[Mozilla Enterprise] Capability Policy Pref for Local File Links Breaking IDP Initiated SAML sign-in
Samuel Ambaye
Samuel.Ambaye at oakfnd.ch
Thu Jun 7 15:58:18 UTC 2018
Hi,
Given Firefox 60 and that the following pref is added using about:config
capability.policy.localfilelinks.sites = http://www.example.com
When using an Identity Provider initiated SAML sign-in (on www.example.com<http://www.example.com>)
The system somehow changes a SAML HTTP method POST to method GET causing the signing to fail.
Work-Around: Set browser.tabs.remote.autostart to false.
Notes: Apparently, others have reproduced this issue on other other sites (Salesforce) and when using other Identity Providers (GSuite).
My questions are:
* Is capability.policy.localfilelinks.sites a supported configuration?
* Is this just a bug or is there a trade off between the preference and the work-around.
* Any other / better work-arounds?
Any advice other than filing a bug report and disabling autostart?
Best,
Samuel
PS - The preference is used with the ones below
* capability.policy.localfilelinks.checkloaduri.enabled and
* capability.policy.policynames
PSS - No issue in Chrome, which does not offer access to the local file system anyway due to security conerns.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/enterprise/attachments/20180607/7aa10b24/attachment-0002.html>
More information about the Enterprise
mailing list