Firefox Support Forum

I have a local web server which is misconfigured. Its my server, its on my LAN, and no data traverses any devices not under my control. I need to be able to access it via HTTPS with an expired certificate in order to FIX THE EXPIRE CERTIFICATE. How do I do it? Firefox used to have a "accept the risk and continue". Whoever took this feature aware has created a very significant problem for me and I want the capability back.

Hello, In order to log into Netflix I have to uncheck the Cookies box and Private Browsing box in Privacy and Security under Settings (I usually run with these enabled when just browsing). When I do this it asks for a Restart. Upon Restart the Netflix Login page always appears on its own. I am curious as to how Firefox is getting steered to the Netflix Login page when it is not being specifically told to go there. I assume it is somehow tied to the unchecked boxes. It's not a big deal to me but I am curious about what is going on in the background and the dynamics involved. If someone has the time to explain what is happening I would appreciate it. Thanks you !

And thanks to Mozilla in general for keeping Firefox so excellent.

I can no longer use my camera on firefox, firefox displayed some message about camera when we were trying to chat, but I missed it, I have granted relevant permissions on the site, that we use reularly. The camera icon on the address bar appears red, and I noticed that in Windows security, it lists firefox access requests, but shows no way to grant these requests.

I am not tech minded so please if anyone could keep it simple, I would appreciate it.

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

I have a Yahoo email account and Firefox has the saved password for it. I've changed the password for my Yahoo email account recently. When Firefox prompted me if I want to update the saved password I must have chosen "NO", I don't remember. I stayed logged in the Yahoo email account for a few days after I've changed the password. I've logged out of the Yahoo account. Now I can't log back in because I don't remember the new password I've created.

I'm wondering if Firefox has the new Yahoo email account password saved somewhere in its cache.

OS: Windows 10. Firefox: 127.0.2 (64-bit).

OK, I have Firefox (Windows 10 AMD64, desktop) configured to delete history when I close it.

So, I see that regular webiste cookies are deleted.

But are the HSTS website "super cookies" deleted?

https://ipleak.com/articles/what-is-hsts-super-cookies What are HSTS Super cookies and why are they dangerous?

thanx.

How do I disable secure connections for local domains? like http://nas.local or http://nas.home.arpa ?

I search for the subject but nothing came up. Apologies if this has been asked before.

Hi.

I have several internal sites, each signed with their own internal CA/subCA. These CAs are all named the same, but have different crypto materials.

If I import just 1 CA into FF (directly or in Windows store with security.enterprise_roots.enabled ), the site with that CA works fine (browser warning is not presented), but ALL those other internal sites give this error:

An error occurred during a connection to 10.1.1.1. Peer’s certificate has an invalid signature. Error code: SEC_ERROR_BAD_SIGNATURE

with no option to add a security exception.

If I add the CA for another site, that one works as well, the others won't. If I remove all the internal CAs, all the sites start working again (with browser warning, ofc.).

I tried in Chrome and Edge and I get the option to create a security exception for the sites for which I did not install their CA, which looks like the ideal/preferrable option to me.

Is this as intended (and why?) or can it be fixed?

This looks somewhat similar to this: https://support.mozilla.org/questions/1170738

Thank you. Davide.

I've added https://x.com as an exception site but it is still blocked.

This is outright censorship which is something fascists do.

Tell me how to fix your browser so I may access x.com again or I stop using Firefox forever.

Hello, I need a bit of help. Specs: FireFox 127.0.2, Apple Silicon M2, Sonoma. For some reason in my privacy & security settings with enhanced tracking protection, it's set on Standard which I believe is the default but after some time passes it switches itself to Strict, or Custom settings, then none of my pages load properly or not at all. Can someone tell me how I can get it to stay on the Standard?

Thanks

I use Firefox with a VPN. I also use the Chameleon extension to alter my fingerprint. When I log into Messenger.com it asks if this is me and gives my actual, physical location. I've checked in settings under location and it doesn't show any sites requesting my location. I have it open in one of the tabs where it's showing my location. I have block all location requests checked. How can I get Firefox to not show my physical location?

Also on this page, it gives I'm using Firefox and the OS I'm using. Both are supposed to be changed for fingerprinting protection.

This looks like it could be a big security loophole. Any help is appreciated.

How can I use Firefox for private browsing or anything when you cannot even keep me as your Default Browser? Edge changes it everytime!! They override you so they have taken over my computer so I can't have firefox as default browser or anything? Thank you, Margaret P Miller peggiemiller1209@gmail.com

Hello,

I appreciate very much the recent security changes in Firefox 127, about mixed content. I think it really does improve both security and privacy, but I have HTTPS websites in a local network (private IP addresses) that load some images from a local IP camera over HTTP. I do not have control over these IP camera images, so as a temporary workaround I am allowing the whole website to be delivered over plain HTTP.

It's not a huge security issue, because it's on a local network which I access over the Internet via a VPN, but I would prefer to keep the website on HTTPS and allow mixed content for this specific IP address, so to keep the protection fully enabled when I browse the Internet.

Is there a way to enter a specific IP address in an exception list, so to selectively allow mixed content? Or, in alternative, is it possible to specify that all web requests from private IP addresses (RFC 1918) should allow mixed content?

Many thanks,

Piero

A couple of days ago, I started getting error popups from malwarebytes on Firefox outbound to data.our.news on every page I access. Please see the attached screenshot. Why is Firefox doing this?