We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Plugin Whitelisting

  • 1 reply
  • 1 has this problem
  • 1 view
  • Last reply by guigs

more options

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route:

I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route: I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

All Replies (1)

more options

Please also see: http://kb.mozillazine.org/Locking_preferences Make sure it is not obsolete: https://developer.mozilla.org/en-US/d.../Locked_config_settings

What trouble are you running into specifically here?