This bug only works on local HTML files (in other words using File:// URI scheme)
There was an update on FireFox disabling JAR files remotely, but this is not the case for local documents. You can still open and reference a JAR file iff you do it from a local file, which gave me some time to test it.
This was a pretty simple bug but with some potential for harm, you essentially could check if certain files or folders existed anywhere in the victims local disk, but you could not read them.
I think the original PoC speaks for itself.
Within an HTML file: that contains an iframe with the id 'qab' execute: try{qab.contentWindow.location='jar:file:///C:/does-not-exist/#!/'}catch(e){console.dir(e.name)};//returns 'NS_ERROR_FILE_NOT_FOUND' try{qab.contentWindow.location='jar:file:///C:/Temp/#!/'}catch(e){console.dir(e.name)};//returns 'NS_ERROR_FILE_ACCESS_DENIED' We can safely infer that the folder 'does-not-exist' doesn't and 'Temp' does. We can do the same with files.