Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Firefox connection problems after enabling DoH?
696 points by killdozer 5 days ago | hide | past | favorite | 395 comments
The latest version of Firefox (96.0 and 95.02) seems to have a problem where as soon as you enable DOH (DNS over HTTPS) the browser is unable to establish any connections. Disabling this feature once enabled doesn't resolve the issue, closing the browser leaves processes hanging in the background consuming resources. Several of my friends have reported (Windows/Linux) seeing the same issue but we haven't been able to find a solution.





What worked for me was disabling HTTP3 support with the 'network.http.http3.enabled' key in about:config and then restarting Firefox. Seems like it's stuck in the 'SocketThread', repeatedly doing this:

  2022-01-13 08:20:53.075936 UTC - [Parent 4106991: Socket Thread]: V/nsHttp Http3Stream::OnReadSegment count=333 state=4 [this=7f6e295623a0]

It's been posted already but putting it here for better visibility: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908

Closed as dupe of https://bugzilla.mozilla.org/show_bug.cgi?id=1749910 "Firefox has witnessed outages and we are sorry for that. We believe it's fixed and a restart of Firefox should restore normal behaviour. We will provide more information shortly."

Oh wow, thank you so much for this. I've been trying to troubleshoot this for hours but because my browser didn't work I never thought of checking HN to see if other people had this as well.

Another score for automatic updates I guess.


As others said, this happened to all kinds of versions, not just 96.

I was perfectly happy with the one that didn't support this 'feature', and automatic updates are what brought it to my system.

Yeah, the alternative is running a system with a ton of outdated software, with known bugs and active exploits while casually surfing the "oh-so-cosy-and-entirely-harmless" WWW...

The goal is not to ostracize automatic updates, but to have faster fixes.

Or to separate security updates from feature updates, but I think this ship has long sailed for modern browsers.


> Or to separate security updates from feature updates, but I think this ship has long sailed for modern browsers.

That would be my preferred solution. But yes, as you say, that ship has sailed. No reason why it couldn't sail back though.


> No reason why it couldn't sail back though.

Multiplying the number of parallel maintenance tracks and associated support costs is not “no reason”.


> No reason why it couldn't sail back though

Maintenance cost.


The goal is to fully control your environment and not to expecting some unexpected updates.

User is the one who must choose update policy. If user is choosing to not update then it's their own problem and no manufacturer has the right to deside otherwise.


Automatic updates are a good default, you can always disable them if you don't want them.

Good default is to ask users about their preferences explicitly and not to hide that kind of settings anywhere.

Most users are computer illiterate, so they would choose to not auto-update to skip the hassle, and then never manually update anyways.

Every FireFox install comes with auto-update enabled.

Nope, mine on linux doesn't auto-update itself, though I update it diligently, but manually

In the past I would have agreed with you. Sadly there are "updates" which remove functionality.

In the case of Firefox, there's also the Extended Support Release. Security updates without the UI change every 4 weeks

https://support.mozilla.org/en-US/kb/switch-to-firefox-exten...


In this case, ESR was also affected.

https://bugzilla.mozilla.org/show_bug.cgi?id=1749910


Http3 has existed in ff for a while. What triggered this was some back end service switching to http3, triggering the bug.

Even if you don't update your browser, the world updates around it


My browser isn't supposed to have any 'backend services'. Especially not backend services that I did not explicitly opt in to.

It's not a backend service on your browser, it's on whatever webpage you tried to visit.

I really don't get this comment after a whole thread full of good information on this.

No, it's in the browser. Turn off all data collection and the bug disappears.

https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c10


lower in the linked thread:

> Telemetry has nothing to do with this, it just happens to be one of the first services with H3 load balancer.


You... do understand that that's self-contradictory, right? It's impossible for both parts of that sentence to be true.

If telemetry really had "nothing to do with" the bug, then the fact that telemetry "just happens to be one of the first services with H3 load balancer" wouldn't trigger the bug.


I think he means you that you couldn't eliminate the bug by disabling telemetry. It just will be triggered by something else later.

Sure. But the thread is in reply to this post: https://news.ycombinator.com/item?id=29918998

The question isn't whether "backend services" forms the conceptual essence of the problem - I think we all agree it doesn't.

The question is whether it "happens to be" triggered by backend services.


This bug can be triggered without visiting any webpage at all.

Why don’t you just disable automatic updates?

Good question. Because for security reasons you want to stay up-to-date on software that connects to various websites. At the same time, from a functionality point of view I wished I'd never have to update anything.

It's not a question of avoiding updates altogether, but the sad reality that it always seems to choose the most inconvenient and/or expensive time to do it. If they'd just do as Thunderbird does -- notify me that there's an update and ask me what action I'd like to take -- there'd be no problem. As it is, being unable to choose when the update happens is unacceptable.

FWIW I've tried every documented setting, "enterprise" policies, etc. to prevent automatic updates in FF, but nothing seems to stick.


Hmm, works for me (Firefox ESR) under Preferences > General and there "Allow Firefox to" ... "Check for updates but let you choose to install them"

That's s private installation, a company-wide centrally managed might work differently ... but companies normally want to control updates too.


Yes it has its pros and cons like everything. But as a default for the average user I think auto update should be enabled

It's not happening to me with Firefox 95.0.1 on Ubuntu 20.04. I'm disabling http3 anyway. Re-enabling it when Mozilla will explain what's going on.

Edit: reading further comments it occurred to me that maybe I'm not affected because I'm not sending any data to Mozilla so I don't hit their HTTP3 load balancer.


Disable telemetry while you're at it: "Firefox Data Collection and Use" in settings. It seems to have re-enabled itself on some silent update. Sneaky bastards.

