Loading
Ten Mysteries of about:config
Move along, nothing to see here. Some Firefox preferences are just too technical for end users. Oh, you're a Linux Journal reader? Come on in.
For a long time, Firefox, Mozilla and, before that, Netscape 4.x, supported this hidden Boolean preference:
signed.applets.codebase_principle_support
Normally, it's set to false—if you want you can set it to true. It's a poorly understood preference, so here's an explanation. First of all, the name is about as relevant as UNIX's /etc—it's so steeped in history that it's basically wrong. There's no applets at work; there's no Java at work. Mozilla has an amicable separation from Java, where Netscape 4.x was deeply wedded to that technology. Mozilla now handles its own security natively, in C/C++ code. It should be called signed.content.codebase_principle_support—one day, maybe.
This preference is used to assist developers who work with digitally signed content. It has no relation to SSL or to PGP/GPG. An example of signed content is a Web site or Web application bundled up into JAR format and digitally signed in that form.
Roughly speaking, two checks are done if digitally signed content arrives in Firefox. First, the digital certificate accompanying the content is checked against Firefox's list of known certificate authorities (CAs). If that much is fine, the maker of that content is considered authentic. Firefox then lets the content request extra privileges, ones that overcome normal browser restrictions, like access to the local disk. Usually that's done through JavaScript.
When those requests are made, Firefox throws up dialogs to the user. This is when the second check is done—it is done manually by the user. If the user agrees, the content can run with security restrictions dropped and your computer is exposed, or at least the currently logged-in Linux account is exposed.
For a developer, these checks are a nuisance. It's extra effort to buy (with real dollars) a suitable certificate for signing the content and set up the infrastructure. That should be necessary only when the site goes live.
Instead of using a real digital certificate to sign the content under development, suppose you use a dummy certificate—one that's not authentic. You can make a dummy certificate with the SignTool tool, available at ftp.mozilla.org/pub/mozilla.org/security/nss/releases. Next, you tell the browser that it's okay to accept such a dummy certificate. That's what the above preference does.
Setting this preference weakens only the first security check. You always have to perform the user-based check—at least Firefox offers to remember what you said after the first time. Setting this preference means that Firefox accepts a dummy certificate from any Web site, so use this only on isolated test equipment.
Finally, here's a simple way to set up Thunderbird access from Firefox. Set this Boolean preference to true to enable the mailto: URL scheme—the one that appears in Web page “Contact Me” links:
network.protocol-handler.external.mailto
An example of a mailto: URL is mailto:nrm@kingtide.com.au. Secondly, set this string preference to the path of the Thunderbird executable or to the path of any suitable executable or shell script:
network.protocol-handler.app.mailto
Digging out hidden preferences is a bit of treasure hunt. Many are documented on Firefox-friendly Web pages, but the ultimate authority is the source code. Preference names are simple strings, and it's possible to create your own. Many of the extensions that can be added to Firefox dump extra preferences into the preference system. As long as the extension remembers to check and maintain those preferences, they have the same first-class status as the ones that have meaning for the standard Firefox install.
Remember, you always can save a copy of your prefs.js file before an experimental session with about:config and restore the saved copy if things get too weird. Happy config hacking!
Resources for this article: /article/8139.
______________________
Webcast
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Sponsored by AMD
White Paper
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy
Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6
Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.
Learn more about catching the bad guy in this free white paper.
Sponsored by DLT Solutions
- RSS Feeds
- Making Linux and Android Get Along (It's Not as Hard as It Sounds)
- Using Salt Stack and Vagrant for Drupal Development
- New Products
- Validate an E-Mail Address with PHP, the Right Way
- Drupal Is a Framework: Why Everyone Needs to Understand This
- A Topic for Discussion - Open Source Feature-Richness?
- Download the Free Red Hat White Paper "Using an Open Source Framework to Catch the Bad Guy"
- Home, My Backup Data Center
- Tech Tip: Really Simple HTTP Server with Python
- Please correct the URL for Salt Stack's web site
1 hour 52 min ago - Android is Linux -- why no better inter-operation
4 hours 8 min ago - Connecting Android device to desktop Linux via USB
4 hours 36 min ago - Find new cell phone and tablet pc
5 hours 34 min ago - Epistle
7 hours 3 min ago - Automatically updating Guest Additions
8 hours 12 min ago - I like your topic on android
8 hours 58 min ago - This is the easiest tutorial
15 hours 34 min ago - Ahh, the Koolaid.
