I’ve long ago resigned myself to the AVAST WebRep not working with Firefox but I’d set the Firefox about:config > xpinstall.signatures.required to false and I assumed the AVAST Online Security would still be working even though I removed the non-working WebRep icon from the Firefox toolbar.
Today when I started Firefox both before and after the update (48.0.2) I had a new warning message that certain unsigned addons had now been disabled. When I checked it was AVAST OS.
I checked that the xpinstall.signatures.required config setting hadn’t been changed from ‘false’. It hadn’t.
Have Mozilla now stopped allowing unsigned Addons even though that setting is supposed to bypass the requirement, at your own risk of course? Or is this something that AVAST is doing to provoke what appears to be an override of this setting?
Firefox has been warning for absolutely ages that it will require signed extensions (no exemptions, even that hack) and as far as I’m aware the avast add-on is signed.
What we don’t see in your post is the version of avast that you are using ?
Calling the extension WebRep is incorrect or you are using an ancient avast version.
I am using an old AVAST version but the well known signed extension requirement which I think I may have posted about here months ago could be bypassed by using that config setting. Up until today the Firefox Addons page has simply shown such items as unsigned with a warning, that’s all.
It shouldn’t matter the age of the addon and almost certainly doesn’t. It is, probably, Mozilla removing yet more user control from Firefox. They are going to kill it if they’re not careful.
I just wanted to check it wasn’t an AVAST problem first before asking them about this.
It appears then that mandatory signing wasn’t immediately enforced with the introduction of Firefox v48, at least no warning messages were forthcoming when I first updated to v48 a number of weeks ago. But now mandatory signing is in affect and that bypasses the user settings whether we, the users, like it or not.
Of course it will make a difference as that old avast version will have an equally old version of the avast add-on, which is unlikely to be unsigned.
We have known for some considerable time Mozilla were going to enforce add-on signing, it just took longer than they originally forecast, that was a bonus.
Now it is here, start searching as there is yet another hack for firefox 48.0.2 to try to get round it.
Just another area of the avastUI that needs to be updated as firefox 48.0.2 reports the avast add-on as Avast On-line Security. This could also do with being updated, given that avast calls it the Security Browser Extension in the Avast Components section.
Found the method for disabling the Mozilla override too so thanks for bringing that to my attention. Not an easy fix or as simple as the guy who posted about it says but still do-able for those who might want to use it.
