I have an extension that I have submitted to AMO for signing. I want to include it in my Windows installer so that my users automatically get it. I have read the Installing Extensions page, but it seems like there are a few missing or misleading details there that I am looking for clarification on. Specifically, for the extension id: my understanding is that this will be a string like "firefox-hotfix@mozilla.org", but there’s an example a little further down the page where the sample extension id is a guid ({dba45d40-f69e-11dc-95ff-0800200c9a66}).
Second, it’s not made clear if there is a particular name that should be used for the xpi file. I think I’ve seen it recommended that it match the extension id (some something like firefox-hotfix@mozilla.org.xpi), but that doesn’t seem to work for me. I’ve also tried the default name assigned by AMO.
Finally, I’m expecting that once I get everything right with the name/path of the xpi file, it will just load up the next time I start Firefox. Is that correct?
Addon ID can be a email address or something resembling an email address or a string like the ones generated by JPM ({…})
The only thing is that it has to be unique.
You can for example use addonName@yoursite.com
If you want to pack your addon with your installer, addon has to be signed as unlisted.
Once it has been approved, you can then download the approved version and pack it UNCHANGED with anything you want. Please note that any change will make the signing invalid and it wont be installed by Firefox.
I quote MDN:
The ID of the extension, which must be one of the following:
- GUID (Firefox 1.0)
- A string formatted like so: extensionname@example.org
The latter format is significantly easier to generate and manipulate. Firefox 1.5 has checking to ensure that your id falls into one format or the other and will refuse to install addons that have malformed ids. You should not use a real email address for your id, however, as it might attract spam.
GUIDs are the hexadecimal unreadable ones.
Ok, thanks for the pointers. You’re right that I missed the part where guid-style ids are an option. That’s gotten me a little bit further, but I’m running into new questions. This says that I can install the xpi as extension-id.xpi “as long as the extension does not require extraction to work correctly” and “all WebExtensions based add-ons do not require being unpacked”. I believe I am in this situation, though Firefox ignores my xpi in this configuration. If I extract the files from the xpi and place them in the directory, I at least get Firefox to acknowledge my extension’s existence with an error message that “[my extension] could not be verified […]”.
It has been signed, and I have the .mf, .rsa and .sf files in the META-INF folder. Using Process Monitor, I can tell that Firefox doesn’t read the signature files. Any ideas what’s going wrong here?
If you’re installing an extension from an application installer, then you need to unpack it like you described. If even then Firefox refuses to accept the add-on, it’s possible that the unpacking is changing something in the contents of the directory, making the signature validation fail.
Using Process Monitor, I can see that Firefox reads my manifest.json file, but it doesn’t open any of the signature files in the META-INF directory. So I know it’s not doing enough work to determine if my extension is signed or not, but I can’t tell why it’s acting like that.
Has anyone successfully deployed an extension like this?
Also, I’m willing to list my extension on AMO if it makes the distribution story any easier. I haven’t found any articles that talk about how you can get Firefox to automatically (prompt to) download an extension from AMO, like you can with Chrome. Is this a supported feature?
If there’s an error when processing the add-on package, it should appear in the Browser Console. Try looking for errors there.
As for automatically installing an extension, you could launch Firefox pointing to the installation URL. That might work. You might also be interested in our Enterprise group, where various forms of add-on deployment are discussed.
There is nothing in the browser console.
Should I be able to self-host my extension? This Stack Overflow answer implies that it should work, but when I try it I get a popup that says “Firefox prevented this site from asking you to install software on your computer”. What’s interesting to me is that when I run that test locally, I can see that Firefox does download the xpi (based on server logs). So the block is not unconditional. Under what conditions will it install an unlisted extension this way? Is it possible that there’s some setting that keeps this from working on my installation?
The XPI is hosted on a separate domain than the page with the link. Firefox doesn’t allow that for security reasons.