Make Your Feature Enterprise Ready

When enterprises (and others) are customizing Firefox, I get asked pretty much the same questions every time:

  • How do I disable private browsing?
  • How do I turn off Firefox Sync?
  • How do I prevent access to about:config?
  • How do I prevent the installation of add-ons?
  • How do I prevent access to the add-ons manager?

Doing any of these things properly is actually quite difficult, because none of the people that developed these features ever thought that someone would want to disable them. I think the primary reason for this is that most people that create software have only ever experienced how one type of person uses a computer. They believe that everyone uses a computer like they do; they have full access to the computer, they can do whatever they want and they can customize the computer however they want. This narrow view causes them to create software for people like them.

The reality is that people use computers in many different ways. In many industries, organizations, governments and educational institutions, there is a need to prevent people from having too much access to the computer and the browser. And it’s not just things like kiosks. It could be shared computers at a hospital or bank, or it could be simply that the employees are not very computer literate and you want to make sure they have limited access. Or maybe the browser is used on a piece of equipment and you want to make sure it can’t be messed with. There are tons of reasons why someone would want to disable certain features.

Whenever you create a new feature, you should ask yourself this questions:

Is there a good reason why someone would want to disable this feature?

If the answer is yes, you should provide a single global preference that removes the entire feature. You should also ensure that when this preference is locked, any associated UI associated with that feature is disabled.

Asking this simple question before implementing a new feature will go a long way towards making sure Firefox is enterprise ready.

Please note: I reserve the right to delete comments that are offensive or off-topic.

Leave a Reply

Your email address will not be published. Required fields are marked *

14 thoughts on “Make Your Feature Enterprise Ready

  1. I am fighting that battle now of configuring settings for the enterprise for 24.xxxesr from 17.xesr.
    How do I disable Sync???

    I have added a dozen or so lines in the mozilla.cfg file, but nothing seems to work.
    I am really getting flustered at all the “Well, maybe try this….” which generally hasn’t been working. I am pushing a deadline set by SecOps to have this out and I don’t have a massive amount of time to continue wasting on untried “Well, maybe try this…” suggestions.
    I am a contractor for a Govt. agency and we have a very tight locked down environment.
    What other settings should I be looking at that were added to this new release? Any advice or recomendations would be greatly appreciated. –Thanks in advance

      • ok, thank you, I will give it a try.
        I have noticed some people are using a userChrome.css file and state they are able to disable it or at least hide the options to run it. I haven’t tried it yet. Thanks for the recomendation.

        • It’s difficult to use userChrome.css on all aspects of Sync, because of how dynamic some of the stuff is (plus there are about pages as well).

          • ok. I have never used CCK2. I noticed that it is a addon. Do I have to deploy this addon to all my FF users? Or can I just use it to make the config changes and then just deploy the changes to the user base?

        • The CCK2 Wizard is an add-on that generates either an add-on or an AutoConfig zip.

          You either preinstall that add-on for your users, or you unzip the AutoConfig zip into your Firefox and deploy that to your users.

      • Now that I used the CCK2 to config FF, does this eliminate the need of the old config files I was using? Mozilla.cfg, user.js, local setting.js, etc.
        I am just trying to clean up my install script.

        Also, do I need to re-run the CCK2 for each rev of FF esr that comes out monthly?

        Thanks again for all the assistance. CCK2 appears to be doing the trick, we are sending it to a pilot test group Tuesday for final review/testing.

        • It depends on if everything you’re trying to change can be changed through the CCK. I’ve tried to make it as flexible as possible. I’m going to add support for adding arbitrary JS to the CFG file which should fix most usecases.

          As far as rerunning the CCK2, you shouldn’t need to when Firefox is updated. Only if there is new CCK2 functionality you want.