Native manifests are specially formatted JSON files that are provisioned on the user's computer by some means outside the extension installation process. For example, a native manifest might be provisioned by a device administrator or by a native application installer.
There are three different types of native manifest:
| Native messaging manifests | Enable a feature called native messaging , in which an extension can communicate with a native app installed on the device. |
| Managed storage manifests |
Define read-only data that an extension can access using the
storage.managed
API。
|
| PKCS #11 manifests |
Enable an extension to use the
pkcs11
API
to enumerate PKCS #11 security modules and install them in Firefox.
|
For all native manifests, you need to arrange things so the browser can find the manifest. The section on manifest location describes these rules.
The native messaging manifest contains a single JSON object with the following properties:
| 名称 | 类型 | 描述 |
|---|---|---|
名称
|
字符串 |
Name of the native application.
This must match the name passed into
On MacOS and Linux, it must also match the native messaging manifest's
filename (excluding the
On Windows, it must match the name of the registry key you create, that contains the location of the native messaging manifest.
The name must match the following regular expression:
|
description
|
字符串 | Description of the native application. |
path
|
字符串 |
Path to the native application. On Windows, this may be relative to the manifest itself. On MacOS and Linux it must be absolute. |
type
|
字符串 |
Describes the method used to connect the extension with the app.
Currently, only one value can be given here,
|
allowed_extensions
|
Array of String |
An array of
Add-on ID
values. Each value represents an extension which is allowed to
communicate with this native application.
Note that this means you will probably want to include the
|
For example, here's a manifest for the
ping_pong
native application:
{
"name": "ping_pong",
"description": "Example host for native messaging",
"path": "/path/to/native-messaging/app/ping_pong.py",
"type": "stdio",
"allowed_extensions": [ "ping_pong@example.org" ]
}
This allows the extension whose ID is
ping_pong@example.org
to connect, by passing the name
ping_pong
into the relevant
runtime
API function. The application itself is at
/path/to/native-messaging/app/ping_pong.py
.
The managed storage manifest contains a single JSON object with the following properties:
| 名称 | 类型 | 描述 |
|---|---|---|
名称
|
字符串 |
The ID of the extension that can access this storage, given as the ID
you've specified in the extension's
applications
key.
|
description
|
字符串 | Human readable description, ignored by Firefox. |
type
|
字符串 |
This must be
"storage"
.
|
data
|
对象 |
A JSON object that may contain any valid JSON values, including
strings, numbers, booleans, arrays, or objects. This will become the
data in the
browser.storage.managed
storage area.
|
例如:
{
"name": "favourite-color-examples@mozilla.org",
"description": "ignored",
"type": "storage",
"data":
{
"color": "management thinks it should be blue!"
}
}
Given this JSON manifest, the
favourite-color-examples@mozilla.org
extension could access the data using code like this:
let storageItem = browser.storage.managed.get('color');
storageItem.then((res) => {
console.log(`Managed color is: ${res.color}`);
});
The PKCS #11 manifest is a file containing a JSON object with the following properties:
| 名称 | 类型 | 描述 |
|---|---|---|
名称
|
字符串 |
Name of the PKCS #11 module.
This must match the name used in the
On MacOS and Linux, it must also match the manifest's filename (excluding the extension). On Windows, it must match the name of the registry key you create, which contains the location of the manifest.
The name must match the following regular expression:
|
description
|
字符串 |
Description of the module. This is used to set the friendly name for the module in the browser's UI (for example, the "Security Devices" dialog in Firefox). |
path
|
字符串 |
Path to the module. On Windows, this may be relative to the manifest itself. On MacOS and Linux it must be absolute. |
type
|
字符串 |
This must be
"pkcs11"
.
|
allowed_extensions
|
Array of String |
An array of
Add-on ID
values. Each value represents an extension which is allowed to
interact with the module.
注意:
This means you will probably want to include
the
|
例如:
{
"name": "my_module",
"description": "My test module",
"type": "pkcs11",
"path": "/path/to/libpkcs11testmodule.dylib",
"allowed_extensions": ["my-extension@mozilla.org"]
}
Given this JSON manifest, saved as
my_module.json
,
my-extension@mozilla.org
extension could install the security module at
/path/to/libpkcs11testmodule.dylib
using code like this:
browser.pkcs11.installModule("my_module");
On Linux and macOS, you need to store the manifest in a particular place. On Windows, you need to create a registry key that points to the manifest's location.
The detailed rules are the same for all the manifest types, except that the penultimate component of the path identifies the type of manifest. The examples below show the form for each of the three different types. In all the examples,
<name>
is the value of the
名称
property in the manifest.
For global visibility, create a registry key with the following name:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\<name>
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\ManagedStorage\<name>
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\PKCS11Modules\<name>
The key should have a single default value, which is the path to the manifest.
警告: As of Firefox 64, the 32-bit registry view ( Wow6432Node) will be checked first for these keys, followed by the "native" registry view. Use whichever is appropriate for your application.
For Firefox 63 and older:
This key should
not
be created under
Wow6432Node
, even if the app is 32-bit. Previous versions of the browser will always look for the key under the "native" view of the registry, not the 32-bit emulation. To ensure that the key is created in the "native" view, you can pass the
KEY_WOW64_64KEY
or
KEY_WOW64_32KEY
flags into
RegCreateKeyEx
。见
访问替代注册表视图
.
For per-user visibility, create a registry key with the following name:
HKEY_CURRENT_USER\SOFTWARE\Mozilla\NativeMessagingHosts\<name>
HKEY_CURRENT_USER\SOFTWARE\Mozilla\ManagedStorage\<name>
HKEY_CURRENT_USER\SOFTWARE\Mozilla\PKCS11Modules\<name>
The key should have a single default value, which is the path to the manifest.
For global visibility, store the manifest in:
/Library/Application Support/Mozilla/NativeMessagingHosts/<name>.json
/Library/Application Support/Mozilla/ManagedStorage/<name>.json
/Library/Application Support/Mozilla/PKCS11Modules/<name>.json
For per-user visibility, store the manifest in:
~/Library/Application Support/Mozilla/NativeMessagingHosts/<name>.json
~/Library/Application Support/Mozilla/ManagedStorage/<name>.json
~/Library/Application Support/Mozilla/PKCS11Modules/<name>.json
For global visibility, store the manifest in either:
/usr/lib/mozilla/native-messaging-hosts/<name>.json
/usr/lib/mozilla/managed-storage/<name>.json
/usr/lib/mozilla/pkcs11-modules/<name>.json
或:
/usr/lib64/mozilla/native-messaging-hosts/<name>.json
/usr/lib64/mozilla/managed-storage/<name>.json
/usr/lib64/mozilla/pkcs11-modules/<name>.json
For per-user visibility, store the manifest in:
~/.mozilla/native-messaging-hosts/<name>.json
~/.mozilla/managed-storage/<name>.json
~/.mozilla/pkcs11-modules/<name>.json
最后修改: , 由 MDN 贡献者