-
Endless loop when attempting login to GitLab
I just pulled down the latest Firefox Dev Edition AppImage and still getting the same result. I try to login to GitLab and I get an endless loop of checking whether I'm human or not. I tried to turn off tracking protection for GitLab and Cloudflare and added both to accept all cookies. In the network tab it eventually shows 403s. Anyone else have this happen or know if I can disable any more safety/privacy features to get it working?
-
[email protected]: Does Firefox block websites from uploading data that could be used for fingerprinting like resolution, installed fonts, etc.?
Fingerprinting works by collecting bits of information about the browser and device to identify users. Couldn't browsers like Firefox see when a website gets such info with JS and either prevent or ask permission from the user for the website to make HTTP requests to upload such information to the website. Idk if they do something like this already.
-
Finally solved the battery drain issue in Firefox Android!!
This is part of the Android release for Firefox 127.0.2.
Please leave a comment on Bug : Android idle battery drain due to Firefox if you still experience this issue after updating Firefox and restarting your phone:
-
What are your thoughts on this? "How did Mozilla Firefox go from being the best and most beloved browser to suddenly the worst company and browser according to Reddit"
https://reddit.com/r/privacy/comments/1dofyj1/how_did_mozilla_firefox_go_from_being_the_best/
Post Text
Seriously, every post I read that's upvoted is smack talking Mozilla in every way possible and it just so happens to take place exactly when Google quietly announces Manifest V3. Mozilla is not our enemy, Google is. Don't let all these bot upvoted comments and posts let you forget that. Has Mozilla made some questionable moves lately? Yeah.. the biggest being the purchase of Anonym. https://blog.mozilla.org/en/mozilla/mozilla-anonym-raising-the-bar-for-privacy-preserving-digital-advertising/
We'll just have to wait and see how that turns out. But I found it amusing when I saw this post and it got so many upvotes immediately after Mozilla announced the purchase. https://www.reddit.com/r/privacy/comments/1dkujuh/mozilla_anonym_is_a_datahoovering_monster/
Then Mozilla allegedly fired someone because he has cancer. https://www.msn.com/en-us/health/other/mozilla-is-trying-to-push-me-out-because-i-have-cancer-cpo-says-in-bombshell-lawsuit/ar-BB1oOjOZ
Then I was reading Mozilla android browser is suddenly the worst and least secure android browser.
It's never ending.. Honestly I think I am just going to take some time away from Reddit because it's becoming such a corporate shill and bot upvoted cesspool. I'm sure this will get heavily down-voted but I just wanted to give my two cents. Mozilla will always be my preferred choice for privacy and security and unless I see some actual changes within the browsers no one will ever convince me otherwise.
-
Mozilla rolls out first AI features in Firefox Nightly, and theyre actually useful.
blog.mozilla.org Choose how you want to navigate the web with Firefox | The Mozilla BlogAs Mozilla envisions Firefox’s future, we are focused on building a browser that empowers you to choose your own path and gives you the freedom to explor
Tldr: Theyre adding an opt-in alt text generation for blind people and an opt-in ai chat sidebar where you can choose the model used (includes self-hosted ones)
-
You can try Vertical Tabs in Firefox now
www.ghacks.net You can try Vertical Tabs in Firefox now - gHacks Tech NewsMozilla is working on bringing vertical tabs to the Firefox web browser, and you can try the feature right now, if you want.
-
[email protected]: What are the best ways to minimize fingerprinting on Firefox?
I did the tests on fingerprint.com/demo/ and https://coveryourtracks.eff.org/ and they both said I have a unique fingerprint, even when I enabled
privacy.resistFingerprinting
toTrue
. -
[email protected]: Caching frequently downloaded / used page assets?
I read the descriptions for the Dcentraleyes and LocalCDN addons which cache popular JS frameworks and page assets to enhance privacy and speed up pages that use them (since the assets were downloaded beforehand). Does Firefox have any built-in functionality to cache frequently used assets, or are there any addons that do so?
For instance, If I access Reddit.com a lot, I would want all the resources that all those Reddit pages have in common to be cached automatically to make loading pages from the domain faster.
