MozillaWiki

Add-ons/Reviewers/Guide/Review Decision: Difference between revisions

Page Discussion

Add-ons/Reviewers/Guide/Review Decision (view source)

Revision as of 16:45, 12 March 2024

1,320 bytes added ,  12 March 2024
Changed certain verdicts, and added a few cases to align with the current set of guidelines on data collection policy
(Policy Updates 2021)
(Changed certain verdicts, and added a few cases to align with the current set of guidelines on data collection policy)
 
(One intermediate revision by the same user not shown)
Line 85: Line 85:
| The add-on uses means such as webRequest to circumvent the permission prompts for new tab page, homepage or search engine changes. || Reject Immediately
| The add-on uses means such as webRequest to circumvent the permission prompts for new tab page, homepage or search engine changes. || Reject Immediately
|-
|-
| The add-on changes browsing behavior inhibiting user actions, such as closing or hiding about:addons or other special pages when opened. || Escalate
| The add-on changes browsing behavior inhibiting user actions, such as closing or hiding about:addons or other special pages when opened. || Reject and Escalate Immediately
|-
|-
| The add-on unexpectedly makes use of redirection to block the user from visiting certain sites without providing the user an option to circumvent the redirection. The add-on is violating the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews#No_Surprises no surprises policy]. ||  Reject Immediately
| The add-on unexpectedly makes use of redirection to block the user from visiting certain sites without providing the user an option to circumvent the redirection. The add-on is violating the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews#No_Surprises no surprises policy]. ||  Reject Immediately
|-
|-
| The add-on silently modifies web content, for example by exchanging words and images, or adding content. This feature is not part of the core functionality and is not described to the user in any way. || Delayed Reject
| The add-on silently modifies web content, for example by exchanging words and images, or adding content. This feature is not part of the core functionality and is not described to the user in any way. || Reject Immediately
|-
|-
| The add-on describes itself as e.g. “VPN Service”, while at the same time it also provides something completely unrelated to the add-on’s core function, such as altering the new tab page and providing affiliate search results.<br /><br />The additional features are not stated in the description, and there is no opt-in for the additional feature, violating the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews#No_Surprises no surprises requirements]. || Reject Immediately
| The add-on describes itself as e.g. “VPN Service”, while at the same time it also provides something completely unrelated to the add-on’s core function, such as altering the new tab page and providing affiliate search results.<br /><br />The additional features are not stated in the description, and there is no opt-in for the additional feature, violating the [https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Reviews#No_Surprises no surprises requirements]. || Reject Immediately
|-
|-
| An add-on provides UI to allow the user to make a no surprises choice, but the default action is to accept the choice (hence not an opt-in). || Delayed Reject
| An add-on provides UI to allow the user to make a no surprises choice, but the default action is to accept the choice (hence not an opt-in). || Reject Immediately
|-
|-
| An add-on makes use of an “unexpected” feature as per no-surprises policy, but fails to indicate so in the add-on description. || Delayed Reject
| An add-on makes use of an “unexpected” feature as per no-surprises policy, but fails to indicate so in the add-on description. || Delayed Reject
Line 122: Line 122:
| The add-on’s code, functionality or service used indicates that payment is required to use the core functionality of the add-on but the developer has not selected this option in the listing. || Delayed Reject
| The add-on’s code, functionality or service used indicates that payment is required to use the core functionality of the add-on but the developer has not selected this option in the listing. || Delayed Reject
|-
|-
| The add-on only functions within a closed environment, such as only for employees of a specific company (“internal or private use”). <br/><br/> If the add-on has just been submitted to AMO, rejecting immediately is acceptable. Otherwise, delaying the rejection gives developers time to migrate their services to point to the new self-hosted location. || Delayed Reject
| The add-on only functions within a closed environment, such as only for employees of a specific company (“internal or private use”). || Reject Immediately
|-
|-
| Users can only sign up to the service using a “contact us” link on the website. There is no apparent web sign-up process (“only accessible to a closed user group”).<br /><br />(Note that especially on sites with foreign languages, maybe you just missed it. Best to ask the developer to provide information on how a user would sign up. If they can’t provide the information or confirm there is no web sign-up process, the add-on can be rejected). || Delayed Reject
| Users can only sign up to the service using a “contact us” link on the website. There is no apparent web sign-up process (“only accessible to a closed user group”).<br /><br />(Note that especially on sites with foreign languages, maybe you just missed it. Best to ask the developer to provide information on how a user would sign up. If they can’t provide the information or confirm there is no web sign-up process, the add-on can be rejected). || Reject Immediately
|-
|-
| The add-on is clearly a fork of another add-on, while not providing a significant difference in functionality or code. (This should be a joint decision, we want to make sure not to block creativity by being too strict on “significant difference”) || Request Super Review
| The add-on is a fork of another add-on, while not providing a significant difference in functionality or code. || Reject Immediately
|-
|-
| The add-on listing is well described, but requires knowledge of the specific system being used in combination with the add-on. || Approve
| The add-on listing is well described, but requires knowledge of the specific system being used in combination with the add-on. || Approve
Line 152: Line 152:
|-
|-
| The add-on requests additional permissions that are not required for the add-on to function. || Delayed Reject
| The add-on requests additional permissions that are not required for the add-on to function. || Delayed Reject
|-
| The add-on contains transpiled, minified or otherwise machine-generated code and the source submission relies on outdated or unmaintained build tools || Delayed Reject
|}
|}


