Firefox for Enterprise Community Forum

Hi All, I want to block traffic on firefox externally for managed devices via Intune, following the import of the ADMX/ADML files into intune.

Having read https://support.mozilla.org/en-US/kb/managing-firefox-intune I have set '\Mozilla\Firefox\Exceptions to blocked websites' to the following; //*.mydomain.com/*

Which works, however, I also want to add hosts that are only resolving on IPs and not DNS. I can add specific IPs if known, but is there a way I can allow IP ranges? Ie

//10.10.*/* (this doesn't currently work) Of the included screenshot, only the wildcard for mydomain.com and the specific IP currently work

I've looked over the link that is recommened in the policy (indirectly) and can't see an option for allowing an IP range. https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns

If there is a better way to do this via intune for firefox only, please let me know.

Thanks

I always watched movies/shows through mozila browser. Lately some titles are playing back like stuttering, choppy, like skipping frames. This happens on Netflix only, in titles like for instance "The Blacklist" and "The Juror". In Chrome they work fine. It's just on Firefox. Something happen with Firefox in one of its late updates.

Form History Control (II) FoxyProxy Standard

These 2 extensions just installed themselves in Firefox ESR and disabled ALL my current extensions!!? I can't seem to remove them either.. please help!

I'm running Parrot OS (Linux) and had just signed myself in @hackthebox.com , which is a friendly place where people can learn to develop their cybersecurity skills. security on this site should be great, i don't know if this could be the issue...

Thanks in regards!

I need assistance with updating an old version of Firefox installed in the local AppData folder on our users' machines. We currently use Intune for application management, but I'm unsure how to remove the user-based installation and revert to a system installation without losing bookmarks.

Could you please provide guidance on how to:

1. Numbered list item Force update Firefox to the latest version while keeping user data intact.

2. Remove the user-installed version of Firefox using Intune.

3. Ensure that bookmarks are preserved during the update process.

Thank you for your help!

Hello community,

i would like to ask about how to deploy security.pki.certificate_transparency.disable_for_hosts globally for users? With version 135 a lot of production webapps stopped working and as of now , we have to do manual modification in about:config. Our company has over 300k users , so the possible disruption might arise very quickly and there will be significant loses in production enviroment.

Is there a way how to deploy this specific setting via GPO/SCCM ?

Thank you

Trying to block www.share365.net but it's not working

{

 "policies": {
     "WebsiteFilter": {
         "Block": [
           "*:share365.net",
           "*:www.share365.net",
           "*://share365.net/*"
         ]
     }
 }

}

My original intent was to customize firefox with userChrome.js scripts. However /defaults/pref directory is nowhere to be found.

Tested on both apple silicone and intel macs running macos sequoia 15.3, firefox 135.

Custom userChrome.css files are in use but I don't think it matters.

I did use browser console to find and recheck file directories. Going through every folder in both firefox.app/contents and /Users/(myname)/Library/Application Support/Firefox/ showed nothing.

Show hidden files are turned on, and the following commands via terminal showed no valid responses.

sudo open /Applications/Firefox.app/Contents/Resources/defaults/pref

open /Applications/Firefox.app/Contents/Resources/defaults/pref

cd /Applications/Firefox.app/Contents/Resources ls -la cd defaults ls -la cd pref ls -la

find /Applications/Firefox.app -name "pref" 2>/dev/null

Hi. On an Active Directory, we deploy Firefox (normal or ESR). It's OK. When we deactivate the link of the GPO, it's supposed to uninstall. But it doesn't (even if we delete the GPO, specifying to uninstall at once).

The gpresult command on each computer doesn't show the GPO anymore, but Firefox is still installed.

( FYI, we used to do that with FrontMotion Community Edition, and it was always working (instal and uninstal). We even just tried the "last" (but old) ESR edition present on the FrontMotion site (CEESR-102), and it works. But FM CE version has stopped being developped. )

So, any idea about why the official Mozilla Firefox version (normal or ESR) doesn't uninstall?

Thanks by advance.

Hello,

New subscriber here. I have been given the task to test the install and uninstall of the Purview Firefox browser extension using Intune. I created 2 groups in EntraID, one for each (install and uninstall).

I have no issues with the installation. Initially, I left the test device in the install group and then added it to the uninstall group to remove it. (this usually works with other apps, it worked this way with the Purview Chrome browsing extension as well other apps) but when I do this, nothing happens.

Next, I removed the device from the install group and added it to the uninstall group only. Once the configuration profile applies to the test device, it allows the user to remove it manually (before it did not) but the extension remains installed.

I have created a policy using the administrative template extension uninstall option as well as with the OMA-URI settings but the same happens. When i check the device configuration for the device in Intune, it says it succeeded but that is not the case. The OMA-URI setting I was not too sure about, but gave it a shot. I used the UUID value for the Purview Firefox extension

I am attaching some pictures and hope someone can tell me what I am doing wrong. I can add additional information, if needed. I have opened a ticket with Microsoft last week but have not called me yet. I ran into this forum today.

Thanks in advance

I am having the same issue as this other user here: https://www.reddit.com/r/sysadmin/comments/17wvuwh/help_pinning_extension_in_firefox_with_gpo/

Preliminaries -- Initially (before trying to force-pin), I had these GPOs enabled:

Extensions to Install -> https://addons.mozilla.org/firefox/downloads/file/4410896/bitwarden_password_manager-2024.12.4.xpi

Prevent extensions from being disabled or removed ->

• {446900e4-71c2-419f-a6a7-df9c091e268b}
• {3f6129fb-6c55-4452-ab6f-7c109b2301df}
• https://addons.mozilla.org/firefox/downloads/file/4410896/bitwarden_password_manager-2024.12.4.xpi

(Those GPOs above all work.)

