04-18-2024 06:03 AM - edited 04-18-2024 06:06 AM
I have a well hidden web server that uses HTTP. I need to download files from that server. After the newest update (125.0.1), Firefox now gives a warning about the website and on that warning is a button to "Allow Download".
However when I click on that button, the file that gets downloaded IS NOT the file that I was initially attempting to download. It looks like it is a copy of the web page that was being displayed at the time.
I noticed this behavior at work. I went home and used Firefox to connect to the server and everything connected and downloaded correctly. I went to see what version of Firefox was running. It was 124.0.2 and there was a button saying "Update Firefox". I clicked that button. My home Firefox updated to 125.0.1 and my home version of Firefox now also downloads the wrong file.
04-18-2024 06:36 AM - edited 04-18-2024 07:45 AM
Hello
Firefox release notes
https://www.mozilla.org/en-US/firefox/releases
https://bugzilla.mozilla.org/show_bug.cgi?id=1877195#c19
https://bugzilla.mozilla.org/show_bug.cgi?id=1892115
Try dom.block_download_insecure
Configuration Editor for Firefox https://support.mozilla.org/en-US/kb/about-config-editor-firefox
Search dom.block_download_insecure
04-18-2024 03:57 PM
Mozilla has issued a remote preference flip patch to temporarily revert to the earlier behavior. If you can't (or don't want to) modify the dom.block_download_insecure preference yourself, you can watch for this fix to be retrieved and installed automatically on your work computer. It should appear on the "about:studies" page and look like this:
I don't know when Firefox 125.0.2 is expected to be issued (it may depend on other bugs discovered in recent days), but this preference change will also be included in that release.
04-19-2024 12:43 AM - edited 04-19-2024 01:09 AM
Hello
In adition
Normandy https://wiki.mozilla.org/Firefox/Normandy/PreferenceRollout
https://support.mozilla.org/en-US/kb/share-data-mozilla-help-improve-firefox
about:telemetry
Environment Data
Experiments https://bugzilla.mozilla.org/show_bug.cgi?id=1892259
With about:studies you can delete the study concerned if you wish.
In this case, dom.block_download_insecure will automatically be set to true by default.
04-22-2024 11:15 AM