About time!

No more .NET nonsense plugins installed without warning!

And before any .NET developers start whining about this, if you're writing code that relies on a .NET client-side plugin installed on your visitors computers you're doing the internet wrong.

Jolyon

Didn't they forget to add...

..."so screw you, Microsoft" to that? Rightly so, too.

How ?

I don't see how Firefox can stop such behaviour.

Surely any add-ons will be registered in a config file or the registry and being open source it will be easy enough to see how that's done and do the same using a program which isn't Firefox. Largely a cut-and-paste of the Firefox provided code I'd expect.

Mine's the one with the notepad with the outline for a "Firefox introduces DRM to lock-out devious developers" article.

NOT related to the .NET Add-on mess.

Remember it could be blacklisted _because_ it was an Add-on. A badly designed; crap; installed without you knowing it; security hole care of MS kind of Add-on but an Add-on nonetheless.

This is related to apps that don't even let Mozilla blacklist them.

Not .Net

This wouldn't affect the .Net extension, that was 'installed' by setting a registry key.

config file...

"Surely any add-ons will be registered in a config file or the registry and being open source it will be easy enough to see how that's done and do the same using a program which isn't Firefox."

Well, that's the point I think, certain people *cough*Microsoft*cough* were NOT registering in a config file, just dropping junk into the directory, so the component would execute but would not be listed for updates, compatibility checking, or uninstallation.

I assume firefox really can't control what goes into this directory (it really can't prevent anything for instance when it's not even running) but will no longer run anything that's just haphazardly dropped in there.

About time

Frankly, any app that has code along the lines of "unconditionally execute any modules in $directory" is an accident waiting to happen.