I-Firefox Isithangami Sokwesekwa

Hello everyone! I have a question concerning what the default value settings are for the two below security.tls.versions in About:Config. Mine are currently set at 4 for version.max and 3 for version.min. The reason I ask is that I have gotten two Event 36871 errors since updating Firefox to 100.0.1 stating "A fatal error occurred while creating a TLS client credential. The internal error state is 10013." I was using no other program besides Firefox at the time I received the errors.

security.tls.version.max security.tls.version.min

Respectfully, Don

Firefox seems to have a problem on Linux using USB Security Keys. I have two Yubico Security Keys which I use for 2FA. The problem seems to be that Firefox cannot communicate with the USB port, as it doesn't make any difference whether the USB Security Key is plugged in or not, the error returned is always the same and the Security Key does not light up.

I believe Firefox's WebAuth code must be fine, as it works on Windows, which is why I think it's some kind of permissions problem. Chrome works perfectly with the Security Keys on my computer.

I've used a number of sites (I've listed a couple below) where you can test your Security Key with Firefox on KDE Neon and the error is always "UnknownError: The operation failed for an unknown transient reason":

https://www.token2.com/tools/fido2-test/ https://demo.yubico.com/webauthn-technical/registration

I cannot log into Bugzilla with GitHub as my GitHub login uses a Security Key as the second factor.

Firefox has my credit card information and it shows up in a window when I go to pay for something, but when I click on the credit card I want to pay with, it won't autofill. In Settings, the box to autofill is checked. This has worked a hundred times before, but stopped working a few months ago. Also, I've checked the 2 relevant items in about:config an they are enabled. How do I get the autofill to start working again?

I am attempting to import server certificates into Firefox. But the "Import" button does nothing when viewing certificates. Any work around? I need to import our server certificates into the Authorities section.

Ubuntu 22.04 Firefox installed through snap. Version 104.0 just upgraded this afternoon.

Thank you, James

Hello. I can't copy and paste in Figma in Firefox whatsoever, both plain text and images. Tried doing it in Vivaldi and that browser showed a dialog prompt asking whether or not I want to allow the page to access the clipboard. I granted the permission and it's working there now. Can I do the same in Firefox somehow?

Firefox 114.0.1 on Windows

An error occurred during a connection to www.facebook.com. SSL_ERROR_DC_EXPIRED What in the world? does Facebook not keep up with its own security? or is this a Firefox thing?

2FA login on sites works with Chromium but NOT WITH Firefox (Linux)

Present setup:

Does NOT work firefox 102.7.0esr on debian 11.6 bullseye 5.10.162-1 (x86-64) firefox 110.0 on Ubuntu MATE 22.04 LTS 5.15.0-58 (x86-64)

Works chromium 109.0.5414.119 on debian 11.6 bullseye 5.10.162-1 (x86-64)

I am able to register and authenticate with security devices Yubikey NEO (without FIDO2) and Yubikey 5 NFC (FIDO2 compliant) on several sites (eg. pypi, google..) using Chrome or Chromium but now not with Firefox at all. It has not worked for at least the last few updates. Changing settings in about:config or plugging/unplugging keys, stopping every Firefox plugin etc. don't help. Neither does a fresh Firefox install without any super-security-settings.

Testing sites like Yubico's own or Okta's works fine using Chromium but not Firefox.

From what I can see this is not especially related to FIDO2 (Webauthn). pypi seems to use U2F which should work just fine with Firefox since way back.

I haven't tested Firefox for Windows but Chrome browser for Windows 10 works fine (which I tested first when Firefox didn't cut the mustard), I therefore expect it to work also on Chrome browser for Linux. Just to check if this was related to a debian bullseye package, I tested it on Ubuntu MATE too, which didn't do the trick. Haven't done any more testing than that on MATE.

This seems like a strictly firefox problem. -What to do?

Yours, Kaare

Hi,

Is there any reason firefox would flag an mp4 file legitimately?

