Mozilla publishes Firefox Multi-Account Container add-on
Firefox Multi-Account Container is a new add-on by Mozilla that you may install in Firefox to separate sites you open into containers.
Sounds familiar? The functionality of the add-on was first made available my Mozilla as part of the organization's Test Pilot program. Test Pilot showcases new Firefox features to understand better what Firefox users like and what they don't like or ignore.
We previewed Container Tabs for the first time back in June 2016, and then again when Mozilla released it as a new Container Tabs Test Pilot Experiment.
The core functionality of the add-on is to give users options to separate sites by grouping them into containers. Each container maintains its own set of cookies, cache and local storage; ideal to sign in to the same site using multiple accounts, to reduce tracking, or separate tasks like entertainment and social media from work and research related tasks.
Firefox Multi-Account Container
The add-on is compatible with all versions of Firefox starting with version 51 (AMO) or Firefox 53 (GitHub). Firefox 57 Nightly users are asked to download the add-on from GitHub right now.
Nightly users need to set the preference extensions.legacy.enabled to true, and the preference xpinstall.signatures.required to false for this to work. The first enables support for legacy extensions (which Mozilla will drop in release and beta versions of Firefox once they hit version 57), the latter disables the lock that prevents unsigned add-ons from being installed.
The functionality is more or less the same at this point in time. You can use the four default containers, and create your own. Sites can be launched in containers by right-clicking on links and selecting the "open link in new container tab" option of the context menu, or by opening a new container tab first, and then using bookmarks or the address bar to load sites into these containers.
You may enable the "always launch in container" option to link a site to a container. Whenever that site gets opened in Firefox, it is opened in the selected container so that you don't have to do so manually each time.
Mozilla plans to improve the Container functionality in future releases by adding separate history, bookmark and certificate overrides to it.
What about the built-in Containers feature?
All recent versions of Firefox ship with a native implementation of the Containers feature as well. You may set the preference privacy.userContext.enabled to true to enable its functionality.
It is unclear at this point how this is going to work out; will both options remain available, or will Mozilla pull the native option in favor of the add-on? Mozilla could use the add-on for testing new features for instance.
The API is available already, and some add-ons, like Taborama, utilize containers already.
Containers is a handy add-on for Firefox that serves two main purposes: reduce tracking and add multi-sign-in options to Firefox. While you get the same by using profiles, using profiles requires the use of multiple Firefox windows and separate processes.
Now You: Do you plan to use Containers?
This can nudge me back to Firefox, liked the Test Pilot and now a bit more reason to do so
They’ll delete this addon after experiment will fall. I think it’s obvious cause 99% users don’t need this. And new Mozilla policy is: “we will delete all what 99% don’t use (except developer tools)”.
Would you like some salt with your salt ?
There are already webextension APIs for the containers backend. Addons are building on them now. The addon in this post is transitioning to a pure webextension (already available on github).
There’s no need for continued maintenance to upkeep it, but even if they removed it for some reason, someone could fork it.
I’ve been using containers and I love it. Used to use two separate browsers, not anymore.
I think it calls on the internal Container API. Maybe they release a separated GUI addons to do AB testing.
Containers is a pretty neat feature that plays nicely with tab groups and trees. I also like the way it is brought to Firefox, instead of being a top down feature it presents itself as a tool for developers to build with for their own purposes. The downside is that it takes longer, although this is a first and they are learning about how best to organize this kind of project as it goes, but the upside is that we can have Containers used in unexpected ways in a variety of add-ons, and once/if one feature in particular sticks out and becomes exposed in vanilla Firefox’s UI, it should be well battle tested and thought out and therefore actually useful to regular users as well.
so: if a site wont allow me access unless I disable my add-blocker, I could do so in a container ( instead of using another browser solely for this site) and this site would not be able to track me at all ?
More insignificant crap.
It’s their specialty these days.
It’s funny because you also have someone right above who complains about the exact opposite, that their specialty these days is to remove all features that aren’t used by 99% of users. Whatever happens, there’s always a moaner.
Even after reading the article I barely understood what this feature does, therefore it’s most likely not for me. xD
Containers separate cookies and cache from sites outside each individual container. This means that if you open Site A in Container A, Site B in Container B, and Site A in Container C, none may track you across sites, and you may sign in to Site A using two different accounts, or two guest accounts or whatever.
**How many AddOns/Extensions do you guys/gals utilize? (A good rule of thumb?) I try to minimize the AddOns installed to save Memory ofc. I have the gHacks profile which is great -however, I can’t use that gHacks profile all the time, for Work/Personal I have a diff. profile.
**It seems like many on this forum install quite a few Extensions/Add-Ons. I have 32GB of RAM and a fast processor.. should I not worry about the number of FF Add-Ons? RAM bloat (and a distaste for Orwellian Google), pushed my move to FireFox full-time. I dig it. I don’t have any other browsers installed (back-up Chrome Portable if needed).
Sorry for extraneous info., just some background…
for work/personal Profile I use: HTTPSEverywhere, NoScript, PrivacyBadger, uBlockOrigin, Ghostery(is Ghostery B.S.?), and DNSFlusher. I have TabReloader, UserAgentSwitcher, and that CookieAutoDelete, ‘Disabled’ -using only when needed).
I’m newer to FF, and truly love it the more I figure out various tweaks. Thanks in advance for any feedback!
8 add-ons is already quite a lot. Some of them do slow down browsing (HTTPSEverywhere, at least the legacy version), others can speed it up (uBlockOrigin, NoScript). Legacy add-ons could interact with one another in bad and invisible ways, for instance at some point there was a bug in uMatrix that made it appear to work when in fact it didn’t, due to a silent incompatibility with NoScript (issue fixed long ago). Tree Style Tabs has lots of compatibility tweaks to work properly with a dozen add-ons that interfered at some point.
