downgrading the warning color stopped working some time ago. for
completeness, as of nightly99 xpinstall.signatures.required is only
checked in these places, none of which affect us:
- nsContentSecurityUtils.cpp::DetectJsHacks()
only for telemetry and relaxing some security measures we don't need
- BrowserGlue.jsm::_onWindowsRestored()
gates call to _notifyUnsignedAddonsDisabled(), which isn't triggered
by our stuff (signedState != SIGNEDSTATE_MISSING)
- AddonSettings.jsm::REQUIRE_SIGNING
overridden by our config.js script, so doesn't matter
- XPIProvider.jsm::observe()
calls XPIDatabase.updateAddonAppDisabledStates(), which calls
this.updateAddonDisabledState(addon), which depends on
this.isUsableAddon(aAddon), which returns true as long as we override
this.isDisabledLegacy(aAddon)
girst [Thu, 1 Oct 2020 20:59:50 +0000 (22:59 +0200)]
automatically disable signature requirement
Having signatures enforced causes a big red error message to appear
below unsigned extensions, telling the user the extension has been
disabled. This is not true, though; the extensions are still enabled.
Setting xpinstall.signatures.required;false downgrades this error to a
(yellow) warning.
don't prevent unsigned addon warning to not break some addons
This broke installing some, but not all, addons. The reason is that some
addons derive their addon-id from a certificate's CommonName in
XPIInstall.jsm::loadManifest(aPackage, aLocation, aOldAddon)
bring the patch closer to the then-upstream comm-central. might have the
negative side-effect of being detectable by websites according to:
https://developer.mozilla.org/en-US/docs/Mozilla/Chrome_Registration
this hopefully makes the monkey patch update persistent.
Note: instead of using FileUtils, this would be another method:
const {Services} = Cu.import('resource://gre/modules/Services.jsm');
let manifest = Services.dirsvc.get('GreD', Ci.nsIFile);
manifest.append('legacy.manifest');