I was surprised to find I had telemetry enabled. I could have sworn I disabled it, but it would have been a long time ago, so I was thinking maybe I remember it wrong.

I would like to see any source that may exist on it having been silently re-enabled. I know telemetry is anonymized and totally harmless or whatever, but re-enabling it behind my back would feel like such a breach of trust.


I keep a careful log of such stuff and I'm 100% sure that I disabled it on all machines here. This definitely got re-enabled silently at some point, I am trying to figure out when. Not having such crap is the reason I use Firefox so it is hard to express my disappointment at this.

It was re-enabled for me as well. browser.crashReports.unsubmittedCheck.autoSubmit2 and datareporting.healthreport.uploadEnabled

It didn't re-enable for me.

When did you disable it?

Ages ago, probably the first time Mozilla added telemetry to the browser.

Go interview people Mozilla. Less analytical data but you'll end up knowing your users.


Anecdotal and same for me (it's not re-enabled). I have not touched those telemetry settings for years, cannot say exactly when.

I'm on Firefox 90 and yes it suddenly stopped working in the middle of a Youtube video.

Thanks anyone in this thread who helped!


I'm on 97.0b2 (developer edition), same issue.

Yes, I was using 95 and mine was broken too.

V94 didn't work either

I'm thankful to work in a team. As my IT dept has a habit of breaking stuff with AV and other crap-ware, I already asked if anyone else was having problems with Firefox after 5 minutes of trying to figure out what was wrong, after which someone pointed me to this thread

Unfortunately, with work-from-home that puts me in isolation. I did try it with Chrome and that worked so it at least clearly was a FF issue but I never ever counted on features with embargo dates. That totally messes up my inbound QA on new FF releases because that means that no matter how much I test a browser in my sandbox by the time the automatic update propagates to the machine I work on I can still get hosed.

Very frustrating this. Fortunately it isn't a Tuesday or I would have been ready for murder by now.


I also work from home; I just asked around in the general chat.

As I instinctively was already blaming out IT dept for breaking Firefox for some security theater reason I was glad I found the real issue quickly, otherwise I might just have accidentally dropped my laptop out the window


I did this, posted my earlier comment, then re-enabled that to see if I would be able to load pages or not and I was.

The other thing I noticed was that previously when I looked in taskmgr (windows 10) there were 4 or 5 firefox processes going on -but when I went to close firefox after setting that to false there were not.

I'll close and check again but I'm wondering if simply setting it to false once doesn't allow it to perform some update or something that lets it get back to behaving normally? Like unsticking a log jam?

[edit]Forget I said anything. When I restarted and tried to reload HN it hung again. I had to disable network.http.http3.enabled in order come back and edit this comment.


It worked. Where can I buy you a beer?

Interesting, it first hit me while I was browsing Youtube. I have been noticing aborted/stalled connections specifically on Youtube over the last week or so. I bet you they have http3 going. After upgrading to 96 today was the first time I got all new connections blocked.

Yes, I think it first hit me when I was updating gmail. I bet Google enabled something new on their services that Firefox didn't handle properly. (Without knowing any details, it could be that Google is actually doing something non-standards-compliant; but in any case FF should respond gracefully and not hang all connections, even those not going to Google.)

Wow thank you! I was bangning my head against the wall, restarting my computer, disabling extensions, etc. This worked like a charm :)

It seems there's no need anymore, autoupdate fixes the issue since approx 09:25 UTC

Which Ver number?

Yep, works. However, you need to magically restart the browser. Apperently, it runs some background processes whose names contain neither the character sequence "firefox", nor "mozilla", according to pgrep.

GeckoMain

pgrep -f and pkill -f probably do the trick.

I only had to do a hard restart (force quit it, as others point out, just closing the window causes FF to hang). After restarting, everything seems to work fine.

EDIT: my FF version is 91.5.0esr (64-bit) on MacOS.

Many of my colleagues had the same issue today, and they all report that just restarting FF fixes the problem (one restarted the computer itself).


Give it some time. That's exactly what I did first thing this morning, then it worked again for 20 minutes, then it broke again. And then I couldn't get it to work at all until I saw this message.

You're a godsend, this stupidity wasted an hour of my time, you fixed it. What a trash joke Firefox has become.

I had to force quit and restart, but that seemed to do the trick for me too. Thank you!

I had something similar - changed the setting, closed firefox, opened it again and was presented with the message "Another instance of Firefox is already running. Please close other instances of Firefox". There was a firefox.exe process running 12% (on an 8-core machine, so it was pegging one core at 100%) that I had to kill. After that FF worked fine.

Many other have already said it, but I want to add my voice too. Thanks!

I had to also turn off DoH but this did resolve my issue, wild.

I started in in `safe-mode` and assumed it was a addon that did block all traffic. Anyway Thanks

I can confirm that disabling HTTP3 support helps. Thank you for the workaround.

Thanks a lot! Do we need to enable this again later when they fixed it?

Hah, you are on HN as well, just linked to your reddit comment :D

It worked, thanks! How can we check the Firefox's logs?

If only we had transporter tech, I would send you a keg.

Thank you very much, this fixed it for me as well! :)

Thank you very much! Saved me a lot of time.

This worked for me as well. Thanks!

Thank you this indeed works.

Thanks, this has worked!

This comment should be higher.

Thank you.


Not working for me.

closing all browser windows does not work. I had to `pkill firefox` and it works

Yeah I ended up just waiting 5 minutes and it started working again.

Did you restart the browser?

also fixed it for me - thanks :)

Thank you!

Thank you!

I will have your babies, and that’s coming from a straight male.

