Feature Request: Search feature for NS encypted cookies

[phule]

I'd like to see a 'Search' or 'Find' feature added to NS>Options>Advanced>HTTPS>Cookies if possible.

Either add the above suggestion (if possible) or else the encrypted cookie list should be in alphabetical order like the whitelist is. While scrolling through the cookie list to find a particular URL to delete, I thought I'd never find it.

[Tom T.]

This is why I liked having the text file, prefs.js, in Fx 2+. You can open it with your text editor and use the search or find function to find anything quickly, including your forced HTTPS sites and cookies.

[therube]

Curiosity. About how many cookies do you have in the list?

(prefs.js continues to be a plain text file.)

[GµårÐïåñ]

I may be wrong on this but cookies are not kept in the prefs.js file anyway, so not really an issue. I think it uses a sqllite db to maintain it, so accessing it does require some interface. However, I can't imagine one would have so many cookies that you can't use the interface already provided. I mean if you ARE holding that many cookies, you really need to reconsider.

[therube]

These are not cookie cookies, these are NoScript HTTPS cookies, which are stored in prefs.js.
(Later versions of <Mozilla> cookie cookies are stored in an sqllite db.)

[Tom T.]

These are not cookie cookies, these are NoScript HTTPS cookies, which are stored in prefs.js.
(Later versions of <Mozilla> cookie cookies are stored in an sqllite db.)

Actually, they're not NS "cookies", or cookies at all. It's a *list* of which cookies you wish for NS to force HTTPS on. My mistake, and thanks for pointing it out. I was thinking of the fact that the MZ cookies were in the sql file, much as Guardian pointed out.

I too wondered just how many items OP had in the list -- do you have that many bank accounts and credit cards, etc.? ... but the question was asked, so....

[GµårÐïåñ]

Ok, we were not talking literatively, we were talking about the options list. Ok, you are right, it would be in the prefs.js, sorry.

[phule]

Actually, they're not NS "cookies", or cookies at all. It's a *list* of which cookies you wish for NS to force HTTPS on. My mistake, and thanks for pointing it out. I was thinking of the fact that the MZ cookies were in the sql file, much as Guardian pointed out.

I too wondered just how many items OP had in the list -- do you have that many bank accounts and credit cards, etc.? ... but the question was asked, so....

There are 110 cookies, but the prefs.js file stored in my Macintosh computer just shows the following 3 lines.

pref("extensions.firefox-pdf-mac.scaleFactor", "1.0");
pref("extensions.firefox-pdf-mac.autoScales", true);
pref("extensions.firefox-pdf-mac.displayMode", 1); // kPDFDisplaySinglePageContinuous


The prefs.js file is located at /Users/bob/Library/Application Support/FireFox/Profiles/rftfes6.default/extensions/colesbury@gmail.com/defaults/preferences/prefs.js

[Tom T.]

I know zero about Mac, and I'm presently on F2.20, out of eccentricity, I suppose. But when I opened prefs.js with Wordpad and used "Find" = "Forced", it took me right to my list of NS Force HTTPS: for example (I won't list all out of privacy, of course) *hushmail.com. I wasn't sure of the exact wording for secure cookies, so clicked "next", and it took me to user_pref("noscript.secureCookiesForced", with the list of sites whose cookies are to be forced secure. I would think you could do this in a Mac by opening prefs.js with the proper text editor and using its search command.

If this is still stored in prefs.js in F3, it should work. Will grab my portable F3.5.3 and check it out. Back in a few.

I don't understand why anyone's email address should be part of the file path name to the Fx profile's prefs.js. Are you sure that isn't for the Thunderbird email extension (which I don't have)? In Windows, once you get to Firefox\profiles\xxxxxxxx.default, prefs.js is right in there. You *don't* go into Extensions.

[Tom T.]

