Native manifests
Native manifests are JSON files provisioned on the user's computer by means other than the extension installation process. For example, a native manifest might be provisioned by a device administrator or native application installer.
There are three types of native manifest:
| Native messaging manifests | Enables a feature callednative messaging, in which an extension can communicate with a native app installed on the device. |
| Managed storage manifests | Defines read-only data that an extension can access using thestorage.managed API. |
| PKCS #11 manifests | Enables an extension to use thepkcs11 API to enumerate PKCS #11 security modules and install them in Firefox. |
For all native manifests, you need to store the file so the browser can find it. The section onmanifest location describes how to do this. On Linux and macOS, the files are in a fixed location, on Windows the file location is written to the Windows Registry.
Native messaging manifests
The native messaging manifest is a file with a name that matches the string passed by the extension intoruntime.connectNative() orruntime.sendNativeMessage() with the.json extension. It contains a JSON object with these properties:
| Name | Type | Description |
|---|---|---|
name | String | Name of the native application. This must match the name passed into On Windows, use this value as the name of the registry key you create that contains the location of the native messaging manifest. The name must match the regular expression: |
description | String | Description of the native application. |
path | String | Path to the native application. On Windows, this may be relative to the manifest itself. On macOS and Linux, it must be absolute. |
type | String | Describes the method used to connect the extension with the app. Takes the value |
allowed_extensions | Array of String | An array ofAdd-on ID values. Each value represents an extension allowed to communicate with this native application. Note: This means you want to include the |
For example, here's the content of theping_pong.json manifest file for theping_pong native application from thenative messaging example:
{ "name": "ping_pong", "description": "Example host for native messaging", "path": "/path/to/native-messaging/app/ping_pong.py", "type": "stdio", "allowed_extensions": ["ping_pong@example.org"]}This allows the extension with the IDping_pong@example.org to connect by passing the nameping_pong into the relevantruntime API function. The native application is at/path/to/native-messaging/app/ping_pong.py.
Managed storage manifests
The managed storage manifest is a file with a name that matches the ID specified in the extension'sbrowser_specific_settings key with the.json extension. It contains a JSON object with these properties:
| Name | Type | Description |
|---|---|---|
name | String | The ID of the extension that can access this storage, given as the ID specified in the extension's On Windows, use this as the name of the registry key you create, which contains the location of the manifest. |
description | String | Human-readable description, ignored by Firefox. |
type | String | This must be |
data | Object | A JSON object that may contain any valid JSON values, including strings, numbers, booleans, arrays, or objects. This becomes the data in the |
For example, in thefavourite-colour example manage storage data is set in the file namedfavourite-colour-examples@mozilla.org.json, which contains:
{ "name": "favourite-colour-examples@mozilla.org", "description": "ignored", "type": "storage", "data": { "color": "management thinks it should be blue!" }}Thefavourite-colour-examples@mozilla.org extension then accesses the data using code like this:
let storageItem = browser.storage.managed.get("color");storageItem.then((res) => { console.log(`Managed color is: ${res.color}`);});PKCS #11 manifests
The PKCS #11 manifest is a file with a name that matches the name of the PKCS #11 module (as used in thepkcs11 API) with the.json extension. It contains a JSON object with these properties:
| Name | Type | Description |
|---|---|---|
name | String | Name of the PKCS #11 module. This must match the name used in the On Windows, use this as the name of the registry key you create, which contains the location of the manifest. The name must match the regular expression: |
description | String | Description of the PKCS #11 module. This sets the friendly name for the module in the browser's UI (for example, the "Security Devices" dialog in Firefox). |
path | String | Path to the PKCS #11 module. The path to the PKCS #11 module may be absolute or relative to the manifest itself. |
type | String | This must be"pkcs11". |
allowed_extensions | Array of String | An array ofAdd-on ID values. Each value represents an extension allowed to interact with the module. Note: This means you want to include the |
For example:
{ "name": "my_module", "description": "My test module", "type": "pkcs11", "path": "/path/to/libpkcs11testmodule.dylib", "allowed_extensions": ["my-extension@mozilla.org"]}Given this JSON manifest, saved asmy_module.json, themy-extension@mozilla.org extension could install the security module at/path/to/libpkcs11testmodule.dylib using code like this:
browser.pkcs11.installModule("my_module");Manifest location
On Linux and macOS, you need to store the manifest in a particular place. On Windows, you need to create a registry key that points to the manifest's location.
The detailed rules are the same for all the manifest types, except that the penultimate component of the path identifies the type of manifest. The examples below show the form for each of the three different types. In all the examples,<name> is the value of the name property in the native manifest.
Windows
For global visibility, create a registry key with the following name:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\<name>
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\ManagedStorage\<name>
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\PKCS11Modules\<name>
The key should have a single default value, which is the path to the manifest.
Warning:As of Firefox 64, the 32-bit registry viewWow6432Node will be checked first for these keys, followed by the "native" registry view. Use whichever is appropriate for your application.
For Firefox 63 and older: This key shouldnot be created underWow6432Node, even if the app is 32-bit. Previous versions of the browser will always look for the key under the "native" view of the registry, not the 32-bit emulation. To ensure that the key is created in the "native" view, you can pass theKEY_WOW64_64KEY orKEY_WOW64_32KEY flags intoRegCreateKeyEx. SeeAccessing an Alternate Registry View.
For per-user visibility, create a registry key with the following name:
HKEY_CURRENT_USER\SOFTWARE\Mozilla\NativeMessagingHosts\<name>
HKEY_CURRENT_USER\SOFTWARE\Mozilla\ManagedStorage\<name>
HKEY_CURRENT_USER\SOFTWARE\Mozilla\PKCS11Modules\<name>
The key should have a single default value, which is the path to the manifest.
macOS
For global visibility, store the manifest in:
/Library/Application Support/Mozilla/NativeMessagingHosts/<name>.json
/Library/Application Support/Mozilla/ManagedStorage/<name>.json
/Library/Application Support/Mozilla/PKCS11Modules/<name>.json
For per-user visibility, store the manifest in:
~/Library/Application Support/Mozilla/NativeMessagingHosts/<name>.json
~/Library/Application Support/Mozilla/ManagedStorage/<name>.json
~/Library/Application Support/Mozilla/PKCS11Modules/<name>.json
Linux
For global visibility, store the manifest in either:
/usr/lib/mozilla/native-messaging-hosts/<name>.json
/usr/lib/mozilla/managed-storage/<name>.json
/usr/lib/mozilla/pkcs11-modules/<name>.json
or:
/usr/lib64/mozilla/native-messaging-hosts/<name>.json
/usr/lib64/mozilla/managed-storage/<name>.json
/usr/lib64/mozilla/pkcs11-modules/<name>.json
For per-user visibility, store the manifest in:
~/.mozilla/native-messaging-hosts/<name>.json
~/.mozilla/managed-storage/<name>.json
~/.mozilla/pkcs11-modules/<name>.json