With WebExtensions it is not a problem any more though, so I too am wondering whether I should increase my add-on count or not. Until now what I did was have a privacy and security protecting main profile with only 4 add-ons and only one of them being unrelated to privacy and security (TST). When something breaks here, the culprit is easy to find. And I had a couple other profiles that were more liberal with add-ons based on my needs, or on guest needs. If an add-on from a secondary profile appeared useful enough I added it to the main one, like TST. There was also a question of trust in installing an add-on, since they were essentially omnipotent. While they were very likely to be clean because Mozilla manually reviews them, poor code and poor developers exist and they can mess with my setup in unexpected ways, e.g. weaken my security and privacy setup.
Again WebExtensions present less risk in that area, so I’m tempted to try out more, and bring more convenience add-ons into my main profile. I probably won’t though, but a secondary profile may bump to a dozen add-ons and maybe a couple will reach main ?
Either way those are odd considerations, I do it that way because for me and for my default browsing needs, my focus is on privacy and security, and I really need some good tab organisation and a UI that leaves more room to content. Some people have different priorities, e.g. they will want to download videos and music a lot, increased functionality like Reddit Enhancement Suite, they’ll be using Japanese a lot so they will want an in-browser helper, … For me these would belong to secondary profiles and I would not need to bloat my main because I would not need the functionality they provide all the time. So it depends on everyone’s personal needs.
With those specs, you shouldn’t need to worry about dragging down your browser speed with addons. I can understand wanting to stay uncluttered, though. Most of my browser addons are privacy-related rather than feature-adding (Privacy Badger, Decentraleyes, Cookie Autodelete, etc). Tree Tabs and Page Shot are notable exceptions. And I’m eagerly anticipating a WebExtensions version of Greasemonkey.
So what I want is to be able to open a new Firefox window and have that window be a different container. Is this possible? If I open new window and set first tab to WORK, will every tab I open in that window moving forward open as a WORK tab or do I have to specify each new tab as a WORK tab as its opened (a major PITA if it works this way).
Alternatively, can I group “containers” using that Tab organizer add-on Mozilla used to produce? So I zoom out on tabs and there are “groupings” of each container that I can click on so only those specific tabs of that container show.
I can’t reply because I didn’t try this Mozilla authored add-on. But even if it didn’t work as you like, independent add-ons have access to the containers API and could provide a completely different use of the feature that does fit your needs. Several add-ons can leverage containers too without conflict.
I like the idea. I have three profiles but never really got to use the alternate ones. Creating and maintaining a profile seems such a huge endeavour, with the zillion associated files and quirky naming procedure. If this works intuitively and does not require a Mozilla science PhD, then it might be a winner.
It’s a legacy addon? WTF?
Even Mozilla can’t keep up with the pace of their own WE deadline.
You can download a WebExtensions version on GitHub.
I just downloaded the version from AMO, and it does not have a *legacy* marker on my addons page – this should mean that it’s WebExtension-compatible, right?. Is there perhaps a plan to upgrade automatically to the WE version when FF57 is released? (I’m on 55 stable right now.)
“Each container maintains its own set of cookies, cache and local storage […] Mozilla plans to improve the Container functionality in future releases by adding separate history, bookmark and certificate overrides to it.”
While logged in to a forum site (and no sessionID is present in url querystring), I can right click any link within the page and choose from contextmenu “Open link in a new Private Window” and see displayed in the newly loaded window, what the destination page looks like to (non-logged-in) guest visitor.
I’m unclear what comparative degree of isolation (same? more?) I can expect from “container tabs”. I’m foggy on the terminology — Window.postMessage() ? sharedWorker ? — but my goal is to avoid/restrict same-origin content scripts passing data back and forth between tabs.
Today I found this reference page:
“Benefits and Use Cases
Isolates a site’s credentials to a container, helping prevent CSRF, clickjacking, or other attacks which rely on the presence of ambient credentials.
example: A user has their online banking sites open in the banking container. An attacker attempts to exploit a CSRF by tricking the user into clicking a link on Facebook (open in the Home container). The CSRF is sent without the bank’s credentials and the attack fails.”
That doesn’t provide an entirely clear (to me) expectation that ContentSecurityPolicy same-origin restriction covers message passing, between scripts running in various tabs.
(In other words, the containerization isolation seems to be SAME in regard to message passing)
Check out this perhaps non-exhaustive and non-definitive list: https://github.com/ghacksuserjs/ghacks-user.js/issues/8
It’s about first party isolation so not the same, but I would be surprised that containers aren’t script-isolated from one another.
If someone could actually test it first hand or ask to a Mozilla dev that would clear things up
The addon is a great idea, unfortunately though it doesn’t work in ESR 52…
Confirmation: “Unfortunately due to how ESR works we couldn’t continue it’s development to work there as we have been adding many APIs. The extension will work in 53 and the next 59 ESR. (We have an outstanding bug to fix the version number minimum, sorry about that).”
The statement “UNFORTUNATELY doesn’t work in ESR 52…” is a cop-out, or at least is misleading. That statement hinges on “its current form” (a mozilla-published addon, soon-to-be morphed into webextension). Check the sourcecode for ff 52.3.0 and you’ll find that it already (natively, inbult) contains ContextualIdentityService
This stands as an example of Mozilla “going out its way” to discourage would-be-holdouts who intend to continue using ff52esr when the webextensions shi__speedbump hits the fan.
That’s very good news ! Thanks a lot !
What about antidetect browsers like gologinapp and others? Good alternative?