cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Zocker1999NET
New member
Status: New idea

Extensions (or add-ons) are great to enhance the web experience, but entrusting them with access to the content of all websites I visit (if the features of those require it) is a little bit too much. Some extensions can already solve that: Extensions which only want to modify e.g. YouTube do not need "Access [to] your data for all websites". But other extensions should be possible to use on all webpages, e.g. extensions replacing/blocking "bad words", translating extensions or extensions, which should work with self-hostable instances of services (GitLab, Phabricator, Nitter, …). They cannot easily restrict themselves to some domains (e.g. the official variants) because that would also restrict their use. But, most of the time, such extensions cannot & should not be able to see my whole history or access data when I'm using online banking.

Using different Firefox profiles is a way to solve that problem, but it is not easily usable because switching between these sessions is not easy. However, it is easy & user-friendly & automatable to work with containers, e.g. I can assign certain domains to certain containers so visiting them automatically switches to or suggests  the assigned container. And already are containers used to enhance security & privacy. By allowing users to restrict extensions to certain containers, I can easily configure which extensions should be able to modify which website(s), either special selected ones or I can easily switch to a certain container to enable more not-so-trusted extensions if I need to. And by allowing to exclude some or not explicitly selected extensions from certain containers, I can increase the security of online shopping / banking services because fewer extensions would have access to the data of those.

This would make it easier for users to trust extensions which need the "Access your data for all websites" permission because I would not be required to give them access to all unconditionally.

14 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Sisebuto_
Strollin' around

Wouldn't it be easier to just simplify profile management and usage?

Zocker1999NET
New member

@Sisebuto_wrote:
Wouldn't it be easier to just simplify profile management and usage?

Could be a way, but I like the idea of containers being able to be enforced for certain URLs / webservices automatically (e.g. when opening a GitHub link, the container addon will automatically open it in the GitHub container, as I configured Firefox to do so). And multiple containers can be mixed into one window, as profiles require different windows and also each addon has different configurations for each profile, whereas (beside of the access to the website's data) my idea allow it to have the same configuration (meaning less work to synchronize those) for all containers being applied.

Anonymous
Not applicable

Sounds useful. Just as being able to restrict addons to certain sites ... being able to restrict them to containers or tabs ... would make sense.  +1

ChodaBoy
New member

I would really appreciate the ability to restrict certain add-ons to specific containers. For example, shopping add-ons like Honey should be restricted to my Shopping container so they cannot track me anywhere else. YouTube related add-ons could be restricted to a YouTube container. And so on.

Stopi
Strollin' around

This is a must have feature when it comes to protect our privacy.

I already asked for it in crowdicity but obviously it was useless since it was quickly buried in a sea of other demands that no-one ever read.
Hopefully this website is different.

As@Zocker1999NET mentioned, the current solution seems to use profiles but there's obviously a catch: you can easily change profile.
Besides, I can have 10 different containers with tabs on the same window.
Doing this with profiles would imply to open 10 windows.

I think the containers are flexible and just the right tool to separate everything, not only cookies & storage.

Currently, you can't decide which URL is an extension restricted to.
The extension decides that for you, which is very odd.
That's a feature implemented in Google's Chromium which makes sense.
However, it would be a lot more powerful if instead it was restricted by containers.

To this days, extensions can already be restricted if using Private Browsing.
That means there's already a code base which can be reused.

Please Moz devs, give us that!

vendillah
Making moves

Personally, I feel that this will make the containers solution much more appealing, as for now, Total Cookie protection is already keeping a lot of cookies separated per site. Forgive me, as I've just skimmed it again, but at the mozilla blog post where they adress this, they claim the main (only?) plus is being able to login to services with multiple accounts at the same time (as cookies are also separated per container). If I explain to my sister how she could use containers to her benefit, she just shruggs and thinks I'm too far in the rabbit hole of privacy and technology, giving up the usage as it only increases the complexity for her.

I'd like to complement with some additional discussions by citing points that are not my own (which I agree with):

Here at bug 1365019 on bugzilla, a lot of good arguments are made, but I think GabrielaS summarized some good use-cases:


Limit "misbehaving" add-on: There's that one add-on SLP (SnapLinksPlus) that I can't do without. It works as a charm everywhere, except for a minor bug it shows on our CMS's site (it drops a small snippet of garbage code into text fields when rightclicking). I already have a separate container for our CMS. It would be great if I could disable this add-on just in this container.

Troubleshoot websites & extensions: Let's say a webpage doesn't work as expected. After contacting their support, they say it must be one of your extensions. So you need a container, in which you can disable one extension after the other to point the culprit. Without affecting other containers you are working with.

Compare "competing" add-ons: Let's say you want to side-by-side compare the behaviour or results of extensions that promise to do the same thing, might that be an ad blocker, script blocker or any greasemonkey-ish extension. With that feature in containers, you could activate AddOn1 in Container1 and AddOn2 in Container2 only.

Environment with no extensions: For everyday surfing you might have several add-ons activated that change the look of a website, by eliminating ads, changing styles and other stuff. But sometimes you'd like to see a page in its original form, without any add-ons enabled.

There are plenty of usecases for optionally activating/deactivating extensions in containers. I'd definitely use that feature if it existed.


I for example have the React extension installed, as I need it now and then, but I only use it in local development urls, and I don't want it to access anything else. Having containers would even ensure me that they will stay in that container, instead of having to look it up.

Other people are wondering about this issue, more than just the post on this site. Here (orginal Reddit link) I found the link to bugzilla in first place.

Loogsta
New member

allow specific addons to be enabled within specific multi-account containers

loving the multi-account container addon. i can use the one browser to use for work, personal, gaming, banking, etc separately.

one thing i would like this to extend to is being able to enable specific addons in those containers, since addons require access to account person data. enabling an addon as far as i know is enabled browser wide not per container. so if i allowed an addon to access my personal data this will also allow the addon to access my work data also when im on the same site..

basic example, ad block for gaming container but not work and personal.
allow addon to access my specific gaming account container but not sniff other data from other containers. currently using separate browsers to achieve this but prefer firefox as primary, and with this multi account container addon its so close..

Status changed to: New idea
Jon
Community Manager
Community Manager

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

Jon
Community Manager
Community Manager

@Loogsta there's a potentially similar idea here: Restrict extensions to containers / Exclude extensions from containers 

If this aligns with your request, we can merge the two threads (and kudos) together — this will also help keep the conversation focused in one space. Just let me know 😃

Loogsta
New member

@Jonthank you Jon, it's worded differently but the overall idea is mostly the same. Firefox add-ons cannot globally be trusted with a users personal data. Trying out new extensions that haven't been verified can be risky; but by containing (pun intended) that risk would give more security conscious users to try them out.

I did notice the linked post was quite old and probably didnt get the attention it should. Happy to merge these, hoping the idea remains clear.

Jon
Community Manager
Community Manager

(Note: similar ideas have been merged into this thread)

djado
New member

Run add-ons by container

I would like to set certain add-ons to run by default but only in certain containers.

Examples

1. Keep add-ons like Honey in a shopping container so they only comes alive when I want to shop.

2. Have a container that runs privacy or dark mode add-ons by default

Jon
Community Manager
Community Manager

(Note: similar ideas have been merged into this thread)