Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

Server-side override of the setting "Restore previous session"

  • 2 odpowiedzi
  • 4 osoby mają ten problem
  • 14 wyświetleń
  • Ostatnia odpowiedź od cor-el

more options

For some websites with sensitive content it is very annoying that it is possible in firefox to restore the previous sessions after firefox crashes.

The default-setting for this firefox-feature in about:config and then browser.sessionstore.resume_from_crash is true.

This can cause a security break when a user log into a website with sensitive content and then firefox crashes and the user leave the pc. If then an other user starts firefox again on this pc firefox will aks if he want to restore the previous sessions. When this other user click "restore the previous sessions" he will have the authorized session of this website with sensitive content of the first user!

=> So the question is if there is a possibility to override the firefox-setting "Restore previous session" on the server side.

For some websites with sensitive content it is very annoying that it is possible in firefox to restore the previous sessions after firefox crashes. The default-setting for this firefox-feature in about:config and then browser.sessionstore.resume_from_crash is true. This can cause a security break when a user log into a website with sensitive content and then firefox crashes and the user leave the pc. If then an other user starts firefox again on this pc firefox will aks if he want to restore the previous sessions. When this other user click "restore the previous sessions" he will have the authorized session of this website with sensitive content of the first user! => So the question is if there is a possibility to override the firefox-setting "Restore previous session" on the server side.

Wszystkie odpowiedzi (2)

more options

This blog post might be of help http://mike.kaply.com/2012/03/15/customizing-firefox-default-preference-files/

If not, the best place to get an answer for that kind of thing is in the Enterprise Working Group Mailing List.

more options

Note that Firefox 10.0.9 is an older Firefox ESR version (the last in ESR 10.0.12) and has been replaced by Firefox 17 ESR.


You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.

Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.

pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0); // use this to disable the byte-shift

See:

These functions can be used in the mozilla.cfg file:

defaultPref();  // set new default value
pref();         // set pref, but allow changes in current session
lockPref();     // lock pref, disallow changes