Firefox for Enterprise Community Forum

Are there any plans to make configuration of the setting "network.proxy.system_wpad" available via ADMX (grouppolicy under Windows)? We need to deploy this to 100 computers and I still have no idea how.

Feature was introduced in FF 125: https://support.mozilla.org/en-US/kb/firefox-enterprise-125-release-notes We currently use 128.4.0esr.

We need this configuration, so Firefox also uses "automatic configuration" which is set in system settings.

[this is a cross-post from [Firefox forum])

I recently switched from FF 116 to ESR. (I wasn't allowing updates until I had video difficulties) I just wanted my browser to work and be simple; I hate changes, especially some of the things Mozilla bombards us with in updates. (I wish I could choose what I want and not be forced to accept all of it.) To solve my video problems, I had done a refresh with extreme trepidation and that didn't help, so I decided to be on a new version of FF/ ESR because I was nervous about the latest FF. I only understand tweaking in config and adding extensions. I don't know anything about CSS, and I don't want to. :) I did change the density setting in config and chose that via 'customize toolbar.' The density is not compact enough for me. Before in regular FF, I had a tight look to my bookmarks as they dropped down. Now the vertical spaces are wider; the density is not enough. I can't find a way to make it 'tighter' like I had it before in regular FF. (I don't feel like switching back. Sigh...) Are there some other settings or an app that can make the change I am looking for?

(I can't take a screen shot because as soon as I touch a place away from the drop down, the drop down disappears.)

I want to deploy a managed/enterprise version of Firefox to my entire company. Is that an option? Is there an Admin console where we can configure default URLs and manage extensions?

i want to add win32 app on intune and i need the ( install & uninstall command of my version 18.05 )

below uploaded images more details about my version that I download it in my device.

CVE-2024-7528 is not closing on Rapid7/Nexpose re-scans for Windows 2012 R2 Servers. When the latest ESR package for Windows 2012 R2 is applied the vulnerability remains open even when using ESR version 115.17.0.

When I check the NVD it looks like the only vulnerable versions are <115.7.0. https://nvd.nist.gov/vuln/detail/CVE-2024-7528#range-13199073

Is this vulnerability resolved in any released version of ESR? In browsing the release notes for the past few ESR releases I'm not seeing it mentioned so curious if it's

I'm setting up a cloud-init to make it easier to deploy Linux workstations. I want to display the various links to my sites on my Firefox browser. Bookmark my services. Do you think this is possible? I've already applied a rule to retrieve certificates, but it seems complicated for bookmarks.

Here's an extract  :

{

 "policies": {
   "Bookmarks": [
     {
       "Title": "Main",
       "URL": "https://service.net",
       "Folder": "Bookmarks Toolbar"
     },
     {
       "Title": "Service 1",
       "URL": "https://service1.net",
       "Folder": "Bookmarks Toolbar"
     },
     {
       "Title": "Service 2",
       "URL": "https://service2.net",
       "Folder": "Bookmarks Toolbar"
     },
     {
       "Title": "Documentation",
       "URL": "https://docs.net",
       "Folder": "Bookmarks Toolbar"
     }
   ]
 }

}

Best Regards,

Dylan

Le 05 novembre 2024 Bonjour, Je ne parviens pas à faire la mise à jour FireFox. J'utilise un MAC OS X version 10.9.5 Processeur 2,7GHz Intel Core 15 Mémoire 8 Go 1600 MH DDR3 MERCI de bien vouloir me répondre en Français. Bonne journée. Cordialement.

No matter which option I choose, I keep getting a message that tells me Firefox cannot be updated. The Oesr version wont update either. It tells me to update to 115.17 Oesr and when I click on update I keep getting this error.

With Firefox 115.14.0esr, 115.2esr and 128.xesr we can`t log in into a company website with a certificate. After the certificate login we end up on the WebSeal again. Http status 302 for pkmslogin.form and pkmscertpromptstagen is called ~12x repeatedly with 302 error each time and then jump back to the login screen.

Hi,

Looking to upgrade our org to ESR 128.2.0 due to compatibility issues - most notably, embedded PDFs not loading due to Promise.withResolvers() not being implemented on versions prior to 121.

Curious to know if there are any issues or concerns with upgrading manually/pushing this version out - would like to ensure we don't cause further issues in attempting to resolve one.

Firefox version

   128.2.0esr (64-bit)

Operating system

   Windows 10/Windows11 23H2 Septembre patch

Hello everyone,

maybe you can tell me/explain what the problem could be.

In our company we had Firefox version 115.14.0esr (64-bit) and then we updated to 128.2.0esr (64-bit).

Since version 128.2 ESR we have experienced problems in Firefox when trying to access DNN+ pages (with login). https://www.dnn.de/sport/regional/dresdner-sc-denkt-ueber-uebernahme-der-margon-arena-nach-C3IC74MZ6FE43AKGCZJSKUXA3I.html

In Firefox the content is cut off, in Edge it is displayed normally.

