[GH-ISSUE #2337] chromium: "Open in Firefox" addon does not work

gitea-mirror commented

2026-05-05 08:13:14 -06:00

Owner

Originally created by @ghost on GitHub (Jan 12, 2019).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2337

i cannot find how to get this addon working (except with using --noprofile)

https://chrome.google.com/webstore/detail/open-in-firefox/lmeddoobegbaiopohmpmmobpnpjifpii

it use node js, i have tried to remove the disable-interpreter blacklist include and other various options from the shipped profile but i can't get it working.

here is installl.shipped with it :

#!/usr/bin/env bash

cd "$(dirname "$0")/app"

which node 2>/dev/null
isNode=$?
echo NodeJS status = $isNode

if [ $isNode -eq 0 ]; then
  node -e "process.exit(Number(process.version.substr(1).split('.')[0]) > 5 ? 0 : 1)"
  isNode=$?
fi
if [ $isNode -eq 0 ]; then
  echo "Installer is using your system NodeJS."
  node install.js `which node` $1
else
  MACHINE_TYPE=`uname -m`
  echo "Installer is using the attached NodeJS"
  if [ ${MACHINE_TYPE} == 'x86_64' ]; then
    ../node/x64/node install.js --add_node $1
  else
    ../node/x86/node install.js --add_node $1
  fi
fi

(https://github.com/andy-portmen/native-client/tree/master/linux)

any idea how to allow this addons to work? thanks, i cannot find any logs

Originally created by @ghost on GitHub (Jan 12, 2019). Original GitHub issue: https://github.com/netblue30/firejail/issues/2337 i cannot find how to get this addon working (except with using `--noprofile`) https://chrome.google.com/webstore/detail/open-in-firefox/lmeddoobegbaiopohmpmmobpnpjifpii it use node js, i have tried to remove the **disable-interpreter** blacklist include and other various options from the shipped profile but i can't get it working. here is installl.shipped with it : ``` #!/usr/bin/env bash cd "$(dirname "$0")/app" which node 2>/dev/null isNode=$? echo NodeJS status = $isNode if [ $isNode -eq 0 ]; then node -e "process.exit(Number(process.version.substr(1).split('.')[0]) > 5 ? 0 : 1)" isNode=$? fi if [ $isNode -eq 0 ]; then echo "Installer is using your system NodeJS." node install.js `which node` $1 else MACHINE_TYPE=`uname -m` echo "Installer is using the attached NodeJS" if [ ${MACHINE_TYPE} == 'x86_64' ]; then ../node/x64/node install.js --add_node $1 else ../node/x86/node install.js --add_node $1 fi fi ``` (https://github.com/andy-portmen/native-client/tree/master/linux) any idea how to allow this addons to work? thanks, i cannot find any logs

gitea-mirror closed this issue

2026-05-05 08:13:15 -06:00

gitea-mirror commented

2026-05-05 08:13:17 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Jan 12, 2019):

This is expected behaviour.
See https://github.com/netblue30/firejail/issues/1718#issuecomment-406819438

@SkewedZeppelin commented on GitHub (Jan 12, 2019): This is expected behaviour. See https://github.com/netblue30/firejail/issues/1718#issuecomment-406819438

gitea-mirror commented

2026-05-05 08:13:18 -06:00

Author

Owner

@ghost commented on GitHub (Jan 12, 2019):

thanks, sorry to bother you but do you know which option of the default chromium profile is causing it? i'd rather remove one or two options instead of running chrome with --noprofile. i think it's better to have a weakened security for chromium (i only use it for a single website anyway) than nothing. i have tried to play with the profile options but i can't find what is causing it. ty

@ghost commented on GitHub (Jan 12, 2019): thanks, sorry to bother you but do you know which option of the default chromium profile is causing it? i'd rather remove one or two options instead of running chrome with --noprofile. i think it's better to have a weakened security for chromium (i only use it for a single website anyway) than nothing. i have tried to play with the profile options but i can't find what is causing it. ty

gitea-mirror commented

2026-05-05 08:13:19 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Jan 12, 2019):

The easy solution: is to simply copy and paste links when needed

The proper solution would be to: merge firefox-common.profile, firefox.profile, chromium-common.profile and chromium.profile into one profile

@SkewedZeppelin commented on GitHub (Jan 12, 2019): The easy solution: is to simply copy and paste links when needed The proper solution would be to: merge firefox-common.profile, firefox.profile, chromium-common.profile and chromium.profile into one profile

gitea-mirror commented

2026-05-05 08:13:20 -06:00

Author

Owner

@ghost commented on GitHub (Jan 12, 2019):

thanks but chromium is not trying to acess to firefox but to nodejs, nodejs which then launch chromium

@ghost commented on GitHub (Jan 12, 2019): thanks but chromium is not trying to acess to firefox but to nodejs, nodejs which then launch chromium

gitea-mirror commented

2026-05-05 08:13:21 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Jan 12, 2019):

yes but chromium will launch node as a child which will launch firefox as a child
all will end up under the restrictions of the chromium profile
you would have to merge the chromium and firefox profiles, allow node, and noblacklist/whitelist it

