Support for Firefox add-ons

Tell us what features would make LastPass even better and vote for features that are most important to you

Moderators: admin, anatoly_LP, chantieLP, robyn, JoeSiegrist

Support for Firefox add-ons

Postby barisko » Tue Jan 06, 2009 11:43 am

Hi,

It would be great if Lastpass could add support for popular Firefox addons that use passwords! This way add-ons can automatically login.

For example: Gmail Notifier (https://addons.mozilla.org/en-US/firefox/addon/173) which automatically checks for new emails.
This add-on saves it's password in Firefox as 'chrome://gm-notifier/', but it is not possible to use Lastpass for this add-on.

Or Foxmarks (https://addons.mozilla.org/en-US/firefox/addon/2410), which is used for synchronizing bookmarks between multiple browsers.
This add-on saves it's password in Firefox as 'sync.foxmarks.com', but is not possible to use Lastpass for this add-on.

thanx,
Barisko
barisko
 
Posts: 6
Joined: Tue Jan 06, 2009 11:18 am

Re: Support for Firefox add-ons

Postby JoeSiegrist » Tue Jan 06, 2009 12:32 pm

barisko Wrote:Hi,

It would be great if Lastpass could add support for popular Firefox addons that use passwords! This way add-ons can automatically login.

For example: Gmail Notifier (https://addons.mozilla.org/en-US/firefox/addon/173) which automatically checks for new emails.
This add-on saves it's password in Firefox as 'chrome://gm-notifier/', but it is not possible to use Lastpass for this add-on.


We support this by leaving it alone: we don't import or delete chrome:// urls by default unless you tell us to. You can save your password in the built firefox password manager for now.

barisko Wrote:Or Foxmarks (https://addons.mozilla.org/en-US/firefox/addon/2410), which is used for synchronizing bookmarks between multiple browsers.
This add-on saves it's password in Firefox as 'sync.foxmarks.com', but is not possible to use Lastpass for this add-on.


This is likely an oversight by Foxmarks, Mozilla is clear that extensions should save their passwords with chrome:// URLs-- you may have to turn on the built-in password manager to resave this, then turn it back off to support it. Might be worth telling Foxmarks of their potential bug as well.

Joe
JoeSiegrist
 
Posts: 4185
Joined: Wed Aug 20, 2008 10:40 am

Re: Support for Firefox add-ons

Postby barisko » Tue Jan 06, 2009 12:38 pm

JoeSiegrist Wrote:We support this by leaving it alone: we don't import or delete chrome:// urls by default unless you tell us to. You can save your password in the built firefox password manager for now.


Yes, I dit notice that Lastpass does not import or delete chrome:// passwords.
I can indeed use the build in password manager for this add-on, but the thing is that I prefer NOT to use the build in password manager of Firefox since it is not secure at all...! That is the reason I turned to Lastpass in the first place.

JoeSiegrist Wrote:This is likely an oversight by Foxmarks, Mozilla is clear that extensions should save their passwords with chrome:// URLs-- you may have to turn on the built-in password manager to resave this, then turn it back off to support it. Might be worth telling Foxmarks of their potential bug as well.
Joe


I will notify Foxmarks.
barisko
 
Posts: 6
Joined: Tue Jan 06, 2009 11:18 am

Re: Support for Firefox add-ons

Postby JoeSiegrist » Tue Jan 06, 2009 1:04 pm

barisko Wrote:Yes, I dit notice that Lastpass does not import or delete chrome:// passwords.
I can indeed use the build in password manager for this add-on, but the thing is that I prefer NOT to use the build in password manager of Firefox since it is not secure at all...! That is the reason I turned to Lastpass in the first place.


2 possibilities come to mind because the APIs that we can use are somewhat limited:

- Use Firefox's master password for this one 1 account

- LastPass can look into dynamically adding and deleting chrome passwords back into Firefox when logged in.

They both have downsides and expose your passwords more than we'd like. We possibly could look into entering the password for you in the XUL dialog windows, maybe that's the path. We'll keep investigating.

Joe
JoeSiegrist
 
Posts: 4185
Joined: Wed Aug 20, 2008 10:40 am

Re: Support for Firefox add-ons

Postby barisko » Fri Jan 09, 2009 6:57 pm

JoeSiegrist Wrote:This is likely an oversight by Foxmarks, Mozilla is clear that extensions should save their passwords with chrome:// URLs-- you may have to turn on the built-in password manager to resave this, then turn it back off to support it. Might be worth telling Foxmarks of their potential bug as well.
Joe


Can you point me to the specific documentation you're referring to?
barisko
 
Posts: 6
Joined: Tue Jan 06, 2009 11:18 am

Re: Support for Firefox add-ons

Postby JoeSiegrist » Fri Jan 09, 2009 7:52 pm

barisko Wrote:
JoeSiegrist Wrote:This is likely an oversight by Foxmarks, Mozilla is clear that extensions should save their passwords with chrome:// URLs-- you may have to turn on the built-in password manager to resave this, then turn it back off to support it. Might be worth telling Foxmarks of their potential bug as well.
Joe


Can you point me to the specific documentation you're referring to?


https://developer.mozilla.org/en/Using_nsILoginManager

The Login Manager treats this as if it was a web site login. You should use your extension's chrome:// URL to prevent conflicts with other extensions, and a realm string which briefly denotes the login's purpose.


Joe
JoeSiegrist
 
Posts: 4185
Joined: Wed Aug 20, 2008 10:40 am

Re: Support for Firefox add-ons

Postby barisko » Wed Jan 14, 2009 5:43 am

I did contact Foxmarks about this. This is their reply:

Foxmarks employee Eric Wrote:Thanks for the extra details! I've read through the document, and the main reason to use the chrome:// entry is to avoid conflicts with other extensions when there's no remote URL involved. In this case, though, the password is getting stored for an actual remote URL, so we seem to be using the system as intended.
Thanks for your vigilance, though! Definitely let us know if I'm misinterpreting this at all.

URL: http://getsatisfaction.com/foxmarks/topics/saving_the_plug_in_password_in_firefox_using_the_chrome_url

I'm not that familiar with developing Firefox plug-in, so I'm not sure what's correct and what isn't...
barisko
 
Posts: 6
Joined: Tue Jan 06, 2009 11:18 am

Re: Support for Firefox add-ons

Postby JoeSiegrist » Wed Jan 14, 2009 8:37 am

barisko Wrote:I did contact Foxmarks about this. This is their reply:

Foxmarks employee Eric Wrote:Thanks for the extra details! I've read through the document, and the main reason to use the chrome:// entry is to avoid conflicts with other extensions when there's no remote URL involved. In this case, though, the password is getting stored for an actual remote URL, so we seem to be using the system as intended.
Thanks for your vigilance, though! Definitely let us know if I'm misinterpreting this at all.

URL: http://getsatisfaction.com/foxmarks/topics/saving_the_plug_in_password_in_firefox_using_the_chrome_url

I'm not that familiar with developing Firefox plug-in, so I'm not sure what's correct and what isn't...


This is a convention that everyone follows and it's stated that is what you _should do_ directly. The fact that the document gives a bonus reason for doing it (non-conflict) is irrelevant. Even Foxmarks used to follow it, so perhaps you can use an older version until they fix it.

Joe
JoeSiegrist
 
Posts: 4185
Joined: Wed Aug 20, 2008 10:40 am


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 79 guests