open support ticket for firefox browser
'Release 96.0.1 Does Not Work with Our Ariba PunchOut Catalogs' Users can punchout and add items to the Shopping Carts, but when they try to return the items from the cart back to our local Ariba Application, users receive a "Token Expired" error. When they click the button to return to the Ariba application, there are no items in the requisition.
We experienced the same issue when Chrome released version 80 in February of 2020. We have been recommending Firefox as the preferred browser but now it has the same problem.
Can you provide some way for users to run an older version of Firefox? Version 95.0.2 Works great. I have not upgraded to 96 yet due to this issue. However, many campus users have already installed 96.0.1.
Currently in our environment, only Inernet Explorer or EDGE running in IE mode work with our Ariba Application. Should we advise our campus users stop using Firefox now?
選ばれた解決策
Hello-I wanted to post an update. Using the about:config to toggle laxbyDefault to false command in Firefox 96.0.1, we were able to solve the issue of getting the Token Expired error message when users checked out of our Ariba PunchOut catalogs. The error resulted in no items being returned.
However, we were not comfortable of the longevity of this backdoor approach. After searching this support site to find information on how to install a prior version of Firefox (95..) we found the recommendation to try the Firefox Extended Support Release (esr) instead. We tested this in Windows 64 bit and macOS and it is working well so far. For more information about this, visit [|https://support.mozilla.org/en-US/kb/install-older-version-firefox ]
At the link above, scroll down to the section "Alternatives to downgrading". It states: " Firefox Extended Support Release (ESR) is an official version of Firefox developed for large organizations, such as universities and businesses, but it can also be used for personal computers. Firefox ESR does not come with the latest features but it does have the latest security and stability fixes."
Several of us have had this installed on our computers for several days now. I was asked to upgrade once. If you look at the browser version information, it is 91.5.1 esr (64 bit).
We opened a ticket with our IT department to see if they can sign off on it as a permanent workaround. To help us, can you provide: 1. Some reassurance regarding the security and stability of Firefox ESR? 2. The plans for the end of life support for Firefox ESR?
Thank you.
この回答をすべて読む 👍 0すべての返信 (14)
There is a change in Firefox 96 related to cookies and insecure sites.
See also:
- /questions/1363998 blocked 3rd party cookies
As a workaround for now you can modify this pref on the about:config page to revert this change.
- about:config => network.cookie.sameSite.laxByDefault = false
You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.
For reference, this was the Ariba documentation on working with the Chrome change: https://support.ariba.com/Item/view/186172
Hi, Jefferson! We are very familiar with this document and sent this to several of our over 60 punchout suppliers who had the token expired issue. Unfortunately, we are in a now de-supported hybrid Ariba Environment with the Procurement piece on an "in house" server. Ariba no longer supports this configuration (only On Demand in the cloud) and the guidance for the suppliers did not resolve the issue. Also, the SameSite browser settings which are similar to the Firefox about:config workaround are no longer available to use as a workaround. So we have no solution for Chrome, which is why we were recommending Firefox and IE.
IE and Edge in IE mode are working. Also, I just successfully reinstalled Firefox 95.0.2. I will be meeting with my team later this morning to develop a path forward in light of the most recent situation.
I got a note from Support recommending the about:config workaround. Do you know how long Mozilla will support this? Thanks!
morriv said
I got a note from Support recommending the about:config workaround. Do you know how long Mozilla will support this? Thanks!
Which one? Some of the preferences are temporary but due to the ongoing issues with various sites, I think we will have them for a few more months.
We have thousands of campus users. The easiest would be toggling the setting versus specifying servers. We have not been able to get the latter option to work.
選ばれた解決策
Hello-I wanted to post an update. Using the about:config to toggle laxbyDefault to false command in Firefox 96.0.1, we were able to solve the issue of getting the Token Expired error message when users checked out of our Ariba PunchOut catalogs. The error resulted in no items being returned.
