Difference between revisions of "Firefox"

From Organic Design wiki
(Addons: no firebug)
m
 
(11 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
<onlyinclude>[[w:Mozilla Firefox|Mozilla Firefox]] is a graphical web browser developed by the [[w:Mozilla Corporation|Mozilla Corporation]], and a large community of external contributors. Firefox, officially abbreviated as '''Fx''' or '''fx''' and popularly abbreviated '''FF''', started as a [[W:fork (software development)|fork]] of the [[w:Netscape Navigator|Navigator]] browser component of the [[w:Mozilla Application Suite|Mozilla Application Suite]].  Firefox has replaced the Mozilla Suite as the flagship product of the Mozilla project, under the direction of the [[w:Mozilla Foundation|Mozilla Foundation]].
 
<onlyinclude>[[w:Mozilla Firefox|Mozilla Firefox]] is a graphical web browser developed by the [[w:Mozilla Corporation|Mozilla Corporation]], and a large community of external contributors. Firefox, officially abbreviated as '''Fx''' or '''fx''' and popularly abbreviated '''FF''', started as a [[W:fork (software development)|fork]] of the [[w:Netscape Navigator|Navigator]] browser component of the [[w:Mozilla Application Suite|Mozilla Application Suite]].  Firefox has replaced the Mozilla Suite as the flagship product of the Mozilla project, under the direction of the [[w:Mozilla Foundation|Mozilla Foundation]].
  
Mozilla's conditions for use of their trademarked names require that distro's using their products clear any patches with them first, but in [[Debian]]s view this compromised their own strict security measures so rather than this they opted to change the branding of the products. Debian's fork of [[Firefox]] is [http://wiki.debian.org/Iceweasel Iceweasel].
+
Firefox is our choice of web-browser here at Organic Design, and this article lists the extensions and configurations we like to include with it. Note that browsers are inherently risky by the fact that any site you may visit can contain malicious code, and you are also trusting all your installed extensions. For this reason it's a very good idea to install [https://github.com/netblue30/firejail FireJail] which gives you super easy sandboxing capability. See [[Firefox#Firejail|below]] for more detail.''
 
+
</onlyinclude>
Firefox is our choice of web-browser here at Organic Design, and this article lists the extensions and configurations we like to include with it.</onlyinclude>
 
  
 
== Addons ==
 
== Addons ==
*[https://addons.mozilla.org/en-GB/firefox/user/the-1-click-youtube-video-download-team/?src=api 1-click youtube downloader]
 
*<s>[https://addons.mozilla.org/en-US/firefox/addon/3006 Download Helper] ''- download videos from youtube and other online video content sites''</s>
 
*<s>[http://www.getfirebug.com/docs.html Firebug]</s>
 
*[https://addons.mozilla.org/en-US/firefox/addon/image-block/ Image Block] ''- useful for slow connections now that the prefs option has been removed''
 
*[https://addons.mozilla.org/en-US/firefox/addon/flash-control/ Flash Control] ''- changes flash objects (like youtube vids) into an play button instead of auto-load (there are others, but this is the only thing that works with Beth's [http://oceanofwisdom.org/ OceanOfWisdom.org] subtitles app)''
 
 
*[https://www.eff.org/privacybadger Privacy Badger] ''- EFF's blocker extension''
 
*[https://www.eff.org/privacybadger Privacy Badger] ''- EFF's blocker extension''
*Flash player (apt-get install flashplugin-nonfree)
 
*WebGL ''- go to about:config and set '''webgl.force-enabled''', clear '''webgl.disabled''' is it's set''
 
  
== Disable page prefetching ==
+
== Secure browsing ==
Firefox downloads webpages from links it thinks you may click. This may make the experience seem faster but really it just bogs down Firefox and your netbook, and for SSD users is an important "feature" to disable to improve the drive's lifespan. Type ''about:config'' in the address bar, then set ''network.prefetch-next'' to ''false''. The DNS cache times may be too short if your on a really slow connection too.
+
It's becoming more and more important to ensure that you make your browsing data available to those providing your connection. This is not only important for when you're browsing through public Wifi connections or at hotels etc, but you can't trust any of the ISPs with your data nowadays either. There are plenty of freely available VPN options such as [https://www.expressvpn.com/ Express VPN] and [https://hide.me/en/ Hide.Me], but another simple way if you work with remote servers and regularly use [[SSH|Secure Shell]] is to use one of your servers as a local proxy server to browse through.
 +
 