Updates on the bug:

> We have other services with the same type of load balancer in front of it and we currently suspect it is an HTTP/3 load balancing problem.

https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c17

> Our current suspicion is that Google Cloud Load Balancer (or a similar CloudFlare service) that fronts one of our own servers got an update that triggers an existing HTTP3 bug. Telemetry was first implicated because it's one of the first services a normal Firefox configuration will connect first, but presumably the bug will trigger with any other connection to such a server. Our current plan is to disable HTTP3 to mitigate until we can locate the exact bug in the networking stack.

https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c21


So for Firefox to even start, Mozilla implicitly depends on Google now. Wow.

Couldn’t they have used any other cloud provider? I mean, cmon!


No, it's not required to start. Without the bug firefox starts up just fine (in fact, if google's servers were to drop off the internet, the problem would also go away). The problem is the bug hangs all network communication when it's triggered.

And here I go explaining my friends and family I helped switch to Firefox that the browser I've installed on their computers got broken at the beginning of a new day while Edge and Chrome work fine... personally, I know very well bugs happen and I'm not mad, but this certainly hurts the confidence in it for the non-tech people.

Just yesterday I was telling a colleague who was fighting with chrome (entering the address `something.companyname.local` caused chrome to search for that string, he had to enter `https://something.companyname.local` for it to work) they should just switch to Firefox. Bugs happen but this is a pretty annoying one.

FYI There is a workaround for this: add a search engine with "http://%s" (or "https://%s") as its query URL and make it the default one. And when you actually want to search, explicitly prepend the phrase with a keyword for another search engine (like "d<space>[search string]" for DDG).

On other hand I find it annoying that the start page of Firefox has box I always think of as search, but it is also address bar. While address bar is already at top. So I search some filename just for it to try to access it...

Oh weird you're right, I don't think I've ever interacted with that extra address/search bar. I wonder what they were thinking, that seems redundant and a bit silly

It is for people like me who doesn't want every domain I ever type in to be sent to Google or somewhere else for autocompletion.

I mean, most of all lkve autocomplete, but when you type in <nameofprobationofficewebsite>.<tld> or what have you, are you sure you want everyone of these keystrokes to go to Google?

If not then you want a separate search field.


Ah I think you're mistaken. We're talking about when you open a new tab in Firefox the default landing page has a little grid showing commonly accessed sites as well as an additional search/address bar which says "Search with google or enter address"

We have the same feelings on this - I also would prefer an explicitly separate search bar and address bar.

Edit: or maybe I'm understanding Ekaros' comment incorrectly? Either way the thing I'm talking about is that there's a combined search/address bar always visible in FF, and when you open a fresh window or tab there's a landing page which has an additional combined search/address bar.


No this is exactly correct.

I can just write the address in address bar if I want. But I do not have search engine as default page or even have one in as bookmark. So I would love to just have a search box where I can copy paste a filename with either full path or as something.py... And browser to not try to access non existent .py domain which only has third-level addresses anyway...


You can, just go to settings and enable it.

(For everyone wondering why we crazy people stick with Firefox: there are actually a number of technical/ux reasons in addition to not wanting to give control of the web away to a single company.)


Aha, very possibly I'm mistaken.

I wondered why anyone still saw the search bar without explicitly enabling it.


Well I'm glad it happened, otherwise I wouldn't have learned that it was actually possible to separate these two bars in Firefox. So thanks for that :D

FF does that as well with my local dev sites. It does suggest "did you mean to go to ...", which then works.

I've spent the last 3 days angrily submitting bug ticket after bug ticket, including one for Firefox. I just got a new laptop, and the amount of things that get shipped totally broken is just crazy.

Windows 11 almost but not entirely broke HDR. It kinda-sorta works for some things, sometimes, but most apps that used to work with HDR back in Windows 10 just can't any more and are forced to use SDR with sRGB gamut only.[1]

The Win UI SDK regressed from WPF and lost all wide-gamut or HDR support at the API level (which probably explains the above). As in, Microsoft literally removed a wide swath of floating-point color support along with the wide-gamut scRGB color space. We're back to 8-bit RGB arrays in sRGB only as the only option. Like in the 1990s.

Windows Server 2022 can't activate its license unless it uses the UTC time zone. Why? Because Microsoft employees test using Azure VMs, which... use UTC by default.

Speaking of color: Firefox for a while just... stopped doing color management. Then it worked again after a few weeks when it updated.

But it might not be Firefox's fault, because Windows also seems to randomly turn color management off, or force it back to sRGB silently.

If you have a laptop with one of those hybrid Intel+NVIDIA GPU combinations, then HDR games don't work at all with the built-in display, they all report HDR support as N/A. But they will work with external displays!

Speaking of HTTP/3 in Firefox: I've had it permanently disabled because the early releases would leak about 10 GB of memory per minute and lock up the browser very quickly. But not quickly enough to prevent the automated test suites from passing.

... and so on...

The point I'm trying to get to is that in 2022 we've achieved this state of affairs where human beings don't do actual Quality Assurance any more as a job. It's all automated and those people have been summarily fired.

Any issue that is invisible to a DevOps pipeline is Not A Bug and will ship broken. If it ships in a working state, that's probably just a lucky accident, and a subsequent patch will break it for sure.

All of the issues above are caused by automated test suites one way or another. Automated tests are literally blind to output color rendering; testing that requires a physical monitor. Automated tests are almost never set up for long-term testing for things like memory leaks, because they have to run fast. Automated tests use default, vanilla settings for the host OS. Automated tests don't have funky hardware combinations. Automated tests don't measure "jank", or inconsistent performance issues, Etc, etc...

What you're experiencing is the end result of all of this. NOBODY is sitting down and validating the end-result from the perspective of a human user sitting in front of an actual device. That final quality assurance is just not there any more, and hence we're all embarrassed when we have to "show off" some piece of IT tech and find that it's just a broken mess.

