Plugins Click-To-Play by Default in Firefox 31 ESR

In my previous post about the Firefox 31 ESR, I missed one other big change; most plugins will be click-to-play by default. You can read more about things in this blog post, but the gist is that click-to-play will be the default for plugins except for Flash and plug-ins that have been accepted onto the whitelist. You can view the current whitelist here.

If you have a plugin that you use within your organization and you need to make sure is enabled, you have a few choices.

  1. Change the plugin.default.state preference back to 2 so that the default is not click-to-play.
  2. Add a preference specific to your plugin that makes it enabled by default. The format is plugin.state.FILENAME where FILENAME is the filename of the plugin, lowercased with no extension and trailing numbers removed. So for instance, on Windows, the preference for Adobe Acrobat is plugin.state.nppdf and should be set to 2. The preference name will be different for different operating systems.
  3. Use the CCK2 to enable your plugin for a specific domain.
  4. Use the Click-to-Play Manager extension to enable your plugin for a specific domain.

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

2 thoughts on “Plugins Click-To-Play by Default in Firefox 31 ESR

  1. Concerns surrounding gunblood secrets and cheats cannot become above analysed.
    There are many elements which swayed the actual improvement regarding gunblood secrets.
    Considering the fact that the influence pervades our community, gunblood tips
    can be presenting more and more from the values with the fresh and also upwardly cell phone.

    It really is a sad consequence your civilizations background in which gunblood tips is actually almost never
    provided logical thing to consider through worldwide
    business oriented corporations, who type one more excellent expect
    our own civilzation. Sophisticated though it really is My spouse and i shall right now try and provide an exaustive report in gunblood cheats and it is several
    'industries'. It has recently arrived at my personal awareness in which insufficient men and women know how
    great gunblood secrets has been to the life. Every day we awaken in addition to likely get more than one
    gunblood secrets and cheats resting at the ft .
    your furniture. It really is wonderful to be able
    to wake along with laugh every day for this reason.

  2. Hi Mike. I have some specific questions regarding white listing domains to bypass CtP.
    Does the permission manager check for an exact match or can sub-domains match? e.g. let's say I have 3 domains:
    a.company.com
    b.company.com
    c.company.com
    If I add company.com to the permission manager (e.g. via the CCK), will plugins automatically work for all 3 domains or do I have to add each specific domain? If the later, that's not very scalable at all for an organization of any size.

    The preference option would work, of course, but that opens up a potential security issue as it enables it for ALL domains, not just for the organization. I'm thinking of Java here - I want to enable it for an org, but I really want CtP to be enabled for it outside the org and let the user choose.

    Any thoughts or is CtP just not mature enough yet?