 +
For example connecting to your remote server using Secure Shell with the following command. This means that all that can be seen by your connectivity provider is a secure shell tunnel. Here, PORT is the local port number you'd like to open to browse through, and USER@HOST is your remote server details.
 +
<source lang="bash">
 +
ssh -fnNTCD PORT USER@HOST
 +
</source>
 +
This will open a local connection on PORT that you then configure your browser to use for it's network connection using the SOCKS5 proxy protocol. See the [[SSH]] article for more details on what the options means and some additional server options you may like to use. You can see if it's working by going to [https://whatsmyip.com/ WhatsMyIP.com] or similar, and you should see that the IP address that it thinks you're at is your server's IP, and the geographic location you're apparently browsing from is the location of your server's data centre.
 +
 
 +
== Firejail ==
 +
Browsing the web is getting more and more dangerous as hacks get more sophisticated, browsers get more complicated and our personal information gets more important and valuable. We prefer to run our browsers in a "sandbox" which means that only a small part of the system is visible to them. It's very similar to running the browser in a virtual box where they're the only application installed. We use [https://github.com/netblue30/firejail FireJail] which is based on [https://lwn.net/Articles/531114/ Linux namespaces]. FireJail comes with hundreds of presets for known applications, so launching a well-known application like Firefox inside FireJail is simply a matter of preceding the application name with ''firejail'', e.g.
 +
<source lang="bash">
 +
firejail firefox
 +
</source>
  
== Language ==
+
Of course, we don't want to type that every time we want to launch a browser though, so you need to locate your launchers and precede the command in the ''Exec'' field with ''firejail''. To find your launchers, search for all files with "firefox" in their name and having the "desktop" extension:
Install the ''en_GB'' languages and if ''en_US'' keeps re-establishing itself as the default, you can forcefully remove the ''en_US*'' files from ''/usr/lib/xulrunner-*/dictionaries/''.
+
<source lang="bash">
 +
find / -name "*firefox*.desktop"
 +
</source>
  
== Firebug tutorials ==
+
You'll be able to to see that the browser now has limited access to the system, if you opening a file and navigating around the directory tree, you should see that most directories are empty and your home directory contains only ''Downloads'' and ''Desktop''. Also you can check what applications are being run within Firejail at any time, use '''firejail --list''' or '''firejail --tree'''.
{{note|[https://www.mozilla.org/en-US/firefox/developer/ Firefox Developer Edition] is now used instead of the Firebug extension.}}
 
[[w:Firebug|Firebug]] is a must-have extension for web-developers, here's a list of useful documentation and tutorials on the Firebug extension.
 
*[http://www.getfirebug.com/docs.html Documentation]
 
*[http://michaelsync.net/2007/09/09/firebug-tutorial-logging-profiling-and-commandline-part-i/ Firebug tutorial]
 
*[http://www.evotech.net/blog/2007/06/introduction-to-firebug/ introduction to Firebug]
 
*[http://alternateidea.com/blog/articles/2006/05/12/an-in-depth-look-at-the-future-of-javascript-debugging-with-firebug An In-depth Look At The Future of Javascript Debugging With Firebug]
 
*[http://developer.mozilla.org/en/docs/FirebugInternals Firebug Internals]
 
*[http://www.digitalmediaminute.com/screencast/firebug-js/ 14 min Tutorial]
 
*[http://gougeyoureyesout.com/cssFun/2007/01/firebug-10-is-out-talk-for-power-users.html Joe Hewitt highlights]
 
*[http://files.jnewland.com/firebug.mov Excellent overview]
 
*[http://www.litfuel.net/mybic/index.html?page=tutorials Litfuel tutorials]
 
*[http://youtube.com/watch?v=W4jXAaEMp2M Debugging AJAX Application with Firebug]
 
*[http://www.youtube.com/watch?v=FsX6qwQqGgQ CSS editing using Firebug]
 
  
== Developing custom addons ==
+
Finally, you may want to whitelist some specific file locations if you're used to opening or saving local files from locations other than the desktop or the ''Downloads'' folders. For example, I like my browser to have full access to my ''Pictures'' folder. To do this add the '''--whitelist''' option to your ''firejail'' command before the name of the program you wish to launch.
Addons in Firefox are written in [[JavaScript]]. Getting initially up and running writing your own addons is surprisingly easy, just start with the docs [https://developer.mozilla.org/en-US/Add-ons/SDK here] and go through their guide to install the SDK and use the ''cfx'' utility to test your addon in a separate Firefox instance and then to package it up as an ''xpi'' for installation. The SDK is divided into [https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs high-level] and [https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs low-level] APIs where the former have stable interfaces and the latter are for more low-level control but their interfaces may undergo change.
+
<source>
 +
firejail --whitelist=~/Pictures firefox
 +
</source>
  
