Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Caută ajutor

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Află mai multe

Acest fir de discuție a fost arhivat. Adresează o întrebare nouă dacă ai nevoie de ajutor.

Extension blocking works but users can copy the xpi file in to their profile

  • 3 răspunsuri
  • 1 are această problemă
  • 7 vizualizări
  • Ultimul răspuns de Zarzamora

more options

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation.

Is there any way of preventing this?

This is the cfg file I am using

pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation. Is there any way of preventing this? This is the cfg file I am using pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

Toate răspunsurile (3)

more options

Hi

Which version of Firefox do the users have installed?

more options

They have version 38.1 installed

more options

Hi Seburo

I updated to 54.0 on the client computer but the same thing applied. Users can still add an extension by dropping in to their profile.