This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

block file protocol (file:///, "c:/")

  • 5 replies
  • 11 have this problem
  • 10 views
  • Last reply by finitarry

more options

I work for a university and we want Mozilla 17 in our computer labs. We have GPO on Windows 7 to blocks access to our C drive so students can't see secure files, but mozilla ignores it. Is there a way to disable typing these things such as, "file://C:/Windows" or "C:\" that gives access to the files?

I have tried a few add-ons but all they do is hide the links to the folders, but you can still execute and open files. Also I have added the following to user.js:

user_pref("capability.policy.policynames", "localfilelinks"); user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "noAccess"); user_pref("capability.policy.localfilelinks.sites", "file:///");

Any help would be appreciated!

Thanks!

I work for a university and we want Mozilla 17 in our computer labs. We have GPO on Windows 7 to blocks access to our C drive so students can't see secure files, but mozilla ignores it. Is there a way to disable typing these things such as, "file://C:/Windows" or "C:\" that gives access to the files? I have tried a few add-ons but all they do is hide the links to the folders, but you can still execute and open files. Also I have added the following to user.js: user_pref("capability.policy.policynames", "localfilelinks"); user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "noAccess"); user_pref("capability.policy.localfilelinks.sites", "file:///"); Any help would be appreciated! Thanks!

All Replies (5)

more options

Normally you would put a hostname with protocol in the "sites" setting to limit what that site may do. You are blocking "file:///" from loading links, but that is only a protocol, not a site. I think that is the problem, anyway.

more options

I would love to see Firefox respect the GPO to prevent viewing local drives. It doesn't exist.

more options

If you want to block students from reading files on the computers they use, can you use "127.0.0.1" instead of "file:///"?

more options

finitarry, are you suggesting putting that in the user.js file or somewhere else? Have you done this yourself or are you just brainstorming? Thanks.

more options

What normally appears as the data for "sites" is the hostname of a site. I am suggesting that you use the localhost IP number. I have no idea if it will work, but it makes sense to me.