- 1 Overview
- 2 Managing Security Policies
- 3 Understanding Security Policies
- 4 Other Things Policies Can Do
- 4.1 Prevent web pages from changing the text in the status bar
- 4.2 Prevent web pages from changing the text in the title bar
- 4.3 Prevent web pages from opening the "Add Bookmark" dialog
- 4.4 Prevent web pages from triggering File → Print
- 4.6 Disable form focusing
- 5 See also
- 6 External links
All Mozilla-based applications allow users to restrict (or disable) various security-related settings. These restrictions can be as generic or specific as needed, and can be universally applied or limited to certain protocols and domains. This functionality is collectively known as "Security Policies," "Configurable Security Policies," or "CAPS."
checkloaduri policies (using
file:// links from remote webpages). Those three cases are explained in greater detail in the linked articles.
Managing Security Policies
If you need more customizability for your security policies, you will need to edit your configuration files. You can also use about:config, but due to a bug, you will not see the changes you've made (though they will take effect). Security policies are specified in preferences, so you should be comfortable editing user.js. A useful extension for making edits is ChromEdit.
Understanding Security Policies
All of the examples in this article assume the reader is editing user.js.
Anatomy of a Policy
For a policy to exist, it has to have a name. That name has to be included in the preference capability.policy.policynames, which is a space-separated list of all the custom policies you want to use. This means that if you want to have a policy that allows local file links for sites on your intranet and a separate policy that allows your favorite CMS's copy/paste functionality to work, you'll need to have both listed in this preference:
Next, we need to specify what the policies actually do (the capabilities). These preferences will vary quite a bit depending on what you want to do, but always take the form capability.policy.<policy name>.<capability>. The functionality we want in our example is described in other articles in detail, but for the sake of brevity here are the capability preferences we need to set for our example:
// Allow file links for the "localfilelinks" policy user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess"); // Allow cut/copy/paste for the "allowclipboard" policy user_pref("capability.policy.allowclipboard.Clipboard.cutcopy", "allAccess"); user_pref("capability.policy.allowclipboard.Clipboard.paste", "allAccess");
You'll notice that the value we're assigning is "allAccess". In CAPS, these preferences can have one of three values: allAccess (which essentially means "true" or "enabled"), noAccess ("false" or "disabled"), or the rarely-used sameOrigin ("true" or "enabled", but only when working on the same server).
Now our two example policies have names and capabilities defined, but they don't apply anywhere. We need to specify which sites they apply to. This is done by setting the preference capability.policy.<policy name>.sites for each policy, which is also a space-separated list. Thus, if your intranet sites were hosted at http://intranet/ and http://internal/, and your CMS was hosted at http://www.example.com/, you would add these lines:
user_pref("capability.policy.localfilelinks.sites", "http://intranet http://internal"); user_pref("capability.policy.allowclipboard.sites", "http://www.example.com");
And that's it: we now have two fully-defined policies that do different things and apply to certain sites only. You will need to restart the program so your settings are read.
- Each policy needs a name, and all the names should be listed in the preference capability.policy.policynames
- Each policy can have one or more capabilities associated with it, and those preferences take the form capability.policy.<policy name>.<capability>
- Each policy needs to specify what site(s) it applies to, and that information is stored in a preference of the form capability.policy.<policy name>.sites
The Default Security Policy
What if you want your policy to apply to every site automatically? Mozilla comes with one predefined policy for this: the default policy. You don't need to give it a name in capability.policy.policynames (it's built in). The syntax is exactly the same as if you were using one of your own named policies, except it doesn't need a "capability.policy.default.sites" preference.
In every case, a named policy will override a setting in the default policy.
Other Things Policies Can Do
Prevent web pages from changing the text in the status bar
This is actually a built-in feature of Mozilla browsers now, and it has its own separate non-CAPS preference: dom.disable_window_status_change. However, maybe you'd like to allow this feature for certain websites. In order to do this, we'll need to first set dom.disable_window_status_change to false, as a setting of true will override any CAPS preferences. Then, it's just a matter of applying the concepts in this article:
// Enable the browser-wide status bar change pref user_pref("dom.disable_window_status_change", false); // Disable window.status changes by default user_pref("capability.policy.default.Window.status", "noAccess"); // Name a new policy for sites that can change window.status user_pref("capability.policy.policynames", "statuschange"); // Define the capability for the policy user_pref("capability.policy.statuschange.Window.status", "allAccess"); // Define the sites that can use this policy user_pref("capability.policy.statuschange.sites", "http://www.fark.com");
Prevent web pages from changing the text in the title bar
This is similar to the above example, but instead of
document.title. So the policy would look like this:
// By default, prevent scripts from setting the title of documents user_pref("capability.policy.default.HTMLDocument.title.set", "noAccess");
Prevent web pages from opening the "Add Bookmark" dialog
user_pref("capability.policy.policynames", "sidebarAccess"); // Disable sidebar-associated functions, including addPanel() user_pref("capability.policy.default.Window.sidebar", "noAccess"); // Allow mozilla.org and mycroft to add search engine plugins user_pref("capability.policy.sidebarAccess.sites", "http://www.mozilla.org http://mycroft.mozdev.org"); user_pref("capability.policy.sidebarAccess.Window.sidebar", "allAccess");
Prevent web pages from triggering File → Print
window.print(). This is sometimes annoying (and a little insulting), so you can disable this with another policy:
Window object. This means it's a simple matter to pick off individual functions from web pages that annoy you:
user_pref("capability.policy.policynames", "killfunction killvariable"); user_pref("capability.policy.killfunction.Window.nameOfFunction", "noAccess"); user_pref("capability.policy.killfunction.sites", "http://www.example.com"); user_pref("capability.policy.killvariable.Window.nameOfVariable.set", "noAccess"); user_pref("capability.policy.killvariable.Window.nameOfVariable.get", "noAccess"); user_pref("capability.policy.killvariable.sites", "http://www.example.com");
Disable form focusing
Web pages can automatically focus a form when a page loads. To disable this for specific sites:
user_pref("capability.policy.policynames", "nofocus"); user_pref("capability.policy.nofocus.sites", "http://www.example.com"); user_pref("capability.policy.nofocus.HTMLInputElement.focus", "noAccess");
- Links to local pages don't work