Closed Bug 839145 Opened 8 years ago Closed 8 years ago
Please create an add-on (or similar) that allows enterprises to whitelist domains from CTP
Please create an add-on (or similar) that allows enterprises to whitelist domains from CTP. The current solution is to maintain your own blocklist server, which is too high of a bar for most IT departments. Alternatives are to disable blocklisting entirely or communicate https://support.mozilla.org/en-US/kb/why-do-i-have-click-activate-plugins#w_how-to-always-activate-a-plugin-for-a-trusted-website to their employees.
David - have you made any progress around this? I think the next step was to propose a solution and communicate it to the enterprise list.
(Jorge may end up being the ultimate assignee for this bug, given the work he's already completed over at https://github.com/jvillalobos/CTP-Manager)
I had started something, but it looks like Jorge is already way ahead of me. I think we should just go with what he has. If he needs any input from me, I'm certainly available to help.
I'll take this, then. I'll have something ready for testing in a few days.
Assignee: dkeeler → jorge
(If the addon isn't meant for anything other than esr, this comment can be ignored) One thing to note is that as of FF20, the "plugins" permission gets broken up into per-plugin permissions. You'll need to use nsIPluginHost.getPermissionStringForType for each plugin you want to whitelist.
Good to know, thanks.
Upon first look, this new implementation in Firefox 20 looks a bit lacking. For what I gathered, the new permission being written is "plugin:" + filename. This means that, even when synced, the permissions need to be re-entered for every platform, since plugin filenames are different. Furthermore, there are cases where the plugin filename changes with every version. IIRC, the Flash plugin on Windows, our single biggest concern, does this. David, have these issues been contemplated?
Indeed - I wish I had thought that through a bit more. We've got bug 838290 to fix this.
Shouldn't bug 838290 have a higher priority, or the changes in 20 delayed? Otherwise we'll break existing whitelisted domains twice.
Tracking for ESR17 that ships with 19 since I assume that's what we'll be targeting here.
I submitted the first version to AMO now: https://addons.mozilla.org/addon/click-to-play-manager/. I'll ping the enterprise group so they can give it a look, test, and give feedback. I limited this version to 17.0-19.* due to comment #5. I'll create a new version that deals with the new format and release it later on. I'll close this bug once the add-on is approved.
This really needs to be a built in function: 1) Ability to turn off blocklist if desired 2) Ability to whitelist particular plugins so that they are never blocked 3) Ability to whitelist particular pages, particular hosts and entire domains from CTP For e.g we use Java. *#*@( would not be fun if one day an office full of people can't use their application. Currently it seems the only viable built in solution would be to point Firefox to a null local blocklist server, but this would have the negative effect of potentially not blocklisting malicious/spyware extensions.
Version 1.1, supporting Firefox 20 (19 on Android), is now fully reviewed on the site. It needs some work in order to support Firefox 21 and higher on desktop, and 20 and higher on Android, which will be done shortly. We can call this fixed, though.
The generate installer button is greyed out in Firefox ESR 17.0.5. What actions must be taken to enable the generate installer button?
(In reply to Andreas van dem Helge from comment #14) > The generate installer button is greyed out in Firefox ESR 17.0.5. What > actions must be taken to enable the generate installer button? Please use the support information provided on this page: https://addons.mozilla.org/addon/click-to-play-manager/
You need to log in before you can comment on or make changes to this bug.