Compare Revisions
Add-on signing in Firefox for Android
Revision 111790:
Revision 111790 by AliceWyman on
Revision 121556:
Revision 121556 by heyjoni on
Keywords:
unsigned
unsigned
Search results summary:
You'll see a warning in Firefox for Android when you try to install unverified or unsigned add-ons. Learn more about add-on signing.
You'll see a warning in Firefox for Android when you try to install unverified or unsigned add-ons. Learn more about add-on signing.
Content:
When you install an add-on, Firefox checks that it has been verified or "signed" before proceeding. Unsigned add-ons have not yet been reviewed by Mozilla and might cause security issues. If an add-on is unsigned, Firefox will display a warning message{for m44} and prevent the add-on from installing{/for}.
{note}Add-on signing '''targets only malware and browser hijacking'''. It does not control or censor the content that you choose to see.{/note}
=Why do add-ons need to be verified?=
Add-ons that change your browser's settings without your consent or steal your information have become increasingly common. In order to protect you against these attacks, developers must follow security guidelines before Mozilla signs them.
{note}'''Developers:''' To learn more about add-on signing guidelines, see [https://developer.mozilla.org/en-US/Add-ons/Distribution Signing and distributing your add-on] and [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews Review Policies] at Mozilla Developer Network.{/note}
=Where can I find signed add-ons?=
All add-ons hosted on addons.mozilla.org are signed before they are listed.
Add-ons hosted on other sites may or may not be signed by Mozilla. Firefox allows you to install add-ons from other sites, as long as they follow the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews add-on safety guidelines].
When you install an add-on, Firefox checks that it has been verified or "signed" before proceeding. Unsigned add-ons have not yet been reviewed by Mozilla and might cause security issues. If an add-on is unsigned, Firefox will display a warning message{for m44} and prevent the add-on from installing{/for}.
{note}Add-on signing '''targets only malware and browser hijacking'''. It does not control or censor the content that you choose to see.{/note}
=Why do add-ons need to be verified?=
Add-ons that change your browser's settings without your consent or steal your information have become increasingly common. In order to protect you against these attacks, developers must follow security guidelines before Mozilla signs them.
{note}'''Developers:''' To learn more about add-on signing guidelines, see [https://developer.mozilla.org/en-US/Add-ons/Distribution Signing and distributing your add-on] and [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews Review Policies] at Mozilla Developer Network.{/note}
=Where can I find signed add-ons?=
All add-ons hosted on addons.mozilla.org are signed before they are listed.
Add-ons hosted on other sites may or may not be signed by Mozilla. Firefox allows you to install add-ons from other sites, as long as they follow the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews add-on safety guidelines].
{for =m43,=m44,=m45,=m46}
=Override add-on signing (advanced users)=
You can temporarily override the setting to enforce the add-on signing requirement by changing the preference {pref xpinstall.signatures.required} to '''false''' in the ''about:config'' page. Support is not available for any changes made to these settings so please do this at your own risk. Signing will be mandatory with no override, in Firefox 47 beta and release versions. For details, see [https://blog.mozilla.org/addons/2016/01/22/add-on-signing-update/ this Mozilla blog]. {/for}