Firefox 17 to make add-ons more secure
As suggested by some of its developers back in 2010, the Firefox browser will introduce enhanced separation between add-ons and the rest of the browser. With the change, which is planned to take effect with the release of Firefox 17, scripts on web pages will only be able to access the data belonging to add-ons if they are included in a whitelist.
The beta version of Firefox 15 already logs warning messages in the browser's Error Console when a page that is not on the whitelist tries to access data from add-ons. This behaviour has been included to make add-on developers aware of the new policy and to give them time to fix their add-on's behaviour before the release of Firefox 17.
In the current versions of Firefox, entire add-on objects can be shared by adding them to
contentWindow.wrappedJSObject which allows scripts on web sites to access all data belonging to these objects through the
window.sharedObject variable. With Firefox 17, add-on developers are required to explicitly mark attributes with the
__exposedProps__ property which acts as a whitelist for objects that Firefox will share. Possible values for this property allow read-only access, write-only access and read and write access.
Web site code will not have to be modified. The change also does not affect add-ons that are passing numbers, booleans or strings from the add-on to the web page; only actual add-on objects are affected.
Mozilla recommends that add-on developers thoroughly test their code in the Firefox 15 beta, keeping an eye out for errors in the Error Console. Afterwards, they should test with a nightly release version of Firefox 17 and see whether their add-ons break. Add-ons developed with Firefox's Add-on SDK should be automatically compatible after updating to the latest release of the SDK, but Mozilla recommends that developers test them after updating nonetheless.