No Surprises

Justin Scott (fligtar) — Sat, 02 May 2009 04:25:59 +0000

Surprises can be appropriate in many situations, but they are not welcome when user security, privacy, and control are at stake. Mozilla is committed to guarding these principles, and we feel that a policy should be adopted that explicitly details our stance on these issues in regard to add-on modifications. The text of our proposal is below.

Changes to default home page and search preferences, as well as settings of other installed add-ons, must be related to the core functionality of the add-on. If this relation can be established, you must adhere to the following requirements when making changes to these settings:

The add-on description must clearly state what changes the add-on makes.

All changes must be ‘opt-in’, meaning the user must take non-default action to enact the change.

Uninstalling the add-on restores the user’s original settings if they were changed.

These are minimum requirements and not a guarantee that your add-on will be approved.

We welcome all constructive feedback and comments on this proposal, preferably in the AMO Newsgroup.

ShareThis

Better Safe than Sorry

Justin Scott (fligtar) — Sun, 08 Feb 2009 19:53:10 +0000

Over on the Adblock Plus blog, Wladimir Palant has posted two great articles on how to avoid making some common mistakes in extension development that lead to security vulnerabilities. I highly recommend extension authors check out his posts:

The information in these posts is very important for all add-on authors to know, and one of my goals in the coming months is to bring these best practices into one document that is kept up-to-date.

Justin

ShareThis

Mozilla Add-ons Blog » security

No Surprises

Better Safe than Sorry