search

foxyproxy / browser-extension

Version 8 and above. Browser extension source code for Firefox, Chrome, and other Chromium-based browsers
GNU General Public License v2.0
198 stars 29 forks source link

Cannot enable proxy when using firefox enterprise policies.json on NixOS #138

Open Mag1cByt3s opened 1 week ago

Mag1cByt3s commented 1 week ago

[ENV] Firefox 127.0 FoxyProxy Standard 8.9 NixOS Unstable

[ISSUE] I cannot enable the proxy "BurpSuite" I added via policies.json. The proxy gets added to foxyproxy however once I click on it to activate the proxy, nothing happens, the state of foxyproxy does not change, the icon does not change. Once i click on my proxy, the radio button gets set to the proxy but thats it. Once i click on it again it is back to "Disabled".

Here is my NixOS config for firefox:

{ config, pkgs, lib, ... }:

{
  programs.firefox = {
    enable = true;
    policies = {
      "AppAutoUpdate" = false;
      "BackgroundAppUpdate" = false;
      "DisableFeedbackCommands" = true;
      "DisableFirefoxAccounts" = true;
      "DisableFirefoxStudies" = true;
      "DisablePocket" = true;
      "DisableTelemetry" = true;
      "DisplayBookmarksToolbar" = "always";
      "DisplayMenuBar" = "default-off";
      "DontCheckDefaultBrowser" = true;
      "EnableTrackingProtection" = {
        "Value" = true;
        "Locked" = true;
        "Cryptomining" = true;
        "Fingerprinting" = true;
        "EmailTracking" = true;
      };
      "Extensions" = {
        "Install" = [
          "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/wappalyzer/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/simple-modify-header/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/simple-translate/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/foxyproxy-standard/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/violentmonkey/latest.xpi"
          "https://addons.mozilla.org/firefox/downloads/latest/shodan-addon/latest.xpi"
        ];
      };
      "ExtensionSettings" = {
        "*" = {
          "installation_mode" = "force_installed";
          "allowed_types" = ["extension"];
          "default_area" = "navbar";
        };
      };
      "ExtensionUpdate" = true;
      "FirefoxHome" = {
        "Search" = false;
        "TopSites" = false;
        "SponsoredTopSites" = false;
        "Highlights" = false;
        "Pocket" = false;
        "SponsoredPocket" = false;
        "Snippets" = false;
        "Locked" = true;
      };
      "FirefoxSuggest" = {
        "WebSuggestions" = true;
        "SponsoredSuggestions" = false;
        "ImproveSuggest" = false;
        "Locked" = true;
      };
      "GoToIntranetSiteForSingleWordEntryInAddressBar" = true;
      "HardwareAcceleration" = true;
      "NetworkPrediction" = false;
      "NewTabPage" = false;
      "NoDefaultBookmarks" = true;
      "OfferToSaveLogins" = false;
      "OfferToSaveLoginsDefault" = false;
      "PasswordManagerEnabled" = false;
      "PromptForDownloadLocation" = true;
      "RequestedLocales" = "en-US";
      "SanitizeOnShutdown" = {
        "Cache" = true;
        "Cookies" = true;
        "Downloads" = false;
        "FormData" = true;
        "History" = false;
        "Sessions" = true;
        "SiteSettings" = false;
        "OfflineApps" = true;
        "Locked" = true;
      };
      "SearchSuggestEnabled" = true;
      "ShowHomeButton" = false;
      "SSLVersionMin" = "tls1";
      "UserMessaging" = {
        "WhatsNew" = false;
        "ExtensionRecommendations" = false;
        "FeatureRecommendations" = false;
        "UrlbarInterventions" = false;
        "SkipOnboarding" = true;
        "MoreFromMozilla" = false;
        "Locked" = true;
      };
      "UseSystemPrintDialog" = true;
      "Certificates" = {
        "Install" = ["/etc/ssl/certs/BurpSuiteCA.der"];
      };
      "3rdparty" = {
        "Extensions" = {
          "foxyproxy@eric.h.jung" = {
            "mode" = "enable";
            "sync" = false;
            "autoBackup" = false;
            "showPatternProxy" = false;
            "passthrough" = "";
            "container" = {
              "incognito" = "";
              "container-1" = "";
              "container-2" = "";
              "container-3" = "";
              "container-4" = "";
            };
            "commands" = {
              "setProxy" = "";
              "setTabProxy" = "";
              "quickAdd" = "";
            };
            "data" = [
              {
                "active" = true;
                "title" = "BurpSuite";
                "type" = "http";
                "hostname" = "localhost";
                "port" = "8080";
                "username" = "";
                "password" = "";
                "cc" = "";
                "city" = "";
                "color" = "#e66100";
                "pac" = "";
                "pacString" = "";
                "proxyDNS" = true;
                "include" = [];
                "exclude" = [];
              }
            ];
            "managed" = false;
          };
        };
      };
    };
  };
}
erosman commented 1 week ago

I cannot enable the proxy "BurpSuite" I added via policies.json

When an enterprise policy is in effect, users wont be able to change anything. The purpose of an enterprise policy is for the admin (not users) to control the options.

Mag1cByt3s commented 1 week ago

But actually using the foxyproxy addon by changing between proxies or disabling the proxies is not really a 'change', is it?

If the user cannot use the addon anymore by turning on or off the proxy it kind of defeats the whole purpose.

erosman commented 1 week ago

But actually using the foxyproxy addon by changing between proxies or disabling the proxies is not really a 'change', is it?

That would conflict with https://github.com/foxyproxy/browser-extension/issues/42#issuecomment-1830407101

"mode" = "enable";

There is no such mode. As per Help:

"mode": "disable", // mandatory: current option, necessary to enable

Mag1cByt3s commented 1 week ago

So there is no way to simply add the proxy and let the user decide when to enable it and when not?

erosman commented 1 week ago

Enterprise policy is not designed for that purpose. However, if there is a popular demand, a recommended settings feature can be worked on.

See also: #132