Difference between revisions of "Firefox notes"
| Line 42: | Line 42: | ||
The [http://blog.johnath.com/2008/08/05/ssl-question-corner/ author responds] to the mass outcry against the new Firefox 3 UI for certificate warnings. Apparently he still disagrees. The annoying thing is that he doesn't get it. Most of the people who have been complaining about this this are IT professionals and we understand the risk. We don't need a lecture on "Certificate Security for Dummies". We just want a "Expert" option somewhere in Firefox three to turn off this stupid "feature". | The [http://blog.johnath.com/2008/08/05/ssl-question-corner/ author responds] to the mass outcry against the new Firefox 3 UI for certificate warnings. Apparently he still disagrees. The annoying thing is that he doesn't get it. Most of the people who have been complaining about this this are IT professionals and we understand the risk. We don't need a lecture on "Certificate Security for Dummies". We just want a "Expert" option somewhere in Firefox three to turn off this stupid "feature". | ||
| − | There is a work around to set "expert" mode using the "about:config" interface. This makes the process a tiny bit less painful. This will still require two clicks where one click would do, | + | There is a work around to set "expert" mode using the "about:config" interface. This makes the process a tiny bit less painful. This will still require two clicks where one click would do. Luckily, someone has created a Firefox 3 Add-on that fixes even this and makes accepting a certificate exception be a one-click process. Check out [https://addons.mozilla.org/en-US/firefox/addon/6843 MitM Me]. Unfortunately, the "MitM Me" Add-on is listed as "experimental" so you have to sign-up for a Mozilla account and login before you can download it. |
| + | |||
| + | If you don't want to install the "MitM" Me Add-on there here are the "about:config" settings that you need to set to at least turn this into a two-click process: | ||
<pre> | <pre> | ||
| Line 51: | Line 53: | ||
These settings are documented here: | These settings are documented here: | ||
| + | |||
* [http://kb.mozillazine.org/Browser.xul.error_pages.expert_bad_cert browser.xul.error_pages.expert_bad_cert] | * [http://kb.mozillazine.org/Browser.xul.error_pages.expert_bad_cert browser.xul.error_pages.expert_bad_cert] | ||
* [http://kb.mozillazine.org/Browser.ssl_override_behavior browser.ssl_override_behavior] | * [http://kb.mozillazine.org/Browser.ssl_override_behavior browser.ssl_override_behavior] | ||
* [http://kb.mozillazine.org/Browser.xul.error_pages.enabled browser.xul.error_pages.enabled] | * [http://kb.mozillazine.org/Browser.xul.error_pages.enabled browser.xul.error_pages.enabled] | ||
| − | |||
| − | |||
Revision as of 18:20, 5 January 2009
Type about:config into the address bar or get Configuration Mania.
about:config
Search for these options and modify or toggle them:
about:robots security.dialog_enable_delay = 0 browser.tabs.closeButtons = 3 # put tab close button on toolbar browser.sessionstore.max_tabs_undo = 30 browser.search.openintab = True # Searches in search bar open in new tab instead of current window browser.urlbar.clickSelectsAll = True # I can't decide which way I like better... layout.spellcheckDefault = 2 # Spellcheck one-line text fields as well as standard text area fields view_source.editor.external = True view_source.editor.path = /usr/bin/gvim
These options may need to be created:
content.switch.threshold = 1000000
Interesting... I need to research these more:
network.protocol-handler
Firefox 3 unsigned SSL cert handling was thought up by an asshole
Error code: sec_error_untrusted_issuer
The author responds to the mass outcry against the new Firefox 3 UI for certificate warnings. Apparently he still disagrees. The annoying thing is that he doesn't get it. Most of the people who have been complaining about this this are IT professionals and we understand the risk. We don't need a lecture on "Certificate Security for Dummies". We just want a "Expert" option somewhere in Firefox three to turn off this stupid "feature".
There is a work around to set "expert" mode using the "about:config" interface. This makes the process a tiny bit less painful. This will still require two clicks where one click would do. Luckily, someone has created a Firefox 3 Add-on that fixes even this and makes accepting a certificate exception be a one-click process. Check out MitM Me. Unfortunately, the "MitM Me" Add-on is listed as "experimental" so you have to sign-up for a Mozilla account and login before you can download it.
If you don't want to install the "MitM" Me Add-on there here are the "about:config" settings that you need to set to at least turn this into a two-click process:
browser.xul.error_pages.expert_bad_cert = true browser.ssl_override_behavior = 2 browser.xul.error_pages.enabled = true # this is the default, so it is probably already set true.
These settings are documented here:
