Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Extension blocking works but users can copy the xpi file in to their profile

  • 3 답장
  • 1 이 문제를 만남
  • 7 보기
  • 최종 답변자: Zarzamora

more options

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation.

Is there any way of preventing this?

This is the cfg file I am using

pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation. Is there any way of preventing this? This is the cfg file I am using pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

모든 댓글 (3)

more options

Hi

Which version of Firefox do the users have installed?

more options

They have version 38.1 installed

more options

Hi Seburo

I updated to 54.0 on the client computer but the same thing applied. Users can still add an extension by dropping in to their profile.