Your extension may contain two types of permission requests: install time and runtime. These permissions include access to API features and user consent to collect and transmit data. This page explains how you can test the way your users see requests for these permissions.
When you’re testing with an unpackaged extension, using either about:debugging or web-ext, install time and runtime permissions are handled as follows:
about:debugging, or Firefox restarts.You follow different processes depending on whether you want to observe the permissions requests for an installation or an upgrade.
To view the install time permission warnings users see when installing your extension and retest runtime permission requests, install the extension from its *.xpi or *.zip file.
To do this with an unsigned *.xpi or *.zip file you need to:
manifest.json browser_specific_settings key.about:config preference xpinstall.signatures.required to false.Then install the extension using Install Add-on From File in the Add-on manager (about:addons). As the extension installs, the request to grant the install-time permissions displays, similar to this:
Note that the caution message relates to this being an unsigned extension; this message isn’t displayed during installation from addons.mozilla.org.
For details on how to deliver web extension updates when self-hosting your extension, see Updates.
To view the install time permission warnings users see when Firefox upgrades your extension and retest runtime permission requests, you install the extension from its .xpi file posted on an HTTP or HTTPS server.
You can use an HTTP server (such as a simple Python localhost server) or an HTTPS server. However, your HTTPS server must have a verifiable certificate, one that Firefox can auto-accept; you cannot use a self-signed certificate. If you want to test from an HTTPS server but don’t have one, GitHub Pages is an option.
To perform the test, you need to:
manifest.json browser_specific_settings key to:
"browser_specific_settings": {
"gecko": {
"strict_min_version": "54.0a1",
"update_url": "https://your-account.github.io/webextensions/upgrade.json",
"id": "@your-addon-id"
}
},manifest.json file, remembering to update the version number. Create a package containing your updated extension.If the packages were generated with .zip extensions, change them to .xpi; otherwise, your browser may try to download rather than install the extension.
"browser_specific_settings": {
"gecko": {
"strict_min_version": "54.0a1",
"update_url": "https://your-account.github.io/webextensions/upgrade.json",
"id": "@your-addon-id"
}
},upload the two extension packages and the updates manifest to your HTTP or HTTPS server.
run the Nightly or Developer Edition versions of Firefox.
in about:config:
xpinstall.signatures.required to false.extensions.checkUpdateSecurity and extensions.install.requireSecureOrigin preferences to false. To do this:
false. 
open the link to the first XPI file to install it.
open about:addons, click the gear icon, and click Check for Updates.
you get a permission warnings prompt, similar to this one, detailing the additional permissions requested:
If the upgrade doesn't happen, look for addons.update-checker logs in the Browser Console. Any errors encountered during the upgrade process are reported in the log.
To retest your extension’s runtime permission grants and its post-install behavior, you've two choices:
about:debugging and reinstall it, or restart Firefox.
You can then rerun the extension, and any runtime permission requests are displayed as if the extension is being run for the first time.
Develop
Develop