Bug 1144127 was checked in. This means that starting in Firefox 40, placing add-ons in the distribution/bundles directory will no longer work.
For many years I recommended distribution/bundles as the best place for enterprises to deploy non bootstrapped extensions. It allowed them to make their extensions a part of core Firefox and prevent users from removing them. Unfortunately adware/spyware folks started using this method as well, so we lost this ability. (This is why we can’t have nice things.)
So what does this mean going forward?
- You will no longer be able to disable safe mode. You can set the environment variable MOZ_DISABLE_SAFE_MODE_KEY to prevent using the startup shortcut or set MOZ_DISABLE_AUTO_SAFE_MODE to prevent crashes from starting safe mode, but a user will always be able to start Firefox in safe mode from the command line.
It’s much more difficult for you to prevent a user from disabling any extensions you need to add for your company. You’ll probably need to do something evil like hide them inside of the add-ons manager. You can contact me if you need code to do that.
AutoConfig now becomes the preferred method of doing pretty much any Firefox configuration (since you can’t place a custom extension into the distribution/bundles directory).
I’m actively working on making the CCK2 work without the distribution directory. The latest beta is here. Obviously some features will be lost st first. I hope to bring as many back as I can. It should be ready by the end of the week I hope.
As a side note, this means that many of my blog posts will have incorrect information. I’m still trying to figure out how to solve that going forward.
The first beta of the next CCK2 is available here.
This upgrade has three main areas of focus:
- Support for the new in content preferences
- Remove the need for the distribution directory (except in the case of disabling safe mode)
- Support for new Firefox 38 features (not done yet).
Removing support for the distribution directory was a major internal change, so I would appreciate any testing you can do.
My plan is to finish support for a few Firefox 38 specific features and then release next week.
This post will provide a high level overview of changes coming up in the next Firefox ESR. This list is primarily focused on changes that will impact enterprise users. It is not intended to be an exhaustive list. For a list of all the changes, see the release notes links.
Note: Firefox Hello and Encrypted Media Extensions will NOT be part of the ESR.
- Firefox Marketplace Menu and Button
- New Search UI in more locales
- Release Notes (35.0, 35.0.1)
- Preferences in tabs
- Release Notes (38.0)
My plan is to have a new CCK2 beta that coincides with the Firefox 38 release that will allow for disabling some of these new features. It’s a beta because it also has the new code for no longer using the distribution directory.
If I missed something, please post it in the comments.
Just a reminder that the next Firefox ESR is only three weeks away. In my next post I’ll give you some details on what to expect.
Also, if there are any Firefox enterprise topics you’d like to see me cover on my blog, please let me know.
With the removal of the distribution/bundles directory, as well as multiprocess Firefox, I’m currently rewriting portions of the CCK2 to be more forward compatible.
This involves removing any dependencies on the distribution/bundles directory as well as rewriting the code to no longer use XUL overlays.
As I’m doing this work, it has me wondering; should the CCK2 be a library that you simply pass a config to and it does the work (as it is today), or should the CCK2 Wizard generate a complete AutoConfig.js file that stands alone and can be included with little or no other outside files?
In doing surveys in the past, there are quite a few people that just use AutoConfig. Would it be worthwhile to make the process of generating AutoConfig files easier? Or is this a very small group of people?
What do you think the future should hold for the CCK2?
There are a few changes that are coming for Firefox that will be major headaches for enterprise, educational, government and other institutional deployments. These include the removal of the distribution/bundles directory as well as the requirement for all add-ons to be signed by Mozilla.
Given that these two changes are not needed for enterprise, there has been some discussion of not putting these changes into the Firefox ESR.
So I’m curious: besides these two changes, what other things do you think should be different between regular Firefox and the Firefox ESR? I’m not talking about creating new features for the ESR, I’m only talking about enabling and/or disabling features.
Put your suggestions in the comments. I’ll put mine there as well.
I’ve released new version of the CCK. New features include:
- Setting a lightweight theme
- Clearing preferences
- Setting user preference values (versus default or locking)
- More control over the CA trust string
- Security devices are loaded at startup and fail gracefully (so multiple platforms can be specified)
- Redesign of security devices dialog
- Distribution info on about dialog is no longer bolded
- Proxy information can be set in the preference page (if you want user values, not default/locked)
- Better migration of bookmarks between versions
- Better errors for cert download failures
Bugs fixed include:
- International characters not working properly
- CA trust string not being used
- Unable to set the plugin.disable_full_page_plugin_for_types
- Bookmarks not deleted when migrating from CCK Wizard
If you find bugs, please report them at cck2.freshdesk.com.
Priority support is given to folks with support subscriptions. If the CCK2 is important to your company, please consider purchasing one.
I’ve released a major update to Keyword Search that resolves ALL coexistence problems with Tab Mix Plus. It should also fix all the strange behaviors people were seeing with regards to searches happening in incorrect tabs.
I’ve also added support for setting a separate search engine for the context menu, as well as fixed some visual problems on about:home.
You can get it here, or you will be automatically updated.
I’ve had some feature requests from subscribers to my premium support package, so everyone will see the benefits in the next release.
The first request was to be able to add a lightweight theme via the CCK2. That ability will be in the next CCK2. You simply give the CCK2 the URL for a theme on AMO and the CCK2 will do the rest.
The second request was for the ability to set the user value of preference versus the default value or locking the preference (the pref() function in Autoconfig). I’ve added that functionality.
The third request was for better support for software security devices on multiple platforms. I’ve updated the code so it checks to see if the device is there before trying to add it allowing you to mix multiple platform paths. In addition, I try to add the device at every startup so that if the device is added after the CCK2 is installed, it will still get added to Firefox.
Do you wish that the CCK2 has a feature? Purchasing a support package can make it happen.
Membership has its privileges.
One of the trickier things about being self-employed, especially around an open source project like Firefox, is knowing where to draw the line between giving out free advice and asking people to pay for my services. I’m always hopeful that answering a question here and there will one day lead to folks hiring me or purchasing CCK2 support. That’s why I try to be as helpful as I can.
That being said, I’m still surprised at the number of times a month I get an email from someone requesting that I completely customize Firefox to their requirements and deliver it to them for free. Or write an add-on for them. Or diagnose the problem they are having with Firefox.
While I appreciate their faith in me, somehow I think it’s gotten lost somewhere that this is what I do for a living.
So I just wanted to take a moment and let people know that you can hire me. If you need help with customizing and deploying Firefox, or building Firefox add-ons or building a site-specific browser, that’s what I do. And I’d be more than happy to help you do that.
But if all you have is a question, that’s great too. The best place to ask is on my support site at cck2.freshdesk.com.