Firefox Support Forum

I am trying to access the online library website for my college. I had no trouble all week then all of a sudden I keep getting this message: "Unauthorized LTI Launch Request 401

   Please check the configuration settings used for the LTI/OAuth/OpenID access.
   Your browser's "Block 3rd party cookies" or "Prevent cross-site tracking" setting can also cause this error."

I already changed the cookies settings to allow this website and my school's website. I don't understand the issue and why it popped up out of nowhere. I use firefox latest update on Windows 11. I do use a vpn but I used it the whole time, even when the site was working and I have tried turning it off. It doesn't help.

Are Firefox extensions sandboxed from the rest of the operating system? Suppose I have installed a malicious extension/add-on on my system. Would it be possible for the extension to access and tamper with my operating system? I do not care if it tampers with the browser tabs or data inside the browser as long as it does not have a way to tamper with my OS. Using MacOS Sonoma

I can no longer use my camera on firefox, firefox displayed some message about camera when we were trying to chat, but I missed it, I have granted relevant permissions on the site, that we use reularly. The camera icon on the address bar appears red, and I noticed that in Windows security, it lists firefox access requests, but shows no way to grant these requests.

I am not tech minded so please if anyone could keep it simple, I would appreciate it.

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

OK, I have Firefox (Windows 10 AMD64, desktop) configured to delete history when I close it.

So, I see that regular webiste cookies are deleted.

But are the HSTS website "super cookies" deleted?

https://ipleak.com/articles/what-is-hsts-super-cookies What are HSTS Super cookies and why are they dangerous?

thanx.

Hello,

I appreciate very much the recent security changes in Firefox 127, about mixed content. I think it really does improve both security and privacy, but I have HTTPS websites in a local network (private IP addresses) that load some images from a local IP camera over HTTP. I do not have control over these IP camera images, so as a temporary workaround I am allowing the whole website to be delivered over plain HTTP.

It's not a huge security issue, because it's on a local network which I access over the Internet via a VPN, but I would prefer to keep the website on HTTPS and allow mixed content for this specific IP address, so to keep the protection fully enabled when I browse the Internet.

Is there a way to enter a specific IP address in an exception list, so to selectively allow mixed content? Or, in alternative, is it possible to specify that all web requests from private IP addresses (RFC 1918) should allow mixed content?

Many thanks,

Piero

Hi. About 2-3 weeks ago all of my websites that I use to started making me log in.

I seemed to have lost all of my saved passwords so I typed them all back in.

Now, most of them make me press the log on button and then my userid and password are primed in there so all I have to do is press enter.

I find this kind of frustrating. I don't recall changing any settings. Any ideas to change this?

Thank you.

I don't want to use passkeys, and it seems that every site is checking browser support and wasting my time with passkey prompts before allowing me to log in with a password. How do I disable passkey support in Firefox?

Below is the content-security-policy Firefox loads for chatGPT:

default-src 'self'; script-src 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'wasm-unsafe-eval' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; script-src-elem 'self' 'nonce-eec8ce04-1f27-4481-8ed6-b8f877eef280' 'sha256-RvbVrdDS11FSnQaULCOgXPA5u0nMP2Im1d2pGiRBGC4=' 'sha256-eMuh8xiwcX72rRYNAGENurQBAcH7kLlAUQcoOri3BIo=' auth0.openai.com challenges.cloudflare.com chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://apis.google.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://docs.google.com https://jidori.g1.internal.services.openai.org https://js.live.net/v7.2/OneDrive.js https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www-onepick-opensocial.googleusercontent.com wss://*.chatgpt.com wss://*.chatgpt.com/; img-src * 'self' blob: data: https: https://docs.google.com https://drive-thirdparty.googleusercontent.com https://ssl.gstatic.com; style-src 'self' 'unsafe-inline' chatgpt.com/ces https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ wss://*.chatgpt.com wss://*.chatgpt.com/; font-src 'self' data: https://*.oaistatic.com https://fonts.gstatic.com; connect-src 'self' *.oaiusercontent.com api-iam.intercom.io api-js.mixpanel.com browser-intake-datadoghq.com chatgpt.com/ces fileserviceuploadsperm.blob.core.windows.net http://0.0.0.0:* http://localhost:* https://*.chatgpt.com https://*.chatgpt.com/ https://*.oaistatic.com https://api.onedrive.com https://api.openai.com https://chat.openai.com https://chatgpt.com/ https://chatgpt.com/backend-anon https://chatgpt.com/backend-api https://chatgpt.com/graphql https://chatgpt.com/public-api https://chatgpt.com/voice https://content.googleapis.com https://docs.google.com https://events.statsigapi.net https://featuregates.org https://graph.microsoft.com https://jidori.g1.internal.services.openai.org https://oaistatic.com https://snc.apps.openai.com https://snc.chatgpt.com/backend/se https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ https://www.googleapis.com o33249.ingest.sentry.io statsigapi.net wss://*.chatgpt.com wss://*.chatgpt.com/ wss://*.intercom.io wss://*.webpubsub.azure.com; frame-src challenges.cloudflare.com https://*.sharepoint.com https://content.googleapis.com https://docs.google.com https://onedrive.live.com https://tcr9i.chat.openai.com https://tcr9i.chatgpt.com/ js.stripe.com; worker-src 'self' blob:; media-src blob: 'self' *.oaiusercontent.com fileserviceuploadsperm.blob.core.windows.net https://cdn.openai.com https://persistent.oaistatic.com; frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj; report-to chatgpt-csp-new; report-uri https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub1f79f8ac903a5872ae5f53026d20a77c&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=version%3Achatgpt-csp-new

Notice that it includes " frame-ancestors chrome-extension://iaiigpefkbhgjcmcmffmfkpmhemdhdnj"

Would this extension be installed in the computer, kind of like the extensions that are loaded from Chrome (i.e., C:\Users\myUser\AppData\Local\Google\Chrome\User Data\extensions_crx_cache)?

Thanx

Send is a free file sharing service launched by Mozilla under its Firefox Test Pilot project, which is mostly a bunch of experimental features for Firefox. While the majority of applications under the Test Pilot project are essentially plugins for the main Firefox browser, Send is a standalone service, that can be accessed via any browser. It works on a web interface and allows the user to easily upload any file to Mozilla’s servers and then download it to the other device with the help of a shareable link. What’s more is that Mozilla offers great privacy due to the encryption of the data being transmitted. Now that you know what Firefox Send is, let us discuss how to use it.

How do I enter Firefox SEND menu?

With some emails in Outlook on Firefox, clicking on a link within the email gives me a new blank window, with its address line saying something like this: (name of original site, then) ".list-manage.com/track/click?u=ca38acd 82fe622b7" etc etc... This doesn't happen with all emails, but often enough and in some of my most-used sites... I'm on a new HP desktop. Can anyone help?

Cannot print maps from AAA triptik planner.

Secure Connection Failed

An error occurred during a connection to ttp-map-print.aaa.com.

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

Hi,

Just the other day I started getting these popups from "anti virus service" that keeps popping up on my screen. I do not nor never did have McAfee on my system. I did a deep search, and there is no program on my computer, nor in my startups, nor in my popups allowed relating to this. It is only a problem with Firefox. Any solutions?

Thank you, John

I stored a password for particular web site. When I reset the password and stored it again. but your site does not revise it. then i try to remove it but you offer to passwords for all websites. THIS PREVENT ME TO STORE PASSWORDS IN THE FUTURE.

When I access a location-aware website, I'm asked if I'll allow it to use my location. My problem is that the pop-up window won't allow me to do anything. I can't block, allow, close the window — nothing. Is there a setting I'm missing somewhere?