Avast WEBforum
Consumer Products => Avast Mac Security => Topic started by: absmn on October 30, 2016, 06:41:00 PM
-
Hi Avast,
Since a month or so, the addons of Mozilla Firefox cannot be updated anymore. On my Mac, updates are prevented by the https-scanning option in Avast Webshield, which is enabled by default (I believe).
STR:
- Make sure http-scanning is enabled in Avast Webshield settings
- Start Mozilla Firefox
- Install an outdated addon, e.g. "HTTPS Everywhere 5.2.5" (https://addons.mozilla.org/nl/firefox/addon/https-everywhere/versions/?page=1#version-5.2.5 (https://addons.mozilla.org/nl/firefox/addon/https-everywhere/versions/?page=1#version-5.2.5))
- Restart Firefox
- Go to the Addon-page (Cmd+Shift+A) and manually check for addon updates
- Result: no updates can be found, although a newer version of the addon is available...
- Then quit Firefox
- Disable https-scanning in Avast Webshield settings
- Start Firefox again
- Go to the Addon-page (Cmd+Shift+A) and check for addon updates
- An update is found and installed correctly
The same problem occurs with other addons like Adblock Plus, Flagfox, DownloadThemAll, etc.
Maybe this problem is the result of changes within Avast for Mac and/or due to the upgrade from OS X 10.11 to macOS 10.12?
Until a month ago or so, updates for Firefox addons were installed without a problem on the same system.
Tested with Avast for Mac 11.18 on macOS 10.12.1 with Mozilla Firefox 49.0.2.
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0)
Could you please look into this issue and fix it?
Thanks
-
Tested with Avast for Mac 11.18...
Update to the latest version (12.0.47087).
-
Hi Asyn,
Thnx for you quick reply.
Could you provide more information how to update to the latest (stable) version?
Both the offline and online installers link to Avast for Mac 11.18 (46914), and the internal updater tells me I'm running the latest version with 11.18.
-
Both the offline and online installers link to Avast for Mac 11.18 (46914), and the internal updater tells me I'm running the latest version with 11.18.
Strange, wait for one of the Mac guys.
-
12.0 is a beta version. To get this version, simply enable the "use beta versions" checkbox in the Avast preferences.
-
12.0 is a beta version.
Well, good to know.
Wonder why it isn't marked as beta in the changelog..!? ??? ;)
-
12.0 is a beta version. To get this version, simply enable the "use beta versions" checkbox in the Avast preferences.
I have updated to Avast for Mac 12.0 beta (47087), but the issue persists.
In the Browser Console of Firefox 49.0.2, the following errors are logged:
18:49:19.473 Expected certificate attribute 'issuerName' value incorrect, expected: 'CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US', got: 'CN=Avast trusted CA,OU=Software Development,O=AVAST,ST=Prague,C=CZ'.
bound reportError()self-hosted
forEach()self-hosted
validateCert()CertUtils.jsm:109
checkCert()CertUtils.jsm:155
downloadXML/</success()ProductAddonChecker.jsm:121
1CertUtils.jsm:109
18:49:19.468 Expected certificate attribute 'issuerName' value incorrect, expected: 'CN=thawte SSL CA - G2,O="thawte, Inc.",C=US', got: 'CN=Avast trusted CA,OU=Software Development,O=AVAST,ST=Prague,C=CZ'.
bound reportError()self-hosted
forEach()self-hosted
validateCert()CertUtils.jsm:109
checkCert()CertUtils.jsm:155
downloadXML/</success()ProductAddonChecker.jsm:121
1CertUtils.jsm:109
18:49:19.468 Certificate checks failed. See previous errors for details.
validateCert()CertUtils.jsm:112
checkCert()CertUtils.jsm:155
downloadXML/</success()ProductAddonChecker.jsm:121
1CertUtils.jsm:112
...which is obviously due to https-scanning in Avast Webshield. Unfortunately, adding https://versioncheck.addons.mozilla.org or https://addons.mozilla.org to the exeption list of Avast Webshield does not resolve the errors.
tumic, could you (or someone else from the Avast team) look into this further? Thank you
-
If you add "aus5.mozilla.org" with protocol HTTPS to the webshield exceptions, does it start working?
-
12.0 is a beta version.
Well, good to know.
Wonder why it isn't marked as beta in the changelog..!? ??? ;)
Because it is a bug ;-)
-
If you add "aus5.mozilla.org" with protocol HTTPS to the webshield exceptions, does it start working?
Hi tumic,
It starts working if I add both "aus5.mozilla.org" (HTTPS) AND "versioncheck.addons.mozilla.org" (HTTPS) to the exception list.
So it would be nice if these entries are whitelisted by default :)
Thnx for your support!
-
Thanks for the check. We will add them to the default exceptions for 12.1.