Fungování této stránky je z důvodu údržby dočasně omezeno. Pokud žádný článek nápovědy nevyřeší váš problém a potřebujete se zeptat na další řešení, napište nám na Twitter @FirefoxSupport nebo Reddit /r/firefox.

Prohledat stránky podpory

Vyhněte se podvodům. Za účelem poskytnutí podpory vás nikdy nežádáme, abyste zavolali nebo poslali SMS na nějaké telefonní číslo nebo abyste sdělili své osobní údaje. Jakékoliv podezřelé chování nám prosím nahlaste pomocí odkazu „Nahlásit zneužití“.

Zjistit více

Question regarding Mozilla's new add-on policies

  • 1 odpověď
  • 1 má tento problém
  • 1 zobrazení
  • Poslední odpověď od TyDraniu

more options

Dear Sir or Madam,

I am writing to you because of Mozilla's new add-on policies. I am especially focusing on the point: Encryption – standard, in-browser HTTPS – is now always required when communicating with remote services. In the past, this was only required when transporting sensitive information. While I am supporting this new rule, I would like to ask, if there is any chance to be excluded from this policy. I am the developer of Domain Country, an add-on which allows you to retrieve the geographical information (and other data) about a given domain. To retrieve this data, Domain Country uses the API https://ip-api.com/. Unfortunately, this API requires a paid key to be accessible via HTTPS (Example URL: https://ip-api.com/json/mozilla.org). While I am very frustrated about this solution, I still decided to implement it, because I could not find another free API service. To still ensure that users are protected against Man-in-the-middle-attacks, I decided to manually validate the data after it is received (the code for Domain Country is open-source. This is the line, I'm talking about: https://github.com/Myzel394/domaincountry/blob/master/src/apis/fetchDomainInformation.ts#L94). Domain Country will also be continuously updated to ensure the user's safety. As a student with only low income it is also impossible for me to pay for https://ip-api.com/.


I hope you understand my problems and consider excluding Domain Country from the new add-on policy.

Dear Sir or Madam, I am writing to you because of Mozilla's new add-on policies. I am especially focusing on the point: Encryption – standard, in-browser HTTPS – is now always required when communicating with remote services. In the past, this was only required when transporting sensitive information. While I am supporting this new rule, I would like to ask, if there is any chance to be excluded from this policy. I am the developer of Domain Country, an add-on which allows you to retrieve the geographical information (and other data) about a given domain. To retrieve this data, Domain Country uses the API https://ip-api.com/. Unfortunately, this API requires a paid key to be accessible via HTTPS (Example URL: https://ip-api.com/json/mozilla.org). While I am very frustrated about this solution, I still decided to implement it, because I could not find another free API service. To still ensure that users are protected against Man-in-the-middle-attacks, I decided to manually validate the data after it is received (the code for Domain Country is open-source. This is the line, I'm talking about: https://github.com/Myzel394/domaincountry/blob/master/src/apis/fetchDomainInformation.ts#L94). Domain Country will also be continuously updated to ensure the user's safety. As a student with only low income it is also impossible for me to pay for https://ip-api.com/. I hope you understand my problems and consider excluding Domain Country from the new add-on policy.

Všechny odpovědi (1)

more options

Hi, can you ask about it on https://discourse.mozilla.org/c/add-ons/35 ? Add-on team usually answers there.