All Products Support Forum

Below is the content-security-policy Firefox loads for chatGPT:

default-src 'self'; script-src 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'wasm-unsafe-eval' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; script-src-elem 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'sha256-RvbVrdDS11FSnQaULCOgXPA5u0nMP2Im1d2pGiRBGC4=' 'sha256-eMuh8xiwcX72rRYNAGENurQBAcH7kLlAUQcoOri3BIo=' auth0.openai.com challenges.cloudflare.com chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://apis.google.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://docs.google.com https://jidori.g1.internal.services.openai.org https://js.live.net/v7.2/OneDrive.js https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www-onepick-opensocial.googleusercontent.com wss://*.chatgpt.com wss://*.chatgpt.com/; img-src * 'self' blob: data: https: https://docs.google.com https://drive-thirdparty.googleusercontent.com https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; font-src 'self' data: https://*.oaistatic.com https://fonts.gstatic.com; connect-src 'self' *.oaiusercontent.com api-iam.intercom.io api-js.mixpanel.com browser-intake-datadoghq.com chatgpt.com/ces fileserviceuploadsperm.blob.core.windows.net http://0.0.0.0:* http://localhost:* https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.onedrive.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://content.googleapis.com https://docs.google.com https://events.statsigapi.net https://featuregates.org https://graph.microsoft.com https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www.googleapis.com o33249.ingest.sentry.io statsigapi.net wss://*.chatgpt.com wss://*.chatgpt.com/ wss://*.intercom.io wss://*.webpubsub.azure.com; frame-src challenges.cloudflare.com https://*.sharepoint.com https://content.googleapis.com https://docs.google.com https://onedrive.live.com https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ js.stripe.com; worker-src 'self' blob:; media-src blob: 'self' *.oaiusercontent.com fileserviceuploadsperm.blob.core.windows.net https://cdn.openai.com https://persistent.oaistatic.com; frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj; report-to chatgpt-csp-new; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1f79f8ac903a5872ae5f53026d20a77c&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=version%3Achatgpt-csp-new

Notice that it includes " frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj"

Would this extension be installed in the computer, kind of like the extensions that are loaded from Chrome (i.e., C:\Users\myUser\AppData\Local\Google\Chrome\User Data\extensions_crx_cache)?

Thanx

I keep getting the prompt* about new.thunderbird.net expiration.

Indeed, after opening https://new.thunderbird.net in Firefox, the subdomain uses the Let's Encrypt SSL certificate that expired on 22nd May 2024. This certificate list many subdomains by name.

For https://www.thunderbird.net (after opening it in Firefox), another SSL certificate file is used (issued by Google Trust Services LLC by on 13 May 2024) valid until 11 Aug 2024. It says it should apply to thunderbird.net and *.thunderbird.net, but the new.thunderbird.net still points to the old Let's Encrypt certificate perhaps?

• I know I could just allow the expired one as an exception

Any time I try to connect to the internet, Firefox claims either I am offline or the connection is not secure. I know I have a connection as I can access the support site and every other website on an entirely different browser. I have tried refreshing the page, double-checking Firefox is allowed through the firewall, cleared cache, cleared all cookies and site data, nothing I've done is working. Firefox just randomly stopped connecting a few days ago and I had the same issue with Google Chrome last month, which is when I made the switch to Firefox.

If anyone knows anything that could maybe help, that would be great. Thank you so much!

Hi

uBlock Origin for Thunderbird doesn't block Newsletter ads (blocked since install 0% ===> since months)

How-To fix and troubleshoot? Re-Install of add-on already done

Thanks

Was the option to close privacy tabs removed recently? I would like to be able to save my tabs without losing them again. I only ask because I just like to organize my tabs instead of having all the tabs in one section.

While using Thunderbird, it mysteriously stopped connecting to Yahoo Mail. This happens every few years and I think it's related to Oauth2 credentials.

I generated a new secure mail key and copied it into Thunderbird but that didn't work. So then I checked online, and one of the steps in the Thunderbird instructions is: "Select 'Server Settings' for mail account; Set incoming server 'Authentication Method' to 'Oauth2'; Click on 'OK' ". But Oauth2 isn't one of the options. The choices are normal password, encrypted password, Kerberos/GSSAPI, and NTLM.

I'm using POP. Tbird version 115.11.1.

Trying to replace my primary email with a secondary email. I've tried to add a secondary email to my account, but the confirmation code does not reach my primary email. I've checked junkmail and spam, but no confirmation email there either.

Hello,

i am following instructions from here:

https://support.mozilla.org/en-US/kb/automatically-fill-your-address-web-forms#w_turn-address-autofill-on-or-off

but i don't see option to enable autofill on desktop. On mobile, autofill only shows USA ans Canada. Why Chrome allow me to use address autofill and Firefox not?

Send is a free file sharing service launched by Mozilla under its Firefox Test Pilot project, which is mostly a bunch of experimental features for Firefox. While the majority of applications under the Test Pilot project are essentially plugins for the main Firefox browser, Send is a standalone service, that can be accessed via any browser. It works on a web interface and allows the user to easily upload any file to Mozilla’s servers and then download it to the other device with the help of a shareable link. What’s more is that Mozilla offers great privacy due to the encryption of the data being transmitted. Now that you know what Firefox Send is, let us discuss how to use it.

How do I enter Firefox SEND menu?

With some emails in Outlook on Firefox, clicking on a link within the email gives me a new blank window, with its address line saying something like this: (name of original site, then) ".list-manage.com/track/click?u=ca38acd 82fe622b7" etc etc... This doesn't happen with all emails, but often enough and in some of my most-used sites... I'm on a new HP desktop. Can anyone help?

All the gmail entries & passwords deleted, remaining email passwords replaced, as of this morning.

I replaced them, and then so did they. I just yesterday deleted my online life... I'm sure just a coincidence.

Here's half of one they used: M.C555_BAY.0.U.-Co2UA6qeq4JOFgsvOCkdA**pHYS5XqT3TfRXLZAdnUxGM361xXXF0iCTeAaY5pXNyRoEu7KvIh3*uCkYXNAKRvbL7UnBYVnODYaRQ8e5lPvftncJgK1yNc9TzeqTMW1BCwqdeBAjmbGg

Suggestions? (Other than accept the dark side & sell your soul)

Today all of the sudden, one of my computers running Firefox won't connect to Youtube at all. It says security issue with HSTS. It also says there there is nothing I can do to resolve it. Surely that can't be true. Youtube runs on every other computer in the office just fine.

Here is a screen capture of the message:

When using Firefox (latest) and attempting to login into a website I get an error (see attached image) generated by the host's server's firewall. It appears it thinks I'm a bot. When I use Firefox's privacy mode I don't get this error. I would prefer not to use privacy mode. I contacted the administrator of the website I'm attempting to access and he couldn't offer any help.

When I use Google Chrome browser I don't encounter the above problem. This leads me to believe it's not an issue with my Avast Anti-Tracking and Antivirus settings.

Any help would be appreciated.

Chrys

Cannot print maps from AAA triptik planner.

Secure Connection Failed

An error occurred during a connection to ttp-map-print.aaa.com.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.