> Hi Georg,
> I typed one sentence describing the problem.
> Next I click “My issue is not listed” I went through step 2, now I am in step 3 and I have to fill in the table below and submit bug, yes?
> -----Original Message-----
> From: dev-tech-plugins [mailto:dev-tech-plugins-bounces+marcin.pijanowski=[hidden email]] On Behalf Of Georg Fritzsche
> Sent: Wednesday, March 05, 2014 12:39 PM
> To: Marcin Pijanowski
> Cc: [hidden email] > Subject: Re: plugin whitelist
> Hi Marcin,
> on the wiki page on the policy , you need to follow the link to the bug template from point 2.
> This will give you a bug form with some information required to fill in in the “Description” field.
> Is anything specifically unclear there?
>  https://wiki.mozilla.org/Plugins/Firefox_Whitelist >
> On 05 Mar 2014, at 12:17, Marcin Pijanowski <[hidden email]> wrote:
> > I want to add plugin to whitelist. Can you write to me how to add
> > plugins to whitelist. What should I do? Can you describe all the necessary steps?
> dev-tech-plugins mailing list
> [hidden email] > https://lists.mozilla.org/listinfo/dev-tech-plugins
On 3/5/2014 6:17 AM, Marcin Pijanowski wrote:
> I want to add plugin to whitelist. Can you write to me how to add plugins to
> whitelist. What should I do? Can you describe all the necessary steps?
I think you need to be a little more specific. Note that the recently
announced whitelist is something that plugin vendors apply for. If you
are the creator of the plugin you want whitelisted, please follow the
instructions and link at
https://wiki.mozilla.org/Plugins/Firefox_Whitelist to apply.
If you are just a user who wants to enable a plugin, you should be able
to do that within Firefox by visiting the site, clicking the plugin, and
choosing "always for this site". Or you could choose to enable that
plugin for all sites by changing the setting in the addon manager.
> On Friday Chad posted and blogged about our proposed plugin whitelisting
> https://wiki.mozilla.org/Plugins/Firefox_Whitelist > https://blog.mozilla.org/security/2014/02/28/update-on-plugin-activation/ >
> The primary goal of this policy is to give plugin vendors who are
> working on moving towards HTML5 solution some additional time to make
> the transition, as well as providing feedback from plugin vendors to our
> web API teams about features missing from the web platform. We will
> continue to preserve user security by keeping engineering and QA
> contacts for each plugin vendor.
> Please ask questions/provide feedback by replying to
Can users whitelist plugins that are identified in the user's Helper
Applications list? Will this be automated?
Can I whitelist plugins globally instead of for specified URIs? I have
some plugins that are used by a large number of Web sites. It appears
that the AVG SiteSafety plugin (npsitesafety.dll) operates on ALL Web
My concern is about non-Mozilla developers who do not want to bother
with applying for whitelisting but whose products are quite useful.
On 3/6/14 6:14 PM, David E. Ross wrote:
> Can users whitelist plugins that are identified in the user's Helper
> Applications list?
If they are actually plugins and show up in the addon manager, yes.
> Will this be automated?
I'm not sure exactly what this means, but I'm guessing the answer is
"no, probably not".
> Can I whitelist plugins globally instead of for specified URIs?
Yes, unless the plugin is "known insecure" in the blocklist. The user
can go into the addon manager and switch any plugin from "Ask to
Activate" to "Always Activate".
> I have
> some plugins that are used by a large number of Web sites. It appears
> that the AVG SiteSafety plugin (npsitesafety.dll) operates on ALL Web
That is surprising and probably indicates that AVG is injecting content
into the page, which I would say is a compatibility and security hazard.
In any case the above answer still applies.
On 3/6/2014 3:29 PM, Benjamin Smedberg wrote [in part]:
> On 3/6/14 6:14 PM, I previously wrote [also in part]:
>> It appears
>> that the AVG SiteSafety plugin (npsitesafety.dll) operates on ALL Web
> That is surprising and probably indicates that AVG is injecting content
> into the page, which I would say is a compatibility and security hazard.
> In any case the above answer still applies.
Actually, the AVG SiteSafety plugin is supposed to alert me when I
attempt to view a hazardous Web site. AVG calls this "Link Protection",
which involves scans of Web, Twitter, & Facebook links.