It appears that the easiest workaround if you’re not running developer or nightly is to turn on extension debugging and then manually load all of your extensions from disk.
If I had a dime for every time that I heard about some company forgetting to renew a certificate…
I was coming here to say something for this exact reason.
Apparently, there’s some crap going down at the MMORPG Dungeons & Dragons Online too, on the eve of their new expansion launch that corrupted everyone’s DAT files, and the devs have all gone home for the weekend.
I suspect it was a setup - suddenly millions of people are browsing the web without adblockers.
ETA: Can confirm extensions are working in firefox developer edition with xpinstall.signatures.required set to false in about:config. Will use this until standard Firefox is fixed.
It seems like certificate renewal is in a weird space by being at the same time both trivially easy to get right (and thus not requiring the devotion of intellectual firepower) and critically important to get right (and thus requiring high, maybe C-level responsibility and accountability).
How are orgs that people know about handling this responsibility? Diffuse or centralized? Formal policies or up to individuals?
I wouldn’t exactly say that it’s trivially easy. If there’s an issue with the configuration with one of your subdomains, Let’s Encrypt will renew none of them. I learned that the hard way.
Is this going to be fixed? Is there some way to go back to the previous version of Firefox till it is fixed? I’d rather not go to websites without PrivacyBadger and NoScript installed.
We get a weekly list of all the certificates that are due to expire and every team is expected to go over the list and request new certs for their area or responsibility. Luckily some on my team takes care of that because Lord knows I’m not going to remember
I’ve been using Firefox Focus on my phone. It isn’t quite the same as the normal mobile Firefox, the UI’s a bit quirky and limited, but it does have some blockers built-in, and since they’re not plugins it doesn’t appear to be affected.
so here’s a weird one.
updated FF last night, the new version has the fix and all my extensions came back.
I browsed and posted here and the other place. I even posted in the similar thread to this over at the other place.
just now I tried to load bbs pages over there and they’re all blank.
like, it blanks out, the page loads, says it’s stopped loading, and it remains blank.
the main page says new topics have “x-number comments” on the link.
I’m on Android.
if it’s related to the fix, why did it let me post yesterday after I updated?
if it’s related to one of my extensions, i was running them all yesterday.
must be something unrelated? but the timing is suspicious and nothing else changed.
The adblock browser for ios was okay. Apart from the ordinary bugginess in rendering, like the 3/5ths width edit box that began happening recently here.
so I tried disabling my add-ons one by one and got bbs.otherplace pages to load once I turned off NoScript (!)
the bbs here loads normally with NoScript and otherplace did too as of 2 days ago.
seems sketchy as hell. I don’t want to whitelist it because it makes
me paranoid they’ve started running shitty scripts over there to track us for ad targeting etc, what with all the sponsored posts etc since Jason took over.
ideas anyone?
EDIT: user goatcheezeinferno coached me thru whitelisting just the discourse.cdn which fixed it. my question is why did it just now need whitelisting, and why just for over there and not here? but anyway it’s all good, I guess.
We don’t make use of Jeff’s Premium Hosted Discourse And CDN Service (henceforth referred to as Discourse for Enterprise). Like another fun instance - Waypoint - we’re self-hosted on a rented VM from DigitalOcean.
Any Discourse for Enterprise instances make use of CDN.
well, that does explain here vs there.
I asked jeff what was going on and he was like “you can’t block JavaScript, we’re a js service.” ok thnx.
but anyway something at the .cdn must have changed recently I guess.