5/15/2023 0 Comments Burp suite certificate firefoxNow Firefox shouldn’t be polluting your Burp Proxy History with requests you didn’t make. If you want to catch these too, go to about:config and set all of the items below to “false”: There are still some connections that will happen automatically during a browsing session, just less often. I let the browser sit open again for ten minutes on the default blank tab, and there were no HTTP requests from Firefox this time. You should notice that those three requests don’t happen anymore. This turns out to be related to the “Heartbeat” user-survey function, as explained at, and doesn’t actually repair anything.ĭelete the “value” for this preference (double-click the row, then just blank out the value). That’s the same hostname, but not the same URL. Go to about:config, and search for the string “” and you’ll find this: These are far less problematic than the captive portal thing, but in the interest of making Firefox as quiet as possible, let’s figure out how to make these stop, too. It’s better, but there are still some connections happening at startup: With the captive portal Preference set to false, and those UI-accessible changes made, close Firefox and restart it. Hamburger > Add-ons > Gear Menu at the top: uncheck “Update Add-ons Automatically”.Advanced > Update: uncheck “Use a background service to install updates” and “automatically update search engines”.Advanced > Update: check “Never check for updates”.Advanced > Data Choices: uncheck everything on this pane.Sync: Don’t sign into a Firefox account here.Security: uncheck “Warn you about unwanted and uncommon software”.Security: uncheck “Block dangerous downloads”.Security: uncheck “Block dangerous and deceptive content” (because Firefox has to keep its list of these things updated, too). Privacy: uncheck “Use Tracking Protection in Private Windows” (because this feature requires Firefox to keep its list of tracking methods updated).Search: uncheck “provide search suggestions” for whichever search engine you choose.Hamburger > Options > General: When Firefox Starts: “Show a blank page”.When I say “hamburger” below, that’s what I’m talking about. That article is a little old, and some things are not where they were when it was written, so let’s start with the UI as it is in version 53.0 of Firefox, which is the current version as of this writing.īefore we begin, you need to know that the button at the top right of the browser window, just below the title bar, with three horizontal lines across it is called the “hamburger menu” by the same people who want you to believe that the floppy disk icon is an unrecognizable symbol for the “save” function. The Firefox project has a list to help you out, under the heading, How to stop Firefox from making automatic connections “ ” That takes care of this one case, but while we’re at it, let’s see how far we can go. Search for and click it to toggle to “false,” and it’ll stop sending this request. In the address bar, type “about:config” then click through the warning. There’s an “advanced” setting that can disable this, but nothing exposed in the UI. A captive portal is that sign-in page you get at hotels and airports when you try to browse the Internet, where you have to log in or agree to terms or some such. And the response is just the word “success” – what’s it doing? According to, this is a way for Firefox to detect if it’s running behind a captive portal. By default, Firefox sends an HTTP GET to every 60 seconds. The first (and last) request was the one that got my attention and started me down this road. Ten Minutes, No User Action, Twelve Domains I added the Burp CA certificate so Firefox wouldn’t complain about the certificates Burp would generate, and so I could still connect to the sites using HSTS.Īfter ten minutes of just letting the browser sit there, I’d captured 52 HTTP requests to 12 unique domains. I set up a fresh install of Firefox version 53.0 with no plugins or add-ons, and told it to connect through Burp Suite. I’m going to show you what I learned about keeping Firefox quieter, and I’ll give you a file you can use yourself to take care of all this stuff automatically when you set up a new installation. I found some other Firefox users complaining about the same things, and I followed those steps, but they didn’t cover everything. The last straw was this “detectportal” thing that seemed to be showing up every 60 seconds. I was having to scroll around way more than I used to while trying to make sense of the traffic. On a recent webapp test, I got a little frustrated with all the extra HTTP requests showing up in my Burpsuite Proxy History from connections that Firefox was making on its own.
0 Comments
Leave a Reply. |