Add-on signing in Firefox
Revision Information
- Revision id: 94016
- Created:
- Creator: Joni
- Comment: first draft - needs checking
- Reviewed: Yes
- Reviewed:
- Reviewed by: heyjoni
- Is approved? Yes
- Is current revision? No
- Ready for localization: No
Revision Source
Revision Content
Add-ons that change your browser's settings without your consent have become increasingly common. Some add-ons add unwanted toolbars or buttons, change your search settings or inject ads or malware into your computer. (Learn more about search hijacking.)
How does add-ons signing protect me?
Firefox protects you by allowing only digitally signed or verified add-ons in your browser. While Firefox currently has a blocklist system, it is increasingly difficult to track and block the growing number of malicious add-ons. The add-ons signing process requires developers to follow Mozilla Developer guidelines to ensure that their add-ons are safe.
What types of add-ons need to be signed?
Extensions (add-ons that add features to Firefox) will need to be signed. Themes, language packs and plugins do not need to be signed.
Where would I encounter unsigned add-ons?
Add-ons installed through the official Firefox Add-ons site undergo a rigorous review process before they are published. These add-ons are signed and verified.
When you install an add-on through another website, Firefox ensures that the developer has verified that their add-on does not contain malware of hijackers by going through the signing process.