Add-on support in new Firefox for Android

Another approach that might work is to have a middle tier between the highly-curated recommended extensions and the wild west.

What I’m imagining is a list curated by a larger group of volunteers rather than core team members who likely have better things to do. This collection wouldn’t be shown by default, but the checkbox to enable it would be prominently featured at the bottom of the list of recommended addons.

Criteria for inclusion would be more lax. Of course malicious or user-hostile behavior would be grounds for rejection, but otherwise addons that attempt to be compatible with Fenix and don’t have obvious severe issues would be approved. To mitigate the risk of abuse, perhaps this should require two or three volunteers to approve the extension.

I still think there should be a checkbox to allow the installation of anything on AMO and any XPI from the filesystem, but that should be more buried with more dire warning labels on it.

I suppose by making this proposal I’m volunteering to help with such a group.

This topic was started 2 years ago and there is still no progress.

@caitlin (or anyone else): does anyone have more information on this topic or maybe a roadmap? Right now it’s a pretty crappy status: no information and no progress on this topic.

Perhaps if we continue screaming into the void, the void will answer… but probably not.

I’m going to chime in here as a “would-be contributor”. I say
would-be because it’s most likely I won’t be.

I just spent the last 20 hours or so writing an extension. My
main target was Firefox for Android. I did this to fix a problem
I had (related to the browsing experience, not the core
application). I took it upon myself to find a solution and the
time to try sharing my solution with others. These kinds of
choices are the bedrock of community, the want to help others.

Now I see this thread and understand that not only can I not
share my extension with others, I can’t even really use it
myself, locally. The decisions by Mozilla talked about here
explain why it was so hard to test on mobile, why I couldn’t find
a way to simply load my extension locally, and why the docs are
confusing.

I want to let Mozilla know that the inablity to meaningfully
create and distribute add-ons has a negative effect on the
community. As would-be contributor, I feel betrayed. I feel
dirty, as though I’d just been robbed. It’s a yucky feeling. The
20 hours I spent developing could have been spent with my
family. I could have worked on my house. I could have learned a
skill that helped others, that benefited a community. Instead,
it looks like I’ve been told that my add-on, and subsequently my
time, is not worthwhile. Not because of some inherent technical
issue. Instead, because…well, I’m not sure why. It has
something to do with Mozilla feeling that add-ons detract from
the browsing experience or are unsafe or… I can’t quite tell
why.

Anyway, I’m not going to start running a nightly build just to
run my add-on. I don’t see that as a viable solution. I really
wanted to make the add-on work for Tor Browser. I can see that’s
not likely to happen.

Maybe I missed something and my understanding is off. Maybe I’m
spoiled by Emacs. I don’t think that making extensions needs to
be this difficult.

Is there a way I can run my little, 20 line add-on locally, on my
personal device, for my own benefit? Or is it really the case
that I’m barred from that?

The only way is the Collection. But this only works for Fennec and Nightly.

btw: yes the situation is frustrating for over 2 years.

You may want to try IceRaven

I don’t understand why sideloading an unsigned XPI should be a problem, as long as it a) works only in Nightly, b) needs to be enabled through about:config xpinstall.signatures.required and done through the developer/debug menu, and c) would show all kinds of warnings.

Wouldn’t it be fine as long as its harder to do than sideloading an APK, which could arguably do even more damage?

Right now, its not possible to e.g. develop a internal extension at work as it might contain proprietary code that simply cannot be uploaded to Mozilla.

Could there at least be something similar to policies.json on Android?

I really feel like Mozilla leadership wanted to promise to address extensions on Android in the future, then ignore it until people stopped asking. Even trying to push all discussion into a single thread here is a symptom of that.

What I don’t understand is why. Why should Android be treated differently from desktop operating systems? I can install any extension I want from any source there.

I’m with you Zak. This change felt unnecessary, and only made Firefox worse on Android. @caitlin was quite vocal in the beginning, and now we’ve been forgotten about. But I won’t forget that this change is the main reason I’ve slowly moved away from Firefox towards other browsers for the past couple of years.

Oh, please give it up – The ship has sailed. When was your last donation to the cause?

My donation to the cause was encouraging less technical friends & family to switch to Firefox. Spreading awareness & increasing the userbase. Who’s to say how many of those people went on to donate? Who’s to say how many other donations they’ve lost out on due to making poor decisions like this.

And how much money does it cost Mozilla to set a flag from “only approved addons” to “any addon the user wants”? How much money do you think I should send in order to stop them removing another beloved feature?

Yeah whatever, most of us don’t care about your fringe issue. If it hasn’t changed in all this time, asking over and over ain’t going to help! Insanity!

Steve,
Chief Scarecrow Repairer

If your use of “us” means you speak for the Firefox community, I’m glad to leave you all behind me. And this is hardly a “fringe issue” - extensions on mobile were the only thing that set Firefox apart.

There are technical problems that are being identified and solved to general availability of addons on Firefox for Android.
Some problems stem from Android limitations. Running addons in the main process can ruin its responsiveness, and I think there was some study that showed people tolerate that much less on smartphones than computers. On the other hand, running them in an extension process that Android may kill at any time can cause addons to malfunction as they aren’t ready for that (and that’s something Manifest v3 is going to help with). In both cases users would blame Firefox, not their addons, because the cause of problems would be unclear.
Some problems are caused by many phones having metered internet connection with reachable caps. Updating the malicious extension stoplist regularly seems to be pretty fine on a desktop, but you likely won’t like Firefox “wasting” your mobile data to ensure your extensions aren’t mining the cryptocurrency-of-the-day on your phone, stealing your passwords or personal data or doing other nefarious things.
A number of APIs and features not used by the current set of mobile extensions may be not available yet even though one could reasonably expect them. For example, the browser.tabs API expects the environment to know the full list of tabs, and that’s not the case on Android. Extensions have no access to bookmarks on Android either. In many cases that’s caused by essential data being kept in the Android app itself instead of the Gecko engine embedded in it.

I do understand that we’ve been living without arbitrary Android extensions for years already and that feels really long, but I’m pretty sure Mozilla is working on making them happen and is going to allow them sooner or later.

Thank you for the information. For those of us who are concerned about this issue, but not involved enough to be up to date on Bugzilla, this sort of update is really helpful. This thread, which seems to be the official communication channel for the issue was giving the impression there was no progress or even willingness to discuss it.

I’m not sure who they are trying to speak for, but I’m on the Firefox Addons team, and I can assure you they’re not speaking for us. As Denis mentioned, we’re working with the Mobile team to bring full support for extensions to android, it’s unfortunately more than a simple “switch” we can change.

I don’t see why those should be the reason to block the entire addon ecosystem on beta/nightly. The collection ritual already allows people to install pretty much arbitrary addons anyway. All this is achieving is to annoy people having to go through all the extra steps to even as much try an addon.

So, looks like the technical hurdles are (mostly) over and Firefox for Android will actually allow all compatible addons. The timeline given in the blog post is “it’s safe to expect a roll-out before the year’s end”.