Closed Bug 2002482 Opened 3 months ago Closed 3 months ago

SSO bypass - new Firefox Enterprise profile opens unauthenticated browsing window

Categories

(Firefox Enterprise :: Client, defect)

Product:
Firefox Enterprise
Component:
Client
Platform:
Desktop
All
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: sbadau, Assigned: mossop)

References

(Blocks 1 open bug)

Details

Found in

  • Firefox Enterprise 147.0a1 - Build ID: 20251126063844

Affected versions

  • Firefox Enterprise 147.0a1

Tested platforms

  • Affected platforms: Windows 11, macOS 26, Ubuntu 24.04.

Preconditions

  • Firefox Enterprise is launched and SSO authentication has completed successfully.

Steps to reproduce

  1. Go to Hamburger Menu -> Profiles - New Profile

Expected result

  • An additional Firefox Enterprise window should not be launched, and if the Profiles Switching feature is allowed then only the Screen Authentication window should be launched.

Actual result

  • A new Firefox Enterprise window for the new profile is launched alongside the Screen Authentication window, and the user can navigate freely without SSO authentication

Regression range

  • This is not a regression.
Assignee: nobody → dtownsend

The profiles feature isn't supported in enterprise right now. I will land a fix to disable it.

Fixed by https://github.com/mozilla/enterprise-firefox/commit/c351f9b5b8184f6ce3a1b76ee7841cc6c2f90a15

Status: NEW → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED

(In reply to Dave Townsend [:mossop] from comment #2)

Fixed by https://github.com/mozilla/enterprise-firefox/commit/c351f9b5b8184f6ce3a1b76ee7841cc6c2f90a15

It's likely not applied on gcpEU builds because of:

$ git grep firefox-enterprise.js
.github/workflows/enterprise.yml:          echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js
.github/workflows/enterprise.yml:          echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js
.github/workflows/enterprise.yml:          echo 'pref("enterprise.console.address", "https://console-gcp-eu.enterfox.eu");' > obj-*/dist/bin/browser/defaults/preferences/firefox-enterprise.js
Status: RESOLVED → REOPENED
Resolution: FIXED → ---

https://github.com/mozilla/enterprise-firefox/commit/55486752aa3023ef30c8885a7b5c59cb51e2a489

Status: REOPENED → RESOLVED
Closed: 3 months ago3 months ago
Resolution: --- → FIXED

Verified as fixed - the Profiles Switching feature is now disabled on Firefox Enterprise 148.0a1 (Build ID: 20251217070700) - tested on Windows 11 and Ubuntu 24.04.

Status: RESOLVED → VERIFIED
QA Whiteboard: [S3][QA-4392][qa-found-in-c147] → [S3][QA-4392][qa-found-in-c147][qa-ver-done-c148/b147]
You need to log in before you can comment on or make changes to this bug.