Remotely add exception to Saved Passwords for specific sites
Good afternoon!
We need to add a "Saved Password Exception" to Firefox on several remote computers on our network (Non-Domain). We do not want to block the saving of all passwords, but want to specify a few websites to never ask or prompt to save.
I was hoping I could do this with Mozilla.cfg or Policies.json, and distribute it over the network to each PC. All I have found is a way of blocking all site password save-prompts with "signon.rememberSignons" in the Mozilla.cfg.
Any suggestions on how to set exceptions for specific sites with either using the Mozilla.cfg or Policies.json? Otherwise I may need to edit the firefox configuration manyally on each PC.
Suggestions?
Thanks everyone!
Isisombulu esikhethiweyo
You should be able to see more detail in the Browser Console in case there is a problem.
The last line should be lockPref() with a lowercase 'l' and not LockPref();
- LockPref("browser.startup.homepage", "https://examplesite.com");
All Replies (6)
I don't think that there is a policy to create a login exception, so you would have to use an autoconfig.cfg file.
- https://github.com/mozilla/policy-templates
- https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig
If you use a regular release and not ESR then you need to disable the sandbox via autoconfig.js
// autoconfig.cfg needs to start with a comment line let {classes:Cc,interfaces:Ci,utils:Cu} = Components; // autoconfig.js => pref("general.config.sandbox_enabled", false); let {Services} = Cu.import("resource://gre/modules/Services.jsm"); /* create a login block exception */ Services.perms.addFromPrincipal( Services.scriptSecurityManager.createContentPrincipalFromOrigin("https://example.co.uk"), "login-saving", 2 );
Having issues getting this to work. May be because I am using the Mozilla.cfg lock to down a few settings. Can the AutoConfig and Mozilla.cfg be used at the same time? Or do we need to use one or the other? What you posted does sound like what we are after!
This is what we currently have set in our Mozilla.cfg file (See below). Can this be added to the Autoconfig file if we cannot used both Mozilla.cfg/lock and autoconfig at once?
// lockPref("privacy.clearOnShutdown.cache", true); lockPref("app.update.enable", true); lockPref("print.printer_PLAIN.print_orientation", 0); lockPref("print_printer", "PLAIN"); lockPref("print.printer_PLAIN.print_scaling", "1");
Thanks!
mozilla.cfg and the autoconfig file I mentioned above are the same file. In the past this file was named mozilla.cfg, but now the preferred name is autoconfig.cfg ans mentioned in the link I posted above. The actual filename is set via the file in the "defaults\pref" directory where the channel-prefs.js file is located
- pref("general.config.filename", "autoconfig.cfg");
The autoconfig.cfg file is run as a JavaScript file with full privileges and can also contain JavaScript code. Errors in this file will throw an exception and abort the execution. You can check the Web Console for possible error messages.
On release "autoconfig.cfg" is run in a sandbox by default (on ESR the sandbox is disabled) and you need to disable the sandbox via the autoconfig.js file to be able to run the JavaScript code I posted in my above reply
- pref("general.config.sandbox_enabled", false);
I am soo close!
So here is my issue now. As soon as I add the disable sandbox statement it breaks and I get an error about the autoconfig file.
Here is how the "autoconfig.js" looks prior to adding sandbox:
pref("general.config.filename", "autoconfig.cfg"); pref("general.config.obscure_value", 0);
Here is what I have in the AutoConfig file that works without the sandbox line:
// lockPref("privacy.clearOnShutdown.cache", true); lockPref("app.update.enable", true); lockPref("print.printer_PLAIN.print_orientation", 0); pref("browser.startup.homepage", "https://examplesite.com"); lockPref("print_printer", "PLAIN"); lockPref("print.printer_PLAIN.print_scaling", "1"); LockPref("browser.startup.homepage", "https://examplesite.com");
As soon as I add the disable sandbox statement (below) I get an error stating "Failed to read the configuration file": pref("general.config.sandbox_enabled", false);
I tried adding it to the top, and lower portion of the autoconfig.js file. Is there a statement thats required in the autoconfig after that line is added?
I feel I am missing something simple. Any thoughts?
Thanks!
Isisombululo esiKhethiweyo
You should be able to see more detail in the Browser Console in case there is a problem.
The last line should be lockPref() with a lowercase 'l' and not LockPref();
- LockPref("browser.startup.homepage", "https://examplesite.com");
Of course I overlook the last line! That was it. As soon as I changed that I was able to get it working. Now able to prevent specific sites from saving passwords. Thanks a ton! Learned a lot in this process