What I'm trying to do: Force-pin Bitwarden.

I believe I've followed the documentation correctly (except for not including a "*" case): https://mozilla.github.io/policy-templates/#extensionsettings

I've enabled this GPO with this value:

Extension Management ->

{

 "{446900e4-71c2-419f-a6a7-df9c091e268b}": {
   "default_area": "navbar"
 }

}

After running various "GPUpdate"s and whatnot, the option to uncheck "Pin to toolbar" is still available to click.

I've verified in "about:policies#active" that the JSON item appears next to "ExtensionSettings" and that there are no errors listed in the "Errors" tab.

I've also verified that it appears in the correct location in the Registry.

Since another user had the same issue (Reddit link above), I figured it'd be a good idea to check in with y'all to see if we are missing something.

Thanks for your help!

Firefox is used on Windows 11 Enterprise. There is a firefox.cfg in the installation directory (and an autoconfig.js in the ./defaults/pref sub-directory). The firefox.cfg targets an autoconfigfile.js. This setup is recommended here: [firefox using autoconfig"]

1. In the support article´s example, the firefox.cfg uses a pref(); expression. Is it possible to use a lockPref(); expression instead?
2. What is the result of either using pref(); expressions or user_pref(); expressions in the remoted autoconfigfile.js? Are both of them possible, especially while the firefox.cfg uses lockPref(); expressions instead of pref();?

I hope that somesone can help with one of these questions. Thanks a lot!

Hey everyone. I am automating end-to-end testing with playwright for python, using the official Docker image from the microsoft artifact repository (using `playwright/python:v1.49.1`).

As I have signed certificates for my local domains with my own certificate authority, I am trying to have Firefox automatically install the certificates via a policies file. However, Firefox seems to ignore the policies file no matter what.

To ensure that the file itself is used, I simplified it to a single boolean value, and ensured that it's copied correctly inside the container via the `cat` command. Here are the current contents:

{

 "policies": {
   "DisableTelemetry": true

}

I know that the CA certificate is installed correctly, as it works out of the box using the WebKit browser and Curl command. I have gotten it to work in Chromium by installing it to nssdb using `certutil`.

I have converted the file from ASCII to the `utf-8` charset.

The file has the expected content, and I have copied it to both `/etc/firefox/policies/policies.json` and `/ms-playwright/firefox-1466/firefox/distribution/policies.json` (the path to the binary is `/ms-playwright/firefox-1466/firefox/firefox`).

Opening `about:policies` shows the text "The Enterprise Policies service is inactive.", which is sadly not very informative. It would be nice to have a list of locations it looks in, and any problems it encountered.

The container uses Firefox Nightly 132.

Are these locations incorrect? Is there any way to debug this? Does anyone have any other suggestions? If you need any more info (Dockerfile, etc.), please let me know.

Thanks in advance.

Firefox is used on Windows 11 Enterprise. There is a firefox.cfg in the installation directory (and an autoconfig.js in the ./defaults/pref sub-directory). Everything works fine when a pref(...); entry is written to the firefox.cfg. However, we want the firefox.cfg to call the pref(...); entries from a global_config.js which is saved on the machines public directory.

Therefore, the firefox.cfg says:

// free line lockPref("autoadmin.global_config_url","file:///C:/Users/Public/.../global_config.js");

But firefox does not load whatever prefs are written to the global_config.js. There probably is problems with the formatting of the file path (file:///C:/Users/Public/.../global_config.js). What would the correct formatting look like? Unfortunately, Mozilla´s support guide only includes an example code for a firefox.cfg which calls a global_config.js via http:, but not via file:.

We have an application running on Firefox and noticed that with new Firefox ESR, Ajax call (XMLHttpRequest ) from js script running on Firefox browser on thin clients seems to be blocked frequently (same call succeed most of the time, but blocked from time to time). Issue was raised starting with Firefox 128.2.0esr), but in general persist with newer Firefox ESR. We tried replacing XMLHttpRequest with fetch which seems making no much difference so far.

Dear Community,

i had .cfg file with following settings to clean up some userdata after closing firefox:

//Clean UP Cache etc. lockPref("privacy.sanitize.sanitizeOnShutdown", true); lockPref("privacy.clearOnShutdown.cache", true); lockPref("privacy.clearOnShutdown.cookies", false); lockPref("privacy.clearOnShutdown.offlineApps", true); lockPref("privacy.clearOnShutdown.sessions", false);

This cleaned the "Storage" Folder in the Firefox Profile folder, but cookies and sessions where remaining, so the logins where active.

Now i saw that all useres have lots of folders in the "Storage/Default" folder. After some research i found out that this behavior startet at 02.10.2024.

I also found a new pref: privacy.clearOnShutdown_v2.cookiesAndStorage which was set to "false". No idea where this key came from? When I set this key to "Yes", the storage is cleared after closing Firefox. But so also all the cookies. Was there a change at the prefs?

And is ther any other solution to clear the Storage but remain the cookies?

Thank you in advance!

After updating to v132 I have noticed a significant increase in the load times for some websites that our users connect to. Using v131.0.3 I usually see < 1 second load times for the two websites I am monitoring but after upgrading to v132 it is consistently taking 18-19 seconds for the same page. I have tried uninstalling v132 and reverting to v131 and it immediately goes back to the much faster load times. I have also tried installing various v133 releases and I see the same performance issue as for v132.

The environment I am working in is behind a network firewall with relatively restrictive internet access and I am wondering whether there are sites that Firefox is trying to connect to for the new anti-tracking or suspicious activity features (or anything else) that are being blocked and are therefore causing timeouts and retries that are bumping the total load time up.

Can anyone think of anything else I could check or change?