Line 163: Line 165:
| The add-on requests additional permissions that are not required for the add-on to function. The developer argues they will need them in a future update. || Delayed Reject
| The add-on requests additional permissions that are not required for the add-on to function. The developer argues they will need them in a future update. || Delayed Reject
|-
|-
| The add-on loads and executes remote code.<br/><br/>If there is reason to believe the add-on is intentionally loading remote code, please escalate to a block. || Reject Immediately or Escalate
| The add-on loads and executes remote code.<br/><br/>If there is reason to believe the add-on is intentionally loading remote code, please escalate to a block. || Reject Immediately
|-
|-
| The add-on uses a http channel to exchange information, while it is possible for the developer to use https.<br/><br/>If the developer has control over the remote infrastructure and can enable servers to use https, you can reject as they need to take this step. If the choice of http is outside of the developers hands, you may approve. || Reject Immediately
| The add-on uses a http channel to exchange information, while it is possible for the developer to use https.<br/><br/>If the developer has control over the remote infrastructure and can enable servers to use https, you can reject as they need to take this step. If the choice of http is outside of the developers hands, you may approve. || Reject Immediately
Line 190: Line 192:
|-
|-
| On a quick skim, the privacy policy seems to be about a website more than it is about the add-on. || Delayed Reject
| On a quick skim, the privacy policy seems to be about a website more than it is about the add-on. || Delayed Reject
|-
| The add-on is listed and doesn't link to its privacy policy hosted on AMO on its data collection consent page || Delayed Reject
|-
| The add-on is listed and links to a self-hosted privacy policy (as opposed to AMO hosted) on its data collection consent page || Reject Immediately
|-
| The add-on is unlisted and doesn't link to a self-hosted privacy policy on its data collection consent page || Reject Immediately
|-
|-
| The add-on makes use of native messaging, but does not explain the data exchanged with this application in the privacy policy. || Delayed Reject
| The add-on makes use of native messaging, but does not explain the data exchanged with this application in the privacy policy. || Delayed Reject
Line 196: Line 204:
|-
|-
| The add-on exchanges data with a native application via native messaging, but the data being exchanged is not summarized in the description nor mentioned in the privacy policy. || Delayed Reject
| The add-on exchanges data with a native application via native messaging, but the data being exchanged is not summarized in the description nor mentioned in the privacy policy. || Delayed Reject
|-
| The add-on exchanges data with a native application, but the data is not declared in the data collection consent experience within the add-on. || Reject Immediately
|-
|-
| The add-on provides a search box for Google, Bing, Amazon etc. and search requests go through another website. || Reject Immediately
| The add-on provides a search box for Google, Bing, Amazon etc. and search requests go through another website. || Reject Immediately
Line 203: Line 213:
| The add-on collects personal data, technical data, or user interaction data, and does not have a consent prompt when the add-on is first run (e.g. installed). || Reject Immediately
| The add-on collects personal data, technical data, or user interaction data, and does not have a consent prompt when the add-on is first run (e.g. installed). || Reject Immediately
|-
|-
| The add-on has a consent prompt, but it does not describe the data being collected || Delayed Reject
| The add-on has a consent prompt, but it does not describe the data being collected || Reject Immediately
|-
|-
| The add-on has a consent prompt that makes use of dark patterns to entice the user to accept. || Delayed Reject
| The add-on has a consent prompt that makes use of dark patterns to entice the user to accept. || Reject Immediately
|-
|-
| The main purpose of the add-on is to collect and analyze form data. Therefore, the add-on collects personal data such as the name and email of the user and sends the data to the service, but without an opt-in for personal data. || Reject Immediately
| The main purpose of the add-on is to collect and analyze form data. Therefore, the add-on collects personal data such as the name and email of the user and sends the data to the service, but without an opt-in for personal data. || Reject Immediately
Line 211: Line 221:
| An add-on collects all visited browser URLs without notice, as part of a feature that does not relate to the primary functionality of the add-on. || Reject Immediately
| An add-on collects all visited browser URLs without notice, as part of a feature that does not relate to the primary functionality of the add-on. || Reject Immediately
|-
|-
| The add-on exchanges data via native messaging that does not belong to the primary functionality of the add-on and fails to adhere to the [https://extensionworkshop.com/documentation/publish/add-on-policies/#no-surprises no surprises requirements].<br/><br/>In severe cases, such as when sensitive data is being exchanged, please reject immediately. || Delayed Reject
| The add-on exchanges data via native messaging that does not belong to the primary functionality of the add-on and fails to adhere to the [https://extensionworkshop.com/documentation/publish/add-on-policies/#no-surprises no surprises requirements]. || Reject Immediately
|-
| The consent experience only offers the option to accept the data collection. || Reject Immediately
|-
| The consent experience offers the option to accept or uninstall, but the main functionality of the add-on will technically work without this type of data collection.<br/><br/>If the developer argues that collecting the data is required for business purposes, e.g. to maintain the add-on, this does not warrant an accept or uninstall behavior. || Reject Immediately
|-
| The add-on collects technical data and does not provide a way for the user to disable this type of data collection. || Reject Immediately
|-
| The add-on combines both personal and technical data into one option and does not provide a way to control them separately. || Reject Immediately
|-
| An update to the add-on adds consent experience but it is only displayed to new users and not to existing users upgrading to a newer version. || Reject Immediately
|-
|-
| The consent experience only offers the option to accept the data collection. || Delayed Reject
| An update to the add-on contains additional data collection but that data isn't declared in the consent experience and/or the consent isn't displayed again to existing users upgrading to this version. || Reject Immediately
|-
|-
| The consent experience offers the option to accept or uninstall, but the main functionality of the add-on will technically work without this type of data collection.<br/><br/>If the developer argues that collecting the data is required for business purposes, e.g. to maintain the add-on, this does not warrant an accept or uninstall behavior. || Delayed Reject
| The consent experience is not shown immediately after installation, but the add-on does not collect any data until the user sees the consent. (For example, consent experience is shown at browser action click). || Delayed Reject
|-
|-
| The add-on collects technical data and does not provide a way for the user to disable this type of data collection. || Delayed Reject
| The consent experience is not shown immediately after installation, but data is being collected before the user can see the control mechanism. || Reject Immediately
|-
|-
| The add-on combines both personal and technical data into one option and does not provide a way to control them separately. || Delayed Reject
| The add-on collects personal data, technical data, or user interaction data and does not have a consent experience. || Reject Immediately
|}
|}