/rant

[1] This bug has apparently been fixed in some beta, and might ship around the middle of this year. In other words, Microsoft is perfectly content to break display output on their consumer desktop operating system for six months and just leave it at that.


Can I add that Defender activates on top of the other Antivirus that our lovely (no not sarcasm, they are lovely, they just get tripped by MS) IT department bought and push-installed?

Earlier it said the other AV solution was turned off (it was not) and I had no valid protection.

Now it doesn't even say an excuse. It just keeps running with no obvious way to turn it off.

Surely it was good UX to remove that "clutter"?


Isn't test automation and demise of manual QA are just consequences of large increase in the test surface? Many more features, greater hardware variance, changes to underneth tech stacks, etc all lead to a combinatorial explosion of what to be tested and manual QA wont be able to cover any significant portion of it, unless James Webb like money are spent on QA.

I think it's a lack of ownership and craftsmanship. You need that grumpy old master in charge smacking the apprentices on the back of the head when they don't live up to his standards.

I'm very lucky to have grown up and gotten most of my work experience in that kind of environment. I was expected to aim for perfection, and punished without fail if I didn't achieve it. No half-measures. Do it right, or don't do it at all.

There are people shipping code right now with 100 million to 1 billion users where they didn't even attempt to get it right. Knowingly, on purpose, they aimed to just barely pass the test. To meet the letter but not the spirit of the requirement. To build something that technically works, but not in practice. Make something that they wouldn't use themselves.

This doesn't matter to them. They make the little test suite indicator turn into a green check mark, then it's time to clock out and go home.

"Job done boss."

And the boss never checked that it was truly done either. He's got no standards himself that the work needs to meet.

The build system reports green, all is well in the world.

"Ship it!"


Amen. What's worth doing is worth doing well. It's the anti-thesis of move fast and break stuff but I really far prefer the careful approach to software development over the one that doesn't care about what happens to end users.

You want to keep your job => make boss happy, reach KPI.

I don't blame them (the employee).


Well it's cheaper that way.

Want it better? Augment competition and try to avoid monopolies.

EDIT: Actionable advice: avoid SW or HW which isn't at least 6 months old.


It seems another workaround is disabling the collection of usage data:

https://twitter.com/vanilla_chief/status/1481546294489489409

€: It seems telemetry does no longer triggers the bug as they've changed something on the server side? So this probably won't help anymore.


https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c21 telemetry is not the only service affected, it's advisable to disable http3 entirely as a workaround for now

This worked. Funny that this bug will cause people to turn off the opt-out data collection. No one is going to turn it back on after the issue is fixed.

Don't worry, FF will do an automatic update to re-enable it. Again. Without your consent.

They will turn it back on for you. I could swear I've had it turned off a few times already before, and I'm definitely sure I did it at least once yet here we are :).

Telemetry in itself isn't the end of the world, but disregarding the settings your users chose is such a weird behavior coming from an organization that pretends to care about choice.


I already had that disabled when it struck me.

The current theory is that some CDN/LoadBalancer updated its HTTP3 implementation and is now triggering a bug in the HTTP3 stack of Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c21

It just happens that the usage data collection uses that CDN thus triggering the bug. But you can also encounter it by just visiting any other website served by that CDN.


I had too but it mysteriously re-enabled on all FF instances on various laptops and desktops here. I wonder when that happened.

Can confirm this worked.

this worked for me too

Reddit Thread with tons of comments already: https://old.reddit.com/r/firefox/comments/s2u7eg/is_firefox_...

I have the same issue, a different profile worked

edit: Twitter feed https://twitter.com/search?q=firefox&src=typed_query&f=live

There better be some hell of a post mortem

edit2: `network.http.http3.enabled` in about:config to false fixed it for me. Source: https://old.reddit.com/r/firefox/comments/s2u7eg/is_firefox_...


This didn't fix it for me until I also disabled DNS over HTTPS.

I disabled both and it continued to fail for about 5 minutes until it started working again.

I suggested that data collection should be opt-in since it is (almost) the cause of this issue, and my comment was hidden for "advocacy".

https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c11


Regardless of the viewpoints here (I lean to agree with you on opt-in), it's an off-topic suggestion on a hot bug report. Keeping noise levels low on these sorts of hot bug threads is already hard, no need to make moderators job harder.

It is standard response from them now I guess.

We are only valued community members when there is a fundraising drive going on. The rest of the year we are just annoying nobodies it seems.

Try to ask for updates on the Tab bar issue if you want to trigger it again.


That's very telling, isn't it. After all, who were you advocating for?

Devil's advocate here but they were perhaps advocating against metrics at a time when Mozilla has a lot of pressure to do right and might need those metrics to perform.

of course it should be opt-in. It's ridiculous that such a thing would be opt-out.

"Advocacy"?! This is crucial information that should help them solving the problem! Switching Firefox Data Collection completely solves the problem and allows users to use HTTP3, but it looks like they prefer us not to use HTTP3 but have Firefox Data Collection turned on instead.

I mean, in normal circumstances I'd understand it, but hiding this kind of key information as "advocacy" is unacceptable.


https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c19 current info is that it's not just telemetry that can trigger this HTTP/3 bug, it just happens to be the first/most common service that users' browsers will connect to

Telemetry data snooping is the problem here. It clearly makes FF hang forever, and having it off by default would not have triggered the issue.

So data snooping is the issue here.


Firefox has been pretty unstable for me too recently, just now I had to kill several "GeckoMain" processes that kept churning even after I closed the browser. There also seems to be a memory-/performance leak that leads to the browser getting slower and slower the longer it is open, so once per day I have to close and re-open it, which fixes the issue.

