Bug 1384330 - Part 1: Blocking the mozAddonManager when pref 'privacy.resistFingerprinting.block_mozAddonManager' is true. r?mossop,arthuredelstein
This patch adds a hidden pref 'privacy.resistFingerprinting.block_mozAddonManager',
which is false by default. When this is true, the navigator.mozAddonManager will
be blocked even the website is AMO.
The purpose of this pref is for Tor browser can disable navigator.mozAddonManager
through this.
MozReview-Commit-ID: Lf37gHXETCz
--- a/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
+++ b/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
@@ -15,16 +15,22 @@
#include "nsIDocShell.h"
#include "nsIScriptObjectPrincipal.h"
namespace mozilla {
using namespace mozilla::dom;
static bool
IsValidHost(const nsACString& host) {
+ // This hidden pref allows users to disable mozAddonManager entirely if they want
+ // for fingerprinting resistance. Someone like Tor browser will use this pref.
+ if (Preferences::GetBool("privacy.resistFingerprinting.block_mozAddonManager")) {
+ return false;
+ }
+
// This is ugly, but Preferences.h doesn't have support
// for default prefs or locked prefs
nsCOMPtr<nsIPrefService> prefService (do_GetService(NS_PREFSERVICE_CONTRACTID));
nsCOMPtr<nsIPrefBranch> prefs;
if (prefService) {
prefService->GetDefaultBranch(nullptr, getter_AddRefs(prefs));
bool isEnabled;
if (NS_SUCCEEDED(prefs->GetBoolPref("xpinstall.enabled", &isEnabled)) && !isEnabled) {