Line 238: Line 258:
! scope="col" style="width: 10.5em" | Verdict
! scope="col" style="width: 10.5em" | Verdict
|-
|-
| The add-on monetizes by injecting ads into web pages, but fails to identify the content as belonging to the add-on. || Delayed Reject
| The add-on monetizes by injecting ads into web pages, but fails to identify the content as belonging to the add-on. || Reject Immediately
|-
|-
| The add-on includes a crypto-mining function that mines coins in the background for the profit of the developer. || Reject Immediately
| The add-on includes a crypto-mining function that mines coins in the background for the profit of the developer. || Reject Immediately
Line 264: Line 284:
| The add-on makes use of remote CSS scripts, which can cause security vulnerabilities in combination with libraries such as React and Angular. || Reject Immediately
| The add-on makes use of remote CSS scripts, which can cause security vulnerabilities in combination with libraries such as React and Angular. || Reject Immediately
|-
|-
| The add-on seems to be intentionally violating our policies, such as collecting a cryptocurrency private key and sending it to a remote server. || Escalate
| The add-on seems to be intentionally violating our policies, such as collecting a cryptocurrency private key and sending it to a remote server. || Force Disable and Block
|}
|}




[[Add-ons/Reviewers/Guide/Reviewing|Previous: Reviewing]] [[Add-ons/Reviewers/Guide/Moderation|Next: Moderation]]
[[Add-ons/Reviewers/Guide/Reviewing|Previous: Reviewing]] [[Add-ons/Reviewers/Guide/Moderation|Next: Moderation]]
Anagekar
3

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1239634...1250212"