in the address bar is "https://www.youtube.com/."

But if I remove "https://www." from "https://www.youtube.com/" in the address bar (Not retype), I can actually visit "youtube.com." It means somehow the webfilter is not working properly.

This issue exists in ubuntu and macos with version 92.0(64-bit).

Does anyone have the same problem? Any help would be appreciated.

询问者 purple_sheep 于 3 个月前

回答者 jscher2000 于 3 个月前

  • 已解决

Kiosk Usage

I am currently creating new Images for our touch kiosks and would like to use Firefox. Sadly I am confronted with some problems / strange behaviour. I want to set up a wi… (了解更多)

I am currently creating new Images for our touch kiosks and would like to use Firefox.

Sadly I am confronted with some problems / strange behaviour.

I want to set up a windows Kiosk with Firefox as shell application. So far this worked but the Firefox window opens around 5 times at every restart, also it does not open again if it is closed. The reopening is a feature of the eshell which reacts to the exit code of the Application. Is there anything you know what causes these behaviours? Google chrome does nothing of these things and simply gets restarted if it is closed, as it should.

The second thing is, the built in Kiosk mode is great but our Application at least needs tabs. Is it possible without too much of a hassle to create such a locked down experience? I'd like to do it with a policy or settings file and not to create my own browser out of firefox, maybe there's a way I have overseeen.

I'd really like to do it with firefox as I personally always had a great experience and I trust the team behind it. Thank you for your support beforehand!

询问者 Ale 于 5 个月前

回答者 Mike Kaply 于 4 个月前

  • 已解决

How to find the URL to use for ExtensionSettings?

I am using group policy, extension settings. I want to block all extensions, require 1, and allow a handful. I think I have the JSON figured out but finding the URL to … (了解更多)

I am using group policy, extension settings. I want to block all extensions, require 1, and allow a handful. I think I have the JSON figured out but finding the URL to use is escaping me.

I can find the site in the Mozilla addons, https://addons.mozilla.org/en-US/firefox/addon, but how do I find the exact filename to use? I see that many end in latest.xpi but I'm unsure what that means or how I should know which is correct. I know how to find it in Chrome but I'm now trying for FireFox. I've had a hard time and it's not as clear as the direct GPO implementation as Chrome uses.

My next thing to figure out is when extension settings are mentioned in multiple levels of the GPO hierarchy. That's a separate question and not needed for an answer to this question. I only mention it as someone who knows one part is likely to know the other as well.

Thanks, -g

询问者 GrumpyGreg 于 4 个月前

回答者 cor-el 于 4 个月前

  • 已解决

Attempting ExtensionSettings via Extension Managmement GPO - Error 'No text was entered...'

Hi, I'm trying to create a Windows GPO to control Addons/Extensions in our FireFox installations. From the doc I've read, the place is Policies|Administrative Templates|M… (了解更多)

Hi, I'm trying to create a Windows GPO to control Addons/Extensions in our FireFox installations.

From the doc I've read, the place is Policies|Administrative Templates|Mozilla|Firefox|Extensions Policy is "Extension Management"

I set it to enabled and include this text: {

 "*": {
   "blocked_install_message": "My Custom Test Message",
   "installation_mode": "blocked"
 }

}

When I hit apply, I get this error message: "No text was entered for this field. Make sure that you enter text."

If I put nothing (but still enabled) or "A" or A, then it accepts that. It's when I plop in the JSON that it fails.

What am I doing wrong?

I have ESR 91.0.1 and policy 3.0 installed. I do not have Firefox installed on the machine doing the GPO work, that's currently only on the test machine. I do have the policy definitions installed.

-g

询问者 GrumpyGreg 于 4 个月前

回答者 Mike Kaply 于 4 个月前

  • 已解决
  • 已存档

Silently Import Bookmarks from IE to Firefox

I am in an enterprise environment with over 500 machines, and we are looking for a way to import users Bookmarks from IE to Firefox silently and behind the scenes without… (了解更多)

I am in an enterprise environment with over 500 machines, and we are looking for a way to import users Bookmarks from IE to Firefox silently and behind the scenes without requiring user interaction.

Due to security restrictions 3rd party software is not a possibility. Most users have already been using Firefox. We do not want to delete their existing bookmarks in Firefox

询问者 Reod_Dai97 于 7 个月前

回答者 Mike Kaply 于 6 个月前

  • 已解决
  • 已存档

Certificates included with browser

I am trying to use a policies.json file to include a certificate for my own website using a certificate stored online, but not locally. Would it be possible to do so usi… (了解更多)

I am trying to use a policies.json file to include a certificate for my own website using a certificate stored online, but not locally. Would it be possible to do so using code similar to below: {

   "policies": {
   "Certificates": {
       "ImportEnterpriseRoots": true,
       "Install" [
           "cert_name",
           "http://www.xxxxxxxx.com/xxxxx/xxxxx.der"
                  ]
            }
       }
   }

Any help would be greatly appreciated.

询问者 gtevi 于 6 个月前

回答者 Mike Kaply 于 6 个月前

  • 已解决
  • 已存档

settings problem with enterprise install

Background information: since version 87 of firefox, I have been having problems viewing pdfs online. All the suggestions from people provided on the post, placed in ano… (了解更多)

Background information: since version 87 of firefox, I have been having problems viewing pdfs online. All the suggestions from people provided on the post, placed in another part of thecommunity, didn't work for me. I decided to remove my installation of Firefox and install a new uptodate version. I decided on this after I had installed Brave as an alternate browser and changed it to the default browser in my frustration. Now: I was unaware that I had downloaded the enterprise version. When I got to the settings, next to "make Firefox your default browser" there was a statement in red saying "your browser is being managed by your organization". Clicking the link brings up a policy screen which says "don't check default browser" with a value of true and no way - as far as i can see of changing the value. And it is also unchangeable in Brave. I hope someone has an answer for me. The one good thing about the current situation is that I can read pdfs in the browser. Is there an emoji for headache?

询问者 bdjim 于 6 个月前

回答者 jscher2000 于 6 个月前