Firefox Support Forum

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

I have a Yahoo email account and Firefox has the saved password for it. I've changed the password for my Yahoo email account recently. When Firefox prompted me if I want to update the saved password I must have chosen "NO", I don't remember. I stayed logged in the Yahoo email account for a few days after I've changed the password. I've logged out of the Yahoo account. Now I can't log back in because I don't remember the new password I've created.

I'm wondering if Firefox has the new Yahoo email account password saved somewhere in its cache.

OS: Windows 10. Firefox: 127.0.2 (64-bit).

OK, I have Firefox (Windows 10 AMD64, desktop) configured to delete history when I close it.

So, I see that regular webiste cookies are deleted.

But are the HSTS website "super cookies" deleted?

https://ipleak.com/articles/what-is-hsts-super-cookies What are HSTS Super cookies and why are they dangerous?

thanx.

Hello,

I appreciate very much the recent security changes in Firefox 127, about mixed content. I think it really does improve both security and privacy, but I have HTTPS websites in a local network (private IP addresses) that load some images from a local IP camera over HTTP. I do not have control over these IP camera images, so as a temporary workaround I am allowing the whole website to be delivered over plain HTTP.

It's not a huge security issue, because it's on a local network which I access over the Internet via a VPN, but I would prefer to keep the website on HTTPS and allow mixed content for this specific IP address, so to keep the protection fully enabled when I browse the Internet.

Is there a way to enter a specific IP address in an exception list, so to selectively allow mixed content? Or, in alternative, is it possible to specify that all web requests from private IP addresses (RFC 1918) should allow mixed content?

Many thanks,

Piero

Hi. About 2-3 weeks ago all of my websites that I use to started making me log in.

I seemed to have lost all of my saved passwords so I typed them all back in.

Now, most of them make me press the log on button and then my userid and password are primed in there so all I have to do is press enter.

I find this kind of frustrating. I don't recall changing any settings. Any ideas to change this?

Thank you.

I don't want to use passkeys, and it seems that every site is checking browser support and wasting my time with passkey prompts before allowing me to log in with a password. How do I disable passkey support in Firefox?

Below is the content-security-policy Firefox loads for chatGPT:

default-src 'self'; script-src 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'wasm-unsafe-eval' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; script-src-elem 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'sha256-RvbVrdDS11FSnQaULCOgXPA5u0nMP2Im1d2pGiRBGC4=' 'sha256-eMuh8xiwcX72rRYNAGENurQBAcH7kLlAUQcoOri3BIo=' auth0.openai.com challenges.cloudflare.com chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://apis.google.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://docs.google.com https://jidori.g1.internal.services.openai.org https://js.live.net/v7.2/OneDrive.js https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www-onepick-opensocial.googleusercontent.com wss://*.chatgpt.com wss://*.chatgpt.com/; img-src * 'self' blob: data: https: https://docs.google.com https://drive-thirdparty.googleusercontent.com https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; font-src 'self' data: https://*.oaistatic.com https://fonts.gstatic.com; connect-src 'self' *.oaiusercontent.com api-iam.intercom.io api-js.mixpanel.com browser-intake-datadoghq.com chatgpt.com/ces fileserviceuploadsperm.blob.core.windows.net http://0.0.0.0:* http://localhost:* https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.onedrive.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://content.googleapis.com https://docs.google.com https://events.statsigapi.net https://featuregates.org https://graph.microsoft.com https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www.googleapis.com o33249.ingest.sentry.io statsigapi.net wss://*.chatgpt.com wss://*.chatgpt.com/ wss://*.intercom.io wss://*.webpubsub.azure.com; frame-src challenges.cloudflare.com https://*.sharepoint.com https://content.googleapis.com https://docs.google.com https://onedrive.live.com https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ js.stripe.com; worker-src 'self' blob:; media-src blob: 'self' *.oaiusercontent.com fileserviceuploadsperm.blob.core.windows.net https://cdn.openai.com https://persistent.oaistatic.com; frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj; report-to chatgpt-csp-new; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1f79f8ac903a5872ae5f53026d20a77c&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=version%3Achatgpt-csp-new

Notice that it includes " frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj"

Would this extension be installed in the computer, kind of like the extensions that are loaded from Chrome (i.e., C:\Users\myUser\AppData\Local\Google\Chrome\User Data\extensions_crx_cache)?

Thanx

Send is a free file sharing service launched by Mozilla under its Firefox Test Pilot project, which is mostly a bunch of experimental features for Firefox. While the majority of applications under the Test Pilot project are essentially plugins for the main Firefox browser, Send is a standalone service, that can be accessed via any browser. It works on a web interface and allows the user to easily upload any file to Mozilla’s servers and then download it to the other device with the help of a shareable link. What’s more is that Mozilla offers great privacy due to the encryption of the data being transmitted. Now that you know what Firefox Send is, let us discuss how to use it.

How do I enter Firefox SEND menu?

With some emails in Outlook on Firefox, clicking on a link within the email gives me a new blank window, with its address line saying something like this: (name of original site, then) ".list-manage.com/track/click?u=ca38acd 82fe622b7" etc etc... This doesn't happen with all emails, but often enough and in some of my most-used sites... I'm on a new HP desktop. Can anyone help?

Cannot print maps from AAA triptik planner.

Secure Connection Failed

An error occurred during a connection to ttp-map-print.aaa.com.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

Hi,

Just the other day I started getting these popups from "anti virus service" that keeps popping up on my screen. I do not nor never did have McAfee on my system. I did a deep search, and there is no program on my computer, nor in my startups, nor in my popups allowed relating to this. It is only a problem with Firefox. Any solutions?

Thank you, John

I stored a password for particular web site. When I reset the password and stored it again. but your site does not revise it. then i try to remove it but you offer to passwords for all websites. THIS PREVENT ME TO STORE PASSWORDS IN THE FUTURE.

When I access a location-aware website, I'm asked if I'll allow it to use my location. My problem is that the pop-up window won't allow me to do anything. I can't block, allow, close the window — nothing. Is there a setting I'm missing somewhere?

When I go to Settings > Privacy & Security the only "autofill" setting is to import data from another browser. I am signed in, in the US, and my VPN is set to Seattle.

Hello,

I have tried to find solutions to this and have not found anything to be a permanent fix. I recently have found my FireFox browser closing my first attempt to open and upon opening my second attempt Firefox will open but give me a pink address bar with a robot stating "browser is under remote control (reason: Dev Tools)" and the only thing that seems to get rid of this temporarily is going to my control panel (I'm a windows user) and toggling the remote assistance checkbox (I keep it unchecked since this problem has occurred). Then after re-opening Firefox again, it appears to work normally - no pink address bar with robot. Is there a permanent fix for this? Is it an OS issue or a Firefox issue? Maybe both? Any insight would be greatly appreciated. I am fairly tech savvy, but not too familiar with browser interfaces and solutions involving the command line.

Thank you,