We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Avatar for Username

Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Läs mer

Denna tråd har arkiverats. Ställ en ny fråga om du behöver hjälp.

Plugin Whitelisting

  • 1 svar
  • 1 har detta problem
  • 1 visning
  • Senaste svar av guigs

Curtis Koenig
Curtis Koenig
more options

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route:

I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route: I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

Alla svar (1)

guigs
guigs
more options

Please also see: http://kb.mozillazine.org/Locking_preferences Make sure it is not obsolete: https://developer.mozilla.org/en-US/d.../Locked_config_settings

What trouble are you running into specifically here?