FFOX-00-000007 - Firefox must be configured to disable form fill assistance.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

To protect privacy and sensitive data, Firefox provides the ability to configure the program so that data entered into forms is not saved. This mitigates the risk of a website gleaning private information from prefilled information.

Solution

Windows group policy:
1. Open the group policy editor tool with 'gpedit.msc'.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefox
Policy Name: Disable Form History
Policy State: Enabled

macOS 'plist' file:
Add the following:
<key>DisableFormHistory</key>
<true/>

Linux 'policies.json' file:
Add the following in the policies section:
'DisableFormHistory': true

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R2_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-251551r807125_rule, STIG-ID|FFOX-00-000007, Vuln-ID|V-251551

Plugin: Unix

Control ID: 682194b2bcfbf98ec18c3b43d082086c0ceda1a9a18bac3d10ca4524e86e55f5