[Blog post] Add-on Policies Update: Newtab and Search

(Cross-posted from the Add-ons Blog.)

As part of our ongoing work to make add-ons safer for Firefox users, we are updating our Add-on Policies to add clarification and guidance for developers regarding data collection. The following is a summary of the changes, which will go into effect on December 2, 2019 .

  • Search functionality provided or loaded by the add-on must not collect search terms or intercept searches that are going to a third-party search provider.
  • If the collection of visited URLs or user search terms is required for the add-on to work, the user must provide affirmative consent (i.e., explicit opt-in from the user) at first-run, since that information can contain personal information. For more information on how to create a data collection consent dialog, refer to our best practices.
  • Add-ons must not load or redirect to a remote new tab page. The new tab page must be contained within the add-on.

You can preview the policies and ensure your extensions abide by them to avoid any disruption. If you have questions about these updated policies or would like to provide feedback, please post them here.

It sounds not related to add-on to opening an remote page when installation or update it. I hope that such action is limited, because it is suddenly opening a strange site, which could have security, privacy and policy risks. Even though I know it’s a convenient thing for add-on authors to statistics and publish something.

But add-ons are still allowed to load a “remote new tab page” with explicit user consent, right? Otherwise add-ons like New Tab Override would no longer be possible (user wants google.com as new tab page, for example). Please clarify this paragraph. Thank you.

Add-ons must not load or redirect to a remote new tab page. The new tab page must be contained within the add-on.

Does this apply also to the installation and uninstallation page?

Add-ons must not load or redirect to a remote new tab page. The new tab page must be contained within the add-on.

Based on - https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/chrome_url_overrides and my understanding from the documentation it is okay to specify path to extension’s root folder, like “path/to/newtab.html” but developers can’t specify a remote URL.
Can you please clarify if any of following approach has any concerns.

  1. Call newtab.js (part of the extension package) from newtab.html and redirect to remote URL?
  2. Add an Iframe on newtab.html to open remote URL

Keeping in mind that not all the content can be made local to the addon, for example if I want to set https://www.bing.com/ as my New Tab I can’t do it any more if above is not allowed.

We will keep monitoring the landscape with post-install pages. If you find add-ons with post-install pages that put the user’s security, privacy or safety at risk, please report them to amo-admins AT mozilla DOT com.

Add-ons are allowed to allow the user explicitly setting a new tab page of a user’s choice. As such, your add-on in its current does not violate this upcoming policy, as the add-on itself does not load a remote page.

If you refer to post-install and post-uninstall pages, add-ons are allowed to open those. However, those pages should be relevant to the install/uninstall action and also show relevant information only. If we find those pages put the users security, privacy or safety at risk, for example by adding tracking functionality, we might take action against such add-ons.

  1. Redirecting to remote pages will no longer be allowed.
  2. Including remote content will be closely monitored. If we find that remote content compromises the user’s security, safety or privacy, we might take action against add-ons doing so or disallow remote content altogether.
1 Like

[Andreas Wagner] Can you please clarify if this update in Policy for New Tab applies to existing addons or only to new submissions and distribution?
My main concern is that if Mozilla will block existing add-ons that load or redirect to remote Newtab? Do we need to push update to addon users with new version of our extension?

The policies apply to all add-ons.
Note that Firefox today already prevents setting a remote page as the new tab page. Some developers used different methods to circumvent it, but that limitation has been in place for a reason.

Hi Andreas Wagner,
Can we have our Home Page/New Tag page as Local Page within the extension with a Iframe of a Remote page and when a user searches from the remote page we load the Search page of a 3rd party vendor ?

Note - We dont store any search terms from the Remote page and just load the 3rd party search result page

I would like to give an update on the questions regarding iframes with remote sources. We will generally not allow iframes with remote sources on new-tab override pages. There might be exceptions for that on a case-by-case basis which need to be pre-approved by admins. However, we will keep the number of exceptions very small and at our discretion. Expect that in most cases, we will deny such requests.