 
== See also ==
 
== See also ==
 
*[http://arstechnica.com/gadgets/2013/05/what-the-future-could-hold-for-firefox-os/ What the future could hold for Firefox OS] ''- competing with iOS and Android on their own turf isn't going to work''
 
*[http://arstechnica.com/gadgets/2013/05/what-the-future-could-hold-for-firefox-os/ What the future could hold for Firefox OS] ''- competing with iOS and Android on their own turf isn't going to work''
 
*[http://seclists.org/dailydave/2016/q3/51 Details on cert pinning flaw]
 
*[http://seclists.org/dailydave/2016/q3/51 Details on cert pinning flaw]
 +
*[https://hacks.mozilla.org/2017/11/entering-the-quantum-era-how-firefox-got-fast-again-and-where-its-going-to-get-faster/ Entering the Quantum Era - How Firefox got fast again and where it’s going to get faster]
 +
*[https://support.mozilla.org/en-US/questions/1019155 Recovering saved logins]
 +
*[https://hacks.mozilla.org/2019/05/technical-details-on-the-recent-firefox-add-on-outage/ What happened in the "addon outage"?]
 
[[Category:Libre software]]
 
[[Category:Libre software]]

Latest revision as of 11:49, 4 October 2019

Mozilla Firefox is a graphical web browser developed by the Mozilla Corporation, and a large community of external contributors. Firefox, officially abbreviated as Fx or fx and popularly abbreviated FF, started as a fork of the Navigator browser component of the Mozilla Application Suite. Firefox has replaced the Mozilla Suite as the flagship product of the Mozilla project, under the direction of the Mozilla Foundation.

Firefox is our choice of web-browser here at Organic Design, and this article lists the extensions and configurations we like to include with it. Note that browsers are inherently risky by the fact that any site you may visit can contain malicious code, and you are also trusting all your installed extensions. For this reason it's a very good idea to install FireJail which gives you super easy sandboxing capability. See below for more detail.


Addons

Secure browsing

It's becoming more and more important to ensure that you make your browsing data available to those providing your connection. This is not only important for when you're browsing through public Wifi connections or at hotels etc, but you can't trust any of the ISPs with your data nowadays either. There are plenty of freely available VPN options such as Express VPN and Hide.Me, but another simple way if you work with remote servers and regularly use Secure Shell is to use one of your servers as a local proxy server to browse through.

For example connecting to your remote server using Secure Shell with the following command. This means that all that can be seen by your connectivity provider is a secure shell tunnel. Here, PORT is the local port number you'd like to open to browse through, and USER@HOST is your remote server details.

ssh -fnNTCD PORT USER@HOST

This will open a local connection on PORT that you then configure your browser to use for it's network connection using the SOCKS5 proxy protocol. See the SSH article for more details on what the options means and some additional server options you may like to use. You can see if it's working by going to WhatsMyIP.com or similar, and you should see that the IP address that it thinks you're at is your server's IP, and the geographic location you're apparently browsing from is the location of your server's data centre.

Firejail

Browsing the web is getting more and more dangerous as hacks get more sophisticated, browsers get more complicated and our personal information gets more important and valuable. We prefer to run our browsers in a "sandbox" which means that only a small part of the system is visible to them. It's very similar to running the browser in a virtual box where they're the only application installed. We use FireJail which is based on Linux namespaces. FireJail comes with hundreds of presets for known applications, so launching a well-known application like Firefox inside FireJail is simply a matter of preceding the application name with firejail, e.g.

firejail firefox

Of course, we don't want to type that every time we want to launch a browser though, so you need to locate your launchers and precede the command in the Exec field with firejail. To find your launchers, search for all files with "firefox" in their name and having the "desktop" extension:

find / -name "*firefox*.desktop"

You'll be able to to see that the browser now has limited access to the system, if you opening a file and navigating around the directory tree, you should see that most directories are empty and your home directory contains only Downloads and Desktop. Also you can check what applications are being run within Firejail at any time, use firejail --list or firejail --tree.

Finally, you may want to whitelist some specific file locations if you're used to opening or saving local files from locations other than the desktop or the Downloads folders. For example, I like my browser to have full access to my Pictures folder. To do this add the --whitelist option to your firejail command before the name of the program you wish to launch.

firejail --whitelist=~/Pictures firefox

See also