I got to spend too much time the last two days fighting the good fight while trying to update and redeploy a Firefox extension that creates a toolbar of popular links for the college where I work. Firefox toolbar are nifty creatures, but they can be finicky.
To start, in order to even offer one on your web site, and to have it be downloadable as more than a page of digital vomit, you need to make sure your server’s configured to serve the Firefox extension document type, as documented in Mozilla’s “Extension Packaging” instructions.
Short version: your httpd.conf file (or .htaccess file if you can’t get to httpd.conf) needs to include a directive like this:
AddType application/x-xpinstall .xpi
This directive existed on our old web server, but when I moved the toolbar over to our new and improved server, I found it wasn’t there.
After fixing that problem, I had to go into the toolbar and update a bunch of links to point to the site’s new URL. Ok, no problem — I’ve done this a bunch of times. The process involves creating several zipped archives, which are renamed .jar or .xpi (depending on what part of the toolbar you’re dealing with). What I forgot, however, is that when you create these archives you can’t zip the folder that the files are in; you need to create the archive strictly using the files you want to be in it. If you include the folder, the directory structure within the toolbar gets messed up, and the installation/update of the toolbar will fail. Fortunately I rediscovered this mozillaZine which reminded me what I was doing wrong.
And finally, when I was updating the extension, I also made sure to change its internal links to secure URLs, to prevent the man-in-the-middle attack described in “Security vulnerability affects third-party Firefox extensions”.
After making the tweaks, the new toolbar’s up and running, and happily downloading on to campus computers. And I can go get some coffee…