Any ideas why I'm not able to see a reCAPTCHA on a site running in Firefox with Ghostery and ABP? Thanks
I've discovered that Ghostery is blocking Recaptcha as long as you have the addon enabled with the "Enhanced Anti-Tracking" enabled. I am unable to find a way to whitelist the google recaptcha domains in the settings.
I had the same issue and filed a report at Ghostery. They're working on it:
Thanks for reporting, this is something we’ve had reports of and you are correct that disabling anti-tracking is the current work around. Our dev team is looking into this to device a fix. We appreciate your patience and happy browsing!
The reason why ReCaptcha currently isn't working in combination with Ghostery's Enhanced Anti-Tracking is that one of the variables is recognised as "tracking data" by Ghostery and therefore replaced with the literal text "ghostery". After that, a javascript file is loaded without a required part of the file path and ends up as a 404: /recaptcha/api2//recaptcha__en.js (this should have been /recaptcha/api2/v1545#########/recaptcha__en.js).
Edit 2019-01-12: In the meanwhile, Ghostery released an update that should fix this issue.
I have installed JComments on my site, installation went fine but can't post any comment. Send button has no respond. I tried some solutions from other forums but no help. If I change template it is working. Also working on my local machine.
Can someone help me with this please?
TNX
enter image description here
Typically, this is caused by a JavaScript conflict somewhere, you should be able to see the error by clicking on F12 and then clicking on "Console" in Google Chrome.
Having said that, it is probably a better idea to use Disqus instead of JComments because many users are already on the platform and because Disqus automatically filters out the spam for you.
I'm using Firefox, and while setting up a server, I have been fiddling around with redirects. Now, Firefox has cached a 301 redirect from http://example.com/ to https://example.com/ and from http://sub.example.com/ to https://sub.example.com/.
I've tried the following things:
History -> Show all history -> Forget about this site.
Checked that no bookmark with https://example.com/ is present.
Changing browser.urlbar.autoFill to false in about:config.
Changing browser.cache.check_doc_frequency from 3 to 1.
Options -> Advanced -> Network -> Chached Web Content -> Clear now.
None of the above works, so I checked the redirect with wheregoes.com and it doesn't show any redirect from http to https.
I've even changed the DNS to point to another IP served by a server, where I've never set up redirection - the redirection is still in effect.
I've also tried in Private Browsing in Firefox, and there is no redirect there. I've tried in Google Chrome, and there is also no redirect here.
I've also tried to make a redirect from https to http which worked in Google Chrome, and yielded a redirection error in Firefox.
My version of Firefox is 38.0.1, and I'm using Windows 8.1. I use the following addons: AddBlock, Avast! and LastPass. Avast! may not be the issue, as I've disabled it while testing.
What I can do about it?
"Sites preferences" are the culprit. Wasted 45min of my life finding how to fix it despite all the kb/support.mozilla tricks which does not solve your issue nor did mine. I don't know what triggers this issue, but several of my websites started to go pear-shaped in a few weeks only affecting me and only firefox.
That's the solution you are all looking for:
Go to Preferences
Privacy
Click 'Clear your history' (nothing will happen yet, click safely)
Once the pop-up appears, click Details.
Untick everything except 'Sites Preferences'
Select 'Everything' in the select box at the top
Click Ok
Try now
PS: What I did try that did not worked for me are:
urlbar.autofill false
Forget Website trick
Safe mode
We all know it is not an HSTS issue when a website you own and you accessed before never got https support but now FF wants you to use https... It is just a firefox bug IMO.
The solution that worked for me:
Go to about:config
Look for network.stricttransportsecurity.preloadlist and set it to false
Enjoy
If the above STILL DOES NOT WORK, try setting browser.fixup.fallback-to-https to false from about:config
Using Firefox 100 or above you may also need:
dom.security.https_first to false
dom.security.https_first_pbm to false (this one is for anonymous windows)
I had the same problem but the answer was that I used a .dev extension to access my local websites !