21 hours 12 min ago - git-annex assistant
1 day 3 hours ago
Enter to Win an Adafruit Pi Cobbler Breakout Kit for Raspberry Pi
It's Raspberry Pi month at Linux Journal. Each week in May, Adafruit will be giving away a Pi-related prize to a lucky, randomly drawn LJ reader. Winners will be announced weekly.
Fill out the fields below to enter to win this week's prize-- a Pi Cobbler Breakout Kit for Raspberry Pi.
Congratulations to our winners so far:
- 5-8-13, Pi Starter Pack: Jack Davis
- 5-15-13, Pi Model B 512MB RAM: Patrick Dunn
- 5-21-13, Prototyping Pi Plate Kit: Philip Kirby
- Next winner announced on 5-27-13!
Free Webinar: Hadoop
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers
Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.
Some of key questions to be discussed are:
- What is the “typical” Hadoop cluster and what should be installed on the different machine types?
- Why should you consider the typical workload patterns when making your hardware decisions?
- Are all microservers created equal for Hadoop deployments?
- How do I plan for expansion if I require more compute, memory, storage or networking?
Developer Poll
Comments
browser.link.open_newwindow.restriction
How should that be set?
There are not a few sites that seem to find their way past my "Open links in new tabs" or even (as well as) the GreaseMonkey script "killblank", the latter of which in my opinion needs some upgrading not to mention beefing up.
But back to the idea of an about:config/user.js tweak. I see this third setting in the former, and its entry details read "default" for Status, "integer" for Type, and "0" for Value.
Is there another value that will better ensure all links clicked on open 'uniformly' in new tabs or windows? Or do I expect too much -- as I often do -- from the codemeisters of Mozilla.org?
BZT
Not expecting too much this
Not expecting too much this time.
http://kb.mozillazine.org/Browser.link.open_newwindow.restriction
Set it to 3 and it obeys browser.link.open_newwindow, whatever you may have it set for.
Mozilla Knowledge Base:
This includes:* All links with target="_blank".
* JavaScript calls to window.open() without the "features" parameter (3rd parameter).
This does not include:
* JavaScript calls to window.open() with the "features" parameter (3rd parameter).
BZT
adding new variables
I wanted to add there general.useragent.override;Opera/9.25 (Windows NT 6.0; U; en)
Is there any way to save it for future sessions?
Great article
I have used konqueror in the past and the nice thing it would do with the e-mail link button is it would put the title of the page in the subject line and a link in the e-mail already, I am trying to get mozilla to pull up k-mail and do the same, but I can only convince it to pull up a completly blank compose e-mail screen. I am using
network.protocol-handler.app.mailto
with a value of
/usr/bin/kmail
anyone have any Ideas?
about:config
rare article as far as i can tell . its hard for newbie like me to find much info about:) about:config . but my question is do they apply to seamonkey as well. thank you very much for taking your time to reply sincerly andrey
about: - Plugins
Nigel, yes you are right about this features - but I really prefer a right-click-interface, that my extension gives me to change all the important switches in my Firefox 8-)
re:about: - Plugins
Don*t leave us in the dark - what plugin are you talking about ???
re:about: - Plugins
Oh, sorry - I use the WebDeveloper-Plugin from http://chrispederick.com/work/webdeveloper/ - excellent tool.
Nice Idea
This is nice idea to tune Firefox coz standard delivery of Firefox is slower.
Fasterfox
Check out the Fasterfox extension: Fasterfox - Performance and network tweaks for firefox
It is similar to the Network Tweak extension but with a several additional options.
Re: Fasterfox
Hi,
I didn't know about this utility but I tried it and it's going very quickly my firefox browser.
It has a link prefetch that download pages before you click it. It has also a lot of options to tweak and additionaly a popup blocker.
Thanks for the link,
Segundamano.
extensions
the tweak network settings extension is the most fantabulous extension ever made. you can increase the max active connections and turn on pipelining.
Though the extension automate
Though the extension automates the process, I'd rather use the guide at http://www.tweakfactor.com/articles/tweaks/firefoxtweak/4.html and do it manually. Besides, you only use the extension once and then it just sits there doing nothing.
Over-Optimizing ...
All this tweaks are very, very techie - but to be honest, except of the User-Agent-Changer, I didnt really needed them. By default, Firefox is configured very well.