However, we were not comfortable of the longevity of this backdoor approach. After searching this support site to find information on how to install a prior version of Firefox (95..) we found the recommendation to try the Firefox Extended Support Release (esr) instead. We tested this in Windows 64 bit and macOS and it is working well so far. For more information about this, visit [|https://support.mozilla.org/en-US/kb/install-older-version-firefox ]
At the link above, scroll down to the section "Alternatives to downgrading". It states: " Firefox Extended Support Release (ESR) is an official version of Firefox developed for large organizations, such as universities and businesses, but it can also be used for personal computers. Firefox ESR does not come with the latest features but it does have the latest security and stability fixes."
Several of us have had this installed on our computers for several days now. I was asked to upgrade once. If you look at the browser version information, it is 91.5.1 esr (64 bit).
We opened a ticket with our IT department to see if they can sign off on it as a permanent workaround. To help us, can you provide: 1. Some reassurance regarding the security and stability of Firefox ESR? 2. The plans for the end of life support for Firefox ESR?
Thank you.
この投稿は morriv により
https://www.mozilla.org/firefox/91.5.1/releasenotes/
Firefox Extended Support Release (ESR) is an official version of Firefox developed for large organizations like universities and businesses that need to set up and maintain Firefox on a large scale. It is meant for stability in mind which may mean occasionally not getting all of the same security fixes as Release channel gets to keep stability. https://www.mozilla.org/firefox/enterprise/
At the moment for Firefox 91 ESR, the last planned update will be 91.13.0 ESR.
Firefox 102 ESR will be out when Firefox 102 Release and Firefox 91.11.0 ESR are Released. https://wiki.mozilla.org/Release_Management/Calendar
I would would be very surprised if Mozilla were to discontinue the ESR anytime in near future after doing this for several years now.
この投稿は James により
Thank you very much!
James said
Firefox Extended Support Release (ESR) is an official version of Firefox developed for large organizations like universities and businesses that need to set up and maintain Firefox on a large scale. It is meant for stability in mind which may mean occasionally not getting all of the same security fixes as Release channel gets to keep stability. https://www.mozilla.org/firefox/enterprise/ At the moment for Firefox 91 ESR, the last planned update will be 91.13.0 ESR. Firefox 102 ESR will be out when Firefox 102 Release and Firefox 91.11.0 ESR are Released. https://wiki.mozilla.org/Release_Management/Calendar I would would be very surprised if Mozilla were to discontinue the ESR anytime in near future after doing this for several years now.
Unfortunately, there is a wrinkle: Older versions of Firefox will not re-use a profile that has been upgraded by a newer version. Accordingly, to migrate data to an older version, you will need to consider either:
(1) Setting up Firefox Sync between the regular release of Firefox and the ESR release of Firefox to transfer the data Sync can transfer (How do I choose what information to sync on Firefox?), or
(2) Transferring individual data/settings files from your Fx96 profile folder to your Fx91esr profile folder per this article: Recover important data from an old profile.
Hi, Jefferson- We noticed a message about creating a new profile when we installed ESR. We will revisit our campus guidance to include this information. Thank you!
Note that you should be cautious with transferring files to an older Firefox version as files may have been upgraded to newer schemes that aren't compatible with Firefox 91 and don't transfer a full profile folder or override the downgrade protection.
Hi, cor-el- Can you provide additional details? Are you referring to something regarding file downloads? I have never "transferred files" to Firefox, at least that I know of. What do you mean by, "don't transfer a full profile folder or override the downgrade protection."
Do you have links to notes/articles describing this in greater detail?
We are simply providing guidance to our users to install the supported Firefox Extended Support Release and the end user is installing the version. Thanks!
When we talk about transferring files then we mean copying files from another profile folder on the same computer or from another computer to the profile folder you are using on the current computer.
Some of the file in a profile folder are specific to this profile or have data that is specific to this device and best is to avoid copying a complete profile and only copy important data files.