Connect with us

Hi, what are you looking for?

Citrix NetScaler

Firefox 30.0 users not able to launch Citrix XenApp or XenDesktop sessions

I’ve received reports some Firefox users are not able to launch ICA sessions (both XenApp & XenDesktop) after the latest Firefox 30 update. Firefox 30.0 sets all Plugins to “Ask to Activate” as a security feature including Citrix Receiver (Citrix ICA Client 14.1.0.0 in this example):

1

The symptoms are when a user clicks a XenApp application or XenDesktop VM, you get the grey circle as if it’s about to launch and then nothing. I’ve tested on both Web Interface 5.4 and StoreFront 2.5 with the same result. It’s definitely a plugin permission issue.

2

If you look to the left of the address bar, there is a little grey block you can click on. Once you click on that, it will ask if it should allow running the “Citrix ICA Client”:

Advertisement. Scroll to continue reading.

3

Just hit “Allow” or “Allow and Remember” and try launching again. The app or VM will launch now.

Though this is considered to be a security feature, Mozilla is tracking this as a bug here:

https://bugzilla.mozilla.org/show_bug.cgi?id=1025627

Advertisement. Scroll to continue reading.

and there are a few posts on the Mozilla Support forums about this:

https://support.mozilla.org/en-US/questions/1005678

https://support.mozilla.org/en-US/questions/1005650

Advertisement. Scroll to continue reading.

Mozilla’s official stance about disabling plugins by default: https://blog.mozilla.org/security/2014/02/28/update-on-plugin-activation/

It looks like Citrix and other organizations can have their plugins “whitelisted” here: https://wiki.mozilla.org/Plugins/Firefox_Whitelist

Here is the current list of plugins as of July 1st, 2014 (surprisingly not a whole lot):

Advertisement. Scroll to continue reading.

Whitelist Request Plugin Name Vendor Start Release Application Expires
979849 Unity Player Unity 30 34
980133 Jabber SDK Cisco 30 34
980772 McAfee Security Scanner McAfee 30 34
981403 VGConnect for DirecTV Cisco 30 34
981905 Jabber Guest Cisco 30 34
982045 Estonian ID Card RIA 30 34
984441 coupons.com Plugin Printer coupons.com 30 34
987056 Nexus Personal BankID Finansiell ID-Teknik BID 30 34
988119 GradeCam GradeCam 30 34
988781 Smart Card Plugin Adrian Castillo 30 34
989096 WebEx Cisco 30 34
990067 Skype Microsoft 30 34
990068 Facebook Video Calling Microsoft 30 34
990069 MS Office Lync Microsoft 30 34
990286 VidyoWeb Vidyo 30 34
981503 McAfee Virtual Technician McAfee 30 34
989872 ViewRightWeb Verimatrix 30 34
987057 SiteAdvisor Enterprise McAfee 30 34
985640 F5 Networks SSLVPN/Firepass F5 Networks 30 34

I’ve reached out to a few of my contacts at Citrix about this so hopefully the plugin is in the process of being whitelisted. Otherwise there’s going to be a whole lot of Firefox users calling your help desk. I’ll update this post as soon as I hear something.

Advertisement. Scroll to continue reading.
4 Comments

4 Comments

  1. cathy

    July 31, 2014 at 6:55 PM

    Hi Jason
    I was very excited by this post and went looking for the little grey block
    I can’t find one
    I am not very computer literate
    Can you please help?
    Thanks
    Cathy

  2. Larry

    August 5, 2014 at 3:50 PM

    Thx Jason for the timely workaround to this security ‘feature’! It worked perfectly for me and allows me to avoid using IE for my VPN sessions.

    Cathy, you need to login to Citrix and attempt to connect to your work computer (i.e. as you normally would and then let it fail), only then will you see the little gray block appear. Click on it and you will see the Allow/Allow and Remember dialog shown in Jason’s picture.

    Larry

  3. Martin

    September 24, 2014 at 2:03 AM

    I rarely work from home, so this was the first time I encountered the problem after some Firefox upgrades and you saved me quite some time, thanks!!!

  4. Daniel

    October 13, 2014 at 5:58 AM

    Enterprises need a way for enabling this alluded method automatically

    thats the trick:

    add the preference “plugin.state.npican” (value: 2) in a “mozilla.cfg”-file ( http://kb.mozillazine.org/Locking_preferences ).
    furthermore edit the “plugins.click_to_play” preference to “false”

    alternatively administrators can use the CCK2 wizard for adding these settings

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Apache

Today I would like to go over proper URL redirection when using SSL but first I would like to preface this by describing what...

Exchange 2003

A useful Exchange 2003 guide I wrote for a friend’s blog originally but I am posting it here on mine now for your viewing...

Citrix Workspace

You can use FIDO2 hardware security keys plugged into your physical desktop over the Citrix HDX remoting protocol for use with virtualized Windows Desktop...

Cloud Design Architecture

The community-driven paperback book initiated by my friends Bas van Kaam and Christiaan Brinkhoff is available for sale on Amazon. If you haven’t picked...

Advertisement

JasonSamuel.com was launched in 2008 as a platform to give back to the IT community by sharing knowledge and expertise. Over the years, it has become a trusted global resource for the latest insights, how-to guides, and thought leadership on enterprise mobility, security, virtualization, cloud architecture, automation, and other cutting-edge technologies. Today, it serves as a go-to reference hub for IT professionals, attracting hundreds of thousands of unique visitors from around the world each month. Learn more on the About Me page.
Copyright © 2008-2025 JasonSamuel.com