Turn on extension signing requirements by default

VERIFIED FIXED in Firefox 41



Add-ons Manager
3 years ago
3 years ago


(Reporter: mossop, Assigned: mossop)


(Blocks: 1 bug)

Dependency tree / graph
Bug Flags:
firefox-backlog +
qe-verify +

Firefox Tracking Flags

(firefox40- wontfix, firefox41+ verified, firefox42 verified, relnote-firefox 41+)


(Whiteboard: [hijacking][fxsearch])


(1 attachment, 1 obsolete attachment)



3 years ago
The plan is to turn this on around June 15th for Firefox 40 and later versions, that means an uplift to aurora at least.

Comment 1

3 years ago
Created attachment 8613559 [details] [diff] [review]

Not planning on landing yet but might as well have the patch ready to go whenever we want.
Assignee: nobody → dtownsend
Attachment #8613559 - Flags: review?(dveditz)
Looks good for Firefox, but I thought we were not going to require signing on mobile at this point. Larissa, what's the plan for Fennec?
Flags: needinfo?(lshapiro)

Comment 3

3 years ago
The plan changed recently and we're getting it for android too, see bug 1168570 and dependencies

Comment 4

3 years ago
yes, we're doing this for android as discussed.
Comment on attachment 8613559 [details] [diff] [review]

Attachment #8613559 - Flags: review?(dveditz) → review+


3 years ago
Flags: qe-verify+
Flags: needinfo?(lshapiro)
Flags: firefox-backlog+
Whiteboard: [hijacking][fxsearch]


3 years ago
Rank: 9
Priority: -- → P1

Comment 6

3 years ago
We're no longer tracking this for Firefox 40.
status-firefox40: affected → wontfix
tracking-firefox40: + → -

Comment 8

3 years ago
Created attachment 8641751 [details] [diff] [review]

I only landed the pref change for Firefox not mobile since AMO hasn't yet enabled signing for mobile only add-ons.
Attachment #8613559 - Attachment is obsolete: true
Attachment #8641751 - Flags: review+

Comment 9

3 years ago
Comment on attachment 8641751 [details] [diff] [review]

Per the signed add-ons meeting we want to enable this on aurora and hopefully have the ride to beta at the next merge.

Approval Request Comment
[Feature/regressing bug #]: Signed add-ons
[User impact if declined]: Users will be able to use unsigned add-ons by default
[Describe test coverage new/current, TreeHerder]: Automated tests for signed add-ons have been in nightly for a couple of months
[Risks and why]: This will disable add-ons not hosted on AMO that have yet to be signed
[String/UUID change made/needed]: None
Attachment #8641751 - Flags: approval-mozilla-aurora?
Last Resolved: 3 years ago
status-firefox42: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla42
Comment on attachment 8641751 [details] [diff] [review]

Let's turn on Add-ons signing to required by default in Aurora. End-users can pref-off if they'd like.
Attachment #8641751 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Tracked for FF41.
tracking-firefox41: --- → +
Dave, do you think this is something we need to add to FF41 release notes? If yes, please nominate by setting relnote-firefox -> "?" and filling out suggested wording, etc. Thanks!
Flags: needinfo?(dtownsend)

Comment 15

3 years ago
(In reply to Ryan VanderMeulen [:RyanVM UTC-4] from comment #14)
> https://hg.mozilla.org/releases/mozilla-aurora/rev/2ea47c7ed4e3

I think yes but I'm going to defer to Kev on wording.

Release Note Request (optional, but appreciated)
[Why is this notable]: Some user's add-ons will be disabled by default
[Suggested wording]: Add-ons that haven't been verified by Mozilla will be disabled by default.
[Links (documentation, blog post, etc)]: https://support.mozilla.org/en-US/kb/add-ons-signing-firefox?as=u&utm_source=inproduct
relnote-firefox: --- → ?
Flags: needinfo?(dtownsend) → needinfo?(kev)
Depends on: 1190834

Comment 16

3 years ago
Like Dave's wording, would also add link to how to pref it off.

Release Note Request (optional, but appreciated)
[Why is this notable]: Some user's add-ons will be disabled by default
[Suggested wording]: Type 2 Add-ons (Extensions) that have not been verified by Mozilla will be disabled by default. Users can re-enable unverified addons by setting xpinstall.signatures.required to "false". Future versions of Firefox will remove this preference.
[Links (documentation, blog post, etc)]: https://support.mozilla.org/en-US/kb/add-ons-signing-firefox?as=u&utm_source=inproduct
Flags: needinfo?(kev)
The "Target Milestone" says 42 while the tracking flags says 41. Which one if the correct one? Thanks
Flags: needinfo?(dtownsend)

Comment 18

3 years ago
(In reply to Sylvestre Ledru [:sylvestre] from comment #17)
> The "Target Milestone" says 42 while the tracking flags says 41. Which one
> if the correct one? Thanks

It landed in Nightly 42 and was uplifted to 41, so the target milestone is correct unless we've changed what that means
Flags: needinfo?(dtownsend)
Added relnote to FF41 in nucleus. I've trimmed the suggested wording as release notes are typically one-liners with links for further reading.
relnote-firefox: ? → 41+
Pref xpinstall.signatures.required is set to true by default in Firefox 42.0a2 (2015-08-20) and Firefox 41 beta 3 (20150820142145). Verified fixed under Ubuntu 14.04 32-bit, Windows 7 64-bit and Mac OS X 10.10.4.
status-firefox41: fixed → verified
status-firefox42: fixed → verified
You need to log in before you can comment on or make changes to this bug.