搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

Server-side override of the setting "Restore previous session"

  • 2 回覆
  • 4 有這個問題
  • 14 次檢視
  • 最近回覆由 cor-el

more options

For some websites with sensitive content it is very annoying that it is possible in firefox to restore the previous sessions after firefox crashes.

The default-setting for this firefox-feature in about:config and then browser.sessionstore.resume_from_crash is true.

This can cause a security break when a user log into a website with sensitive content and then firefox crashes and the user leave the pc. If then an other user starts firefox again on this pc firefox will aks if he want to restore the previous sessions. When this other user click "restore the previous sessions" he will have the authorized session of this website with sensitive content of the first user!

=> So the question is if there is a possibility to override the firefox-setting "Restore previous session" on the server side.

For some websites with sensitive content it is very annoying that it is possible in firefox to restore the previous sessions after firefox crashes. The default-setting for this firefox-feature in about:config and then browser.sessionstore.resume_from_crash is true. This can cause a security break when a user log into a website with sensitive content and then firefox crashes and the user leave the pc. If then an other user starts firefox again on this pc firefox will aks if he want to restore the previous sessions. When this other user click "restore the previous sessions" he will have the authorized session of this website with sensitive content of the first user! => So the question is if there is a possibility to override the firefox-setting "Restore previous session" on the server side.

所有回覆 (2)

more options

This blog post might be of help http://mike.kaply.com/2012/03/15/customizing-firefox-default-preference-files/

If not, the best place to get an answer for that kind of thing is in the Enterprise Working Group Mailing List.

more options

Note that Firefox 10.0.9 is an older Firefox ESR version (the last in ESR 10.0.12) and has been replaced by Firefox 17 ESR.


You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.

Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.

pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0); // use this to disable the byte-shift

See:

These functions can be used in the mozilla.cfg file:

defaultPref();  // set new default value
pref();         // set pref, but allow changes in current session
lockPref();     // lock pref, disallow changes