I’m using Firefox for Android.
Apparently my scripts have been disabled by Firefox as they could not be verified by Mozilla and are apparently a security risk.
I was using violentmonkey. I think I’ll try switch browsers, but I thought I’d share what I know with you guys…
1 Like
It’s an issue in the latest version of Firefox. They’re working on a fix.
Also, as far as I know, scripts don’t work in any other browser on Android.
2 Likes
So it’s a Firefox issue then? Thanks for clarifying! It felt like it was…
I’ll read the forums to see if any of my other browsers are capable of running scripts.
Firefox on Desktop had a fix pushed out last night. Go to Options, search (top right) for Studies, turn studies on.
Then wait for a bit.
When you see the studies hotfix-reset-xpi-verification-timestamp-1548973 and hotfix-update-xpi-signing-intermediate-bug-1548973, restart Firefox and you should be good to go with Tampermonkey etc again!
An Android fix is still pending though.
It wasn’t a code change or breaking version update.
Because Firefox’s add-on system was getting taken advantage of by malware, they instituted a change a couple of years back which meant add-ons had to be signed with a security certificate at install time, and Firefox checks that certificate often to make sure nothing’s snuck up. Certificates expire after a bit for security reasons. The add-on-pocalypse from yesterday was because the security certificate wasn’t updated before it expired and thus when Firefox went to check the signing of all the add-ons, it disabled them. From a security perspective that makes sense because you don’t want to give malware an opening to install just because the signing infrastructure is down, but from a user standpoint… yeah, not a good look.
The reason I feel like it’s worth making the distinction is while a security certificate lapsing is not uncommon - it even happened to KaniWani within the last couple of months - an uncaught app-breaking code update shipping on a Friday is hair-pullingly irresponsible on the part of the Firefox team. Obviously for an end user broken is broken. For someone to lay the blame on a code update when it wasn’t, especially when people are upset, it’s just dumping fuel into the fire for the kinds of people who take that assumption and run with it to the effect of “how stupid do you have to be to push a code-breaking update on a Friday, graaahhh!”… when that’s not what happened.
4 Likes
To fix on Firefox on Android:
Go to about:config, search for “signatures” and change xpinstall.signatures.required to false (but only until they get Firefox on Android properly fixed).
(People may tell you this only applies to nightly/dev versions, but it works jsut fine on standard Firefox for Android. I’ve tried it myself.)
3 Likes
Thanks a lot for this. 
I’m not sure what I’m doing wrong, but even though I’ve verified that the fix is active on my desktop browser, Tampermonkey is not in my add-ons list at all.
When navigating to add-ons page, it gives me the option to install TamperMonkey, but if click to do so, it claims that it is unable to because I am not connected to the internet (untrue).
Almost all my settings seem to be borked. Firefox won’t allow me to change the language of my browser, for example, because it again says I have no internet connection. Restarted browser. Refreshed via the Firefox verification. Stil borked. Driving me up the bloody wall.
So at least I have Android on phone until I figure out what went wrong here. Thanks again.
This worked for me. Thank you!
1 Like
Thank you for you for your suggestion @rfindley! You’re always so helpful with tech stuff.
It would seem tho, that I cannot find “config” anywhere in my version of Firefox (I’m using 66.0.2)?? Am I just being a dummy?
Edit: yes, I was being a dummy. I have got it working now. Thanks for your help on this work around!
Thank you for that info! It makes sense that security certificates have to expire to protect your privacy and security… it’s just a bit annoying for the end user when it means some things stop working, isn’t it?
Mozilla published an update as Firefox 66.0.4
Go in “?” menu, then “about this version” to check for version updates.