-
Help Mozilla uncover Firefox 3rd party installer by joining our campaign
In 2023, a significant portion of Firefox downloads came from unknown sources. We believe many of them came from 3rd party websites that let you download Firefox. While some websites are okay, others can put you at risk of downloading an old version or a build with the wrong locale, leading to security risks, a bad user experience, or even malicious installations.
Help the Firefox team to uncover this mystery by taking part in the Firefox 3rd-party installer campaign!
There will be swag, and you'll be featured in our blog if you manage to report 10 valid reports. So don’t forget to invite your friends too!
Have any questions about this campaign? Join us on Matrix or watch the recording of the SUMO community call with Romain Testard, Principal Product Manager at Mozilla.
Please also help spread the word about this campaign by sharing this on your social media.
Keep on rocking the helpful web, The Mozilla Support team
-
Firefox 127.0.2 Release Notes
-
Fixed an issue where YouTube playback may experience stalling under certain conditions.
-
Fixed an issue where the Private Window icon was displayed in the taskbar on Windows when browser.privateWindowSeparation.enabled was set to false.
-
- www.quippd.com Mozilla Did a Reddit AMA About Their 2024 Firefox Priorities… See What You Missed
Mozilla did their biggest Reddit AMA yet on Thursday, June 13, with eight members of the Firefox leadership team. With 400 total comments on the post, they c...
-
Firefox's New Tab Weather Widget: How to Try it Now
www.omgubuntu.co.uk Firefox's New Tab Weather Widget: How to Try it Now - OMG! UbuntuMozilla has big plans for its browser and among the a fleet new features expected to rain down on us this year is greater personalisation of the new tab
In the latest Mozilla Firefox 127 release simply do the following:
- Go to
about:config
in a new tab - ‘Accept Risk and Continue’
- Search for
browser.newtabpage.activity-stream.system.showWeather
- Double-click the result to enable the feature
- Go to
- connect.mozilla.org How can Firefox create the best support for web apps on the desktop?
Hi everyone, my name is David Rubino and I’m a product manager for Firefox. As the Firefox leadership team mentioned in the Reddit AMA last week, we’re taking a fresh look at Progressive Web Apps (PWAs), which have long been a top request from our Mozilla Connect community. Today I want to share a c...
-
jwz: Mozilla is an advertising company now
www.jwz.org Mozilla is an advertising company nowThis seems completely normal and cool and not troublesome in any way. Mozilla has acquired Anonym, a [blah blah blah] raise the bar for the advertising industry [blah blah blah] while delivering effective advertising solutions. [...] Anonym was founded with two core beliefs: [blah blah blah] and sec...
Also from Jamie Zawinski yesterday: Mozilla's Original Sin > Some will tell you that Mozilla's worst decision was to accept funding from Google, and that may have been the first domino, but I hold that implementing DRM is what doomed them, as it led to their culture of capitulation. It demonstrated that their decisions were the decisions of a company shipping products, not those of a non-profit devoted to preserving the open web. > >Those are different things and are very much in conflict. They picked one. They picked the wrong one.
-
[email protected]: How has your mileage been using Gecko-based browsers other than Firefox?
I switched to Floorp two months ago since it has native vertical tabs (which I greatly prefer over Tree Style Tabs since its a little buggy) and it has been running fine, though earlier this week I got a bug where I set a hotkey and removing it didn't clear it (it still triggered), even after restarts. I tried switching to the tab to the left with CMD OPT Left arrow, and accidentally set a hotkey for toggle the synced tabs sidebar.
I use that hotkey all the time and it basically ruined my workflow, it takes much longer to switch tabs with the mouse. I just found a workaround where I run my Floorp profile in Floorp Daylight (the beta version of Floorp, equivalent to Firefox Beta) remove the hotkey there, then run regular Floorp again.
While I'm happy with Floorp's exclusive featrues, I really wish they were in upstream Firefox because this is a big downside of using a fork, it has its own bugs. And I have to wait for changes from newer Firefox versions to get merged.
-
FxEAP: Sidebar demo (June 21, 2024) - Demo video of current progress of sidebar tabs integration.
This discussion on Mozilla Connect was updated today to include a demo video of the current progress of the addition of tabs in the sidebar.
