Access permissions of Add-ons

When you install an add-on to Thunderbird 78, unlike Thunderbird 68, you will see notification of access permission.

In this post, I describe about the reasons of the permissions of my add-ons.

There are two types of notification.

Case1: Ask concrete permissions 

The notification is shown when you install an add-on written in purely MailExtensions/WebExtensions. The add-on does not perform other than it declares here. If it requests more permissions comparing to its functionality, you may carefully check the behavior of the add-on.

Case2: Request full access

This is the case the add-on uses WebExtension Experiments. It allows add-ons to access inside of Thunderbird. It is not controlled by Thunderbird. It means it may perform important operations, such as sending messages, deleting messages etc, without your permission if malicious code is included. So, it says "full and unrestricted access" by assuming the worst case.

The framework is used in many add-ons because the new API, MailExtensions, is very restricted and it is almost impossible to realize the same things performed on Thunderbird 68.

It has security risks, as Thunderbird says, but nothing is changed from Thunderbird 68. The same issue is in Thunderbird 68 too.

My Add-ons

Here I describes reasons of access permission requests of my add-ons. I never see and use your privacy data. Don't worry.

• Check and Send
• See your mail accounts and their folders
  Used to read identity information in order to realize configurations per identity and popup identity information in the check
• Read and modify your address books and contacts
  Used to read address book and its contents to check recipients based on address books. Modification is not performed.
• Read and modify your email messages as you compose and send them
  Used to interrupt sending process to check the outgoing message. It is also used to read and modify recipients, subject and body of the message.
• EnForward
• See your mail accounts and their folders
  Used to read identity information to show candidates used to forward message in option.
• Read and modify your email messages as you compose and send them
  Used to modify subject and To address to prepare the message for Evernote forwarding
• Read your email messages and mark or tag them
  Used to read available tags to show the tag boxes in option
• Access browser tabs
  It is not used. No process requires this permission is included. I'll remove it in the next update.
• Full, unrestricted access (WebExtensions Experiments)
  Used to create temporally file in local to prepare message to be forwarded
• Evernote Tab
• Access browser activity during navigation
  Open Evernote page by Thunderbird tab
• Access browser activity during navigation
  Open Evernote page by Thunderbird tab. It is also used to enable Cookies for the page.
• Maximize Message Pane
• See your mail accounts and their folders
  Used to detect folder selection change. It is used as trigger for restoring message pane.
• Read your email messages and mark or tag them
  Used to detect message display change. Attachment view in message pane appears every time when the display is changed. So, it is used as a trigger for collapsing the view.
• Full, unrestricted access (WebExtensions Experiments)
  Use to hide (collapsed=true) message pane and so on.
• Message Header Toolbar Customize
• Full, unrestricted access (WebExtensions Experiments)
  Used to hide and reorder toolbar button
• New Tab Button
• Access browser tabs
  It is not used. No process requires this permission is included. I'll remove it in the next update.
• Full, unrestricted access (WebExtensions Experiments)
  Used to open message in a tab. MailExtensions has an API to open web page in a tab, but it does not have API for a message.
• Priority Switcher
• See your mail accounts and their folders
  Used to know server type (IMAP or not) of a folder. It used to realize "Rewrite on IMAP server only" option.
• Move, copy, or delete your email messages
  Used to rewrite message source. It copy a message and rewrite it and then remove original message. The remove operation needs this permission. Rewrite is performed by WebExtension Experiments (full access).
• Read your email messages and mark or tag them
  Used to read priority headers such as X-Priority, read whole message source to rewrite, and judge a message is starred or not
• Full, unrestricted access (WebExtensions Experiments)
  Used to create temporally file in local and submit it to Thunderbird's database in order to rewrite X-Priority of message in source level.
• Tag Popup
• Read your email messages and mark or tag them
  Used to read available tags, read assigned tags of a message, add/remove tags to/from messages
• Access browser tabs
  It is not used. No process requires this permission is included. I'll remove it in the next update.
• Full, unrestricted access (WebExtensions Experiments)
  Used to detect click on message header view and customize tag labels shown in the header to toggle tags by the label clicking

If you have any questions, please feel free to ask here.