Permission request messages for Firefox extensions
Revision Information
- Revision id: 156225
- Created:
- Creator: sdevaney
- Comment: added link
- Reviewed: Yes
- Reviewed:
- Reviewed by: sdevaney
- Is approved? Yes
- Is current revision? No
- Ready for localization: Yes
- Readied for localization:
- Readied for localization by: sdevaney
Revision Source
Revision Content
When you install an extension into Firefox, you may be presented with a message similar to this one:
This is an extension asking your permission to tap into Firefox’s inner framework (via APIs) to alter your browser’s behavior. These APIs might ask to read or write data you enter in webpages, read data from or access features on your computer, or alter the settings in your browser. If you don't see one of these messages that means the extension won't try to access any of your data or change the settings in your browser.
So you can better understand what these messages mean in terms of practical impact on your browsing experience and your data, the following table provides details about each of the messages.
(You're also encouraged to check out Tips for assessing the safety of an extension for further guidance on evaluating extensions.)
Permission request | Explanation |
---|---|
Access your data for all websites | The extension can read the content of any web page you visit as well as data you enter into those web pages, such as usernames and passwords.
Extensions requesting this permission might:
|
Access your data for sites in the “named” domain | The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords.
Extensions requesting this permission might:
|
Access your data in # other domains | Used in conjunction with the named domain message (above) when the extension is requesting access to five or more domains; the first three are listed and the other domain requests counted. |
Access your data for “named site” | The extension could read the content of any web pages you visit at the specified website, as well as any data you enter into those web pages, such as usernames and passwords.
Extensions requesting this permission might:
|
Access your data on # other sites | Used in conjunction with the named website message (above) when the extension is requesting access to five or more websites—the first three are listed and the other website requests counted. |
Read and modify bookmarks | The extension could create, modify, or remove bookmarks or change the folder structure in which bookmarks are stored.
Extensions requesting this permission might:
|
Read and modify browser settings | The extension could do one or more of the following:
|
Clear recent browsing history, cookies, and related data | Extensions requesting this permission might offer enhanced features to clean up your browsing history.
The extension could clear any or all of:
|
Get data from the clipboard | The extension could retrieve data from the clipboard. The equivalent of "paste".
Extensions requesting this permission might:
|
Input data to the clipboard | The extension could write data to the clipboard. The equivalent of “copy” or “cut”.
Extensions requesting this permission might add content to the clipboard so you can use it elsewhere in your browser or computer. |
Extend developer tools to access your data in open tabs | The extension could add a new panel to the developer tools and will be given access to all data in all tabs.
Extensions requesting this permission will usually deliver new developer tools. However, some ordinary extensions use the developer tools to provide additional diagnostic or informational features. One example is Adblock Plus, which provides a feature in developer tools where you can see details of the ads and content it’s blocking. |
Download files and read and modify the browser’s download history | The extension could save a file from the web or one created in the extension using the browser’s download manager. The extension could also access and update details of downloaded files stored in the download manager.
Note: The extension has to obey the settings in the download manager, putting you in control of where the files are saved. Extensions requesting this permission might:
|
Open files downloaded to your computer | The extension could request that a downloaded file is opened by the application on your computer that handles files of that type. For example, if Microsoft Word is installed on your computer and the extension requests a file with ".docx" to be opened, it will open in Word.
Extensions requesting this permission might:
|
Read the text of all open tabs | The extension could perform a search of the text content of any tab.
Extensions requesting this permission might provide an enhanced 'find' feature. |
Access your location | The extension could obtain your location from your computer, GPS, the location associated with your IP address, or some other method.
Extensions requesting this permission might:
|
Access browsing history | The extension could do one of the following with your browser history:
Extensions requesting this permission might:
|
Monitor extension usage and manage themes | The extension could:
Extensions requesting this permission might:
|
Exchange messages with programs other than Firefox | The extension could send messages to and receive them from a complementary native app on your computer.
The complementary app needs to be installed on your computer independently of the extension. This usually happens in one of two ways:
Please note that Mozilla has not vetted or reviewed the complementary app. You should approach the installation of the complementary app with the same caution you would apply when installing any third party software from the internet. Extensions requesting this permission might:
|
Display notifications to you | The extension could issue notifications through the standard notifications system offered by your computer’s operating systems.
Extensions requesting this permission might:
|
Provide cryptographic authentication services | The extension could access software on your computer for generating and validating security keys and certificates using the PKCS #11 standard. (Note the extension can't install the PKCS #11 software on your computer; you’ll be prompted to install the software separately.)
Extensions requesting this permission might:
|
Read and modify privacy settings | The extension could change privacy related settings controlling:
Extensions requesting this permission might:
|
Control browser proxy settings | The extension could direct some or all of your web browsing traffic to another computer (a proxy) on the internet.
Extensions requesting this permission might:
|
Access recently closed tabs | The extension could access a list of recently closed windows and tabs, reopen those tabs and windows, and remove details of these tabs and windows from the lists.
Extensions requesting this permission might:
|
Access browser tabs | The extension could obtain the URL, title, and icon from any tab.
Extensions requesting this permission might:
|
Store unlimited amount of client-side data | The extension could store an unlimited amount of data using your browser’s data storage features.
Extensions requesting this permission might:
|
Access browser activity during navigation | The extension could listen for the steps the browser takes to navigate from a link to another page. The extension could then provide new features for the content on the page.
Extensions requesting this permission might:
|