-
Mozilla: Help us uncover Firefox 3rd party installers
discourse.mozilla.org Help us uncover Firefox 3rd party installerIn 2023, a significant portion of Firefox downloads came from unknown sources. We believe many of them came from 3rd party websites that let you download Firefox. While some websites are okay, others can put you at risk of downloading an old version or a build with the wrong locale, leading to secur...
From the post:
In 2023, a significant portion of Firefox downloads came from unknown sources. We believe many of them came from 3rd party websites that let you download Firefox. While some websites are okay, others can put you at risk of downloading an old version or a build with the wrong locale, leading to security risks, a bad user experience, or even malicious installations.
Help the Firefox team to uncover this mystery by taking part in the Firefox 3rd-party installer campaign 3!
There will be swag, and you’ll be featured in our blog if you manage to report 10 valid reports. So don’t forget to invite your friends too!
Have any questions about this campaign? Join us on Matrix or watch the recording of our community call with Romain Testard, Principal Product Manager at Mozilla.
Please also help spread the word about this campaign by sharing this on your social media.
Keep on rocking the helpful web,
Kiki & Konstantina
-
Somehow snapchat for web doesn't support firefox 🤦
I know I can spoof my useragent, it's just ridiculous that such a massive app doesn't support an equally massive browser.
-
Mozilla CPO Steve Teixeira is suing Mozilla for discrimination
There seems to be minimal information about this online, so I'm leaving this here so cooler heads can prevail in discussion.
Link to filing: https://archive.org/details/jyjfub
Notable portions:
Teixeira was hired as Chief Product Officer and was in line to become CEO.
> Mr. Teixeira became Chief Product Officer (“CPO”) of Mozilla in August, 2022. During the hiring process, Mr. Teixeira had conversations with executive recruiting firm, Russell Reynolds Associates, that one of Mozilla Corporation’s hiring criteria for the CPO role was an executive that could succeed Mitchell Baker as CEO. > > Also, shortly after being hired, Mr. Teixeira had conversations with Ms. Baker about being positioned as her successor.
After taking medical leave to deal with cancer, Mozilla swiftly moved to replace CEO Mitchell Baker with someone else.
> Shortly before Mr. Teixeira returned from leave, Mozilla board member Laura Chambers was appointed Interim CEO of Mozilla and Ms. Baker was removed as CEO and became Executive Chair of the Board of Directors.
After returning, Teixeira was ordered to lay off 50 preselected employees, and he objected due to Mozilla not needing to cut them and their disproportionate minority status.
> In a meeting with Human Resources Business Partner Joni Cassidy, Mr. Teixeira discussed his concern that people from groups underrepresented in technology, like female leaders and persons of color, were disproportionately impacted by the layoff. > >... Ms. Chehak verbally reprimanded Mr. Teixeira, accusing him of violating [a] non-existent “onboarding plan” and threatening to place Mr. Teixeira back on medical leave if he did not execute the layoffs as instructed.
Mozilla's lack of inclusivity was a known problem
>In February 2022, Mozilla commissioned the firm of Tiangay Kemokai Law, P.C. to assess its performance in providing a diverse, equitable, and inclusive workplace culture. > > The report delivered in 2023 from Tiangay Kemokai Law, P.C. states in part: “MoCo falls into the Cultural Incapacity category based on leadership’s inadequate response to the needs of a diverse culture or else the need to create a more diverse, equitable, and inclusive culture, which is reflected in current systems, processes and procedures, policies and practices, or the lack thereof, and are incongruent with MoCo’s stated values and goals.”
Steve Teixeira has been put on leave.
> On May 23, 2024, Mozilla placed Mr. Teixeira on administrative leave. > > Mr. Teixeira requested a reason for being placed on administrative leave. > >Mozilla did not provide Mr. Teixeira with a reason why he was placed on administrative leave. > >Mozilla cut off Mr. Teixeira’s access to email, Slack messaging, and other Mozilla systems. > >Mozilla instructed employees not to communicate with Mr. Teixeira about work-related matters. > >Upon information and belief, an investigation into Mr. Teixeira’s allegations was finally conducted in late May 2024, but Mozilla did not do so under its internal policies and procedures regarding managing complaints of discrimination. Mr. Teixeira was not contacted to participate in the investigation into his complaint of unlawful treatment.