I cleared all historic data in FF and nothing changed.
Searching for another solution, I found this page https://ma.ttias.be/chrome-force-dev-domains-https-via-preloaded-hsts/
With .dev being an official gTLD, we're most likely better of changing our preferred local development suffix from .dev to something else. If you're looking for a quick "search and replace" alternative for existing setups, consider the .test gTLD, which is a reserved name by IETF for testing (or development) purposes.
I changed my local website extensions from .dev to .test and all work perfectly !
Alternative solution, easy.
Open Firefox and in the address bar type this URL
http://example.com/?fake_parameter_to_bypass_cache
This should force the browser to reload the web page from http://
None of the answers worked for me, the only the one was the one in the comment of Muhammad so thanks in advance to him, I copy the answer here to make it easier:
Go to about:config
Look for browser.fixup.fallback-to-https and set it to false
Check your extensions!
In my case, DuckDuckGo Privacy Essentials extension was causing this redirect. I disabled it, and the problem is solved.
Now (Firefox 84) it is much simpler to clear the site's data. Just click the padlock icon on the left of the address bar. Then choose "Clear cookies and site data".
I had the same situation as what OP did. It helped me to clear the HTTPS redirect.
Here's what worked for me on Firefox v98.0.2:
Settings -> General
Network Settings -> Settings
Uncheck "Enable DNS over HTTPS
I tried the 'correct' answer, plus the comment about including cache in the deletion, and I was still having issues with my problem site.
I opened the firefox profile directory and searched for the website name in all files.
I found it in 'logins-backup.json' and deleted that file to finally fix the problem.
In my case, I decided to use a *.dev domain for local development. But then I tried to open the site in Firefox, and after a while I realized it uses HTTPS, even when I start the url with "http://..." I tried to right-click on the link in the History, and choose Forget About This Site, or clear the cache. But it didn't help.
Later I found out that the dev domain is in HSTS preload list these days. Which means Firefox and Chrome (and probably others) don't let you access the subdomains w/o HTTPS. More on it here and here.
In my case, it was an addon that did it: disabling DuckDuckGo privacy essentials fixed it.
I had this issue when running Firefox with OWASP ZAP proxy.
I didn't knew it was the proxy causing this.
In hindsight it's easy to test this: run Firefox without OWASP ZAP proxy to see if it works.
To get it working with OWASP ZAP, turn off Heads Up Display (HUD) or enable the HUD only for URL's that are in scope.
My problem was caused by the HTTPS by default extension. There is a bug that opens HTTP bookmarks with HTTPS. To work around, open "HTTPS by default" Preferences pane and enter domain name exclusion.
None of these suggestions worked for me in Firefox v101. What worked for me is changing the value of security.tls.version.min from 3 to 1 in about:config.
[NOTE: After I changed this setting, Firefox initially redirected from http to https. But this time Firefox allowed me to "accept the risk and continue," which wasn't possible when security.tls.version.min was set to 3. --end note]
See also: https://support.mozilla.org/en-US/questions/1116550
Lets get back to the old firefox that was amazing, the 3.6.
Nowadays is full of crap for us developers, and sysadmins.
I have tons of sites in intranet that cannot have a valid ssl, this is a major deal. I cannot download "deb" files because its a threat, i cannot this and cannot that... why? I am a power user i know what to do whit, why should I (we) be treated like the rest of the users?
The cache, i cannot disable the cache to 100% why?
In a blip of a second i will be using links as my browser.
Firefox should have a expert mode, where none of this crap happens.
I am mad with firefox and chrome. That is why i still use firefox 3.6 in a lot of cases, to bypass stupid restrictions.
Now, I had this issue on my workstation's development site. I had an old site that I still wanted to reference, and I couldn't get http to work for anything. There was not https binding, either.
Finally, I realized I had a url-rewrite in my webconfig that redirected all http to https...
hahahaha
Disabling https, is not an absolute in Firefox. Some sites will redirect and may not offer http.
