Can you link to the thread that you're referring to?

Using code in this thread: https://support.mozilla.org/en-US/questions/1077630

Code is near the end of thread. Thanks

Aha, yes, recent versions of Firefox have a fancier viewer for JSON-format files. As a result, the body now contains extra tags that you need to bypass to read out the data.

First, you still generate the same firefox-logins.json file using the Browser Console script.

Second, open the firefox-logins.json file in a Firefox tab, and pause until the viewer renders.

Third, click the "Raw Data" heading, and then run the updated script (first line modified) in the Web Console:

json = document.querySelector('pre.data').textContent;
var signons = JSON.parse(json);
var names = "";
for (var i=0; SG=signons[i]; i++) {
try {
 var host = SG.hostname||"";
 var user = SG.username||"";
 var pass = SG.password||"";
 names += "<tr><td>"+ (i+1) + "<td>" + host + "<td>" + user + "<td>" + pass;
} catch(e){}
}
var body = '<table border="1" cellspacing="0">\n'+
'<tr class="head">\n'+
'<td>#\n'+
'<td><b>Host</b>\n'+
'<td><b>User name</b>\n'+
'<td><b>Password</b>\n'+
names+
'</table>\n';
document.body.innerHTML = body;

This could be integrated with the Browser Console script if someone has time to do it so that you do not need multiple steps.

(Now I have to permanently delete firefox-logins.json from my system!)

This fixed the problem. Thank you!! Hope it helps someone else.

I don't know how to access/write website content with multi-process enabled (i.e remote tabs) from within the Browser Console. From within the Web Console it is easy to access the content window. With multi-process disabled it is gBrowser.selectedBrowser.contentDocument.body.innerHTML from within the Browser Console.. I don't think it is worth the extra effort to setup frame script loaders and the message manager.

• https://developer.mozilla.org/en/Firefox/Multiprocess_Firefox/Message_Manager

Hi cor-el, I was thinking of the old technique of building a page, converting to dataURI, then launching in a new window or tab. Like you posted in: https://support.mozilla.org/questions/967729#answer-466640

Then the sensitive data would never touch the disk, except in the cache which is easy to clear. Or would it be in history? I guess that would need to be cleaned, too.

If you use a data URI with all data in it then sessionstore will store the complete data URI and this includes a closed tab case, so I stopped using that a long time ago and changed to injecting the body text.

var dataURI = 'data:text/html;charset=utf-8,';

cor-el said

If you use a data URI with all data in it then sessionstore will store the complete data URI and this includes a closed tab case, so I stopped using that a long time ago and changed to injecting the body text.

I forgot about that problem.

Note that you can use the view-source: prefix (view-source:file://) in the location/address bar to get the raw code.