• The file extension and file type are absolutely mp4.
• There seem to be no mp4 related zero days.

Does Firefox perhaps just treat all downloads from suspicious domains as malware? Is there a zero day I missed? Is this based on some missing metadata on the file or something?

Thanks for any advice you can give here, I'm scared.

Up until the last update of Firefox I was able to access my router, 192.168.1.1, enter password and check it.

Now I get an error message "connection not secure" "Your connection to this site is not private. Information you submit could be viewed by others (like passwords, messages, credit cards, etc.)

None of this is part of looking at my router, Asus GT-AX11000.

Hi,

No matter what I do, a google dialogue box encouraging me to use google for password management, pops up every time I go to a site, new or existant.

I've gone into my google account to disable such requests, and, indeed, otherwise use google for nothing....not even search............but they keep coming anyway.

am using ubuntu 20.04, and no other utility or code is giving me this trouble.

I want to stop this dialogue box and eliminate any code in firefox or ubuntu which supports it.....as I have no idea why this box showed up....one day it just started.

Many thanks!

oliver

I installed the Firefox browser (version 113.0.2 (64-bit)) onto a new PC running Windows 11. When attempting to clean up the Firefox cache with another utility, I noticed that the amount of space recovered was much smaller than expected. When I tried to check my profile using the Troubleshooting Information page (to open the folder) I received a message that the location was not available. I double checked with Windows Explorer and this was the case. Searching for "cache2" in Explorer located the folder/directory in a different location.

The Firefox Profile Folder should be in this location, according to Firefox's Troubleshooting Information page (anonymized information in square brackets):

C:\Users\[username]\AppData\Roaming\Mozilla\Firefox\Profiles\[character string 1].[profile name]

The best I can tell, the actual Profile Folder created in Windows 11 is located here:

C:\Users\[username]\AppData\Local\Packages\Mozilla.Firefox_[character string 2]\LocalCache\Roaming\Mozilla\Firefox\Profiles\[character string 1].[profile name]

The cache folder for the profile is located here:

C:\Users\[username]\AppData\Local\Packages\Mozilla.Firefox_[character string 2]\LocalCache\Local\Mozilla\Firefox\Profiles\[character string 1].[profile name]\cache2\entries

I am not sure if this situation is unique to me, or if this is a common occurrence with Windows 11.

The use of the Packages folder may be the result of installing an application that is not fully "Windows 11-native" or it may just be the new way Windows deals with some applications. I am not sure if the data in character string 2 is consistent, or if it is a unique string created by Windows when Firefox was installed.

If I go to the Settings and clear data, the folder that is a sub-folder of Packages is cleared, so Firefox "knows" where the data is, but the Troubleshooting Information page is confused.

If this is a common occurrence, a tweak to this page in a future release would be helpful. If it is a rare occurrence, a help article may be, well, helpful.

Thanks.

I had a personal certificate installed in Firefox and it was working well. It expired, so I got a new one from the same provider. Both appear in Firefox under "Privacy & Security" -> Certificates -> View Certificates... The previous one is not valid any more, and every time I try to access some page with a certificate, it uses the old one. So I tried to delete the old one. Nothing has worked so far. Doing the straightforward way of selecting it in the Certificate Manager and deleting it makes the certificate disappear from the manager menu, but if I enter the certificate manager again, it is there again. I tried to delete both certificates, same issue, both reaper in the manager. I tried to delete them, close firefox, delete cert9.db, cert8.db and key4.db and nothing. Only thing left is delete my current firefox profile and start again... Any other idea or something that I might delete before to solve this?

I have tried the suggestions as described in the following article: https://support.mozilla.org/bm/questions/1273784 However, am still having the issue. It's as if the settings are totally ignored. I am using version 108.0a1 of Firefox developer edition. Ideally what am trying to achieve is away to disable all features of ETP. I figured setting it to custom with all values unchecked would have done the trick but it's not working. What works is if I add the site to the list of Exceptions for Enhanced Tracking Protection, then I will see all Ads loaded just fine on the page. However, this is not viable for me as I have a large list of sites that I visit, and I need to see the ads on them.

