Mozilla announced its plan this week to update its Firefox Add-on Policy to prevent falsified-code extensions.
This change is due to take place on 10 June 2019 and the internet organization is expected to be able to respond more quickly to malicious extensions reports.
“The extensions containing obscured code, we are no longer going to accept. We will continue to permit miniature, concatenated or machine-generated code, as long as the source code is included.
Developers with extensions using obscure code are urged to update their requests to delete them and forward the new release by June 10 to prevent them from being rejected or blocked.
Mozilla plans to clear up its blocking (blocklisting) process, to help us better understand why Firefox users have already deactivated extensions or other third-party software. Check for mozilla vulnerability scanner here.
Thus, the organisation, when discovering that they violate its policies, aims to block extensions more pro-actively.
“We’ll cast a wider network and err on the user’s safety side to determine whether it’s blocked or not,” explains Neiman.
Extensions that deliberately violate the policies of the organization, as well as those with crucial safety vulnerabilities, will continue to be blocked. In addition, Mozilla plans to act on extensions that compromise user privacy or bypass user consent or control.
The organization has previously released policy and blocking documentation for developers to ensure they comply with their extensions in order to prevent any disruption. It also provided a forum for developers that have questions or would like to provide feedback about these updated policies.
