Project

General

Profile

Actions

Installation instructions (browser extension Mozilla) » History » Revision 9

« Previous | Revision 9/20 (diff) | Next »
koszko, 09/14/2021 08:13 PM
minor change


Installation instructions (Mozilla)

Here we'll describe how to install Haketilo from a .xpi file. Extensions in Firefox and its derivatives are often installed from the Mozilla Add-ons website (AMO), but for the sake of privacy and freedom, you should not use it!

Right now we only provide an unsigned .xpi extension file. This means it hasn't been cryptographically signed by Mozilla and therefore some of Mozilla browsers and even derivatives will refuse to install it. While we're going to provide a signed version of the extension soon, you are really strongly encouraged to use a Firefox derivative that not only allows you to manage your software but also isn't malware itself respects your freedom and privacy. Valid options are browsers in some of the "ethical" GNU/Linux distros like Parabola and Trisquel, the Tor Browser, and LibreWolf1. Although not necessarily ethical, browsers based on Firefox ESR (such as commonly found in operating systems repositories) should also work.

Browser compatibility

Haketilo is currently compatible with browsers based on Mozilla Firefox 60 and upwards. It has been tested against LibreWolf 90.0.2, Tor Browser 10.0.17, Parabola Iceweasel 75 and IceCat 60 (although for security reasons you should probably avoid browsers as old as the last 2).

Steps

First, download the extension's .xpi file from the Releases. You can also download the PGP signature to verify the file hasn't been tampered with (although it is of limited benefit unless you have a proof developer's signing key does indeed belong to him...). After downloading, go to the about:addons URL. In the extensions management page that shows up, click on the gear icon and select "Install Add-on From File...".

extensions page

Now, navigate to the downloaded .xpi file and select it.

navigating to the extension file

Note: If, at this point, your browser shows you an error message about extension file being invalid, but you're sure the browser supports installation of unsigned extensions, go to the about:config URL, confirm the warning prompt that appears, search for the xpinstall.signatures.required preference and double-click it to toggle its value to "false".

You should be presented with a dialog asking whether to add Haketilo to your browser. Once you click "Add", the add-on will install.

adding Haketilo

The browser might ask whether you want to allow Haketilo to run in private windows. If you installed Haketilo for its script-blocking capabilities, then you most likely also want that and you can check this option. Otherwise, it is a perfectly valid approach to aim for a purely script-less experience in private browsing windows and use an add-on like NoScript or uBlock Origin there instead of Haketilo.

Haketilo installed, allowing extension to run in private windows

Important aside: in some browsers, extensions are by default blocked from running on privileged domains. This is done as a security measure to prevent add-ons exploiting "sync", the add-ons website, etc. to gain unauthorized powers, but prevents Haketilo from applying policies there. If you feel this is a bigger problem than malicious extensions, go to the about:config URL, confirm the warning prompt that appears, and search for the extensions.webextensions.restrictedDomains preference; if it appears, double-click on it, erase any text and press "enter" to unprivilege all websites.

That's it. You can now play a bit with the extension and learn how it works. Also, make sure you realize its limitations.


  1. A bug that appeared around version 90.0 used to cause extension signatures to be required, but this has apparently since been fixed. 

Updated by koszko almost 2 years ago · 9 revisions

Also available in: PDF HTML TXT