• 👁️👄👁️@lemm.ee
    link
    fedilink
    arrow-up
    80
    arrow-down
    11
    ·
    1 year ago

    Certain Firefox users may come across a message in the extensions panel indicating that their add-ons are not allowed on the site currently open. We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns.

    What is this bullshit? Feel like this will lead to adblocks being blocked for certain websites under the guise of “security”, aka: we don’t have to justify shit to you.

    • Vincent@feddit.nl
      link
      fedilink
      arrow-up
      34
      ·
      1 year ago

      It’s not going to inconvenience you that much, and the proof for that is that this has always been the case: extensions would never run on e.g. addons.mozilla.org. This makes sense; you don’t want extensions to trick you into installing other extensions, for example, or to hijack your sync password.

      It looks like the main change is that this actually loosens this restriction: it looks like some trusted extensions from now on will be allowed.

        • bahmanm@lemmy.ml
          link
          fedilink
          arrow-up
          17
          ·
          1 year ago

          I don’t know. Though, to my mind, Firefox has been all about tight defaults for everyone paired with a not-so-obvious opt-out for those who really need it.

          That said I do understand the concern here. The page about quarantined domains doesn’t provide much details and it’s quite vague.

      • PaulDevonUK@lemmy.world
        link
        fedilink
        arrow-up
        7
        arrow-down
        6
        ·
        1 year ago

        1st thing to do on every release from now on.

        This is a step too far for me. My device, my choice of browser and I am adult enough to make my own decisions.

        • maiskanzler@feddit.de
          link
          fedilink
          arrow-up
          34
          arrow-down
          2
          ·
          1 year ago

          Oh come on, it’s still a free and open source browser. As seen in the other comments, it’s a badly worded security feature for firefox internal pages and mozilla pages.

          It’s not going to kill adblock, it won’t send your data everywhere and it can be disabled through an option as well as by simply building firefox yourself.

          Everybody should stop being so negative towards open source developers.

    • Azzu@lemm.ee
      link
      fedilink
      arrow-up
      16
      ·
      1 year ago

      Is there even some way to see which addons this applies to on which websites? Or am I just going to find out randomly while browsing?

    • Dojan@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      12
      ·
      1 year ago

      “Security concerns” is such a bullshit reason. If an add on is such a security concern, why host it in the first place?

      I’m disappointed Mozilla is going down this path, but not surprised.

      • NRoach44@lemmy.ml
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        2
        ·
        1 year ago

        So allowing any random, possibly compromised, possibly installed by malware, add-on to run during the Firefox account login pages (see the list of URLs in this thread) isn’t a security concern to you?

        • Contend6248@feddit.de
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          The alternative would be to give addons so little permission that the damage wouldn’t matter. Effectively break the whole system, i’m fine with the ignore list.

      • kevincox@lemmy.ml
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        3
        ·
        1 year ago

        To me it sounds more like they plan on blocking all addons (other than some whitelist of “trusted” addons) on important pages (like the Google login page maybe?).

      • 👁️👄👁️@lemm.ee
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        this doesn’t block you from installing extensions. It blocks them from running on certain protected pages, whatever they may be