With Edge and Firefox 115.14.0esr the page is displayed normally. No AdBlock installed.

In developer mode I see the errors in the versions, so it shouldn't be that.

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://gum.criteo.com/sid/json?origi...AAAAAAAA&gdpr=1. (Reason: CORS request failed). Status code: (null).

Cross-source (cross-origin) request blocked: The same-source rule prohibits reading the external resource on https://id5-sync.com/api/config/prebid. (Reason: CORS request failed). Status code: (null).

Any ideas? Thank you very much! :)

Hello,

I installed Firefox 128.2.0esr. I set the next parameters in GPO for settings DNSOverHTTPS: "DNSOverHTTPS": {

                      "Enabled":  true,

"ProviderURL": "https://safe.dot.dns.yandex.net/dns-query", "Locked": true, "Fallback": true }. But when checking via https://www.cloudflare.com/ru-ru/ssl/encrypted-sni/#results I get (screenshot in attachment). As you can see from the screenshot, DNS and SNI did not receive the coveted check marks. Secure DNS We weren’t able to detect whether you were using a DNS resolver over secure transport. Contact your DNS provider or try using 1.1.1.1 for fast & secure DNS. DNSSEC Attackers cannot trick you into visiting a fake website by manipulating DNS responses for domains that are outside their control. TLS 1.3 Nobody snooping on the wire can see the certificate of the website you made a TLS connection to. Secure SNI Anybody listening on the wire can see the exact website you made a TLS connection to.

In my browser / about:config: network.trr.mode = 2 network.trr.uri = https://safe.dot.dns.yandex.net/dns-query

In 128.2.0esr there is no protection against ESNI interceptions and ECH is enabled by default? Or is the problem that the DNS provider does not support the technology from Mozilla? Or what other settings we need use (via GPO)?

Thank you.

We've been noticing for some time now that we haven't been able to load the Microsoft Bookings Page using the Microsoft Store version of the Firefox web browser.

Here's what we have tried and what we know: -We cleared cache and cookies using the "Everything" drop down option to no avail. -Confirmed that we are running the latest version and no extensions are running. -Tested running it in "New Private Window" to no avail. -Tested Diagnostic Mode to no avail. -Tested Refresh Firefox to no avail. -We confirmed that we are able to login and load the Microsoft booking page using different browsers (Edge, Chrome and even Firefox directly from their own page) with no issues. - We confirmed that different users can replicate the issue and can be replicated on a different computer as well. -We confirmed that we are able to access other Office 365 web apps with out an issue on the Microsoft Store version of the Firefox web browser.

Microsoft Support stated that they are able to replicate the issue on their end, but advised to reach out to Firefox support to investigate this further.

Feel free to let me know if any other information would be helpful such as .HAR log file(s) etc.

Thanks!

Firefox (129.0.2) displays "401 - Unauthorized: Access is denied due to invalid credentials" (see attached image)

I have tried various combinations of setting and not setting the following in Firefox:

• network.negotiate-auth.trusted-uris
• network.negotiate-auth.delegation-uris
• network.auth.use-sspi

For the URI settings I have tried both .domainname.domainextension and https://servicename.domainname.domainextension

In Windows 10 Control Panel -> Internet Options, the site is in "Trusted sites" using a domain wildcard, and also "Local intranet" and both "Automatic logon" and "Enable Integrated Windows Authentication" are enabled. I suspect those setting aren't relevant since other browsers are authenticating without error or prompt, but calling this out to show that I've covered that base.

The web service is served by IIS 10.0 on Windows Server 2022 and the authentication provider list only includes Negotiate, but I don't believe this issue has anything to do with IIS or its configuration as, again, other browsers are authenticating without error or prompt.

Anything else to check?

Thank you for any guidance you can offer.

Hello,

I am reaching out to gain information on ADMX GPO policies. We are retiring Policy Pak which used to add all the policies and secure Firefox for Enterprise. What we noticed is that Policy Pak used the app set to apply these policies and we are noticing that native GPO's for the most part to match the Policy Pak policies is not as accurate for GPO's My ask here is there any Most Viable Product suggestions to apply Native GPO's for securing Firefox.

I am working on deploying Firefox with a GPO and I noticed that a saved password can be easily viewed just by going into the password manager. I found a way to disable the password manager all together, but then you can't save passwords. I am look for a way just to Require device sign in to fill and manage passwords as it says so its not just clicking the eyeball to see the password. I saw this article ( https://support.mozilla.org/en-US/kb/firefox-password-authentification-prompt ) which is how I got the description for this and that seems to be exactly what I want, But I cannot find this setting anywhere in the GPO. Anyone know where it is OR perhaps maybe you could add it?