this post was submitted on 04 Jul 2023
351 points (98.3% liked)

Firefox

17301 readers
147 users here now

A place to discuss the news and latest developments on the open-source browser Firefox

founded 4 years ago
MODERATORS
351
Firefox 115 released (www.mozilla.org)
submitted 1 year ago* (last edited 1 year ago) by hal_5700X to c/[email protected]
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 44 points 1 year ago* (last edited 1 year ago) (2 children)

I was curious as well so I looked at the git tree. I'm not familiar with Firefox code, but I'm assuming I found the list:

pref("extensions.webextensions.restrictedDomains", 
"accounts-static.cdn.mozilla.net,accounts.firefox.com,
addons.cdn.mozilla.net,addons.mozilla.org,
api.accounts.firefox.com,content.cdn.mozilla.net,
discovery.addons.mozilla.org,install.mozilla.org,
oauth.accounts.firefox.com,profile.accounts.firefox.com,
support.mozilla.org,sync.services.mozilla.com");

From here

So it looks like it's mostly to do with the account system of Firefox. I'm not sure why their websites would need special protection, but whatever. It's not malicious, for now

[–] [email protected] 38 points 1 year ago

Makes sense. You don't want Addons to navigate to the addons page and install other addons. You also don't want to give them access to the firefox sync data through your account to do the same from that end.

[–] [email protected] 38 points 1 year ago

Thanks! Nicer list:

  • accounts-static.cdn.mozilla.net
  • accounts.firefox.com
  • addons.cdn.mozilla.net
  • addons.mozilla.org
  • api.accounts.firefox.com
  • content.cdn.mozilla.net
  • discovery.addons.mozilla.org
  • install.mozilla.org
  • oauth.accounts.firefox.com
  • profile.accounts.firefox.com
  • support.mozilla.org
  • sync.services.mozilla.com