Protect: verify extensions for security

Extensions (or add-ons) are mini-programs embedded in the browser that add features to Yandex.Browser. Some extensions are useful, while others may be malicious. For this reason, Yandex.Browser disables extensions from unverified sources and regularly checks installed extensions for fakes.

Disabling extensions from untrusted sources

Restriction. Extensions are only checked in Windows.

Some developers create extensions that distribute malware or show users pop-up ads, flashing banners, and other intrusive advertising. This is why Yandex.Browser only allows you to install extensions from the Chrome Web Store and Opera Add-ons, where all the extensions have passed a security check.

If you install an extension from another website, the browser will disable it immediately after installation and inform you of this. If this is a trusted source, you can enable the extension for one session by clicking the Enable link in the lower-left corner:

Note. If you don't want to enable the extension every time you launch Yandex.Browser, contact the extension's developers and ask them to publish it in the Chrome Web Store or Opera Add-ons. If you have created your own extension, publish it in the online store, and then install it from there.

Enabling extensions in settings

You can re-enable an extension you previously blocked in the browser settings:

  1. Click   → Extensions.
  2. Find the extension in the list and set it to On.

If the browser disables an extension that you developed

Try to solve the problem in one of the following ways:

Universal method

If you're developing an extension, use the Yandex.Browser beta version, which does not verify extensions.

For extensions that aren't published in the Chrome Web Store or Opera Add-ons

If your extension is not available in these stores, enable it every time you launch your browser using either the dialog window or browser settings.

For extensions from the Chrome Web Store or Opera Add-ons

If your extension is available in the Opera or Chrome catalog, enter the correct update URL in the update_url field of the manifest.json file. Here are the update URLs for each of the catalogs:

Catalog name Link for updating extensions
Chrome catalog https://clients2.google.com/service/update2/crx
Opera catalog https://extension-updates.opera.com/api/omaha/update/

Verifying authenticity of an extension

Sometimes attackers try to replace the files in installed extensions with advertising files or malicious code. To protect you from this type of deception, the browser periodically verifies the authenticity of extensions.

If an extension does not pass verification, Yandex.Browser disables it and displays a warning:

If you do not need the suspicious extension, click Delete.

If you need the extension, click Reinstall to restore the original version of it.

If you close the window by clicking outside of it, the extension remains disabled.

Note. You may see a similar message if the extension was deleted from the online store.

If an extension you are developing fails verification

Try to solve the problem in one of the following ways:

Use the browser's beta-version

The Yandex.Browser beta version does not check extensions.

Check the extension's version

Make sure that the user's version of the extension matches the version that you get when you click on the link in the update_url field in the manifest.json file.

Disabling verification of extensions

Attention. To disable checking the security of extensions, you need to completely disable the protection against malicious software and websites in your browser. We do not recommend this.

To disable malware protection:

  1. Click   → Settings.
  2. In the lower half of the Settings page, click Show advanced settings.
  3. In the Privacy section, deselect the Enable protection from malicious websites and software option.
  4. Restart the browser to apply the changes.