OK, here I am on F3.5.3, as you can see by the useragent below. The file path to the Profile folder is slightly different, since it's stored on the portable (flash drive) but no matter. The profile is the same once you open it. Opened prefs.js with Wordpad (r-click "edit" also works in Windows), searched "cookiesforced" and voila! -- there's the list. You also could obviously search for the specific one you want, by site name instead of by going to the Forced list first, e. g. search "hushmail" -- it may come up three or four times before you get to the HTTPS Force part. Either way.

CAUTION: Note the warning at the top of prefs.js:

Code: Select all

 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.

So it can be edited only when *all* instances of Fx are closed.

Also CAUTION to non-tech users: Do not edit system or application files unless you are sure of what you are doing. You should always make a backup copy, and you may lose your settings and/or have to reinstall Firefox. The above is undocumented, but was provided to answer phule's request for an easy way to search through a lengthy list of HTTPS-forced sites.

@ Giorgio: Alphabetizing them automatically would make phule's task easy from the GUI even without a search feature, and wouldn't be too hard to accomplish, would it?

[phule]

I know zero about Mac, and I'm presently on F2.20, out of eccentricity, I suppose. But when I opened prefs.js with Wordpad and used "Find" = "Forced", it took me right to my list of NS Force HTTPS: for example (I won't list all out of privacy, of course) *hushmail.com. I wasn't sure of the exact wording for secure cookies, so clicked "next", and it took me to user_pref("noscript.secureCookiesForced", with the list of sites whose cookies are to be forced secure. I would think you could do this in a Mac by opening prefs.js with the proper text editor and using its search command.

If this is still stored in prefs.js in F3, it should work. Will grab my portable F3.5.3 and check it out. Back in a few.

I don't understand why anyone's email address should be part of the file path name to the Fx profile's prefs.js. Are you sure that isn't for the Thunderbird email extension (which I don't have)? In Windows, once you get to Firefox\profiles\xxxxxxxx.default, prefs.js is right in there. You *don't* go into Extensions.

I'm not using Thunderbird but Apple Mail and I'm unsure where the email address came from nor who it belongs to. I found one work-around to the problem though. Open NS>Options>Advanced>HTTPS>Cookies, select all the names and paste them to a text editor file. This isn't very elegant but works.

[Tom T.]

I'm not using Thunderbird but Apple Mail and I'm unsure where the email address came from nor who it belongs to.

.
That would scare me until I found out. The fact that an email address unknown to you is in your files calls for further investigation. Worst case: Your info, possibly keylogger, is being emailed to that person. Probably not, but why *is* it there? Sounds like an inquiry to Apple Mail support is in order.

I found one work-around to the problem though. Open NS>Options>Advanced>HTTPS>Cookies, select all the names and paste them to a text editor file. This isn't very elegant but works.

Now, why didn't I (or anyone else) think of that? Elegance isn't the goal; results are. Cool!

[phule]

That would scare me until I found out. The fact that an email address unknown to you is in your files calls for further investigation. Worst case: Your info, possibly keylogger, is being emailed to that person. Probably not, but why *is* it there? Sounds like an inquiry to Apple Mail support is in order.

I looked at some of the other files in /Users/bob/Library/Application Support/FireFox/Profiles/rftfes6.default/extensions/colesbury@gmail.com/ and discovered that the email address is of the author of the plugin "Firefox PDF Plugin for Mac OS X" which I have added to Firefox.

[Tom T.]

Learn something new every day ... never seen an extension whose author put his email addy in the name or file path of the extension. What if his email address changes? That happens... especially since he's using gmail, and not his own personal domain (e. g., Giorgio's address at his domain, informaction.com, which isn't so likely to change).

If you're sure it's legit, cool. But it still seems very strange on the part of the developer. Cheers.

[GµårÐïåñ]

Unfortunately some less experienced developers will do things like this. It is not commonplace but it does happen and I have seen a few other oddities out there too. You can try bringing it up with the developer and ask them to update it in their next release or just ignore it.