Services/Sync/Addon Sync

From MozillaWiki
< Services‎ | Sync
Jump to: navigation, search

If you are looking for the feature page for add-on sync, please see Services/Sync/Features/Addon Sync.

Starting with Firefox 11 Sync contains support for synchronizing add-ons between profiles.

What is Synchronized

Currently, Sync will synchronize add-ons that meet the following criteria:

  • Is an extension or theme (i.e. not a plugin)
  • Is installed in the profile directory
  • Is installed explicitly by the user inside of Firefox
  • Is installed from a trusted URI

In addition, Sync will only synchronize changes between applications of the same type. In other words, changes to desktop Firefox instances only apply to other desktop Firefox instances: changes made to a desktop Firefox won't apply to a mobile device.

Feature Behavior

Add-on sync will be enabled for new Sync accounts automatically. Existing Sync users will need to enable add-on sync explicitly (see https://support.mozilla.org/en-US/kb/how-do-i-enable-add-sync).

If an add-on meets the criteria for add-on sync (see above), the following actions will be propagated to other Sync-connected devices:

  • Add-on install
  • Add-on uninstall
  • User disable
  • User enable

If enabling add-on sync on an existing profile, existing add-on state will be uploaded to Sync. In other words, you don't need to perform add-on actions after enabling add-on sync to see results.

It should be explicitly called out that the enable and disable actions are the ones performed by the user (likely through about:addons), and not something that Firefox does automatically. Put another way, if an add-on is disabled due to incompatibility, that change will *not* be synchronized because a user didn't explicitly disable the add-on.

All actions performed by add-on sync are performed in the background and add-on sync has no explicit UI. However, these background changes could result in UI changes in the browser (e.g. a toolbar is added/removed, a new tab is opened, etc). So, the first time you perform a sync with add-on sync enabled, it is possible the browser could change without you explicitly triggering it. This is expected.

Many add-ons require application restarts to finish applying changes. Add-on sync effectively stages these changes at sync time. The next time you restart your browser (which our metrics show the overwhelming number of Firefox users do daily), these changes should be applied. If you have add-on changes pending due to add-on sync, the changes should be visible in about:addons and you should see a message saying you need to restart your browser for them to take effect.

Filing a Bug

If you notice a bug with add-on Sync, please follow the directions at https://philikon.wordpress.com/2011/06/13/how-to-file-a-good-sync-bug/ to file a Sync bug.

Frequently Asked Questions

Why is add-on sync disabled for existing Sync users?

This is a complicated issue and the decision was driven mainly by privacy and security concerns.

We understand that most users (possibly even an overwhelming majority of them) will want add-on sync to just work when they upgrade to a Firefox that supports it. However, there are a number of issues with this.

Most of the issues center around unexpected behavior when syncing add-ons for the first time. It is possible for an existing Sync user to unknowingly launch a Firefox version that supports add-on sync (where the previous version didn't). This could be due to silent Firefox updates, a system upgrade performed by an IT administrator, another user on the machine upgrading Firefox, etc. The first time this device synchronizes, it could pull down add-ons from another device (again, it is possible the other device had add-on sync configured unbeknownst to the user). There are a few issues here:

  • Add-on changes could result in the UI of the browser changing. Since the user didn't realize add-on sync was enabled and that add-on sync is actually what is occurring, they might assume that their computer is infected with a virus, malware, is possessed, etc.
  • A user could have an incriminating add-on installed on a personal machine that he or she doesn't want to be propagated to a work machine. Furthermore, it is possible that installation of that add-on on a work machine is against company policy and could result in reprimand, termination, etc.

Furthermore, add-on sync is not enabled by default because we don't want to lose your trust that you have placed with Mozilla and Firefox to control your data. A principle of the Mozilla Manifesto is that you shape your online experience. Sync's take on that is that you control what data should be synchronized. Having Firefox Sync send your add-on data somewhere without your consent would be in violation of this principle. (New Sync users can select what data they want synchronized at setup time, so they can opt-out then.)

We explored adding UI in the browser to alert users to the existence of add-on sync. However, this didn't make the cut for Firefox 11. Perhaps you will see it in a future Firefox release.

Why is Functionality Limited to Add-ons from addons.mozilla.org?

First, this is only the default behavior. The services.sync.addons.trustedSourceHostnames preference is a comma-delimited list to allow other trusted hostnames. (This behavior may change to use the trusted sites feature - see bug 712834).

There are 2 main reasons for this: security/privacy and ease of implementation.

It is important that Sync not be used as a delivery vehicle to carry out malicious attacks against the browser. Add-on sync is the first time a synchronized entity could really do harm if left unchecked. For example, an attacker could install a malicious add-on on a Sync-connected device and this add-on could propagate automatically to other Sync-connected devices, compromising them as well.

Allowing arbitrary/untrusted add-ons to be synchronized would undermine the security of Sync and would allow Sync to be used as a delivery vehicle for bad.

Since all add-ons on addons.mozilla.org are reviewed prior to being published, there is trust that add-ons hosted there are not malicious and therefore safe to install (providing the user has consented, of course). Since they are safe to install, they are safe to sync.

The second reason is ease of implementation. We eventually want to support syncing of any add-on. However, there are technical challenges in our way:

  • Data storage - Add-ons can be quite large, possibly more than you are allowed to store in Sync's servers. The additional storage of add-on data could also use up a lot more space on Sync's servers, causing the cost of operation of this (free) service to go up (the problem is compounded by the fact that data is encrypted on the client, so we can't de-dupe identical add-ons on the server).
  • Versioning - How do you handle different add-on versions? One version may not be compatible on all devices because the devices are running different Firefox versions. How do you handle that?
  • Remote access to add-on data - Say you store the add-on's install URI instead of the actual add-on data. This circumvents issues with storage of large add-on data. But, what happens when that URI isn't accessible on another device? Should Sync try again later? How long should it keep trying before it gives up? What happens if it fails?

Trust us, these are hard problems. We decided it was best to focus on a subset of the add-on sync space that didn't have these concerns for the initial launch. And, as it turns out, add-on sync is hard enough, even with the limited functionality. We know people want these features, so we'll try to support more features in future Firefox releases.

Are Add-on Settings Synchronized?

Maybe. Currently, add-on sync leaves setting synchronization to the individual add-on. If an add-on has support for syncing settings, they will be synced. If not, they won't. For now, if an add-on doesn't preserve settings during Sync, you should contact the add-on's author and request Sync support.

For add-on authors, to sync settings using Sync, there are effectively 3 methods.

  1. Synchronize preferences (see https://developer.mozilla.org/en-US/docs/Archive/Mozilla/Firefox_Sync/Syncing_custom_preferences)
  2. Build a Sync engine (if you need to sync more than just preferences). If you need this, please drop by the #sync channel in IRC so you can chat with a Sync developer (there are some important details not currently captured formally in any docs).
  3. Build it yourself, not using Sync.

We recognize that having all add-on settings magically synchronize would be a useful feature. We are exploring options for facilitating this. Unfortunately, nothing made the first cut for add-on sync.

Can I have different enabled states on different machines?

Yes. If you set the preference services.sync.addons.ignoreUserEnabledChanges to true in about:config (you may need to create this preference), Sync will not process changes to the enabled state of add-on records coming from the Sync server. However, that Sync client will still generate outgoing record changes, which means that local changes will propagate to clients not having that preference set.

If this preference is set to true, all add-on installs will be installed in the enabled state. However, you can immediately disable the add-on and incoming enabled state changes won't be applied. However, uninstalls will be applied.