Many Firefox browser addons just suddenly stopped working due to the expiration
118 replies, posted
Like Atomic said, it only works in Nightly. I tried setting it to false and restarted my browser and it still didn't work.
Firefox has honestly been a constant annoyance since I started using it, from its worse URL bar search and autofill behavior, to the STILL BROKEN hardware acceleration on Linux, to the awful performance on Android.
I really want to root for the good guys in the browser war but they just aren't making my life any easier.
so i wasn't going crazy.
now to stay away youtube and tumblr for awhile.
Googling around, everything I see that mentions xpinstall.signatures.required also says it needs nightly or dev builds. What magic did I perform on my browser to set it in the normal build?
https://i.imgur.com/OMEBaJH.png
This is such a huge fuckup. Mozilla can't afford to make mistakes this big. And that it's not fixed four hours later is a bad sign.
At least Firefox for Android allows setting the config to allow add-ons, even though it's not a nightly or dev version.
Letting essential certs lapse, and generally not keeping track of them is a bonafide a big thonk.
It's not supposed to. I'm using the exact same version as you are and it didn't do a thing for me when I set it and restarted the browser.
https://i.imgur.com/NpVBDt4.png
Installing addons through about:debugging worked for me like posted on the previous page though. (Although Stylus doesn't seem to work correctly. It doesn't ever insert any of my stylesheets on pages for some reason despite them being loaded into the extension.)
yes because adware could set the config on your behalf
you can just as easily install another version of the browser if you want to install your own addons. it's better this way IMO for the vast vast majority of users who don't like addons installed without consent
Addons cannot access Firefox's config. The only parts they have access to are explicitly the parts related to the addon itself. (As in the ones the addon uses for its own configuration. Not the addon system as a whole.) If addons cannot physically modify this setting (which is the case as far as I'm aware) then your argument is a moot point. And if they can then clearly Mozilla seriously fucked up somewhere along the line because they shouldn't have access to that part of your config.
Firefox Quantum (66.0.3 64-bit), set that setting to false, no go. Addons still fucked.
yeah okay bill gates
Look, I used to work in software dev and massive fuck ups happen. I've made mistakes before and beat myself up for them but I don't think people should be getting fired.
Certs are big business, if Mozilla can let things like this happen, who knows how else their cert chain has been compromised.
This is like, cornerstone problems, multiple people should be overseeing this and making sure this can't happen.
Oh yeah, it's a huge fuck-up, no question, but I don't want people out of work due to it, that's all.
Yep, mine are dead now and can't disable signatures.
Add-ons can't tweak a lot of config or backend things for security purposes, which indirectly hurt add-ons like Tab Mix and Classic UI Restorers since they needed to tweak code like that to work properly. It's tough because malicious browser add-ons are a huge issue for the computer illiterate but the user should always be allowed to tweak things with sufficient warning or hoops. Just make it so the user is prompted so it's not something an addon or malicious web page could turn on via trickery.
This would never happen with Chrome.
As in I can't install any addons in Chrome otherwise it takes up 99% of my power.
I agree with you on TMP and CTR, those were both addons I used extensively before Mozilla dropped their old extensions system for Web Extensions. But as far as I'm concerned, NO extension should ever even need the ability to make itself uninstallable for any reason. The only potentially valid argument, in my opinion, would be for Mozilla developed official addons but at that point you can also argue that if they shouldn't be uninstalled then they should just be removed from the extension environment and rolled into the main application itself.
My biggest issue here isn't that they tried to prevent people from getting malware, it's that they decided to just completely remove the ability for even power users to work around the issue. This is more egregious in Mozilla's case since the major appeal for a huge chunk of Firefox's user base has been either their privacy efforts or the extensive customization the browser has always supported. Both are major points for me but the latter is one of the biggest reasons I find Chrome to be unusable garbage even ignoring privacy concerns I have with Google. Google insists on a one size fits all approach and if that approach doesn't fit you then too bad because it's what you're stuck with.
This one is you gave the ultra edition dlc to the people with trial keys kind of fuck up, this is a your driver set memory clock speeds to 5X optimal frequency kind of fuck up, firing is definitely an option.
Should be fixed now, you gotta enable "Studies" to receive the hotfix.
https://files.facepunch.com/forum/upload/140948/bed43da1-1a1b-4297-beff-f7e288a380d1/image.png
Addons never stopped working for me on Firefox. Weird.
It may take a bit of time and/or putzing around in about:addons before it takes effect though. Once that happens, however, you can disable the option if you'd previously had it disabled.
I've known about this restriction forever. These builds also let you install old extensions too.
but my constant need to be on the bleeding edge here actually helped for once
Reminds me of the certificate that ran out for Ericsson who supplies some countries with their mobile networks. The entire mobile network died in places like Japan due to a certificate. It's such a silly dumb thing to miss.
Mine weren't working when I woke up but I went into the addons, checked for updates, backed out, checked again and then all of them were working again? I really don't know what the hell I did.
lmao what the fuck are you talking about
This fuck up was overall quite benign, a cert expiring is something that is meant to happen, and it's meant to ensure whatever breaks breaks in a way that doesn't undermine the security of the platform. That's exactly what happened here. Their cert expired, they didn't replace it in time, and to mitigate potential harm Firefox just disabled anything signed with that cert.
The worst thing to happen here is that we weren't able to use our optional extras for a few hours while they fixed the problem. An actually bad outcome here would be the cert expired, and unsigned code could be run willy nilly, with malicious addon contributors shipping malicious versions of addons that otherwise wouldn't be signed. Mozilla dropped the ball, but this isn't exactly a harmful action. For a few hours we had to deal with no ad-blockers, but anyone who really gives a shit will have network level ad blocking setup by this point.
Shit's still broken for me. Or at least, uBlock is. I can't update or re-install it, I'm just met with an instant error.
The biggest issue was the account containers extension being disabled caused all the tabs open in a container to close as soon as the extension disabled, and even manually reinstalling the extension wiped the container storage, so I'm logged out and lost all my cookies for any sites in containers. Rather annoying, especially since I didn't have my password manager to be able to log back in to the sites...
Looks like this problem exposed a single point of failure that could be exploited.
Honestly, this is killing. I'd forgotten just how many fucking ads there are everywhere.
Has anyone had the same issue and found a way to fix it? Is uBlock just broken for me?
Sorry, you need to Log In to post a reply to this thread.