Este site está com funcionalidades limitadas enquanto realizamos manutenção para melhorar sua experiência de uso. Se nenhum artigo resolver seu problema e você quiser fazer uma pergunta, nossa comunidade de suporte pode te ajudar em @FirefoxSupport no Twitter e /r/firefox no Reddit.

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

Question regarding Mozilla's new add-on policies

  • 1 resposta
  • 1 tem este problema
  • 1 exibição
  • Última resposta de TyDraniu

more options

Dear Sir or Madam,

I am writing to you because of Mozilla's new add-on policies. I am especially focusing on the point: Encryption – standard, in-browser HTTPS – is now always required when communicating with remote services. In the past, this was only required when transporting sensitive information. While I am supporting this new rule, I would like to ask, if there is any chance to be excluded from this policy. I am the developer of Domain Country, an add-on which allows you to retrieve the geographical information (and other data) about a given domain. To retrieve this data, Domain Country uses the API https://ip-api.com/. Unfortunately, this API requires a paid key to be accessible via HTTPS (Example URL: https://ip-api.com/json/mozilla.org). While I am very frustrated about this solution, I still decided to implement it, because I could not find another free API service. To still ensure that users are protected against Man-in-the-middle-attacks, I decided to manually validate the data after it is received (the code for Domain Country is open-source. This is the line, I'm talking about: https://github.com/Myzel394/domaincountry/blob/master/src/apis/fetchDomainInformation.ts#L94). Domain Country will also be continuously updated to ensure the user's safety. As a student with only low income it is also impossible for me to pay for https://ip-api.com/.


I hope you understand my problems and consider excluding Domain Country from the new add-on policy.

Dear Sir or Madam, I am writing to you because of Mozilla's new add-on policies. I am especially focusing on the point: Encryption – standard, in-browser HTTPS – is now always required when communicating with remote services. In the past, this was only required when transporting sensitive information. While I am supporting this new rule, I would like to ask, if there is any chance to be excluded from this policy. I am the developer of Domain Country, an add-on which allows you to retrieve the geographical information (and other data) about a given domain. To retrieve this data, Domain Country uses the API https://ip-api.com/. Unfortunately, this API requires a paid key to be accessible via HTTPS (Example URL: https://ip-api.com/json/mozilla.org). While I am very frustrated about this solution, I still decided to implement it, because I could not find another free API service. To still ensure that users are protected against Man-in-the-middle-attacks, I decided to manually validate the data after it is received (the code for Domain Country is open-source. This is the line, I'm talking about: https://github.com/Myzel394/domaincountry/blob/master/src/apis/fetchDomainInformation.ts#L94). Domain Country will also be continuously updated to ensure the user's safety. As a student with only low income it is also impossible for me to pay for https://ip-api.com/. I hope you understand my problems and consider excluding Domain Country from the new add-on policy.

Todas as respostas (1)

more options

Hi, can you ask about it on https://discourse.mozilla.org/c/add-ons/35 ? Add-on team usually answers there.