<Security Issue> Can Firefox versions be downgraded automatically?

The image below are the details of my google account activity taken out from Google. The ip addresses in red I have hidden as they are my real IP. The rest of the IP's ar… (閱讀更多)

The image below are the details of my google account activity taken out from Google. The ip addresses in red I have hidden as they are my real IP. The rest of the IP's are not mine, and with a quick iplookup it directs to Sverdlovskaya oblast' in Russia. Now I dont think I used a russian vpn but there is a possibility I made an error. But what really strikes me here is the Firefox versions. At both the points 1 and 2, marked in blue. there is a change in version, in fact a downgrade from 100.0 to 96.0. How is this possible? I cant seem to find an explanation. And then it jumps back up to 100.0. I also another timestamp where it downgraded to 96.0, and then came back to 100.0 . I'm really worried about the possibility of a hacker on my computer. If someone can find an answer to this it would mean a lot!

arjuniscool0204 於 6 小時前 詢問

arjuniscool0204 最近回覆 於 35 分鐘前

Did Not Connect: Potential Security Issue

Cannot connect to www.imdb.com Firefox detected a potential security threat and did not continue to www.imdb.com because this web site requires a secure connection. www… (閱讀更多)

Cannot connect to www.imdb.com Firefox detected a potential security threat and did not continue to www.imdb.com because this web site requires a secure connection.

www.imdb.com has a security policy called HTTP Strict Transport Security (HSTS), which means that Firefox can only connect to it securely. You can’t add an exception to visit this site.

Seriously? Is this a joke?

There is nothing wrong with the site. It is well known and I have used it for years. Most recently as 5 days ago.

Please add an exception to this

pete_scott2 於 6 天前 詢問

pete_scott2 最近回覆 於 22 小時前

Página no segura. Imposible crear excepción

Buenos días Estoy utilizando una web cuya certeza de seguridad es absoluta, pero el navegador no lo cree así. Necesito crear una excepción para la misma. Me conecto a tra… (閱讀更多)

Buenos días Estoy utilizando una web cuya certeza de seguridad es absoluta, pero el navegador no lo cree así.

Necesito crear una excepción para la misma. Me conecto a través de una VPN en un navegador instalado en una VM. Todo funcionaba correctamente, hasta que hoy he actualizado el navegador.

Ahora aparece momentaneamente (entorno a medio segundo) la típica página que te alerta de que la web puede no ser segura, donde salen 2 botones, el que dice: "Retroceder (recomendado)" y el de: "Avanzado" para añadir una excepción. Pero automáticamente el navegador carga otra página que dice: "Uf. Tenemos problemas para encontrar ese sitio".

Este ordenador es seguro, está en una intranet (o más bien extranet) así que me sobra al seguridad. No la quiero desactivar al 100% por que hay veces que no uso la VPN, pero ecesito poder conectarme a esa web.

¿Alguna solución? Ya he intentado varias cosas buscando en google, y nada funciona.

JCVL 於 2 天前 詢問

JCVL 最近回覆 於 2 天前

The full non-frame login URL is changed by Password Manager.

Good Day All, My RCN Webmail login website is not being fully resolved because the full login URL is changed. Since RCN is being merged with Astound I now must choose be… (閱讀更多)

Good Day All, My RCN Webmail login website is not being fully resolved because the full login URL is changed. Since RCN is being merged with Astound I now must choose between them before getting the login page. I change it but it wont save it with the sub URL /support/email/rcn-webmail/ intact & unlike KevP's solution, @ https://support.mozilla.org/yo/questions/1360318 my page is not a frame & doesn't seem to be a redirection issue that I can tell either. Does any one know how I can troubleshoot this ? Thanks in Advance for any contributions.

2 against Nature 於 2 天前 詢問

2 against Nature 最近回覆 於 2 天前

Downloads seem to be blocked randomly, "allow download" button does nothing and downloads are continually blocked on certain sites

Certain sites (the latest being https://azgaar.github.io/Fantasy-Map-Generator/, which i've downloaded successfully from before) cannot be downloaded from - firefox gives… (閱讀更多)

Certain sites (the latest being https://azgaar.github.io/Fantasy-Map-Generator/, which i've downloaded successfully from before) cannot be downloaded from - firefox gives the error of "[site] attempted to automatically download multiple files. The site could be broken or trying to store spam files on your device."

I know these downloads aren't spam or malicious, but when I hit the "Allow" button to give permission, there's no change. The downloads remain blocked and new downloads are blocked.

I've turned off my antivirus shields to see if that was causing it, but to no results.

I sincerely thank you for your time and know that you're quite busy, and look forward to hearing back about this issue.

