Firefox 3 takes a couple of steps to make extensions a little more secure. In general, extensions run with full privileges, so this is important. The extension update mechanism now requires either SSL or digital signatures for both the update.rdf file and the xpi file.
If you want to bypass these restriction, open the URL "about:config" and create a preference called extensions.checkUpdateSecurity whose value is set to false. This can be useful in testing, but is discouraged in practice.
Resources
Posts
R Bloggers
For my extension's javascript code, when I try to load Robot.createScreenCapture, I get a security exception.
ReplyDeleteDo you know how I can set up my policy rules to avoid this?