I really try hard to like Firefox but it keeps falling behind. For certain tasks like debugging web applications I already resort to Chrome because the debug tools in Firefox are painfully slow in comparison. I guess FF developers have too beefy laptops and don't notice this, on my "old" T460p it makes the browser more and more unusable though. Same goes for opening "expensive" web apps like Slack or video conferencing tools, performance greatly degrades.


> just now I had to kill several "GeckoMain" processes that kept churning even after I closed the browser

Thanks, I wondered what was causing that.


This happened to me and a co-worker too, and I could resolve it with a `sudo killall firefox` and re-starting it.

In contrast to all the heat from many of the comments here, I'll say this: shit happens to any company. My trust in Mozilla is not (yet) shaken just because a bug made it into production, even if that bug made it there due to bad decisions or even (hopefully temporary) lack of vision.

I, for one, am not comfortable with giving full control of the internet to Google and friends, so using FF is one of the things that let me "fight".


Check the FireFox usage stats. They tell a pretty good story. Every couple of months there will be some major issue and then FF loses a bunch of users. And they don't come back.

I would guess it's an absolute disaster for Firefox. While it's not going to make me switch from FF to Chrome personally, this issue is big enough for me to not install Firefox on non-techies computers. I bet a significant amount of people will permanently switch away from Firefox due to this too.

> this issue is big enough for me to not install Firefox on non-techies computers

Why? Whatever you install is likely to have issues with similar impact.


Indeed. No-one ever said the revolution would be easy.

I really hope the auto-update component doesn't have the same issue, otherwise Firefox is essentially dead on millions of computers owned by non-techies.

I fear not. With http3 enabled, the auto-updater never returns a result. It keeps saying "checking...". Looks like the auto-updater itself will work only when http3 is disabled through about:config which non-technical people may not be able to do.

However I do recall Mozilla having another backdoor channel which they used sometime ago to push an emergency update. I hope that works.


Someone just reported that it looks like a load balancer issue. Presumably, if that's the case it can also be fixed without user action: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c17

I hope i am mistaken, but the auto-updater of my own FF was blocked.

There is something about being unable to check for updates if you open the console on any site...

Exactly what I was thinking. I hope they thought about this case and made the updater use a different stack...

Auto-Update doesn't work anymore. It's the first thing I tried when encounter this issue like 20 minutes ago.

Can't access any website or making any connection without disable `network.http.http3.enabled` and restart.

This impact is huge for million of firefox users!


Good. Abusing the users for testing via forced auto updates is short sighted and hopefully enough people change browser that Mozilla change their ways.

Several non techie friends already contacted me about a broken FF. There will be millions of people with this problem, indeed.

I can confirm auto-updater got broken too. When I realized my browser (nightly) was borked, first instinct was to update.. but nope, that didn't work. Then I manually downloaded a new nightly tarball, but that also didn't help. Switched to stable (95.0.2) and that worked once, then it got borked too.

Was blocked on my machine too, but spontaneously started working again after a complete reboot without the disable http3 fix, so there is hope! :D

What is going on at Mozilla? It's getting harder to stay faithful to the organization supposedly representing the open web. They are acting more like the profit-first companies that are strangling our use of the internet. Starting a browser to a blank page should not make any outbound connection until the user requests something. Apparently their HTTP3 support is choking while trying to connect to some centralized service. This is an unacceptably poor engineering design.

Genuinely, I cannot reproduce the issue. I ensured that both DoH (set to Cloudflare) and H3 are enabled but didn't hit the snag, so either Cloudflare has a buggy deployment or the hunch (https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c6) that it's telemetry activating H3.

Update: using Google's (the horror) DoH, and I didn't notice problems. Might just be CF having a bad H3 deployment, but I want to know what bug it triggered on FF.

Update 2: To clarify, CF did indeed hang FF, but also Google, which is know for at least bothering to monitor complaints (and dns.google is still H2). Trying to disable telemetry now.

Update 3: incoming.telemetry.mozilla.org is still H2. Can someone give me the other domains of MozTelemetry? Browser still working as of the moment.

Update 4: Telemetry was indeed H3'd: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c17, me angery right now.


Did you have telemetry disabled?

It sounds like users with telemetry disabled were not affected.

EDIT: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c19 this is seemingly not the case, other HTTP/3 services can also trigger the same bug, telemetry just happens to be the most common / first to be triggered


I think it has been fixed, I didn't do any fixing on my own and it just worked after 20-30 minutes again

It goes up and down as long as that http3 setting is enabled, if you disable it it just works and continues to work.

I've had it working intermittently all morning but after that setting got set to false it never failed.


I had the issue earlier today, then after a restart it went away. Not 3 minutes ago it started happening again. A restart then didn't work, but disabling http3 got me up and running.

So what's strange here is that these hangs are weeks after Firefox 95.0.2 was released. That points to either DoH provider or some HTTP 3 server triggering the buggy behavior at scale. Either is fairly scary.

I lean on this. I have a 95.0.1 on ubuntu and got the problem for about 5 minutes. Killed firefox, waited a while and tried again and it worked. So it's not an update issue. A centralized service somewhere failed. Which is, indeed, scary.

It looks like it probably was a client and server interaction. Somebody (Google, Cloudflare...) switching over more of there infrastructure to http3 triggered it in more clients.


I've been using firefox since its very first day. In recent months I have had quite a lot of issues. Somehow the fullscreen mode always shows "Press ESC to escape". Last week, somehow all my cookies are gone and I have to re-login all sites again; worst, all add-ons settings are gone too. Well quite a lot of stuff. It's my mistake to install some add-ons or something crazy, but I really hope there is any easy way to "understand and fix the problems". The browser is not a technical bomb field that I need to invest my time :(

Unfortunately no browser is yet sufficiently bug-free for a frequent user not to hit bugs pretty frequently... Eg. last week Chrome kept displaying graphical glitches wherever webgl content should render...