- Jae

engitainment 於 2 天前 詢問

Firefox still saves to desktop when file system blocked to users... Thoughts?

We have removed all taskbar icons but the builtin adobe app still presents a download button. When clicked it fails on the windows file system but then resorts to the de… (閱讀更多)

We have removed all taskbar icons but the builtin adobe app still presents a download button. When clicked it fails on the windows file system but then resorts to the desktop and somehow succeeds. Users are locked out - but it still saves. Anyone know how to remove this download option and/or block it?

thanks,

             Jon

jon.dickens 於 4 天前 詢問

Password for Old Navy requires 2 steps

Hello, When accessing my Old Navy account they require a 2 step process for Logging In. Once I click on the login button it takes me to a page where it asks for my email.… (閱讀更多)

Hello,

When accessing my Old Navy account they require a 2 step process for Logging In. Once I click on the login button it takes me to a page where it asks for my email. Here's where I hit the issue: FireFox Password Manager does not fill this in for me; not even the auto-fill works here. After I enter my email it then takes me to a page where my password is filled in (yay!). I'm glad that it at least fills in the password but I'd like to not have to fill in my email on the previous page.

I tried to create a new entry in Password Manager but it won't take the entire url; it shortens it. This url changes each time I go thru the process which complicates everything. I was hoping to take one of those urls (https://secure-oldnavy.gap.com/my-account/sign-in?flowId=wJb1e) but it shortened it to just (https://secure-oldnavy.gap.com). I even tried creating a new entry without the last few characters (https://secure-oldnavy.gap.com/my-account/sign-in?flowId=) but again it shortened it.

Is there a way to get FF Password Manager to provide auto-fill of my email address?

Thanks, Andre'a

DreaSpirit 於 1 週前 詢問

DreaSpirit 最近回覆 於 6 天前

autoconfig file being parsed but not applied in firefox 100

Hi My firefox 97 autoconfig worked. In version 100, i had to remove some elements and replace some with the new settings. It is now parsed on load but does not lock any… (閱讀更多)

Hi

  My firefox 97 autoconfig worked. In version 100, i had to remove some elements and replace some with the new settings. It is now parsed on load but does not lock anything per autoconfig. Any assistance would be appreciated.  File content is below:

// Firefox Default Settings -begin config file const {classes: Cc, interfaces: Ci, utils: Cu} = Components; Cu.import("resource://gre/modules/Services.jsm"); Cu.import("resource://gre/modules/FileUtils.jsm");

// Disable telemetry and health reporting lockPref("breakpad.reportURL", ""); lockPref("browser.tabs.crashReporting.sendReport", false); lockPref("datareporting.healthreport.infoURL", ""); lockPref("datareporting.healthreport.uploadEnabled", false); lockPref("datareporting.policy.dataSubmissionEnabled", false); lockPref("dom.ipc.plugins.flash.subprocess.crashreporter.enabled", false); lockPref("dom.ipc.plugins.reportCrashURL", false); lockPref("toolkit.telemetry.enabled", false);

//      Disable sync

lockPref("services.sync.addons.ignoreUserEnabledChanges", true); lockPref("identity.fxaccounts.commands.enabled", false); lockPref("identity.fxaccounts.enabled", false); lockPref("identity.fxaccounts.pairing.enabled", false); lockPref("identity.fxaccounts.toolbar.accessed", false); lockPref("identity.fxaccounts.toolbar.enabled", false); lockPref("identity.fxaccounts.auth.uri", ""); lockPref("services.sync.engine.addresses", false); lockPref("services.sync.engine.addons", false); lockPref("services.sync.engine.creditcards", false); lockPref("services.sync.engine.creditcards.available", false); lockPref("services.sync.engine.bookmarks", false); lockPref("services.sync.engine.history", false); lockPref("services.sync.engine.passwords", false); lockPref("services.sync.engine.prefs", false); lockPref("services.sync.engine.tabs", false); lockPref("services.sync.prefs.sync.dom.disable_open_during_load", false); lockPref("services.sync.prefs.sync.signon.generation.enabled", false);

// Turn on Do not Track lockPref("privacy.donottrackheader.enabled", true); lockPref("services.sync.prefs.sync.privacy.donottrackheader.enabled", true);

// Disable certificate warning bypass // Enable support for Content Security Policy lockPref("security.csp.enableNavigateTo", false); // Disable Safe Browsing anti-malware // Safe Browsing communicates with a third party and leaks the browsing history and also sends metadata about the downloads made. // https://support.mozilla.org/en-US/kb/how-does-phishing-and-malware-protection-work lockPref("browser.safebrowsing.downloads.enabled", false); lockPref("browser.safebrowsing.malware.enabled", false);

