This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Many extensions don't work on support.mozilla.org

Thomas_DC
Familiar face

‎05-05-2025 05:37 PM

Hi 🙂

Many extensions don't work on support.mozilla.org.

For ex, Clippings and Unicodify – Text transformer are very useful to write text. It's annoying not to be able to use them to write in https://support.mozilla.org/en-US/questions/new/thunderbird/form.

Is it a feature or a bug?

 

--
RAPID maintainer
http://savannah.nongnu.org/projects/rapid/
0 Kudos
5 REPLIES 5

siffemcon
Familiar face

‎05-05-2025 07:30 PM

Security feature. It can be overridden:

Via the URL bar, go to about:config and search for extensions.webextensions.restrictedDomains

- copy and save the list of domains, then remove the domains you don't want to be restricted

While in about:config, search for privacy.resistFingerprinting.block_mozAddonManager

- change the value to true. If it's not found, click the + sign to add it.

NOTE the security risk at https://old.reddit.com/r/firefox/comments/tyytcy/how_to_get_rid_of_this_extension_restriction/i3vke2....

0 Kudos

Thomas_DC
Familiar face
In response to siffemcon

‎05-08-2025 07:07 AM

@siffemcon wrote:

NOTE the security risk at https://old.reddit.com/r/firefox/comments/tyytcy/how_to_get_rid_of_this_extension_restriction/i3vke2....

Maybe it's useful to past the text here:

Note: doing this will open up a gigantic hole in Firefox's addon security model. Any compromised extension you have installed will be able to dig into the internal restricted sites and do things without your consent. Sites like support.mozilla.org are privileged and can pull out information about your system, and can do profile refreshes or resets, possibly without any chance for you to stop it. Similarly, addons.mozilla.org can install and uninstall extensions, and allowing extensions to run on that site would allow a compromised extension to install other addons without your consent.

There's a list of restricted sites in about:config inside the preference named extensions.webextensions.restrictedDomains

You can remove sites from that list, and extensions will run on the removed sites.

 

--
RAPID maintainer
http://savannah.nongnu.org/projects/rapid/
0 Kudos

Thomas_DC
Familiar face
In response to Thomas_DC

‎05-08-2025 06:10 PM

1) Why is support.mozilla.org privileged and can pull out information about visitor's system, while connect.mozilla.org cannot?

 

2) I see that:

  • Copy Link Text works,
  • Unicodify – Text transformer is able to read selected text but not to write in forms,
  • Clippings is not able to read selected text.

Is there a doc which explains what are the limits of what's allowed for extensions in "internal restricted sites"?

 

--
RAPID maintainer
http://savannah.nongnu.org/projects/rapid/
0 Kudos

SUMO_Mandy
Employee
Employee

‎05-06-2025 06:52 AM

For any future support questions, feel free to add them on our Support Forum!

0 Kudos

Thomas_DC
Familiar face
In response to SUMO_Mandy

‎05-08-2025 07:01 AM

Since it's a security feature, I would like to post an idea to be able to run extensions on these special pages without risk.

Are you sure I should go to the Support Forum to ask some questions about the current features, so that my idea is coherent?

 

--
RAPID maintainer
http://savannah.nongnu.org/projects/rapid/
0 Kudos
Copyright © 2025 Khoros, LLC