Saying "yet" almost implies there's supposed to be progress towards it?

If anything, I think there's been regress. There was a time, long past, when I didn't really have to think about the browser itself much at all. It just did its job and problems were rare. Browsers and the web have turned enormously complex now. WebGL is a case in point: it's complex by itself, and it also brings in all the complexity of the graphics drivers & GL implementation on your system. Graphics drivers are the most complex of all drivers on your system, and GPUs are the least reliable of your components..


I'm typing this from my rarely-used Chrome install. Firefox just broke for me, and killing all the processes and / or restarting isn't helping.

Edit: I am on Firefox 91.4.1esr, so clearly it isn't just the latest versions that are affected.


Heck, I'm running 88.0.1 and still get this. Probably some unintended timebomb bug in the HTTP3 code...

  Other workaround: Go to preferences -> Firefox Data Collection and uncheck everything. Then restart Firefox[0]
This might be better then disabling http3 as Firefox would stop working in the future when http2 is depreciated.

  [0] https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c6

If the Mozilla telemetry service can trigger a HTTP/3 DoS bug, then I would assume that any server can trigger the same HTTP/3 DoS bug. I think I'll keep http3 disabled for now, until this is figured out and fixed.

EDIT: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c21 yes, it's not just telemetry


I posted exactly that on the reddit thread and got my post deleted...

I'm having the same issue. All tabs froze and the FF energy demand spiked. I upgraded manually from 95.0.2 to 96.0 but the issue persisted.

Twitter[1] is currently lighting up with broken FF reports across the globe.

Some people are reporting that if you hold down Shift while opening it works (though any FF personalisation is wiped). That didn't work for me on Mac.

[1]: https://twitter.com/search?f=live&q=firefox%20until%3A2022-0...


At least the fix for Fx was wrapped up quickly.

I love Firefox. It's depressing to see the hate they're getting in the comments.

It's depressing what Mozilla did to Firefox.

I was and still am an evangelist but stuff like this makes me wonder.

Never saw a bug like this in a browser. By pure chance did I check if Chrome worked.


I've been using Firefox for almost 20 years and the decline in the last 5 is extremely steep.

Firefox is not what it used to be... They deserve it in my opinion even if I'm still using that browser for most of my browsing.

Just goes to show how quickly you can deplete literally two decades of goodwill.

They've been depleting that for years. This sort of attitude change doesn't happen over night, it is an accumulation.

Ever since a bigoted scoundrel had to resign as CEO of Mozilla by trying to deny humans theirs rights, HN always has a generally negative view of Firefox. Just notice the outrage on the paltry 2 million salary of their CEO, while the same people will come to defend multi milion dollar salaries of white male CEOs who are far far worse than Mitchell Baker.

Perhaps if they don't want "hate" they should perform the most basic of regression tests before shipping updates.

Firefox stopped working in the middle of writing an email. Couldn’t even restart the browser without it crashing. Rebooting didn’t fix it. Reinstalling it only temporarily fixed it. I got frustrated and installed the ESR version and it STILL didn’t work.

This whole incident makes me feel better about myself. Like any developer, I’ve deployed some nasty bugs into production. But I’ve never completely broken a web browser relied on by millions. My heart goes out to the FF team members working to fix this.


Thought it was my Internet connection as a browser wouldn't just stop working like that. Currently on Edge.

He, my corporate Edge (97) is currently randomly freezing up too, so I would not recommend it depending on patch level.

Thankfully I had Brave installed. I thought it was a wifi issue but steam and tidal kept working

On my corporate Linux, both Firefox and Chromium (which is likely the same as Edge nowadays, I guess) are affected.

On default configs, what did the trick for me was disabling all telemetry, then restart Firefox. Works on Windows and Linux.

EDIT: FIX worked temporarily.. had to go the network.http.http3.enabled route, sorry folks

I literally just fixed this problem by installing that microsoft visual redistributable https://support.mozilla.org/en-US/questions/1326304

It just started happening to me after i updated firefox.. I installe that VC runtime, restarded, and now it works.. didn't have to disable anything in the browser.. this has been happening for at least a year, reading reddit and googling..


I can confirm this on Windows. Just installed the latest VC++ redistributable and now FF works even with network.http.http3.enabled set to true.

The problem came back :( had to disable network.http.http3.enabled

Well the problem affects firefox across all platforms so...

you are correct.. happened again

I feel a symptom I've been having for a couple of days could be related, but I can't be sure: There's a site I can only access via a personal VPN connection. If I try to access it while on the VPN, it works immediately. If I try to access it off the VPN, realise it's not accessible because I'm not on the VPN, connect to the VPN and try again, it takes a good 30s to a minute to get to.

Feels like Firefox waits some amount of time before making fresh attempts to a previously failed site, possibly due to some caching.


Did you try the more aggressive shortcut ctrl + shift + R / F5? (Not sure if it was this hotkey exactly)

Yeep.

Oh man and I thought it was only me. I couldn't even refresh Firefox from the UI and had to start it in safe-mode to reset everything. That fixed it but holy moly

Actually it didn't, the issue came back. Disabling http3 seems to be needed to fix

Aaaand another bunch of users lost to Chrome ...

I've only spoken with 2 other people and they were not as lucky as me to have read about the fix on this very comment page, so they were "forced" to use Chrome/ium to be able to access the web. Not sure they will switch back to Firefox.

I am surely not switching to Chromium based browsers, but it is time again for me to consider switching to Icecat or so instead after what happened today.


