Mozilla has unveiled a new feature called Quarantined Domains, which enables the blocking of certain add-ons from running on specific websites. The move aims to address security concerns associated with the potential exploitation of the add-on ecosystem by malicious actors.
While users will have increased control over add-on settings in future versions of Firefox, security researcher Jeff Johnson has criticized the user interface design, noting that warning alerts no longer appear in the Extensions popup when an add-on is pinned to the toolbar.
In its Release Notes for Firefox 115.0, Mozilla explained that the Quarantined Domains feature is designed to prevent attacks by malicious actors targeting specific domains.
By selectively allowing only monitored extensions to run on certain websites, the company aims to mitigate potential risks posed by undiscovered malicious add-ons. Users can disable the feature by adjusting the “extensions.quarantinedDomains.enabled” setting in the “about:config” page.
While the introduction of Quarantined Domains complements Mozilla’s existing capability to remotely disable risky extensions, there have been concerns regarding the user experience. With the current implementation, warning alerts do not appear in the Extensions popup when an add-on is pinned to the toolbar.
This has raised criticism from security researcher Jeff Johnson, who described the user interface design as flawed and highlighted the need for improvements.
Additionally, Mozilla has expressed opposition to a proposed website blocking initiative in France. The company believes that such measures could undermine content moderation norms and provide a playbook for authoritarian governments, potentially compromising the effectiveness of censorship circumvention tools.
Mozilla aims to continue enhancing user security and plans to refine the Quarantined Domains feature in future releases, although no specific timeline has been provided.