Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

Why does user_pref("capability.policy.default.Location.href", "allAccess"); no longer work in FireFox 4? How can I re-enable this feature?

  • 4 trả lời
  • 15 gặp vấn đề này
  • 3 lượt xem
  • Trả lời mới nhất được viết bởi Natorator

more options

On upgrading to FireFox 4 from 3.6.15, I noticed that my capability.policy.default items in the prefs.js file were no longer working (the custom site that I run locally needs access to this attribute, amongst others) - how can I go about returning this feature back on?

Example CAPS entry: user_pref("capability.policy.default.Location.href", "allAccess");

I've had to downgrade again to 3.6.15 until I can get this to work.

Tested on Windows XP (SP3), and using existing/new profiles in FF 4.0 and using prefs.js and user.js - nothing can get the Javascript code to read the location.href and getting an error generated in the error console. Also tested on Mac OS X 10.6.7 with FF 4.0 - still no luck getting capability.policies to work.

Please help...

On upgrading to FireFox 4 from 3.6.15, I noticed that my capability.policy.default items in the prefs.js file were no longer working (the custom site that I run locally needs access to this attribute, amongst others) - how can I go about returning this feature back on? Example CAPS entry: user_pref("capability.policy.default.Location.href", "allAccess"); I've had to downgrade again to 3.6.15 until I can get this to work. Tested on Windows XP (SP3), and using existing/new profiles in FF 4.0 and using prefs.js and user.js - nothing can get the Javascript code to read the location.href and getting an error generated in the error console. Also tested on Mac OS X 10.6.7 with FF 4.0 - still no luck getting capability.policies to work. Please help...

Được chỉnh sửa bởi damager vào

Tất cả các câu trả lời (4)

more options

Anyone, really? This would be a bug if you ask me and it doesn't work on two different operating systems. Does anyone have a way of disabling the Same Origin Policy, temporarily, for FF4 whilst this gets looked at/fixed?

On Google Chrome, --disable-web-security would be the equivalent.

more options

New information: On FireFox 3.6 if I remove the following line from prefs.js: user_pref("capability.policy.default.Location.href", "allAccess");

I get the following error:

Error: Permission denied for <http://<Redacted>> to get property Location.href Source File: http://<Redacted>/ Line: 1769 </p>

I get a slightly different error under FF4.0 - is there a different syntax now, as it is no longer showing "Location.href", but just "href" (and yes, I've tried removing Location. from the user_pref)...

Error: Permission denied to access property 'href' Source File: http://<Redacted</ Line: 1769 </p>

Được chỉnh sửa bởi damager vào

more options

New information:

Also happens on Windows Vista (upgrading from FF 3.5 directly to 4.0) and Windows 7 (from FF 3.6 to 4.0).

more options

I've been beating my head against this problem for a few hours, and I finally solved it. I'd been trying to set a capability policy using the "magic" default policy, and nothing would work - I could disable properties and functions of the Window object, but not the Location object.

It turns out that if I set a custom policy name, and named the specific sites I wanted the policy to apply to, it works! The only hitch is that you'll have to build a whitelist of sites that are allowed to have this kind of access, instead of allowing any site to access it by default. I think this is prudent security policy, in order to prevent XSS attacks.

So, for your case, instead of this: user_pref("capability.policy.default.Location.href", "allAccess");

use this instead: user_pref("capability.policy.policynames", "hrefaccess"); user_pref("capability.policy.hrefaccess.sites", "http://example.com http://www.example.com"); user_pref("capability.policy.hrefaccess.Location.href", "allAccess");

I haven't tested this code, but a similar implementation for my problem did the trick. I hope this helps!