Coverage online so far
I say "alleged" because there appears to be no consensus on the veracity of this document.Update: this appears to be confirmed.
This has received no "news" coverage besides one angry loudmouth (Bryan Lunduke) whose entire commentary career has been shaped by his political beliefs, regardless of truth.
-
For people who worry about Youtube buffering/skipping issues, it's fixed in Firefox 129, wait for Firefox 127.0.2
bugzilla.mozilla.org 1878510 - YouTube videos buffering issues due to bad muxed VP9 bytestreamRESOLVED (alwu) in Core - Audio/Video: Playback. Last updated 2024-06-19.
And this is 100% Youtube's fault, not Firefox's fault, they created this issue:
> This problem is triggered by bad muxed VP9 bytestream served by Youtube, so it's not a regression on our side, this issue can also be reproduced on old versions Firefox. Usually when muxing a video bytestream, the video samples' timestamp should be monotonizally increasing and no overlap between samples. But there are some bad video samples in YT's bytesteam, they overlapped with the previous sample. Eg. [124416000, 125126000] and [125125000, 131382000]. The next one should start from 12516000 instead of starting from 125125000 causing an overlapping.
> That overlapped sample triggers this and our WebM demuxer fails to calculate the next timestamp in that situation. The end time of video sample was set to the same as the sample's start time, and that causes a gap being detected for the next sample, resulting in resetting append state. When doing so, mNeedRandomAccessPoint would be set to true and that triggers the sample skipping mechanism per the spec.
> Therefore, there would be many sample being incorrectly skipped and won't be added into the buffered range. When entering the buffering state, Firefox would be waiting those sample which has been skipped but Youtube thought that those samples were already appended. That makes the endless buffering happened.
Source: https://bugzilla.mozilla.org/show_bug.cgi?id=1878510#c113 (Alastor Wu [:alwu])
-
Bitwarden's update to fix logout issues has been approved
addons.mozilla.org Bitwarden Password Manager – Get this Extension for 🦊 Firefox (en-US)Download Bitwarden Password Manager for Firefox. At home, at work, or on the go, Bitwarden easily secures all your passwords, passkeys, and sensitive information.
-
Quck enable/disable WebGL on FF
Straight to the point: Is there some way to add a button or shortcut to quickly enable/disable WebGL without having to find it in settings every time?
The only issues I'm having using FF are all related to having WebGL disabled, so I find myself reactivating it relatively often. I wish there was some kind of quick way to enable it for this session only, or for this tab only. If you have any ideas, please let me know.
-
Did Firefox Stable for Android ever add Site Isolation?
I heard around the internet that Firefox on Android does not have Site Isolation built-in yet. After a little bit of research, I learned that Site Isolation on Android was added in Firefox Nightly, appearing to have been added sometime in June 2023. What I can't find, though, is whether this has ever been added to any stable versions of Firefox yet. Does anyone know anything about this?
Update: After further research, it appears that Site Isolation is not currently a feature in stable version of Firefox on Android. I don't know with certainty if their information is up-to-date, but GrapheneOS (A well-known privacy/security-focused fork of Android) does not recommend using Firefox-based browsers on Android due to it's (apparently) lack of a Site Isolation feature. A snippet of what Graphene currently have to say about Firefox on Android/GrapheneOS from their usage guide page, is: "Avoid Gecko-based browsers like Firefox as they're currently much more vulnerable to exploitation and inherently add a huge amount of attack surface."
On a side-note, they also say about Firefox's current Site Isolation on desktop being weaker, which I wasn't aware of. "Even in the desktop version, Firefox's sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole."
-
[email protected]: Has anyone else never had an single issue with YouTube on Firefox with adblockers?
YouTube has worked fine for me using Firefox with Ublock Origin, with no lag, notifications telling me to turn off ad blocking, or any of the other issues users have reported here.
-
Mozilla Welcomes Anonym: Privacy Preserving Digital Advertising
blog.mozilla.org Mozilla Welcomes Anonym: Privacy Preserving Digital Advertising | The Mozilla BlogMozilla has acquired Anonym, a trailblazer in privacy-preserving digital advertising. This strategic acquisition enables Mozilla to help raise the bar for
-
How can I quickly "unclog" firefox when it runs out of memory (with 1000/2000 tabs)
YouTube Video
Click to view this content.
