When enterprises (and others) are customizing Firefox, I get asked pretty much the same questions every time:
- How do I disable private browsing?
- How do I turn off Firefox Sync?
- How do I prevent access to about:config?
- How do I prevent the installation of add-ons?
- How do I prevent access to the add-ons manager?
Doing any of these things properly is actually quite difficult, because none of the people that developed these features ever thought that someone would want to disable them. I think the primary reason for this is that most people that create software have only ever experienced how one type of person uses a computer. They believe that everyone uses a computer like they do; they have full access to the computer, they can do whatever they want and they can customize the computer however they want. This narrow view causes them to create software for people like them.
The reality is that people use computers in many different ways. In many industries, organizations, governments and educational institutions, there is a need to prevent people from having too much access to the computer and the browser. And it’s not just things like kiosks. It could be shared computers at a hospital or bank, or it could be simply that the employees are not very computer literate and you want to make sure they have limited access. Or maybe the browser is used on a piece of equipment and you want to make sure it can’t be messed with. There are tons of reasons why someone would want to disable certain features.
Whenever you create a new feature, you should ask yourself this questions:
Is there a good reason why someone would want to disable this feature?
If the answer is yes, you should provide a single global preference that removes the entire feature. You should also ensure that when this preference is locked, any associated UI associated with that feature is disabled.
Asking this simple question before implementing a new feature will go a long way towards making sure Firefox is enterprise ready.
Did you ever wish that you could have new Firefox profiles created with no default bookmarks? There are two simple changes you can make to your Firefox install to do this.
I’m trying to get some feedback on how people use the CCK Wizard (or don’t). If you can help me out, click here to take survey
I’ve got one more CCK Wizard Beta for folks to try out before I release it. This version adds support for server certificates. PLEASE try this out if you use CAs to make sure I didn’t break anything. Download it here.
Somehow in the past few weeks, lots of sites have started repeating the same article and the same incorrect information that WebSearch+ from Brand Thunder is malware. This is patently false. WebSearch+ is simply the method Brand Thunder uses to monetize its add-ons and it is 100% configurable by the user. Every feature can simply be turned off in preferences.
Brand Thunder put up a post with more information – What is WebSearch+
Hopefully that will clear things up.
It’s no longer possible to disable safe mode after Firefox 39 because of the removal of the distribution directory.
So lots of people are having trouble disabling safe mode using my earlier instructions and I discovered it is because of problems overlaying the dialog. So here are some new instructions that should work for everyone.
One of the questions I get asked a lot is how to set default application handlers in Firefox (the Applications page in preferences). Most companies have resorted to creating a default mimeTypes.rdf file and loading this into their default profile. I finally took the time to understand how these handlers work and can give you some code to use.
In my previous post, I talked about the moving of some files for Firefox 21. Due to some major bugs related to partner builds, the distribution directory was moved back. So you no longer need to move distribution files into the browser directory. So here’s a summary of what has changed:
- defaults/preferences -> browser/defaults/preferences
- defaults/profile -> browser/defaults/profile
- extensions -> browser/extensions
- searchplugins -> browser/searchplugins
- plugins -> browser/plugins
I’ve also been asked about the file override.ini – this file should now be placed in the browser subdirectory as well.
Remember, Firefox 21 is scheduled to be released tomorrow.
If any step in your process to customize and deploy Firefox involves unpacking and repacking omni.ja[r], you’re probably doing it wrong. Any modifications you need to make to Firefox, whether it be changing the default profiles, changing the default preferences or even overriding specific files can be done WITHOUT repackaging omni.ja[r].
If you really think you have a use case for unpacking the omni.ja[r], let me know and I’ll try to prove you wrong.
Now you know…
In a previous post, I talked about add-on scopes. One of the things that was most problematic about add-on scopes was where the
extensions.autoDisableScopes preference could be set. In my original testing, I thought I was unable to set it in an autoconfig file. I’ve retested everything in the ESR 17 as well as the current Firefox, and to my surprise, this value can be set fine in an autoconfig file (although not if it is remote).
In addition, for files in the defaults/preference directory, there were issues with JS files only working if the filename started with a letter less than f. That problem appears to not be there anymore either.
So to summarize, you can set extensions.autoDisableScopes via autoconfig (and you should) and it doesn’t matter what your JS file in defaults/preferences is named.