搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

How to completely sanitise a given host from Firefox so it'd act the same as in private window?

  • 5 回覆
  • 0 有這個問題
  • 1 次檢視
  • 最近回覆由 cprn

more options

I have a few websites, among them glovoapp.com and work Kibana, that don't open properly in my regular Firefox session any more even though I tried to remove cookies related to those websites and anything else I could think of. They work fine in private window but it means I have to authenticate each time. What steps do I need to perform to completely clean a website settings from Firefox memory?

In case of Glovo (and several other websites) in regular Firefox session there's an error: Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src"). Same doesn't happen in private window.

In case of Kibana (and several other websites) in regular session Firefox somehow remembers old authentication - it doesn't ask for new credentials and doesn't send Sec-Fetch-User header (which results in Kibana throwing HTTP 405 Method Not Allowed). In private window the header is sent correctly.

I'm using Tridactyl so I tried to use the :sanitise glovoapp.com command which, in theory, should remove everything that can be removed with API calls as described on https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/browsingData/DataTypeSet - it's not enough.

I have a few websites, among them glovoapp.com and work Kibana, that don't open properly in my regular Firefox session any more even though I tried to remove cookies related to those websites and anything else I could think of. They work fine in private window but it means I have to authenticate each time. What steps do I need to perform to completely clean a website settings from Firefox memory? In case of Glovo (and several other websites) in regular Firefox session there's an error: '''Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").''' Same doesn't happen in private window. In case of Kibana (and several other websites) in regular session Firefox somehow remembers old authentication - it doesn't ask for new credentials and doesn't send '''Sec-Fetch-User''' header (which results in Kibana throwing HTTP 405 Method Not Allowed). In private window the header is sent correctly. I'm using Tridactyl so I tried to use the ''':sanitise glovoapp.com''' command which, in theory, should remove everything that can be removed with API calls as described on https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/browsingData/DataTypeSet - it's not enough.

被選擇的解決方法

You can check for issues with Total Cookie Protection.

Firefox shows a purple shield instead of a gray shield at the left end of the location/address bar in case Enhanced Tracking Protection is blocking content.

  • click the shield icon for more detail and possibly disable the protection

You can check the Web Console for relevant-looking messages about blocked content.

從原來的回覆中察看解決方案 👍 1

所有回覆 (5)

more options

選擇的解決方法

You can check for issues with Total Cookie Protection.

Firefox shows a purple shield instead of a gray shield at the left end of the location/address bar in case Enhanced Tracking Protection is blocking content.

  • click the shield icon for more detail and possibly disable the protection

You can check the Web Console for relevant-looking messages about blocked content.

more options

cor-el said

You can check for issues with Total Cookie Protection. [...]

Disabling the enhanced tracking protection solved the issue with all websites that shown Content Security Policy error, including glovoapp.com - thank you! I can't edit the question to make it only about Glovo but I'll mark your answer as solution.

由 cprn 於 修改

more options

cprn said

In case of Kibana (and several other websites) in regular session Firefox somehow remembers old authentication - it doesn't ask for new credentials and doesn't send Sec-Fetch-User header (which results in Kibana throwing HTTP 405 Method Not Allowed). In private window the header is sent correctly.

That part remains unsolved.

more options

You may have to create a cookie allow exception to workaround cross-site cookie issues.

You can create a cookie allow exception with the proper protocol (https:// or http://) for the current domain via "Tools -> Page Info -> Permissions" or add an allow exception for third-party domains via "Settings".

  • Settings -> Privacy & Security -> Cookies and Site Data -> "Manage Exceptions"

由 cor-el 於 修改

more options

It didn't help with Kibana-like issue. Long time ago I identified on several internal websites with a certificate (as in attachment) and checked Remember this decision. Now on half of those websites I have to use a new certificate - I've installed it in Firefox but the browser doesn't ask for the new credential, it just keeps trying to use the old one. I don't think it has anything to do with cookies. That's why the original question is about "sanitizing" given host/domain, as in: remove all settings and set them to defaults because there's apparently more than just cookies.

由 cprn 於 修改