IMPORTANT: These locations changed again in Firefox 21. See this post.
If you are running into problems with Firefox 14 not honoring values in you set the default preferences, it's because Firefox preference files have moved from defaults/pref to defaults/preferences and your files have to move as well. (See bug 779437.)
Apparently custom changes to the default preferences were supposed to be there all along, but no one actually knew that (not even Firefox).
So when you are creating JS files for your autoconfig settings or to set the various add-on scopes values, make sure they are in defaults/preferences. (You'll have to create this directory.) Note that this method works fine on Firefox 10 as well. I'll be updating all my posts as I have time.
On a separate note, the CCK is broke on Firefox 14 - it's not creating bookmarks properly. I've tracked the problem down to a Places change, but at this point I am unable to work around it. I've contacted the developer that made the change that broke me, but I haven't heard back. Hopefully he'll be able to point me in the right direction.
I can't stress this enough. PLEASE test on Aurora and Beta if you have the bandwidth to do so. These Firefox 14 issuse should not have been found after Firefox 14 was released. And yes, I'll admit that I've been failing in my testing as well, but to be blunt, I'm not paid for any of the time I spend on enterprise, so it's not one of my top priorities.
Another question that comes up a lot is how to prevent users from installing add-ons. There's a preference, xpinstall.enabled, but it's useless because it does nothing to prevent access to the Add-ons Manager. The reason this is a problem is because you can install add-ons from AMO there from the Get Add-ons tab. In addition, when you try to install an add-on with the pref set to false, Firefox lets you enable it with one click. So we need to make that preference more effective and we need to hide the add-ons manager.
In Firefox 13 (actually, Firefox 12), Firefox introduced the ability to override the new tab page with the preference browser.newtab.url. For extension developers, this is great because it because it allows us to remove all of the different hacks we were using to add content to the new tab page. Unfortunately it can also create problems as various extensions stomp on each other trying to take over the new tab page.
I've added support for overriding the new tab page to three different extensions, so I've learned a great deal about using this new preference in a way that coexists with other extensions and does the right thing for the user. My goal with this post is to give some best practices for overriding the new tab page in your extension. The code samples in this post assume a basic knowledge of how Firefox extensions work, including preference observers. You probably won't be able to just cut and paste them into your extension.
I was reminded that there is one more way to get to private browsing - typing about:privatebrowsing in the URL bar. This gives us a chance to talk about another thing you can do in chrome.manifest - override.
Update: I was reminded that using visibility: collapse for menu items leaves them in the key navigation. Instead, you should use hidden="true" or in places that doesn't work (context menus) display: none.
In my previous post, I showed how to setup a basic extension in Firefox. Having this extension will allow us to do some Firefox customization. Before I get into this post, though, I wanted to clarify one thing. I had you put your XUL overlay in the root directory and point your content directory to ./. I did that to make things simpler but in practice you'll want to separate your files. The structure most commonly used is a chrome directory with a content subdirectory underneath. In that case, the directory in the chrome manifest would be chrome/content/.
With that out of the way, let's customize Firefox. We're going to prevent a user from accessing private browsing. We need a disclaimer here, though. We are not removing private browsing, we are just removing access. So if the user has an add-on that invokes private browsing, or if they have access to about:config, they can still turn on private browsing. For any of these customizations, there's an expectation that the right things have been done to prevent the user from accessing functionality via other means.
I've decided I'm going to expand on my earlier post about customizing Firefox with extensions. A lot of the things people have asked for recently can only be accomplished with extensions, so I want to try to give people a very basic handle on creating extensions so I can then give sample code of the specific things people are trying to do.
My goal here is NOT to teach people how to build extensions. You can find that information on AMO or MDN. My goal is give people a very basic understanding of how one particular type of extension works so I can produce simple code snippets you can drop in and use for your Firefox distribution. If you need anything more complex, you're going to have to hire me.
This article on Ars Technica seemed to fly under the radar, so I wanted to make sure people saw it.
Ars browser shootout: which Web browser is best for business?
I was interviewed for the article. You can see my comments on page 4.
I've saved the most powerful method of customizing Firefox for last - writing an extension. Firefox extensions allow you to customize just about every aspect of Firefox. You can override default behaviors, customize the user interface, change and lock default preferences, even replace entire components.
NOTE: None of the methods documented in this post work anymore. The safe mode dialog was changed and I can find no way to prevent it from displaying.
I have one more post planned about customizing Firefox with add-ons and the CCK Wizard, but I wanted to get this out in the mean time.
A lot of people ask how to disable safe mode in Firefox in an enterprise environment. This post will tell you how to do it with an add-on.
Update: I have made major modifications to this post. I was not aware that Firefox copied the contents of the defaults/profile directory on the file system after using the files on omni.ja(r).
This next method of customization is not as widely used, but it is still worth mentioning. It involves changing the files that Firefox uses when creating a new profile. We'll also take this opportunity to talk about userContent.css and userChrome.css which we mentioned earlier.