Firefox Locks Components Directory For Third Parties - gHacks Tech News

Firefox Locks Components Directory For Third Parties

Companies have three options basically if they want their software programs to be compatible with Firefox: They can create a Firefox add-on, a plugin, or integrate the program in the components directory directly.

The last option caused lots of concern for Mozilla developers who linked the method to instabilities and crashes in the web browser. The main reason for this was code that was not updated to follow along with the development of the Firefox web browser.

Changes in new versions of Firefox, for instance, feature deprecation, caused incompatibilities with third-part components if those components were not updated as well.

Even worse was the fact that Firefox users were not able to manage these components at all as they would not be displayed in the add-on's and plugin's section of the web browser.

This meant that Firefox users were not able to disable them if they encountered incompatibilities. But Mozilla developers themselves were also unable to react on incompatible components or those that would pose a security risk to Firefox users.

You might remember that Mozilla did block a Microsoft plugin globally after a security vulnerability was disclosed; but that was a plugin, not something that was added to the components directory.

From Firefox 3.6 Beta 3 on the components directory is locked for third parties. This means that third-party programs that were using this way to add their functionality to Firefox are not working anymore since they are blocked by the web browser. Only Mozilla components are from this web browser version on allowed to use the components directory.

Neowin and others have reported about this but got their facts wrong as they linked this stability and security measure to the Microsoft silent install incident a while ago. Microsoft back then installed two plugins without the user's consent, something that other software companies like Apple do as well. Microsoft's bad luck was that a security vulnerability was disclosed shortly after that which made Mozilla block the plugin globally for all Firefox users.

The components directory is a subdirectory of the Firefox installation directory and not of the user profile.

Summary
Article Name
Firefox Locks Components Directory For Third Parties
Description
From Firefox 3.6 Beta 3 on the components directory is locked for third parties so that components placed in the folder are not loaded anymore.
Author
Publisher
Ghacks Technology News
Logo




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. paulus said on November 19, 2009 at 2:26 pm
      Reply

      Hoi Martin as you could read in the second part of main question, in the above article command, i was still a little bit with main thoughts with this article. So i ask main question again but now on the right place : Do I understand it correctly that now malignant components can not be installed any more?

      1. Martin said on November 19, 2009 at 2:49 pm
        Reply

        Paulus components cannot be installed by third parties anymore but plugins can. So you got no chance to companies like Microsoft, Google or Apple adding their plugins to Firefox without any notification in the browser. That’s however something that the developers of Firefox should consider implementing, i.e. check for new plugins that have not been there and ask the user for explicit permission before they become active.

    Leave a Reply