Open Bug 1847737 Opened 2 years ago Updated 2 years ago

Host Permissions for Force-Installed Extensions

Categories

(WebExtensions :: Untriaged, enhancement)

Product:
WebExtensions
Component:
Untriaged
Version:
Firefox 114
Type:
enhancement

Tracking

(Not tracked)

People

(Reporter: j8boxes, Unassigned)

Details

Steps to reproduce:

For enterprise environments trying to install required Firefox add-ons in managed environments using mv3, host_permissions are marked as optional and device administrators cannot allow required permissions on these add-ons.

This has been tested with every management option available across our organization.

  • This is different than Chrome and Edge implementations
  • Force installed add-on are most commonly used for administrative purposes and having required permissions disabled by default renders managed environments useless

Actual results:

An add-on can still be silently, force installed; however, not allowing host permissions by default makes managed implementations not work

Expected results:

host_permissions are enabled by default in managed (force-installed) environments for chromium-based browsers.

Enterprise or school environments (i.e. force-installed add-ons) should allow the administrator to enable host_permissions by default for add-ons. These are often organization-owned devices and for school IT administrators, and there are some laws for network management that add-ons have helped us with.

We cannot continue to use add-ons for cybersecurity if managed environments can't maintain device and browser controls.

The Bugbug bot thinks this bug should belong to the 'WebExtensions::Untriaged' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Product: Firefox → WebExtensions

Hey Mike, do you know if Microsoft has something similar (even if it's off by default)? Is this something we want universally for all extensions force-installed through enterprise policy, or do we need a config param?

Are users generally prevented from messing (disabling, uninstalling) them, or do we just preload them and letting users do whatever afterwards?

And finally are we getting these requests often, or is this a P3 for now?

Severity: -- → N/A
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(mozilla)

Hey Mike, do you know if Microsoft has something similar (even if it's off by default)? Is this something we want universally for all extensions force-installed through enterprise policy, or do we need a config param?

We don't know yet what Microsoft and Edge are doing here because they aren't enforcing manifest v3 yet, but some of the posts seem to indicate they are doing something similar.

Currently they do have settings to allow/block permissions in ExtensionSettings (See runtime_allowed_hosts, runtime_blocked_hosts here - https://support.google.com/chrome/a/answer/9867568). I have a bug to support some of that - https://bugzilla.mozilla.org/show_bug.cgi?id=1805205

I have not had a chance to check to see if <all_urls> works in that context.

Is this something we want universally for all extensions force-installed through enterprise policy, or do we need a config param?

I think we would ad a policy param for this, possibly using the same thing as Chrome/Edge (runtime_allowed_hosts)

Are users generally prevented from messing (disabling, uninstalling) them, or do we just preload them and letting users do whatever afterwards?

For these types of addons, yes.

And finally are we getting these requests often, or is this a P3 for now?

So with the delay of manifest v3 on chrome (and I think for us), this isn't as much of an issue, but once we enforce v3, it will be a P1/2.

The bigger issue for these types of addons (enterprise only addons) is being able to install unsigned via policy. I'm hopefully going to work on that soon.

Flags: needinfo?(mozilla)
You need to log in before you can comment on or make changes to this bug.