I have an unlisted webextension that I am distributing from a non HTTPS site. When the webextension is downloaded from my site (with the correct MIME type) it does not invoke the Firefox xpi installer but goes into the download folder - the webextension can then be installed by dragging it from the folder to the FIrefox window. It then installs and and works correctly. If i download directly from the AMO site then it goes straight into the install sequence. B.t.w. The version I have put on my site is the signed xpi file generated by the web-ext utility.
So my question (which is pretty basic but I don’t see an answer in the documentation) - to avoid the klugey install sequence on the download from my site - have I missed something in the packaging (I don’t have an install.rdf file); is the version on the AMO providing something I don’t have in my version generated by web-ext (I can’t seem to download the file on the AMO without installing); is this a security feature because the source of the xpi downloaded is non https or do I have something else going on?