Mozilla has announced a new feature for its Firefox web browser which will mean some extensions blocked from certain sites.
In the release notes for the latest version of Firefox, 115.0, Mozilla stated that the Quarantined Domains tool will “only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns.”
In another blog post further explaining why some extensions will no longer work on certain sites, the company said that having an open ecosystem of add-ons, which is good for developers, can also be good for threat actors too. It added that reviews and user reports are not always enough to find and prevent malicious add-ons.
“[Quarantined Domains] allows us to prevent attacks by malicious actors targeting specific domains when we have reason to believe there may be malicious add-ons we have not yet discovered,” it said.
However, users can disable the new feature if they so choose, by typing “about:config” in the address bar and setting “extensions.quarantinedDomains.enabled” to false. Mozilla also says that it will be improving this feature as time goes on, and expects Firefox 116 to allow users to control the behavior for each add-on they have.
The warning for potentially bad add-ons appears in the Extensions popup rather than the icon, so such alerts are not displayed the pinned toolbar of extensions when they are added.
Jeff Johnson, a researcher and developer of a privacy-focused extension, noted that, “the quarantined domains warning no longer appears in the Extensions popup either. In fact, there’s no longer an Extensions popup: clicking the Extensions toolbar icon simply opens the about:addons page, which doesn’t show the quarantined domains warning anywhere.”
“This is a terrible user interface design for the new so-called ‘security’ feature, silently disabling extensions while hiding the warning from the user,” they added.
The new feature comes soon after Mozilla took a stance on a proposed bill in France that would block certain websites contained on a government list. It said that, “such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments that will easily negate the existence of censorship circumvention tools.”