Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Firefox 102.3.0 ESR, installs extension without permission

more options

Hello,

I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?

Thank you!

Hello, I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files? Thank you!
첨부된 스크린샷

선택된 해결법

Hello,

I have redone the entire set of keys for the extensions. The issue is solved and never reoccurred. My best guess is there were some residual keys left over on the affected machines. Anyway, thread can be closed. Much appreciate all your effort. Cheers!

문맥에 따라 이 답변을 읽어주세요 👍 0

모든 댓글 (7)

more options

I'm sorry, I'm having trouble understanding exactly what the issue is based on your post.

My suggestion would be that you take a look at the new ExtensionSettings policy:

https://github.com/mozilla/policy-templates/blob/master/README.md#extensionsettings

It gives you a lot more flexibility.

In particular, in your case, you could set Firefox to allow users to install dictionaries, but not explicitly install them all so the users don't have unnecessary dictionaries.

more options

Hello Mike,

Thank you for the reply. I will try to explain in more detail. I also understand your suggestion, but all the extensions are required and the users should not interact with the configuration at all. I have the exact configuration that we used on version 91.3 ESR and everything works as intended. However, once i made the upgrade to version 102.3 ESR there is one extension in particular that installs without being instructed to do so. The "Zotero" extension to be precise. This one is targeted for a group of users only, and filtered to install only if a certain executable file exists on the machine(the .xpi file exists on all the machines, copied via GPO). But it installs for everyone. I found traces of this extension in the "extensions.json" file, under the users profiles, but no idea why and how this information goes there. I have opened this thread because in version 91.3 with the exact config, i have no issues at all. Any ideas would be welcome :) Cheers!

more options

How is Zotero installed for the users that it is targeted to? Is the GPO modified for those users to include zotero?

more options

Hello Mike,

Indeed, if the presence of the application executable is present on the machine, the GPO activates the extension by writing the reg key.

Cheers!

more options

So I don't know any reason why this would be installed if it wasn't in the GPO. I don't know where else we would be getting the install instruction from.

My only though is that if this genuinely is a new behavior, you could use mozregression to figure out when it started.

https://mozilla.github.io/mozregression/

But I'm at a loss. If the extension isn't in policy, I don't know how it would be getting installed.

more options

Were you able to figure anything out?

more options

선택된 해결법

Hello,

I have redone the entire set of keys for the extensions. The issue is solved and never reoccurred. My best guess is there were some residual keys left over on the affected machines. Anyway, thread can be closed. Much appreciate all your effort. Cheers!