Firefox's new WebExtensions Permissions update system
The move from legacy add-ons to WebExtensions introduces a permissions system that is similar to the one used by Google Chrome extensions.
WebExtensions may request certain permissions. These are displayed to the user during installation, and are also listed on the add-ons page on the Mozilla website.
Add-on authors may integrate new functionality and additional permissions in add-on updates. This is required for instance when the add-on uses new APIs that require extra permissions.
Mozilla had to take permission changes -- that is extra permissions requests that the add-on did not require before -- into account when it designed the WebExtensions Permissions system.
How should Firefox handle permission updates? Mozilla made the decision to put users in control. Extension updates run in the background usually without user interaction, but that is not the case when new permissions are requested.
Firefox will download the extension just like any other, but it will prevent its automatic installation when it realizes that new permissions are required.
This means that the old version of the add-on remains activated until you accept the new permissions.
The web browser displays add-ons that require new extensions in the main Firefox menu. These are listed at the top of the menu currently. Note that this may change, as the system is not integrated in Firefox Stable currently.
The message, highlighted in yellow, reads "Add-on Name requires new permissions". A click on the message opens the about:addons page of the Firefox web browser.
This page displays a new notification that looks similar to the add-on installation dialogs of the web browser.
The dialog lists the additional permissions that the extension requests, and why the dialog is displayed to the user in first place.
It reads:
"add-on name" has been updated. You must approve new permissions before the updated version will install. Choosing "cancel" will maintain your current add-on version.
It requires your permission to..
List of permissions.
The dialog presents two options to you. Update accepts the new permissions and installs the updated version of the extension in Firefox, cancel denies it. This means that the update won't be installed.
It is the case currently that you will receive continued requests to update, for instance in the Firefox menu. While you seem to be able to cancel those, there appears to be no option to block these notifications.
i started using firefox hoping id b able use Add_Ons
Better be a way to pin this out of my linux forever
Your OS was once a wonderland of options, there to do your bidding. Your browsers were once the same. Now they are dictators, telling you what to do, and how to do it, and when.
That summarizes it.
LOL. Has everybody forgotten that Firefox’s Australis interface development was headed by two Google spies, Jinghua Zhang and Alex Limi?
Google is backed by the NSA and probably other TLAs. Who knows what threats and coercions were involved in convincing Mozilla to convert Firefox into yet another Chrome-clone.
And let us not forget the evil Marissa Mayer, who openly “left” Google to become competing search engine Yahoo’s CEO. During her tenure, she (IMO) did everything she could to destroy the company and then bailed with a huge ($186 million) exit package as Verizon bought them out.
Google: “Do no evil” indeed. Rest assured, they’re also responsible for Mozilla going with Web Extensions and giving the bird to developers.
My prediction is that Firefox will soon implement mandatory updating of the program and extensions.
So… what will be to Firefox as Firefox was to Netscape?
And again, my question as last time is: will this permissions system be fully controllable or it will work in fashion that either user agrees for extension to have full access to browser components or otherwise it won’t work at all and this whole system is done just to pretend it actually gives user control and protects it?
At least it gives transparency to extensions. They cannot hide what they do, because it has to be announced as a “permission” to the user and extensions will have the least privileges by default.
ChromeFox Welcome to the Chromified Family!
Martin, really great week of news and forum discussions along with the “Best Apps this Week” on BetaNews. Keeps all of us thinking, inventing new strategies, adopting new patterns of thought, etc.
“Keeps all of us thinking, inventing new strategies, adopting new patterns of thought, etc.”
When I hear that kind of thought, I always think to these startupers at the Silicon Valley, always searching, inventing more and more to spy on humans. An example of new strategie: https://www.wired.com/story/google-glass-2-is-here/ “When they go home, they leave their glasses behind.”
They will never go home. Many would like but they can’t, they don’t want.
I’m missing Pants. He is better than Chuck Norris. His comments are major kick ass.
Goodbye Firefox, Hello Waterfox (For now) Mozilla should be prepared to lose a huge amount of its user base when 57 comes out. The ONE thing that made FF standout, customization, is soon to be a thing of the past and this once GREAT Browser will soon meet the same fate as Netscape. Ignoring its users will be the death of “The Fox”
https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/optional_permissions
“While the permissions key lists permissions which your extension needs if it is to be installed at all, optional_permissions lists permissions which your extension doesn’t need at install time, but which it might need to ask for at runtime at some point after it has been installed.”
