Categories: developers policy

On Circumventing User Protection Controls in Firefox

Deep customization through add-ons is one of the best features of Firefox, and we’re thrilled to have such a vibrant ecosystem of community-developed extensions, themes, and other kinds of add-ons for users to enjoy. However, it’s extremely important to us that these customizations take place only with the user’s explicit consent in Firefox.

Last year we introduced a new Firefox feature to ensure add-ons dropped into Firefox by third parties would only be enabled if the user agrees. This means that some users may be asked if they’d like to install an add-on by a software installer as well as by Firefox itself, but these extra clicks attempt to ensure the user understands the modifications being applied to Firefox.

Even if an add-on has its own installer, the Firefox add-on opt-in dialog is not optional and must be displayed every time a new add-on is installed from outside of Firefox. Mozilla will take appropriate measures to ensure this is happening, including remotely disabling violating add-ons. This policy applies to all add-ons except those distributed in an enterprise or controlled environment.

We encourage add-on developers who would like to see improvements or changes to these user protection controls to propose them in Bugzilla or a newsgroup.

2 comments on “On Circumventing User Protection Controls in Firefox”

  1. AlfonsoML wrote on

    Does that mean that finally we’ll be able to get rid of that “Google updater” plugin that keeps re-enabling itself?

    1. XtC4UaLL wrote on

      Plugins are not meant by above Post since they are no Add-ons by given Definition.