Making disabling add-ons installation actually do something useful

14 views
Skip to first unread message

Dave Townsend

unread,
May 14, 2011, 3:43:07 PM5/14/11
to dev-platform
We currently have this preference, xpinstall.enabled. We use it to decide
whether installing new add-ons is allowed at all, but right now it behaves
kind of strangely. If it is false and you try to install an add-on we
display a notification that installation is disabled and give you the option
to enable it, after which you can install as normal.

It's basically just working as a second level of confirmation (maybe third
level if the site you're on is not AMO), not really as a means to disable
installation. I think we did this because once upon a time (Firefox 1.0) we
had UI for controlling this in preferences. We removed that in 1.5 (instead
just defaulting to having installation enabled but a whitelist of sites
allowed to do it) and so there would have been a certain number of users
with add-on installation disabled but no way to enable it so I believe we
added this UI to allow re-enabling it as a compromise, instead of just
forcibly setting the pref back to the default.

I believe that the only people remaining these days that have
xpinstall.enabled=false are those that actually want installation disabled
(maybe kiosk UI or whatever). I know there is a minority of people who
actually want it for that additional level of confirmation but that doesn't
seem like a sensible reason for using the pref given we already require
agreeing to the install at least once after you enable installation. I can't
think of any other hidden pref like this that we have specific UI for
controlling when it isn't set as we expect.

I think we should just decide that xpinstall.enabled=false means add-on
installation is disabled and either not show any UI at all when an attempt
is made, or if we are particularly concerned about confusion of users of
locked down systems we should just show a plain notification with no option
to enable.

Anyone take issue with this approach?

Blair McBride

unread,
May 16, 2011, 9:13:45 PM5/16/11
to dev-pl...@lists.mozilla.org
On 15/05/2011 7:43 a.m., Dave Townsend wrote:
> I think we should just decide that xpinstall.enabled=false means add-on
> installation is disabled and either not show any UI at all when an attempt
> is made, or if we are particularly concerned about confusion of users of
> locked down systems we should just show a plain notification with no option
> to enable.

That was my thinking too, fwiw.

- Blair

Daniel Veditz

unread,
Jul 1, 2011, 9:36:40 PM7/1/11
to dev-pl...@lists.mozilla.org, Dave Townsend

The original intent was the xpinstall.enabled=false meant the
feature was disabled, full stop. Like Java.enabled=false, or several
other "kill switch" prefs we have.

I'm sorry I missed this behavior change, it's completely wrong. We
should go back to the initial behavior. And no UI notification: off
is off, feature doesn't exist. It could be off because an
institutional roll-out decrees no unauthorized modifications (like
your kiosk example), or because Gecko is in a non-browser product
that doesn't support installs, or even because we've found a
horrendous security hole and everyone needs to be able to turn it off.

-Dan Veditz

Reply all
Reply to author
Forward
0 new messages