> Aaaand another bunch of users lost to Chrome ...

If that's true, it's good news for Firefox. If that's all it takes to lose 0.05% of users, then when Chrome has a bug and loses 0.05% of users to Firefox, there will be a large net gain.


I would be extremely surprised if 0.05% of Chrome users are aware that Firefox exist and/or that it should be an option instead of Edge.

At this point a developed a love/hate relationship with Firefox.

It’s the only browser I use, but you need to be delusional to not see that you’re in a sinking ship and everyday you find a new hole and you see more water coming in.


I have to wonder why on this day on HN, people suddenly want to spread this narrative. Perhaps success or failure depends partly on perception, whether you believe you will succeed.

I created a short step-by-step blog post, with images, about a solution that worked for us because people started contacting our support. I think I can share it here: https://www.queuemetrics.com/blog/2022/01/13/firefox-stopped...

What's driving me crazy about Firefox is that every time they release a new version, whatever version I am running on my machine stops working-- it refuses to load any new page or to refresh any existing page.

So I have to open Safari and download and install the latest release.

Which means I can never count on Firefox working. Frustrating.

osx, if that helps anyone suggest a fix.


I'm a very long time die-hard Firefox user, the only reason I even have Chrome on my system is because I built an application that requires WebMIDI, which Firefox still refuses to support.

But I'm starting to believe that the browser wars have been conclusively lost and it's time to throw in the towel. Losing a whole morning on this trick is really pissing me off, I'm in the middle of a bunch of stuff and if not for this HN thread I'd be unable to continue to work. Very, very annoying. Browsers are mission critical, you don't just fuck around with the networking settings on a timed change.


Wouldn't you just have different problems with Chrome?

> Browsers are mission critical, you don't just fuck around with the networking settings on a timed change.

Is that what they did? I thought the problem was a server-side change by a Mozilla vendor. And if they did, how else does Firefox update networking? How does Google do it with Chrome?


Yep, I can't use Firefox for an exam I have today. It's just not worth the risk. It was already not working great on Firefox to begin with.

Can you imagine if this situation happened to someone in the middle of the exam? I'd never blame the browser for a loss of connection before a good few minutes of trying everything else.


Ugh. Much good luck with your exam though!


Oh good one. Thank you!

Huh? Firefox on macOS autoupdates quite fine. You do not need to download it manually.

That's not what it is about it is about the irritating 'one more thing we need to do before you can continue to do your important work is to restart firefox'.

What if I don't want to autoupdate? Why should a browser which was working just fine one day stop working the next, just because Mozilla released a new version? Why does a new version release kill an already installed existing version?

Also, an update (auto or manual) means restarting the browser, which logs me out of my sessions, profile, and password manager.


So, looking at the HTTP3 wikipedia page I see this:

"HTTP/3 uses QUIC, a transport layer network protocol which uses user space congestion control over the User Datagram Protocol (UDP)."

Ok. Is it still a thing with internet core routers that in case of congestion issues they drop datagram packets because they're not guaranteed to be delivered anyway?


Internet routers do not differentiate between TCP/UDP. They do drop IP packets when congestion occurs (regardless what's inside).

That's correct, with HTTP3 active you are extremely vulnerable to your packets being dropped and other sorts of transport issues. The browser will ideally fall back to a different protocol if it identifies that your connection/routes/etc can't handle QUIC.

My firefox hung in a weird way and I think it might be because of this. However what happended was slightly amusing.

I was in the middle of a chess game. I played a move and the opponent's clock just seemed to be ticking down. The correct response for them was obvious so I couldn't understand why they were taking so long. Eventually I became suspicious and realised all my firefox tabs were kind of "stuck" and I couldn't refresh anything etc. Eventually my opponents clock seemed to run out completely but the game didn't end. I had to forcefully restart my firefox and when I got back to my game (fully expecting to have lost on time) saw that my opponent had played a terrible blunder and immediately resigned.


Once again, thank you to jbaiter - his HTTP3 solution worked for me.

The fault occurred mid-session, whilst streaming a live broadcast, and I lost the connection.

Plenty of people using the opportunity to criticise Mozilla, but if it's a third-party srvice problem, you can't blame them.


I generally use Firefox ESR and don't have any problems. (Note: if you use Slack things are a bit broken sometimes in Firefox ESR. In fact, there's a notice that they'll stop supporting this browser on March 1. I haven't noticed any other broken sites though.)

Last time Firefox wouldn't connect to stuff (Google sites) even though every other browser would (March 21~22, 2017, but I think that was a problem that didn't affect the whole world), the workaround was very similar to the one discussed in other comments here: disable network.http.spdy.enabled and network.http.spdy.enabled.http2

(Insert snarky comment about feature creep and questionable frontend engineering here)


ESR versions were reportedly affected as well: https://bugzilla.mozilla.org/show_bug.cgi?id=1749908#c2

You'd think "can load a web page" would be included in the regression suite for a web browser. This is some pretty bad quality control even by Firefox standards.

Manual install on aging Ubuntu refused to load pages and pegged CPU.

Manually reverted, and launching my older version (92!) demanded I either create a new profile or quit.

This would have been a disaster except I tried it out on a spare profile in the first place, so I recommend this to anyone making a similar experiment.

I haven't set DOH (!) that I can remember.

Running through the initial ff setup a couple of times is a sad reminder of the progressive influx of crapware into my sill favourite browser.


>Manually reverted, and launching my older version (92!) demanded I either create a new profile or quit.

use --allow-downgrade switch


Thanks for that info! Wonder why they don't just provide a "launch anyway and take the risk" option in the gui?