However to choose one url over the other if it is an option you can disable autofil:
Address Bar Search In order to change your Firefox Configuration please do the following steps :
In the Location bar, type about:config and press Enter. The about:config "This might void your warranty!" warning page may appear.
Click I'll be careful, I promise! to continue to the about:config page.
In the filter box, type or paste autofill and pause while the list is filtered
Double-click browser.urlbar.autoFill to toggle it from true to false.
I've looked around online for this but can't seem to find an answer anywhere so hopefully someone can help.
I'm getting a "Windows Security" popup appearing on a site I've created (and so are others which is who I need to fix it for rather than myself) when trying to download a word document or excel file. PDFs seem fine.
An example page is http://www.christletonhigh.co.uk/school_information/uniform.php if you click to download the “Uniform Prices & Order Form” in the bottom right.
There’s no SSL on the site and the error only comes up on IE (I'm using IE9 on Windows 7 which I've seen others mentioning online as their setup with this happeneding) and doesn’t seem to effect all files so it’s a bit confusing. Clicking cancel on the popup causes the document to open anyway.
Anyone have any ideas please? The client tells me that the documents causing the problems have never been password protected.
For the reference, here's the detailed explanation why this happens: http://support.microsoft.com/kb/2019105
Solution mentioned by Anshuman should work: create script that adds "Content-Disposition" header with "attachment" value. For example: Content-Disposition: attachment; filename="myfile.doc". This will force all the content (including PDF, images, etc.) to be downloaded.
Security settings aside, other browsers seem to handle this more gracefully than IE9. Chrome, for example, seems to handle the download of the document with ease, and not result in a Windows Security dialog prompting for credentials to their network...
The users can disabled the 'protected view' settings from Word options | Trust Center, and the document will open with no dialog (probably not desirable to instruct them to do this)
I suppose this is the risk one takes when having users download content which require other applications to handle. a PDF would be better (hence the "P" for "Portable"), so if they can use PDF, that would be my first advice.
This issue comes when you give the direct URL path of the file and let the browser handle the file. To resolve this create a php script that explicitly downloads the file. Hope this helps :)
I have a fresh installation of Liferay on Tomcat and in IE7 it doesn't show the buttons for visual editing in the editor when I try to edit content.
It works on in Firefox or Chrome.
Does anyone have an idea why would that happen? I am not sure where to dig, I don't see javascript exceptions and it doesn't look like the buttons are even populated in IE. It is hard to debug IE problems since I don't have a tool like Firebug there.
I downloaded the 6.1 and still have the same problem, adding the URLs of what I see. Looks like IE only has the text box and in the DOM I don't see the same things that I see in FF.
http://i44.tinypic.com/35jf5td.jpg
http://i43.tinypic.com/11qqvt0.jpg
Update on this:
I checked with some people in our organization and they have the buttons on their browser.
I checked the version of the IE browser and it's the same down to the last digit. Properties are the same as well. The only difference is that I have some plugins installed that the other browser doesn't. I tried disabling all the plugins but it didn't help.
The suspect plugin is Google Chrome Frame (ChromeFrame BHO). Can someone please try to add this plugin and see if it messes things up? The disabling it doesn't help.
Liferay CE 6.0 contains few bugs within the WYSIWYG editor integration.
One issue with IE is LPS-16004 (solution included). This might be the same problem as you are experiencing.
I remember we had also problem with javascript race condition in editor initialization, which sometimes loads the editor incorrectly.
But I strongly suggest you to move to Liferay CE 6.1 as it is much more stable.
Ok, I finally figured it out, so if someone has the same problem, here is the reason - we have Google Chrome Frame plugin installed in our organization, but it only works on white-listed domain names. In this case the domain the site was on wasn't whitelisted, but the portal looked at the agent string and saw chromeframe there and assumed it can use it as chrome browser, which broke things.
Right now I will try to white-list the domain and see if it works. Another solution would be to try and find a place where we look for the agent string and fix it there, not sure where this place is.