Does anyone know of a way to get around this feature in FF?

Is there another setting am missing from the previous article?

I was trying to sync my settings to my new laptop with my login and PW (which was correct) and it kept telling me it wasn't right. So, I decided to change it but my MFA on Google for Firefox got wiped once I switched phones. I had to use a backup code to get in and want to re-enable the MFA.

Unfortunately, and for no real reason, it won't work. I scan the QR code in Google Authenticator, it sets up and gives me a code, I enter the code, and then it tells me it's the wrong one. I even tried to do it by manually setting it up and it made no difference. Now I can't re-enable it because it won't work right.

What the actual hell is going on here, guys?

Greetings Firefox Support/CommunityL

While reconnecting one of my computers to my Firefox account I saw at the top of the Settings Page: "Your settings are being managed by your organization". Problem is that I don't belong to any organizations or enterprises having anything to do with my online life. I have been hacked in the past and am paranoid when I see something that doesn't make sense. When I click on the link (trusting that it is indeed from you), it takes me to your Enterprise Policy page showing the following:

Active Policy Name Policy Value

DNSOverHTTPS Enabled false Locked true

I always use secure DNS (DOH or DOT) on everything - network adapters, routers (except the ISP one whose default I can't figure out to circumvent) etc. but on the browser setting pages I am only given the option of having it off: the default, increased, and max protection options are greyed out and cannot be chosen. I guess that explains the policy values but who locked it? My only guess is that is use a Surfshark VPN and realize that in so doing I am using Surfshark's DNS servers but I believe I had this problem before using the VPN. Any help would be greatly appreciated. Thanx.

Pat Ford - dpfmd@msn.com

Idk why but sometimes firefox just doesn't prompt to generate secure password, I even have to download some extensions to generate secure password (Secure Password Generator) meaning more secure issues.

My guess is that you guys probably hardcoded something like {if "type: password" then prompt}, but it's still partly fault at developers too for bringing these huge chunks of javascript.

In screenshot there's element examaple in which i input password but no prompt whatsoever.

Hello, Microsoft Defender did a scan tonight and apparently detected a trojan script, located in the folders for Firefox extensions for both profiles I use on my computer

Trojan description: Trojan:Script/Wacatac.B!ml

Files: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[default profile]\extensions\langpack-fr@firefox.mozilla.org.xpi C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\[second profile]\extensions\langpack-fr@firefox.mozilla.org.xpi

This scan happened at 9pm, and a previous scan at 6pm didn't show anything. When it detected the script, MS Defender contained it and apparently deleted it when it asked me to restart the computer, I then did a full offline scan and nothing else showed up, same with a full scan with the free version of Malwarebytes. I didn't do anything unusual between 6pm and 9pm, so I'd like to know if there's a way to determine whether that script was an actual threat (instead of a false alarm)? If so, any way to know how long it has been on my computer? Any further risks to take into consideration? Other steps to follow? Thanks for the help

I don't know why, it is NOT Ancestry, as I can sign in to it on other browsers. I get this error message below.

Access Denied Error 21 What happened? This request was blocked by security rules. Your IP: 73.94.12.65 Incident ID: 6eae587fcef92d46

I have no idea what security rules, but I am working on a genealogy project and have never had a problem signing into Ancestry in multiple tabs before today. How do I fix this? Besides getting rid of Firefox, I mean. I have the same security extensions on this browser as I use on Vivaldi, Brave and Chrome - I avoid Chrome, but use Vivaldi and Brave regularly, along with Firefox.

When entering a local domain in the URL bar Firefox sends the request to a search engine instead of the DNS server. How can I stop this behaviour and switch back to how it was before?