Typo in pref name
The pref is called signed.applets.codebase_principal_support (note the spelling of "principal").
See http://www.mozilla.org/projects/security/components/signed-scripts.html for confirmation.
A principal is the first, highest or most important thing.
A principle is a basic truth, law or assumption.
Don't forget about extensions
Don't forget that there's a treasure-trove of cool hacks and such to be found by following Tools->Extensions and then "Get More Extensions" at the bottom of that newly opened window. Many of the shortcomings mentioned here are handled very nicely by the various extensions. For example: check out the Advanced Preferences Editor...
--MO'D
Open a target="_blank" href in a new tab
I am switching between firefox, opera and konqueror. One thing that really annoys me with firefox is that when I am opening an href with target="_blank", then it comes in a new window rather than a tab in the existing window. I would guess that there are some settings in about:config that can alter this, but it's not easy to find. Anybody who would like to share som knowledge on this?
Morten
(Yes, I know I can use button-2 to open it in a new tab, but that opens all links in new tabs, I would like to have the same behaviour as the standard in opera and konqueror)
href in new tab
So use opera or konquror
picky, picky, picky
Jack
Where is the 'force links that open new windows...'
Commenting on my own post, well...
Through a closer look through the firefox help file, I found the option 'Force links that open new windows to open in' option. But I cannot see it in my options window... any clue?
Me again..
It's hidden
Go to about:config and change the value browser.tabs.showSingleWindowModePrefs to true. The option will now appear in your preferences dialog (with the other tabbed browsing options).
You should really take a look
You should really take a look at the extensions : Tabbrowser Preferences do what you ask easily, and much more ! :D
--
Jedaï
These two lines can be added
These two lines can be added to user.js. More target disabling optionts will be available.
// Force external links to open in new tab instead of window
user_pref("browser.link.open_external", 3);
// Force links to open in tab instead of windows
user_pref("browser.link.open_newwindow", 3);
Thanks!
Now I am a even more happy firefox user!
M.
The real mystery
The real is mystery is still:
Why does mozila-firefox connects to google (and even shows
me a cookie dialog for cookies from google), before showing
the about:config site when I enter about:config in the address
bar?
network.prefetch-next [Boolean]
http://www.mozilla.org/projects/netlib/Link_Prefetching_FAQ.html
read this.
network.prefetch-next [Boolean] (False) - This setting determines whether to use a new Firefox feature called Link Prefetching. See the Neat Stuff & Conclusion section for a practical example, and why you should set this preference to False.
[from http://www.tweakguides.com/Firefox_9.html ]
Re: The real mystery
It doesn't do that here. Must be some extension you have installed.
mozilla
If like me you still have phone line access with a time limit and you prefer to save this and read it off line, you now have to disable javascript in Mozilla to do so.
I have no web access on one c
I have no web access on one computer so when I am trying to view certain HTML files it has issues(ones that I did Save As "Web Page, complete" with from firefox). so it's not just the dialup people.
You really should get DSL. T
You really should get DSL. Trust me, once you get it you will never know how you lived without it.
You should really catch a clue
You should really catch a clue. Trust me, once you catch a clue you will never know how you lived without it.
Believe it or not huge portions of the country don't have DSL available. Some people can't get DSL or cable.
how provincial
To say nothing of the world...
"Believe it or not huge porti
"Believe it or not huge portions of the country don't have DSL available. Some people can't get DSL or cable."
Yeah, but those people/areas suck and no one cares about them
phone line/dsl
Your comment, "Yeah, but those people/areas suck and no one cares about them" was very good.....FOR ME TO POOP ON!
DUMBA$$
They do suck, and voted for B
They do suck, and voted for Bush
Get over it already. Or move
Get over it already. Or move to France with Johnny Depp or Canada. We don't want you. The Best Man Won. Another bajillion recounts won't make a difference. Get a life, and get out of mine.
FWIW, I'm on a cablemodem in a tiny little 'red county' town in North Carolina. And I still think bandwidth should not be wasted by fluff.
What a bunch of nationalist b
What a bunch of nationalist bullshit.
it's funny and true
it's funny and true
Thax this was really useful b
Thax this was really useful but for the invisible settings you can click add and it deals with it (adding Tbird I've been trying to get it to work for a while).
Amazing how quickly it goes stuff get political oh well
4 more years!!
Madonna is also another commi
Madonna is also another commie loving pig! all you anti-bush
morons can shove it!