Confirmed users
1,094
edits
Firefox/AddOns/Status/current: Difference between revisions
Firefox/AddOns/Status/current (view source)
Revision as of 18:28, 14 February 2017
, 14 February 2017→Schedule: u
Sescalante (talk | contribs) (→Schedule: update) |
Sescalante (talk | contribs) (→Schedule: u) |
||
| Line 200: | Line 200: | ||
== Schedule == | == Schedule == | ||
=== Sandboxing === | |||
Content security sandboxing in Firefox is a security measure that restricts operating system access malicious content can gain through security vulnerabilities. Add-ons which interact with the file system through [https://developer.mozilla.org/en-US/Add-ons/SDK/Guides/Content_Scripts content scripts] will be impacted by [https://developer.mozilla.org/en-US/Firefox/Multiprocess_Firefox/Limitations_of_frame_scripts this feature]. Currently file system write restrictions are rolling out on various platforms in Firefox 50 and Firefox 52. File system read restrictions will start rolling out in Firefox 54. Add-on authors should familiarize themselves with [https://developer.mozilla.org/en-US/Firefox/Multiprocess_Firefox/Limitations_of_frame_scripts areas of the file system that will be blocked by these features] as they roll out, and adjust their Add-on code to avoid any potential issues. | |||
This wiki has the exact details of how security.sandbox.content.level [https://wiki.mozilla.org/Sandbox/OS_X_Rule_Set#How_security.sandbox.content.level_Affects_File_Access affects file access]. We don’t expect add-on issues with sandboxing level “1” (write access). This has already begun rolling out in Firefox 50. It required e10s, or sandboxing will not be applied. | |||
The [https://wiki.mozilla.org/Security/Sandbox sandboxing] capability that could impact certain add-ons is read access, which starts riding the trains in Firefox 54. It will be implemented by OS. You can find the [https://wiki.mozilla.org/Security/Sandbox#Current_Status planned releases for OS and sandboxing level here]. | |||
There is a preference you can use to see if content sandboxing is enabled. In about:config, a Security.sandbox.content.level of “0” means that sandboxing is not enabled. Levels “1” or “2” control the [https://wiki.mozilla.org/Security/Sandbox#Content_Levels level of content sandboxing]. To troubleshoot if your add-on is experiencing issues with sandboxing (and what level of sandboxing), you can reset the number to “1” and/or “0” to see if the issue goes away. | |||
=== Multiplecontent Processes === | === Multiplecontent Processes === | ||
A [https://wiki.mozilla.org/Electrolysis/Multiple_content_processes multiple content processes] model (e10s-multi) is starting to roll out in Nightly 54/55. It required e10s, or multi content processes will not be applied. It is not expected to go to release until mid-2017 and for the most part should not impact add-ons. | A [https://wiki.mozilla.org/Electrolysis/Multiple_content_processes multiple content processes] model (e10s-multi) is starting to roll out in Nightly 54/55. It required e10s, or multi content processes will not be applied. It is not expected to go to release until mid-2017 and for the most part should not impact add-ons. | ||