How to completely sanitise a given host from Firefox so it'd act the same as in private window?
I have a few websites, among them glovoapp.com and work Kibana, that don't open properly in my regular Firefox session any more even though I tried to remove cookies related to those websites and anything else I could think of. They work fine in private window but it means I have to authenticate each time. What steps do I need to perform to completely clean a website settings from Firefox memory?
In case of Glovo (and several other websites) in regular Firefox session there's an error: Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src"). Same doesn't happen in private window.
In case of Kibana (and several other websites) in regular session Firefox somehow remembers old authentication - it doesn't ask for new credentials and doesn't send Sec-Fetch-User header (which results in Kibana throwing HTTP 405 Method Not Allowed). In private window the header is sent correctly.
I'm using Tridactyl so I tried to use the :sanitise glovoapp.com command which, in theory, should remove everything that can be removed with API calls as described on https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/browsingData/DataTypeSet - it's not enough.
被選擇的解決方法
You can check for issues with Total Cookie Protection.
- https://support.mozilla.org/en-US/kb/total-cookie-protection-and-website-breakage-faq
- https://support.mozilla.org/en-US/kb/introducing-total-cookie-protection-standard-mode
Firefox shows a purple shield instead of a gray shield at the left end of the location/address bar in case Enhanced Tracking Protection is blocking content.
- click the shield icon for more detail and possibly disable the protection
You can check the Web Console for relevant-looking messages about blocked content.
- https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop
- https://support.mozilla.org/en-US/kb/smartblock-enhanced-tracking-protection
- https://support.mozilla.org/en-US/kb/trackers-and-scripts-firefox-blocks-enhanced-track
所有回覆 (5)
選擇的解決方法
You can check for issues with Total Cookie Protection.
- https://support.mozilla.org/en-US/kb/total-cookie-protection-and-website-breakage-faq
- https://support.mozilla.org/en-US/kb/introducing-total-cookie-protection-standard-mode
Firefox shows a purple shield instead of a gray shield at the left end of the location/address bar in case Enhanced Tracking Protection is blocking content.
- click the shield icon for more detail and possibly disable the protection
You can check the Web Console for relevant-looking messages about blocked content.
cor-el said
You can check for issues with Total Cookie Protection. [...]
Disabling the enhanced tracking protection solved the issue with all websites that shown Content Security Policy error, including glovoapp.com - thank you! I can't edit the question to make it only about Glovo but I'll mark your answer as solution.
由 cprn 於
cprn said
In case of Kibana (and several other websites) in regular session Firefox somehow remembers old authentication - it doesn't ask for new credentials and doesn't send Sec-Fetch-User header (which results in Kibana throwing HTTP 405 Method Not Allowed). In private window the header is sent correctly.
That part remains unsolved.
You may have to create a cookie allow exception to workaround cross-site cookie issues.
You can create a cookie allow exception with the proper protocol (https:// or http://) for the current domain via "Tools -> Page Info -> Permissions" or add an allow exception for third-party domains via "Settings".
- Settings -> Privacy & Security -> Cookies and Site Data -> "Manage Exceptions"
由 cor-el 於
It didn't help with Kibana-like issue. Long time ago I identified on several internal websites with a certificate (as in attachment) and checked Remember this decision. Now on half of those websites I have to use a new certificate - I've installed it in Firefox but the browser doesn't ask for the new credential, it just keeps trying to use the old one. I don't think it has anything to do with cookies. That's why the original question is about "sanitizing" given host/domain, as in: remove all settings and set them to defaults because there's apparently more than just cookies.
由 cprn 於