@SkewedZeppelin commented on GitHub (Jan 12, 2019): yes but chromium will launch node as a child which will launch firefox as a child all will end up under the restrictions of the chromium profile you would have to merge the chromium and firefox profiles, allow node, and noblacklist/whitelist it

gitea-mirror commented

2026-05-05 08:13:22 -06:00

Author

Owner

@ghost commented on GitHub (Jan 12, 2019):

thanks

@ghost commented on GitHub (Jan 12, 2019): thanks

gitea-mirror commented

2026-05-05 08:13:22 -06:00

Author

Owner

@SkewedZeppelin commented on GitHub (Jan 12, 2019):

you can try this as a profile, save it as ~/.config/firejail/chromium.profile

# Firejail profile for cfn
# Description: chromium, firefox, and node
# This file is overwritten after every install/update
# Persistent local customizations
include cfn.local
# Persistent global definitions
include globals.local

noblacklist ${HOME}/.cache/chromium
noblacklist ${HOME}/.cache/mozilla
noblacklist ${HOME}/.config/chromium
noblacklist ${HOME}/.config/chromium-flags.conf
noblacklist ${HOME}/.mozilla
noblacklist ${HOME}/.pki


#allow node
blacklist ${PATH}/node
blacklist /usr/include/node

include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-programs.inc

mkdir ${HOME}/.cache/chromium
mkdir ${HOME}/.cache/mozilla/firefox
mkdir ${HOME}/.config/chromium
mkdir ${HOME}/.mozilla
mkdir ${HOME}/.pki
whitelist ${DOWNLOADS}
whitelist ${HOME}/.cache/chromium
whitelist ${HOME}/.cache/mozilla/firefox
whitelist ${HOME}/.config/chromium
whitelist ${HOME}/.config/chromium-flags.conf
whitelist ${HOME}/.mozilla
whitelist ${HOME}/.pki
include whitelist-common.inc
include whitelist-var-common.inc

apparmor
caps.keep sys_chroot,sys_admin
# machine-id breaks pulse audio; it should work fine in setups where sound is not required
#machine-id
netfilter
# Breaks Gnome connector - disable if you use that
nodbus
nodvd
nogroups
notv
?BROWSER_DISABLE_U2F: nou2f
shell none

disable-mnt
private-dev

noexec /tmp

# the file dialog needs to work without d-bus
env NO_CHROME_KDE_FILE_DIALOG=1

@SkewedZeppelin commented on GitHub (Jan 12, 2019): you can try this as a profile, save it as ~/.config/firejail/chromium.profile ``` # Firejail profile for cfn # Description: chromium, firefox, and node # This file is overwritten after every install/update # Persistent local customizations include cfn.local # Persistent global definitions include globals.local noblacklist ${HOME}/.cache/chromium noblacklist ${HOME}/.cache/mozilla noblacklist ${HOME}/.config/chromium noblacklist ${HOME}/.config/chromium-flags.conf noblacklist ${HOME}/.mozilla noblacklist ${HOME}/.pki #allow node blacklist ${PATH}/node blacklist /usr/include/node include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc mkdir ${HOME}/.cache/chromium mkdir ${HOME}/.cache/mozilla/firefox mkdir ${HOME}/.config/chromium mkdir ${HOME}/.mozilla mkdir ${HOME}/.pki whitelist ${DOWNLOADS} whitelist ${HOME}/.cache/chromium whitelist ${HOME}/.cache/mozilla/firefox whitelist ${HOME}/.config/chromium whitelist ${HOME}/.config/chromium-flags.conf whitelist ${HOME}/.mozilla whitelist ${HOME}/.pki include whitelist-common.inc include whitelist-var-common.inc apparmor caps.keep sys_chroot,sys_admin # machine-id breaks pulse audio; it should work fine in setups where sound is not required #machine-id netfilter # Breaks Gnome connector - disable if you use that nodbus nodvd nogroups notv ?BROWSER_DISABLE_U2F: nou2f shell none disable-mnt private-dev noexec /tmp # the file dialog needs to work without d-bus env NO_CHROME_KDE_FILE_DIALOG=1 ```

gitea-mirror commented

2026-05-05 08:13:23 -06:00

Author

Owner

@ghost commented on GitHub (Jan 15, 2019):

you mean noblacklist instead of blacklist ${PATH}/node blacklist /usr/include/node

it worked, i spend some times on it and i found that i needed to add whitelist ${HOME}/.config/com.add0n.node/ to get the addon working

thanks!!

also without merging profiles and if firefox is already running it will not use the chromium sandbox, i use this trick for others firejailed apps such as feedreader.

@ghost commented on GitHub (Jan 15, 2019): you mean noblacklist instead of `blacklist ${PATH}/node blacklist /usr/include/node` it worked, i spend some times on it and i found that i needed to add `whitelist ${HOME}/.config/com.add0n.node/` to get the addon working thanks!! also without merging profiles and if firefox is already running it will not use the chromium sandbox, i use this trick for others firejailed apps such as feedreader.

Rows
Columns

[GH-ISSUE #2337] chromium: "Open in Firefox" addon does not work #1559