// Turn on XSS Filter lockPref("browser.urlbar.filter.javascript", true);

// Restrict third party cookies lockPref("network.cookie.cookieBehavior", 1);

// Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2);

// Disable webcam and microphone unless necessary lockPref("media.navigator.enabled", false); lockPref("media.navigator.video.enabled", false);

//      Clear personal and temporary data on shutdown 

lockPref("privacy.clearOnShutdown.cache", true); lockPref("privacy.clearOnShutdown.cookies", true); lockPref("privacy.clearOnShutdown.downloads", true); lockPref("privacy.clearOnShutdown.formData", true); lockPref("privacy.clearOnShutdown.history", true); lockPref("privacy.clearOnShutdown.offlineApps", true); lockPref("privacy.clearOnShutdown.openWindows", false); lockPref("privacy.clearOnShutdown.sessions", true); lockPref("privacy.clearOnShutdown.siteSettings", true); lockPref("privacy.cpd.cache", true); lockPref("privacy.cpd.cookies", true); lockPref("privacy.cpd.downloads", true); lockPref("privacy.cpd.formdata", true); lockPref("privacy.cpd.history", true); lockPref("privacy.cpd.offlineApps", true); lockPref("privacy.cpd.openWindows", false); lockPref("privacy.cpd.passwords", true); lockPref("privacy.cpd.sessions", true); lockPref("privacy.cpd.siteSettings", true);

// Prevent saving passwords lockPref("signon.rememberSignons", false); lockPref("services.sync.prefs.sync.signon.rememberSignons", false); lockPref("signon.backup.enabled", false); lockPref("signon.rememberSignons.visibilityToggle", false);

// Set homepage to blank lockPref("browser.startup.homepage", "about:blank");

// set urlbar size - working lockPref("layout.css.devPixelsPerPx", "-1.2");

// Prevent the use of SPDY, Websockets and WebRTC if not supported by the web proxy // https://wiki.mozilla.org/Media/WebRTC lockPref("media.peerconnection.enabled", false);

// Disable UI buttons lockPref("pref.privacy.disable_button.cookie_exceptions",true); lockPref("browser.toolbars.bookmarks.showOtherBookmarks", false); lockPref("browser.migrate.showBookmarksToolbarAfterMigration", false); lockPref("browser.toolbars.bookmarks.visibility", "never"); lockPref("browser.urlbar.shortcuts.bookmarks", false);

// Disable updates and notifications lockPref("app.update.BITS.enabled", false); lockPref("app.update.service.enabled", false);

// Disable device sensors lockPref("device.sensors.enabled", false);

// Disable Pocket integration lockPref("browser.pocket.enabled", false); lockPref("extensions.pocket.enabled", false);

// Disable Firefox's new Screenshot tool (requires at least Firefox 55) // https://github.com/auberginehill/firefox-customization-files/issues/1 // https://www.ghacks.net/2017/08/12/how-to-disable-firefoxs-new-screenshot-tool/ lockPref("extensions.screenshots.disabled", true); // Disable the version updated page lockPref("browser.startup.homepage_override.mstone", "ignore"); // Disable default browser check lockPref("browser.shell.checkDefaultBrowser", false);

// Disable search suggestions // By default everything that is typed in the search box is sent to the search engine. lockPref("browser.search.suggest.enabled", false); lockPref("browser.search.suggest.enabled.private", false); lockPref("browser.urlbar.showSearchSuggestionsFirst", false); lockPref("services.sync.prefs.sync.browser.urlbar.showSearchSuggestionsFirst", false); lockPref("browser.urlbar.shortcuts.history", false); lockPref("browser.urlbar.suggest.bookmark", false); lockPref("browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts", false);

// Change default search engine to Google - others removed through Group Policy lockPref("browser.search.region", "US"); lockPref("browser.search.removeEngineInfobar.enabled", "True"); lockPref("browser.search.searchEnginesURL", "http://www.google.com/search?q=");

// New Tab settings lockPref("browser.newtab.preload", false); lockPref("browser.newtabpage.activity-stream.showSponsored", false); lockPref("browser.newtabpage.enabled", false);

// Turn on tracking protection // This makes Firefox block known tracking domains by default. lockPref("privacy.trackingprotection.enabled", true);

// [CHROME:userChrome.css - userContent.css][bug 1541233][69] lockPref("toolkit.legacyUserProfileCustomizations.stylesheets", true);

//////////////////////// thanks,

        jd

jon.dickens 於 1 週前 詢問

jon.dickens 最近回覆 於 6 天前