…
“Of this set, the following permissions are granted silently, without a user prompt: activeTab, cookies, idle, webRequest, webRequestBlocking.”
The permission to tamper with requests can be asked for after installation and will be granted silently.
Hate permissions.
On Android they’re useless, taking user time over take it or leave it options.
Security is non-existent on Android, we’re going to head the same way.
All extensions need to be vetted for security and privacy and publish findings.
It works well on iOS, though…
I have never been able to understand this move from add-ons to web extensions. To me it seems it only creates trouble for almost everyone and it is more privacy intrusive. I have heard the arguments but unfortunately I am either too stupid to understand it or it is just pure BS with the goal to turn FF into another Chrome version.
Maybe somebody here can explain it in very very simple words since I believe a lot of people do not understand this move and the technical language behind it. Feel free to call me ignorant, maybe I am.
Basically, XUL extensions have full access to the browser, which means that whilst they are much more powerful, they can do anything without your consent or knowledge (i.e. inject ads into pages, collect browsing data etc.), by introducing WebExtensions, it creates a more modular, permissions based system, that whilst yes is a bit less powerful it will be a lot more secure and better for privacy, especially if Mozilla allows the user to turn individual permissions on or off. It is also designed to be more stable, and once the majority of APIs are in place, should mean that broken or incompatible extensions are less of a problem than as with XUL.
Currently it won’t be very powerful as it’s early days and still being developed. However, as focus shifts from the Photon and Quantum projects, more APIs will be developed, and depending on how WebExtensions plays out, certain requested APIs that have been marked as WONTFIX might be reconsidered.
Jed, thank you very much. If your explanation about this is right (more secure & more privacy) I won’t have any complaints anymore. Happy somebody was able to help me out.
this usually scares users and they end up uninstalling the extension
Or they just click the OK to get rid of it.
Acknowledging your observation, but what’s your point? Hopefully you’re not suggesting “should not facilitate informed decision-making because doing so might ‘scare the children’ among the userbase”.
@ams
no point, just observation
but since you started it…
what’s the point of permissions?
in the current form, permissions are not useful, and I don’t see any point of presenting them to end users
-“read and change data on all websites you visit”
is used for most of the extensions, but also some potential malicious extension that will read your passwords and login inputs would have the same permission…
If I were developer of that kind of extension, I could write all mambo-jumbo why permission is needed, I could even post some bs code on github etc.
so what’s the point of permissions?
they are too broad and misleading
I will choose “cancel” for all.
They never asked for permission to make you crazy before. Now you need pills seeing your browser turning your tower into a phone every day a bit more, they ask. Please let me alone Mozilla.
Can permissions be granted or refused independently from one another ?
Can the user access the list of permissions and modify them whenever he feels like it ?
Are permissions asked up front upon first installation, or when they are required by an action ?
Basically, is it the same as for site permissions ?
They really copy chrome 1 by 1 now….. No words.
This is needed since if an extension goes rogue (developer account gets hacked, extension gets sold, etc), and starts injecting ads into every site, you will be warned (since it will require extra permissions) rather than be autoupdated to the hijacked extension.
I would rather be warned that an extension is requesting more permissions rather than blindly autoupdating.
https://www.bleepingcomputer.com/news/security/-particle-chrome-extension-sold-to-new-dev-who-immediately-turns-it-into-adware/
It’s not a problem with Firefox though, extensions cannot be updated to do shit like that without add-on reviewers catching them. Especially since WebExtensions are much easier to review.
The Chrome store is nothing like Firefox’s in terms of safety, both privacy and security.
Well, I find some words in this case. “Good job, I hope it lands this way in stable FF”. Why do you find it… bad? It is a good feature from user control, security point of view. Did you complain when browsers copied ideas from Opera?
I got a feeling that folks commenting here on ghacks have a fear, that going after Chrome feature wise is a bad policy. Why not give mozilla a credit, maybe they can make it better than chrome? Crippling features is naturally a complete other story.
I was brought up in belief that you should compete with a better opponent, raise stake etc. because that may eventually lead to improve myself. Similar manner can be applied to software evolution, can’t it?
This is getting ridiculous. Implementing a permission system for a standardized API is copying? Firefox ISN’T copying Chrome. This is a security feature. Current legacy add-ons can access EVERY browsing data and this is even more dangerous.
Frome… Chrox…