Open XanderStrike opened 2 years ago
m1k1o
commented
2 years ago No, it's here. For security, if the browser would be compromised, installing any extension could potentially allow anyone to access filesystem or steal all cookies, inject malware to any page...
XanderStrike
commented
2 years ago True, but that's not much of a risk for my use case since my instance of Neko is only accessible to me through a VPN. I expect lots of folks are running it password protected behind a reverse proxy with TLS too. Perhaps it shouldn't be on by default, but it'd be nice to have the option.
As an alternative maybe additional blocks like these could be passed in as configuration to allow the operator to hardcode which extensions should be installed, that would satisfy my needs.
m1k1o
commented
2 years ago That would be a nice usecase, I agree. But that means, we would need some script that runs before browser, creates that environment (modifies that file according to e.g. env variables) and starts browser. It can be done, but another way is just to mount that file to the container and modify according to your needs. That's how it is often done.
See section Want to customize and install own add-ons, set custom bookmarks?
https://neko.m1k1o.net/#/getting-started/?id=want-to-customize-and-install-own-add-ons-set-custom-bookmarks
UPDATE: Just noticed that container path is outdated, it should be /usr/lib/firefox/distribution/policies.json for firefox. I'll change that.
When attempting to install extensions the following occurs:
Looks like this is probably a result of the following lines.There may be a good reason for disabling it but the commit message doesn't have any hints.I may remove those lines and test it out to see what happens. I expect plugins will be wiped on container restart which is fine for my purposes, but there might be another feature request for storing the firefox user profile in a volume to make them persist.