Esta tradução está incompleta. Por favor, ajude a traduzir este artigo do Inglês.
A fim de proteger a segurança e a soberania dos utilziadores do Firefox, a Mozilla requer que todos os extras cumpram com um conjunto de políticas de práticas aceitáveis. O conjunto exato das políticas aplicáveis varia de acordo com uma série de circunstâncias, o mais importante é saber se o extra está hospedado em addons.mozilla.org (ulteriormente AMO), e como o extra é distribuído.
Este documento descreve as políticas das diferentes classes de extra são esperadas para obedecer. Independentemente da classe do extra, estas políticas são aplicadas através de um processo de revisão obrigatória facilitado pelo AMO, e uma verificação de assinatura do código obrigatória, aplicadas pelo Firefox.
Classes de Extra
Listadas no AMO
Add-ons listed on AMO must undergo review by a human reviewer. Prior to review, add-ons will be accessible to users who have a direct link to their listing pages, but are otherwise hidden from the public. Once approved, these add-ons will have a public listing page including screenshots, descriptions, and user reviews. The listing will appear in search results, collections, and occasional promotions. Existing users will automatically receive updates to new versions published to AMO.
There are two classes of review for add-ons listed on AMO, each with its own stringency of requirements and feature set:
- Revisão CompletaFull Review
- Add-ons in the full review class undergo full code review, as well as functional testing. These add-ons are subjected to the highest quality bar. In exchange are given the highest precedence in search results, and present the most streamlined install experience to users.
- Revisão Preliminar
- Add-ons in the preliminary review class undergo full, though less detailed, code review, but in general do not undergo functional testing. These add-ons must not cause security problems, or seriously hamper the usability of the browser, but otherwise have few qualifications. As a result, these add-ons are displayed less prominently in search results, and their listing pages will warn users about potential quality issues prior to install.
Unlisted add-ons must be uploaded to AMO prior to distribution, but are otherwise not accessible to the public via the site. These add-ons must be distributed elsewhere by their publishers. Depending on the manner of distribution, unlisted add-ons will undergo either complete review by a human reviewer, or fully-automated review, with the option of falling back to human review upon failure.
There are two classes of unlisted add-ons:
- Instalar Lateral
- This review class, sometimes referred to instead as "full review", is required for any add-ons which will be installed into the browser by application installers, rather than directly by users via the web install process. These add-ons will undergo full code review, as well as functional testing. The requirements and review process for this class of add-ons are very similar to those of listed add-ons in the full review track. The primary difference is that these add-ons must manage their own updates.
- Instalar via Web
- This review class, sometimes referred to instead as "lite review", is for add-ons distributed entirely via web install, initiated directly by the user. Add-ons in this class have the least stringent requirements. These add-ons are only subjected to human review only if they do not pass automated vaildation.
The following table outlines the primary policies which apply to each add-on review track. The policies are explained in further detail below. The symbols below each review track specify how the requirement applies to those add-ons as follows:
|O requisito n~soa se aplica para esta faixa de revisão.|
|✘||Os extras nesta faixa de revisão estão proibidos de ter este comportamento.|
|✔||Os extras nesta faixa de revisão devem seguir este comportamento.|
|Completa||Preliminar||Instalalar Lateral||Instalar via Web|
|Cause harm to users' data, systems, or online identities||✘||✘||✘||✘|
|Create or expose security vulnerabilities||✘||✘||✘||✘|
|Tamper with the application/add-on update or blocklist systems||✘||✘||✘||✘|
|Execute remote code¹||✘||✘||✘|
|Degrade the security of HTTPS sites||✘||✘||✘|
|Install additional add-ons or system applications without user consent||✘||✘|
|Include their own update mechanism||✘||✘|
|Privacidade e Permissão do Utilizador|
|Make unexpected changes to the browser or web content||✘||✘||✘||✘|
|Prevent users from reverting changes made by the add-on||✘||✘||✘||✘|
|Prevent the add-on from appearing in the Add-on Manager||✘||✘||✘||✘|
|Prevent the user from disabling or uninstalling the add-on⁶||✘||✘||✘||✘|
|Send sensitive information to remote servers unprotected||✘||✘||✘|
|Store browsing data from private browsing windows||✘||✘||✘|
|Leak identity information to web content in private browsing windows||✘||✘||✘|
|Change Firefox preferences without user consent||✘||✘|
