Mozilla’s Firefox claims to be a secure and easy-to-use web browser packed with many advanced security features and performance benefits. The kind of reputation the browser bears makes it essential for it to plug any loopholes if present. In this regard, the developers of Firefox have made it mandatory for all the extensions to be signed in order to be installed and put into use.
Firefox browser will prevent you from installing unsigned add-ons & disable any unsigned add-ons that are already installed. Mozilla verifies and “signs” add-ons that follow a set of security guidelines. This is called Add-on signing. If an unsigned add-on is disabled, you won’t be able to use it and the Add-ons manager will show a message – The add-on could not be verified for use in Firefox and has been disabled. You can override the add-on signing setting to enforce the add-on signing requirement by changing the preference xpinstall.signatures.required to false in the Firefox Configuration Editor (about:config page).
Firefox won’t allow Unsigned Extensions to be Installed
Signing, however, should be done through addons.mozilla.org (AMO) and the process will be applicable for all extensions, irrespective of where they are hosted. So, beginning with Firefox 44 all future releases and versions of Firefox will not allow unsigned extensions to be installed, with no override. Themes, language packs, dictionaries, and plugins will be exempted from signing.
The preference xpinstall.signatures.required, which, allowed unsigned extensions to be installed in previous versions of Firefox such as Firefox 43 won’t be available for use. That said, keeping in mind the interest of Add-ons developers, Firefox will allow the developers to load add-ons temporarily in the browser.
NOTE: This feature has been offered only for testing purposes to developers, and it is not recommended that general users allow unsigned extensions, from a security point of view.
Make Firefox install Unsigned Extensions
Simply visit Firefox’s new about:debugging page.
There, look for the ‘Load Temporary add-on‘ option and select the XPI file for the add-on.
When done, the action will load the add-on and work in that browser session, but when you restart the browser, the add-on will fail to load, to make it work again, you’ll have to re-load it by navigating to the Add-ons manager again.
It’s particularly important to mention here that the Developer Edition and Nightly versions of Firefox will have a setting to disable signature enforcement.
In addition to it, there will be special unbranded versions of Release and Beta that will have this setting, so that add-on developers can work on their add-ons without having to sign every build. For disabling signature checks, a developer will need to set the xpinstall.signatures.required preference to “false”.
Type about:config into the URL bar in Firefox
In the Search box type xpinstall.signatures.required
Double-click the preference, or right-click and selected “Toggle”, to set it to False.
Lets us know if this works for you.
UPDATE: You can also use pcxFirefox browser. This open-source fork removes the plugin restriction in the x64 edition and restores distribution/bundles support. Thanks David Ramo.
Is it safe to install the unverified extension?
It is not safe to install an extension that Firefox has not verified. However, there are some exceptions. If you are a developer testing an extension, or you have got it from a trusted source, or when it’s a paid extension that has not been uploaded to the store. Nevertheless, ensure that it is safe to use.