"We don't allow add-ons to use remote scripts"

Hello,
I’ve been developing an extension for Firefox and it has been rejected as it uses a remote script. The problem with this is that the type of extension I’m using requires this. It needs to be constantly tweaked and Firefox is the only browser that has an issue with this. Just as a side-note, all of my code is hosted on GitHub.

To further complicate things, the extension mine is based off of, and its nearest competitor both use remote scripts in the same fashion that mine does.

Can I get more information on this?
Thanks.

https://wiki.mozilla.org/AMO/Reviewers/Guide/Reviewing is their guide. If you link to your codebase someone may be able to help you with this issue.

1 Like

Replying to the review message you got is the best way to discuss a review with us.

Then you need to upload updates regularly - normally these will be reviewed very quickly.

That doesn’t surprise me at all - other browser vendors pretty much don’t care, they are fine with disabling malicious extensions retroactively. No, an extension that isn’t doing anything beyond injecting a remote script has no chance on AMO.

1 Like

Yet my 'competitors` both do the exact same thing. I like Firefox but the extension system is really turning me off - I’ll stay tuned for the Chrome-based replacement later this year.

Mind telling which extensions that are? Maybe reviewers missed something there - or maybe it’s not really the same thing.

@muthusmkmtp: Yes, it might delay the process a little but generally not too much (as long as you use the official jQuery version, without any modifications). It’s not a very large library but a reviewer will have to verify manually that you are using an unmodified version of it and that using it doesn’t introduce any security issues. The latter is a non-trivial task with many jQuery libraries, unfortunately also the case here as well. This tooltip library will parse HTML content in the title attribute which can easily turn into security issue.