Elevated Browser Permissions¶
support.mozilla.org has certain elevated permissions in Firefox, shown in the Firefox source code, allowing it to control various aspects of Firefox’s UI and retrieve debugging information.
Testing this on our other deployments or locally requires extra configuration and setup.
There’s a couple of ways to add permissions, one which happens instantly but doesn’t survive browser restarts, and the other which requires a restart to enable but also persists across restarts:
This method requires us to execute an expression in the Browser Console, so we need to enable the Browser Console command line.
Once that’s enabled,
follow the instructions on how to open the Browser Console,
then run the following command,
<permission> where relevant based on the instructions in the following sections:
Services.perms.addFromPrincipal( Services.scriptSecurityManager.createContentPrincipalFromOrigin("<origin>"), "<permission>", Services.perms.ALLOW_ACTION );
Reload the tab containing the page which is attempting to use these elevated permissions and it should have them.
Permissions granted with the above method are cleared once the browser restarts. To enable them permanently then a slightly different approach must be taken.
First copy the contents of
resource://app/defaults/permissions to a local file.
about:config change the
permissions.manager.defaultsUrl preference to the path of the file you just created,
Now add a line enabling the relevant
<permission> for the relevant
origin <permission> 1 <origin>
Finally restart Firefox to pick up these changes. Any time you want to change the permissions an origin has you’ll also need to restart Firefox.
Firefox only grants permissions to
so we need to serve our local instance over
The easiest way to do this is to set up a reverse proxy,
with a tool like
npm install -g local-ssl-proxy
Then run the proxy:
local-ssl-proxy -n 127.0.0.1 --source 8001 --target 8000
And access Kitsune at
which will also be your
Remote Troubleshooting (about:support) API¶
The remote troubleshooting API allows support.mozilla.org to access the contents of the
An additional permission needs to be granted to any origin you want to test this API on.
about:config and append the relevant
<origin> to the
Then grant the permission as above,
The UITour API allows support.mozilla.org to control various aspects of the Firefox UI.
It can be enabled by granting the permission as above,
However a far simpler way to enable it is to set a couple of custom preferences in
about:config as explained in the Bedrock docs.