I've found that AppArmor started to block Firefox:

audit: type=1400 audit(1642063521.864:246): apparmor="DENIED" operation="ptrace" profile="snap.firefox.firefox" pid=9868 comm="Shutdow~minator" requested_mask="trace" denied_mask="trace" peer="snap.firefox.firefox"

I really don't like it, but turning off Apparmor worked for me. Not sure what caused AppArmor to start complaining all of a sudden.


Your policy is blocking ptrace from processes that don't seem like they should need ptrace (very few processes need ptrace). So why would Firefox need ptrace? Some cursory googling suggests that ptrace is used for plugins and by the crash reporter.

There are apparmor profiles for Firefox, e.g. this one: https://github.com/nibags/apparmor-profiles/blob/master/appa... Maybe you could add it to your system and see if that fixes things.


This seems to fix it, even though there was already a default apparmor config for Firefox (which looked _very_ familiar).

Thanks!


That smells like the Shutdown Hang Terminator triggering a crash report.


Looks like it's all fixed now. I made the http3 changes on my Windows machine, but currently on my nixOS machine and FF is working without any issues.

Honestly it is as simple as for them to realize that people are still using firefox because they WANT to. And I believe most of these people would be glad to pay a monthly/yearly fee for a stable, secure and private experience.

I would like to come back to Firefox. But lack of focus on their core product (vertical tabs issue) and trying to woo chrome(ish) users with crappy products have turned me away long back.


Just experienced very similar symptoms. After several restarts, (including manually killing background procs). I was able to get http(s) connections working again by manually disabling all extensions and restarting. So far I have re-enabled uBlock and then I came to HN and found this as top post. Now in the process off individually re-enabling extensions.

https://old.reddit.com/r/firefox/comments/s2u7eg/is_firefox_... "This post is locked. You won't be able to comment."

That's pretty poor on the mods :(


Just as another anecdote, mine failed to launch a local website I was debugging. That's my first time opening FF today.

I opened JetBrains Rider (on Fedora 35) and debugged my site (Alt + F5) and it launched to a blank page with FF locked up.

So this isn't to do with ME specificially trying to connect to an external service.


Yes, my Firefox cannot connect, while other browsers can. I don't remember having anything like this before.

The only thing that worked for me was: - Hit Ctrl + Shift + Del (TIL this exists) -- which will open the "Clear Recent History" dialog - Select under the down "Time range to clear": "Everything" - Select at least "Cache" and "Offline Website Data"

Tried that as well, didn't fix it

I _just_ fixed a problem here with Firefox which didn't load _any_ sites when I fired up my computer this morning. It just hung and restarting didn't help. What I did to solve it was to navigate to about:serviceworkers and unregister everything there. Now it's back to normal again.

Interesting. My partner had this problem (?) or something just like it just now on her Windows machine, but my assumption was that this was a firewall problem (Windows defender had different firewall settings for Firefox as opposed to Chrome and Edge). Setting a single check mark fixed this.

I've had some struggles with Firefox recently where sometimes it will refuse to create any new connections. Going to "about:profiles" and selecting "Restart normally..." has resolved this. Leaving it here as it might help someone else + not being super-intuitive.

Weird data point. Firefox on my laptop borked as per this thread all of a sudden. I spent like 30 min trying to troubleshoot it and failed, then i moved to my desktop and there it was, working Firefox. I'm posting this from it.

Have they already fixed the problem and it was remote?


Read the thread.

Which thread? I have one borked firefox install that I fixed by disabling http3 and one that i checked 30 minutes after the borked one that still works without disabling anything. Same OS same network. I'm wondering why.

Without the fix it can work intermittently. But disabling http3 fixes it for good.

This is likely also how it passed QA in the first place. Sometimes it works...


Same thing happened to me, I had to reinstall Firefox - this helped me to get back to work.

I fixed it with starting firefox with "firefox -p". Then create a new profile. Everything should work now. Now close firefox, run "firefox -p" again and reload your old profile. Now it should work. At least for me.

I'm glad it's not just me, been banging my head against this for a while now!

For me Firefox stopped loading content mid-browsing. I thought it's some network issues and just did other stuff, a while later I realised every other app works. So I just restarted Firefox, and it worked.

No need to change any settings.


Disabling DoH and properly closing Firefox most certainly works (for me). However, if you had enabled DoH then you probably do not want to turn it off, in which case disabling HTTP/3 as mentioned is the only proper solution.

> However, if you had enabled DoH then you probably do not want to turn it off

Or you simply didn't know that Firefox made it the default a while ago. I had it intentionally disabled on one machine but forgot that it's enabled on others, which made troubleshooting even more "interesting"... Why do things work on one machine but not the other?


> Or you simply didn't know that Firefox made it the default a while ago.

Oh, interesting! I did not know it is a default now. I can imagine why they would enable it by default, but when Cloudflare (which I assume is the default DoH provider) has a problem at some point everyone is doomed.

Really wish they also could make it so the data collection part is opt-in instead of opt-out (which at this point in time appears to be the actual cause of this problem).


Here it was using NextDNS by default (or at least I cannot remember ever changing it), so I guess they are distributing the possible failure a bit. But still, I wasn't comfortable with Firefox dictating which DNS service to use, which is why I disabled it on my main machine.

Wow! I was pulling my hair out over this for the last few hours. Just seemed to come out of nowhere all of the sudden. I’m on Linux, but I updated Firefox about 10 days ago and had this just start happening about 3 hours ago.

I've experienced this issue with the default DoH provider. Trying using Mullvald now (there was a related post on HN) and the only noticeable difference is some latency in opening pages, working fine otherwise.

I have the same problem, through no idea if it's DOH related.

The strange thing it seems to randomly appear/disappear.

Most strangely it happened to trigger the appearance/disappearance of the problem with other people entering the office??


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: