Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

The configuration of an access to local files using by file protocol (file://)

  • 2 replies
  • 1 has this problem
  • 1 view
  • Last reply by mosso

more options

I am an user of Firefox Quantum Extended Support Release 60.6.1esr (64-bit).

This is my first post to this question form.

My Question is about the configuration of an access to local files using by file protocol. In the default, accessing to local files is available. But I'm afraid about any security problems.

So I disabled file protocol by an operation bellow.

1.1. Displaying the detail configuration from "about:config"

1.2. Searching by the word "fileuri".

1.3. Changing the value of "browser.tabs.remote.separateFileUriProcess" to false from true.

1.4. Changing the value of "browser.tabs.remote.allowLinkedWebInFileUriProcess " to false from true.

Then I want to ask about this operation. There are three points.

2.1. I understood the method to disable an access to local files by using uri which's prefix is "file://". But It is not clear about an necessity of the operation discribed by 1.4.. From its preference name, I guesse it makes available to access to local files from links on the web. Is that right? and Is there a necessity of the operation discribed by 1.4.?

2.2. I suppose it might be a basic matter for users of firefox. But what kind of threats do we face in the case of being available to access to local files by using "file://"?

2.3. Are there any other operations we should do for security about firefox like this problem?

I am an user of Firefox Quantum Extended Support Release 60.6.1esr (64-bit). This is my first post to this question form. My Question is about the configuration of an access to local files using by file protocol. In the default, accessing to local files is available. But I'm afraid about any security problems. So I disabled file protocol by an operation bellow. 1.1. Displaying the detail configuration from "about:config" 1.2. Searching by the word "fileuri". 1.3. Changing the value of "browser.tabs.remote.separateFileUriProcess" to false from true. 1.4. Changing the value of "browser.tabs.remote.allowLinkedWebInFileUriProcess " to false from true. Then I want to ask about this operation. There are three points. 2.1. I understood the method to disable an access to local files by using uri which's prefix is "file://". But It is not clear about an necessity of the operation discribed by 1.4.. From its preference name, I guesse it makes available to access to local files from links on the web. Is that right? and Is there a necessity of the operation discribed by 1.4.? 2.2. I suppose it might be a basic matter for users of firefox. But what kind of threats do we face in the case of being available to access to local files by using "file://"? 2.3. Are there any other operations we should do for security about firefox like this problem?

Modified by mosso

All Replies (2)

more options

I don't know how this works.

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)

more options

Thank you cor-el!

But how should I understand this...the archives suggested is little bit technical for me...sorry.

How do I solve my question?

Modified by mosso