Hi, Once in a while I try to clean up my tabs. First thing I do is use "merge all windows" to put all tabs into one window.
This often causes a memory clog and firefox get stuck in this state for 10-20 minutes
I have recorded one such instance.
I have tried using the "discard all tabs" addon, unfortunately, it is also getting frozen by the memory clog.
Sometimes I will just reboot my PC as that is faster.
Unfortunately, killing firefox this way, does not save the new tab order, so when I start firefox again, it will have 20+ windows open, which I again, merge all pages and then it clogs again !
So far the only solution I have found is just wait the 20 minutes.
Once the "memory clog" is passed, it runs just fine.
I would like better control over tab discard. and maybe some way of limitting bloat. For instance, I would rather keep a lower number of undiscarded youtube that as they seem to be insanely bloated.
In other cases, for most website I would like to never discard the contents.
In my ideal world, I would like the tabs to get frozen and saved to disk permanently, rather than assuming discard tabs can be reloaded. As if the websites were going to exist forever and discarding a tab is like cleaning a cache.
-
Why is compact mode 'not supported'?
I use it all the time and have for years. Just seems like a weird feature to lock behind about.config and say it's not supported while they still support things like Pocket.
- www.theregister.com Mozilla restores Firefox add-ons banned in Russia
Browser maker decided not to follow Putin's orders. Well done
-
Firefox development is moving from Mercurial to Git
bugzilla.mozilla.org 1863519 - (hg-to-git) [meta] Migrate from Mercurial to Git for Firefox DevelopmentNEW (nobody) in Developer Infrastructure - General. Last updated 2024-06-13.
-
Manifest V3 updates landed in Firefox 127
blog.mozilla.org Manifest V3 updates landed in Firefox 127 – Mozilla Add-ons Community BlogBelow is the next installation in our series of community updates designed to provide clarity and transparency as we continue to deliver Manifest V3 related improvements with each new Firefox release.
-
Mozilla Firefox Blocks Add-Ons to Circumvent Russia Censorship
theintercept.com Firefox Browser Blocks Anti-Censorship Add-Ons at Russia’s RequestAt Russia’s request, Firefox web browser maker Mozilla blocked add-ons that are designed to circumvent internet censorship.
-
Weird whitespaces in some webpages.
Hi, recently Firefox (technically Librewolf) presents me with weird whitespace as in the image. I tried to search for something similar, and I did find some post, suggesting I'll edit my font configs (in settings), but this has no effect. I tried to also open in incognito mode or disabled all my plugins or even create a new profile on my machine, but the spacings are always like this. On proper firefox, I don't see this issue.
Any idea?
-
Plugin: ?how-to: Intercept keystrokes
I seeked into the API in order to write a plugin for myself. In order to aid my workflow I need to listen to two keystrokes closely followed.
Apparently there are only hacks available. I want to fire-and-forget about my plugin as long as the API to command firefox stays consistent.
I did not attempt to write any code (and any JS code, honestly that is) yet. Simply because I did not get that requirement addressed by the official API /& documentation.
Recompiling firefox would be the least favorable option; But I would still be hooked if it would enable me to observe keystrokes on my own.
As an practical example: Pressing
Shift
two times in sequence and within 100 ms should enable me to eat the event. -
Forget Me Not Alternative for Android
cross-posted from: https://mander.xyz/post/13981542
> As Original forget we not is archived now Without giving sync functionality. > So, Do anyone know of similar addon. > > Must Available for android and active development > > Plus Sync functionality already implemented.
-
Stop Google search when visiting intranet site?
We have a few sites on our intranet at work that I constantly end up searching on Google instead of visiting the site.
If I type in the address bar
>https://site.work/customers/12345
it will navigate just fine, but if I just type
>site.work/customers/12345
it executes a Google search
Is there any way for me to add a whitelist for a given hostname? I don't want to turn keyword.enabled off.. I only want to turn it off for one site.
