This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Plugin Whitelisting

  • 1 reply
  • 1 has this problem
  • 1 view
  • Last reply by guigs

more options

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route:

I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

Some enterprises only want allow the use of plugins and extensions that are on an allow list. This ensures that the administrator knows what plugins are in use so that they can be patched, and allows an amount of functional testing before full deployment. They don't want to be in a state where users install useful-sounding plugins that, for example, sends sensitive data out to the cloud or to a malicious third party. Unfortunately I'm struggling to implement a configuration to deny all plugins and extensions apart from a specified list (which a user can then choose to manually disable or enable). Are the three options below viable or is there some other route: I can prevent the installation of plugins with this configuration: lockPref("xpinstall.enabled", 0); I can get plugins to default to disabled whenever the browser starts: lockPref("plugin.default.state", 0); lockPref("plugin.defaultXpi.state", 0); I can enable and disable individual plugins: // Enable Flash as it's in a sandbox lockPref("plugin.state.flash", 2); // Disable Java unless required lockPref("plugin.state.java", 0); lockPref("plugin.state.npdeployjava1", 0);

All Replies (1)

more options

Please also see: http://kb.mozillazine.org/Locking_preferences Make sure it is not obsolete: https://developer.mozilla.org/en-US/d.../Locked_config_settings

What trouble are you running into specifically here?