Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Jei jums reikia pagalbos, užduokite naują klausimą.

Extension blocking works but users can copy the xpi file in to their profile

  • 3 replies
  • 1 has this problem
  • 12 views
  • Paskiausią atsakymą parašė Zarzamora

Zarzamora
Zarzamora
more options

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation.

Is there any way of preventing this?

This is the cfg file I am using

pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

I have blocked adding extensions using a cfg file and that stops users adding extensions through the browser. However users can still add an extension by copying the XPI file from a pen drive and dropping it in to C:\users\USERNAME\appdata\roaming\mozilla\firefox\profiles\RANDOMFILENAME.default\extensions\. When firefox is started it prompts with 'Another program on your computer would like to modify firefox with the following add-on:' with a checkbox to allow installation. Is there any way of preventing this? This is the cfg file I am using pref("browser.rights.3.shown", true); pref("browser.startup.homepage", "http://url"); pref("network.automatic-ntlm-auth.trusted-uris", "queensbury.local"); lockPref("extensions.update.enabled", false); lockPref("extensions.getAddons.get.url","http://url"); lockPref("extensions.getAddons.getWithPerformance.url","http://url"); lockPref("extensions.getAddons.recommended.url","http://url"); lockPref("extensions.getAddons.search.browseURL","http://url"); lockPref("extensions.getAddons.search.url","http://url"); lockPref("extensions.webservice.discoverURL","http://url"); lockPref("xpinstall.enabled" ,false); lockPref("app.update.enabled", false); // make absolutely sure it is really off lockPref("app.update.auto", false); lockPref("app.update.mode", 0); lockPref("app.update.service.enabled", false); // Disable health reporter lockPref("datareporting.healthreport.service.enabled", false); // Disable all data upload (Telemetry and FHR) lockPref("datareporting.policy.dataSubmissionEnabled", false); // Disable crash reporter lockPref("toolkit.crashreporter.enabled", false); Components.classes["@mozilla.org/toolkit/crash-reporter;1"].getService(Components.interfaces.nsICrashReporter).submitReports = false;

All Replies (3)

Paul
Paul
  • Moderator
  • Top 10 Contributor
more options

Hi

Which version of Firefox do the users have installed?

Zarzamora
Zarzamora Klausimą uždavęs asmuo
more options

They have version 38.1 installed

Zarzamora
Zarzamora Klausimą uždavęs asmuo
more options

Hi Seburo

I updated to 54.0 on the client computer but the same thing applied. Users can still add an extension by dropping in to their profile.