SUMO community discussions

firefox 60 to restrict access for webextensions to sumo

  1. firefox 60 will restrict webextensions from running on a number of mozilla domains, including sumo.

    if you are using extensions to help you with some tasks on this site & trust them, then you can work around that restriction by manually removing the sumo domain from the extensions.webextensions.restrictedDomains preference in about:config: https://bugzilla.mozilla.org/show_bug.cgi?id=1445650#c3

    i noticed the issue, when clippings stopped working on the site - features like firefox screenshots will also be affected...

    firefox 60 will restrict webextensions from running on a number of mozilla domains, including sumo. if you are using extensions to help you with some tasks on this site & trust them, then you can work around that restriction by manually removing the sumo domain from the ''extensions.webextensions.restrictedDomains'' preference in ''about:config'': https://bugzilla.mozilla.org/show_bug.cgi?id=1445650#c3 i noticed the issue, when [https://addons.mozilla.org/firefox/addon/clippings/ clippings] stopped working on the site - features like firefox screenshots will also be affected...

    Modified by philipp on

  2. Thanks for the warning. It looks like bug 1415644 is restricted. Do you have any idea why they webextensions are restricted on specific domains?

    Thanks for the warning. It looks like bug 1415644 is restricted. Do you have any idea why they webextensions are restricted on specific domains?
  3. sorry, i'm not in a position to tell

    sorry, i'm not in a position to tell
  4. You are not authorized to access bug 1415644

    You are not authorized to access bug 1415644
  5. Beta has this list (I added spaces after the commas to make the lines wrap) (all.js):

    accounts-static.cdn.mozilla.net, accounts.firefox.com, addons.cdn.mozilla.net, addons.mozilla.org, api.accounts.firefox.com, content.cdn.mozilla.net, content.cdn.mozilla.net, discovery.addons.mozilla.org, input.mozilla.org, install.mozilla.org, oauth.accounts.firefox.com, profile.accounts.firefox.com, support.mozilla.org, sync.services.mozilla.com, testpilot.firefox.com

    Users probably should be very cautious in editing the list to avoid opening up the possibility of bad extensions data mining or tampering with their Firefox Account data or credentials.

    Beta has this list (I added spaces after the commas to make the lines wrap) ([https://dxr.mozilla.org/mozilla-beta/source/modules/libpref/init/all.js#5114 all.js]): accounts-static.cdn.mozilla.net, accounts.firefox.com, addons.cdn.mozilla.net, addons.mozilla.org, api.accounts.firefox.com, content.cdn.mozilla.net, content.cdn.mozilla.net, discovery.addons.mozilla.org, input.mozilla.org, install.mozilla.org, oauth.accounts.firefox.com, profile.accounts.firefox.com, '''support.mozilla.org''', sync.services.mozilla.com, testpilot.firefox.com Users probably should be ''very'' cautious in editing the list to avoid opening up the possibility of bad extensions data mining or tampering with their Firefox Account data or credentials.

    Modified by jscher2000 - Support Volunteer on

  6. the original sec bug got opened up in the meantime, in case people are still interested in reading up on it...

    the original sec bug got opened up in the meantime, in case people are still interested in reading up on it...