Open Bug 1553791 Opened 5 months ago Updated 4 months ago

A more failsafe design for security and privacy: permission-manager addon


(Firefox :: Security, defect)

68 Branch
Not set





(Reporter: kolan_n, Unassigned, NeedInfo)


Currently if an addon fails, it stops do its work. For security and privacy-guarding addons it causes devastating effect - browser falls back to defaults allowing malicious webpages do their malicious things. This is completely inacceptable.

So the proposal is following:
when an addon with permission-manager permission is installed, all the potentially dangerous features are disabled by default
then when the webpage requests a permission (or a browser for it, if there is no permission standardized for that), the addon receives a message. Then it can set a permission to a page by calling the API, allowing it to use a native impl. Or it can provide an own impl, if it is a permission for API.

Some permissions may be automatically requested by page load.

Also if an addon using webRequest API hooks all loading, if this addon fails, the browser must just stop working saying that the addon had failed. instead of loading and executing blocked content.

The priority flag is not set for this bug.
:wleung, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(wleung)
You need to log in before you can comment on or make changes to this bug.