-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Firefox connections on about:blank page #20
Comments
Hi. Probably it is possible to disable these automatic connections. Are you able to provide more information about these connections? For instance by observing the network traffic with tcpdump or Wireshark or some other tool. The connections going to port 80 should be clearly visible in the traffic capture and for the HTTPS connections (port 443), the DNS lookups would help. Also, an intercepting proxy tool, such as Burp can be put in between your browser and the internet to observe what's happening. Currently, there are some automatic connections that are allowed on purpose. Namely browser.safebrowsing.malware.enabled and the plugins.update.notifyUser setting that opens the Mozilla plugin check page. When I set the I pushed a commit (6537587), that sets |
tested with new version, got 2 connection: here the captures: |
More captures here: checked and all plugins/addons are disabled |
Also forgot to mention about
I checked the pcaps and:
I wasn't able to find any setting related to that with a quick glance, but I'll keep looking, as it certainly sounds like something we want to disable. Thanks for reporting this! |
Can you replicate this behavior in your environment? Maybe is just a Fedora OS customizations... If you need more help/test ill help you! |
No. I'm not able to reproduce this, but I'll keep looking and I'm sure we'll figure it out. Can you double check the value of |
I've made this test: start firefox, disabled all the plugins/addons and changed default page to about:blank |
Will try to reproduce this on Iceweasel (Debian) in the coming days. |
Thanks, @nodiscc. I'll keep trying to reproduce this also. |
Sorry for the late reply, i've tested today with latest user.js version but i'm keep getting those connections. Seem that Firefox is getting worst every release :( |
We'll just have to keep trying then... |
Any progress on finding out the culprit? Is PaleMoon better in this regard? |
@CHEF-KOCH : Okay will experiment as time allows, thanks. |
@Gibbio: Can you check if |
second ip is google owned and it redirects to www.google.com |
why would it be nothing to worry about? its an amazon ec2 instance. anybody could own it |
this user has all addons disabled and is concerned about automatic connections so it would be nice to find out what all of the connections are for. im sure they are harmless but doesnt mean they are wanted |
@Gibbio ive listed a bunch of ocsp servers including the ones shipped with firefox by default at #73 however, for firefox to be making ocsp requests in the first place, i think it means some ssl requests were made to some sites first. it can be all sorts of things. this user.js doesnt disable all background requests by default. also even if you disable your addons, they can still be checked for updates. maybe go through user.js and/or about:config and look for anything with urls or any enabled features which contact urls to investigate. worst case scenario its something user.js missed out but i doubt it since you're using an older version of firefox |
i wasnt suggesting anyone make an ip whitelist, or any whitelist. it was just so that people could know whether or not ips belong to ocsp servers |
i dont expect it to be a timeless list. and theres no talk of blocking or whitelisting! i just did it because i felt like it. people can do whatever they like with it. lol |
which noscript project? |
sure, do u want to talk somewhere else? we kinda hijacked this issue |
I noticed from |
yeah i have mine set to "" and i dont get those connections |
Thought so. Any idea what's the difference with specifying |
nah no idea. i dont think there'd be any added benefit by doing the latter |
So even though our best efforts to kill the Firefox "new tab page" tile thingies, Firefox still kept connecting to servers relating to tiles. #20 (comment)
Ping @Gibbio. Can you try again? |
@Gibbio OCSP connections are most needed. By removing the URLs in about:config the browser has way less connections. Also addons may start connections, as for adblockers retrieving blacklists, but others have hard-linked calls: an example is Ghostery that can't be used without these calls to its own servers. Also Ubuntu has its own modifications, as the Ubuntu Firefox Modifications addon. |
I think this can be closed. As pointed out above the methodology is flawed. A better approach would be:
This can be done in another issue. |
This issue comes from some
These features are set to false in my own hardened user.js as they need some connections to work, as downloading a blacklist of hashes from both mozilla and google. I also remove every single URL, as: CNAME of blocklist.addons.mozilla.org is mozaws.net which has various possible IP calls: |
Hi, just installed user.js and I've noticed that when I start Firefox (about:blank is my start page) he make some connections:
netstat -nputw|grep firefox
tcp 0 0 xxx.xxx.xxx.xxx:33848 216.58.208.206:443 ESTABLISHED 13427/firefox
tcp 0 0 xxx.xxx.xxx.xxx:49776 216.58.208.206:80 ESTABLISHED 13427/firefox
tcp 0 0 xxx.xxx.xxx.xxx:42962 93.184.220.29:80 ESTABLISHED 13427/firefox
tcp 0 0 xxx.xxx.xxx.xxx:41561 52.25.32.149:443 ESTABLISHED 13427/firefox
tcp 0 0 xxx.xxx.xxx.xxx:33846 216.58.208.206:443 ESTABLISHED 13427/firefox
tcp 0 0 xxx.xxx.xxx.xxx:36906 68.232.34.191:443 ESTABLISHED 14420/firefox
There is any way in user.js to disable this automatic connections?
Thanks!
PS. OS: Fedora 22 x64, Firefox 38.0.5, no add-ons loaded
The text was updated successfully, but these errors were encountered: