Opened 10 days ago

Last modified 7 days ago

#26127 needs_review defect

Make sure Torbutton and Tor Launcher are not treated as legacy extensions

Reported by: gk Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: ff60-esr, TorBrowserTeam201805R
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We should avoid that Tor Launcher and Torbutton get treated as second class add-ons due to them still being based on XPCOM (e.g. getting shown on a separate add-on panel and not listed on the default about:addons page).

Setting extensions.legacy.enabled to true and adding the extensions IDs to extensions.legacy.exceptions should fix that.

Child Tickets

Change History (3)

comment:1 Changed 9 days ago by tom

I was nervous about this, so I checked with aswan.

This pref just changes the UI, so that's okay.

TB will (probably) want to build with MOZ_REQUIRE_SIGNING enabled; otherwise users can install legacy extensions at will.

When we bake a new certificate into the browser to sign our own legacy extensions, we'll need to set the OU to match what's in https://searchfox.org/mozilla-central/source/toolkit/mozapps/extensions/internal/XPIInstall.jsm#941 to make sure it gets the correct treatment.

comment:2 in reply to:  1 Changed 9 days ago by gk

Keywords: ff60-esr added

Replying to tom:

I was nervous about this, so I checked with aswan.

This pref just changes the UI, so that's okay.

TB will (probably) want to build with MOZ_REQUIRE_SIGNING enabled; otherwise users can install legacy extensions at will.

Yes.

When we bake a new certificate into the browser to sign our own legacy extensions, we'll need to set the OU to match what's in https://searchfox.org/mozilla-central/source/toolkit/mozapps/extensions/internal/XPIInstall.jsm#941 to make sure it gets the correct treatment.

Good point. I think the signing bits are for #22971, though (even though it seems we need to slightly repurpose that bug).

comment:3 Changed 7 days ago by gk

Keywords: TorBrowserTeam201805R added
Status: newneeds_review
Note: See TracTickets for help on using tickets.