|Experiência do Utilziador|
|Break or disable core application features||✘||✘||✘||✘|
|Make any changes which persist after the add-on is disabled or uninstalled||✘||✘||✘||✘|
|Be easy to use and provide a consistent user experience||✔||✔|
|Appeal to a general audience||✔|
|Violar a política de utilizador da Mozilla||✘||✘||✘|
|Provide reviewers with full source code⁵||✔||✔||✔||✔²|
|Use unvetted third-party code libraries or frameworks||✘||✘||✘|
|Contain obvious coding errors||✘||✘|
|Conflict with other well-behaved add-ons³||✘||✘|
|Use APIs known to cause performance or stability problems⁴||✘||✘|
Because add-ons run in an environment with elevated privileges relative to ordinary web pages, they present a very serious set of security considerations. The have the potential to open up security holes not only in the add-ons themselves, but also in the browser, in web pages, and in particularly worrying cases, the entire system the browser is running on. As a result, we take our security policies very seriously, and apply most of them to all add-ons, whether hosted on AMO or not. We expect all add-ons to be secure, not only in their handling of their own data, and of user data, but also in all of their interaction with the web, the browser, and the operating system.
Privacidade e Permissão do Utilizador
We take user sovereignty and privacy extremely seriously. Whether hosted on AMO or not, we require all add-ons to respect users choices and their reasonable expectations of privacy. In particular, this means that add-ons may not limit users control of their browsers, by making it impossible to permanently change settings (such as the homepage or search engine), preventing users from uninstalling them, hiding their presence from users, or installing toolbar buttons or other UI elements which cannot be permanently removed via the UI customization process.
Features like advertising or certain forms of user activity tracking may be required to be opt-in, or at least opt-out, depending on the privacy and security impact, and whether the feature is necessary for the add-on to function or not. Since these are usually additional monetization features that are unrelated to what the add-on is meant to do, they generally require an opt-in for listed add-ons and an opt-out for unlisted ones. Some forms of tracking, like gathering all visited URLs, are generally forbidden even for unlisted add-ons. The decision to activate or deactivate these features and its implications must be clearly presented to the user.
Experiência do Utilziador
We expect all add-ons to work without significantly degrading users' experience with the browser. In particular, add-ons may not adversely affect browser performance, break built-in features, or damage the user interface. For add-ons listed on AMO, requesting full review, we likewise expect a consistent generally positive user experience for any functionality provided by the add-on.
While we have no interest in controlling the types of functionality provided by add-ons in the wild, there are certain types of content that
addons.mozilla.org cannot host. In particular, all content hosted on the site must conform to the laws of the United States, and comply with the Mozilla acceptable use policy.
Sumissão do Código Fonte
Add-ons may contain binary, obfuscated and minified source code, but Mozilla must be allowed to review a copy of the human-readable source code of each version of an add-on submitted for review. In such cases, the author will receive a message when the add-on is reviewed indicating whom to contact at Mozilla to coordinate review of the source code. This code will be reviewed by an administrator and will not be shared or redistributed in any way. The code will only be used for the purpose of reviewing the add-on.
If your add-on contains code that you don't own or can't get the source code for, you may contact us for information on how to proceed.
Add-ons are reviewed by the AMO Reviewer Team, a group of experienced add-on developers that volunteer to help the Mozilla project by reviewing add-ons to ensure a stable and safe experience for users. The Reviewer Guide details how reviewers evaluate add-ons submitted for review. It is an expanded version of the table shown above. Developers will receive an email with any updates throughout the review process. Review times can fluctuate depending on reviewer availability and the complexity of the add-on being reviewed. Regular updates of review queue status are posted in the Add-ons Blog.
Lista de Bloqueio
Add-ons that don't meet the bar for Unlisted Web Install may qualify for blocklisting, depending on the extent of their problems. The Add-ons Team will do their best to contact the add-on's developers and provide a reasonable time frame for the problems to be corrected before a block is deployed. If an add-on is considered malicious or its developers have proven unreachable or unresponsive, or in case of repeat violations, blocklisting may be immediate.