cannot install downloaded add-on because Firefox flagged it as corrupt
trying to install a perfectly legitimate browser extension that will send a donation to my chosen charity when I shop online at participating merchants, but Firefox keeps blocking installation and giving me an error message saying that the file is "corrupt". tried changing settings for that website: added it to allowed sites - add-ons installation and un-checked "block dangerous downloads" & "warn me about unwanted and uncommon software" but still no luck. how can I allow this extension that I want without opening my computer up to all sorts of safety vulnerabilities?
All Replies (6)
Is this from a public site if so have you got a link for it and I will check it out.
NOTE extensions for Firefpx need to be signed to show they are safe
Please also attach a screenshot of the error message you get
Thanks, John99 the address is https://bassetrescue.we-care.com/Start and I've attached a screenshot below. Of note, there's a unique url for each charity affiliated with the program, and the main website is we-care.com.
sorry didn't realize that would attach so small. here's the dialog box
Hi again zuanne, Those attachments do get a bit bigger when you click on them but they served the purpose, Thanks.
I tried the site you provided the link to. I used a special edition of Firefox and would have been able to download and install the extension, but I did first of all get a message about it being an unsigned add-on, and so stopped at that point.
You should contact the site. probably both your favourite charity and the parent site. Let them know that ordinary Firefox users will no longer be able to install and use their Firefox Extension. Such Extensions now need to be signed by Firefox (Mozilla AMO.).
Signing should be quick an easy as long as the add-on is safe. The add-on may be hosted publicly on Firefox's add-on site (AMO) or wherever they wish. Safe means basically it does not for instance damage Firefox or change Firefox in a way the end user can not easily reverse the change or does things that are wrong such as steal your data without permission.
Point the site to the article I mentioned, (Add-on signing in Firefox) and the the article that then links to:
Developers: To learn more about add-on signing guidelines, see Signing and distributing your add-on and Review Policies at Mozilla Developer Network.
- Signing and distributing your add-on
https://developer.mozilla.org/en-US/Add-ons/Distribution - Review Policies
https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews
I did not attempt to investigate any message about the add-on being corrupt, because as it stands the add-on can not be used by the ordinary Firefox user.
It will be interesting to see if you succeed in having the add-on signed and made available for Firefox users.
Thanks John99! I did try contacting the website with my question before asking here, but haven't heard back from them yet. I'll forward your explanation to them-- Do you know if each distinct link/url for each charity (there are hundreds) would need to be signed or could the main site get some kind of "blanket" approval?
This is not something I am directly involved with and so I can not be certain but my understanding is that it is the software, the extension that gets signed. Once that is signed it can be hosted anywhere.
I presume that the extension lets you choose where you donate. I mention that because possibly if each individual extension is hard coded for each individual website maybe that would then need each version to be signed, However my understanding is a lot of the process of approving and signing is normally automated and will complete very quickly.