-
Whoa! I just noticed in #firefox Nightly that if I right-click on some text, I can choose to translate the selection. Neat!
mozilla.social Mike Conley (:mconley) ⚙️ (@[email protected])Attached: 1 image Whoa! I just noticed in #firefox Nightly that if I right-click on some text, I can choose to translate the selection. Neat! This is powered by Firefox's local translation mechanism, which doesn't ever send the text being translated out over the network. The translation all happen...
-
Tips about NoScript
Let be begin by saying: Selectively blocking Javascript is essential for online privacy.
Fundamental idea
- Javascript is needed for way too many websites to load correctly
- Websites often dont only use their own Javascript to display their own menus etc. but they load tons of external Javascript.
- There is often way more Javascript that you can block than what you need
- No "privacy browser" can protect you if you dont invest the work of blocking Javascript per origin
- there are many origins that just serve bullsh*t so you can always block them
- browser sandboxes, process isolation etc. is only needed because of Javascript or CSS exploits
- there are hacks that work through CSS only, but they are rare
- this is why browser isolate every website in a process. They isolate these processes from the system with strict filters and sandboxes
Sum up
Javascript is a technology used to display fancy websites, moving parts, responsive interfaces etc.
It is executed code, in your browser. Unlike normal applications, the code comes from random places on the internet, and is often malicious.
This is why browsers need to be so secure.
Many developers bundle random 3rd party javascript into their website, mostly for capitalist "get some more cents" purposes.
This means often: the website, AND the developers of the javascript will both get your personal data.
If you block Javascript, you avoid 99% of security issues, and automatically block most trackers.
Websites cannot place cookies in the browser, if you block javascript!
Some things to know
- Google reCaptcha is a nasty difference, as it requires many origins at once. NoScript has the "allow all Javascript on this tab" for this purpose
- some sites may load fine without Javascript, but menus dont work.
Setup of NoScript
Install the Addon and go into its settings.
per site permissions
It has some very loose, "security only" settings, so most of "Big Tech" is trusted by default. If you dont use it, set it to "untrusted".
general settings
Here you can select what "default", "trusted" and "untrusted" do.
Default
- I change it to "block all". Most websites dont load with the default settings anyways
- if you set "noscript", websites can see that "your browser does not support Javascript". This may cause them to display a no-js website, but that is really rare.
- The "noscript" makes you stand out from the crowd very likely. There are other methods to check if you support javascript, like just trying to run it.
Trusted
- I enable everything but these:
ping
: pretty shady stuff, thanks @[email protected]noscript
: you support Javascript so not usefulLAN
: block requests to your local network, should not be needed in most casesunverified CSS
: important blocking this is more secure (see above, CSS-only exploits are possible) but drastically slows down the speed of your browserother
: better not enable random other Javascript types
Untrusted
- block everything
- maybe allow
noscript
(see above)
See the explanations for all Javascript variants here
Workflow of NoScript
I think the author didnt really consider the implications, so these loose settings make little sense.
NoScript makes most sense for "goodness enumeration". By default, all Javascript is blocked.
At the beginning it may be annoying, but it will become less and less work:
- Open a website
- It likely doesnt load
- Click on the NoScript icon
- Set the Javascript of this Website to "trusted"
- NoScript automatically reloads the site
- maybe: Repeat, you may need to allow CDNs, image hosts etc.
Once you did this to all your commonly visited sites, only new ones will need manual configuration.
This approach becomes less effort over time, unlike badness enumeration, which gets more and more.
(I thought about giving you my 2 years old configuration as a headstart, but it is basically my browsing history. I would be interested in sharing a config on some Git host though, as this makes starting with NoScript way more pleasant)
Background on "badness enumeration"
Adblockers use something called "badness enumeration".
Example of badness enumeration:
- Adblockers: allow all content to load, block a, b and c ONLY
- Malware scanners: allow all code to execute, but block hashes a, b, c
- Some Firewall Blocklists: allow all incoming traffic, but block all IPs coming from Russia
The system is fundamentally flawed, as
- The authors of blocklists always need to be perfectly up to date
- Once a new malware/site/ad comes out, it will stay unblocked for a while
- It assumes every user needs the same
- It needs always growing filterlists and malware databases, that get bigger and bigger
Avoid badness enumeration when possible. Btw, NoScript likely also blocks many Ads on websites.