Get the official version at

The quickfilters source code can be accessed through one of the following ways:

  1. View the source at GitHub
  2. Use Git or checkout with SVN using the web URL
  3. Get a local copy of the source by performing the following:
    svn co

If you build your own version, make sure to create a zip archive of all files and folders including install.rdf. Rename the file with the extension xpi (instead of zip). Pull the extension into your Application's addon Manager. To avoid confusion, it is a good idea to change the following entry in install.rdf every time you build a new version:


In Thunderbird 78 quickFilters requires full access. Why?

Actually, because all legacy Add-ons always already had full, implicit access to your whole Operating System via XPCOM - its just that Thunderbird did no ask you, the permissions system is new. This is the technology that Mozilla wants to replace with APIs in the future. XPCOM allows you to read and write files the same way as Thunderbird also is allowed to do this. In quickFilters I only use this technique for backup / restore. quickFilters also has access to the configuration in order to validate the license file against your configured email address and access to the filters (in order to create / write / manage them). I think that's pretty much all it needs.

Why / what does quickFilters need access to?

One thing that is important is the files as quickFilters has its own backup / restore functionality. It also has access to the configuration data within Thunderbird - because that's where it traditionally stores all its settings. In the future we will look at the "mail extension" way of doing these things (local storage) but we still have to discuss with the Mozilla team if we are allowed to store a single file (which may be in a restricted location). At the moment this whole system is actually not fully written, a lot of the APIs that will be necessary to move away from XPCOM are not written; Thunderbird is currently a incomplete "work in progress" as regards Add-ons.

They know this and hence allowed loading the old technology packaged as a web mail extension with the old technology underneath - this is called a "Mail experiment". It uses exactly the same functionality (except for the parts that Mozilla has modified or broken, which need to be rewritten).

All legacy / xpcom / "experimental" Add-ons are being fully reviewed against security breaches by a team of Add-on reviewers before they are actually allowed to be published on ATN. As part of the review, the ATN viewers can look at the "changeset" (all files and lines that changed in the code) to look for potential security breaches. I am also part of the reviewers team so I know about this process (naturally, I am not allowed to review my own Add-ons). So far we had no major breaches.

The security warning you see is basically a "catch-all" for such modified legacy Add-ons (now: "experiments") until we have a better system in place.

And, as you said a lot of Add-ons are now missing because even that wrapping process is not trivial (with my own Add-ons we are 250 hours of work into the conversion already); I will also need to fund considerable resources and time for my "free as in beer" add-ons FiltaQuilla, Zombiekeys, MenuOnTop and QuickPasswords which the license sales of my commercial ones will have to pay for. Therefore you see a lot of "free" Add-on developers walk away from the project, because they do not want to monetize or find it too difficult to set up.

I myself spent several months to come up with the current licensing system and it is a considerable effort considering what a small piece of software (only a few 10,000 lines of code) is compared with the behemoth that is Thunderbird (several Gigabytes of source code; it does contain the complete Firefox SW code base (mozilla-central) as a subset of its own code base "comm-central").

So basically there is nothing to worry about, if you have used quickFilters before. All the code is publicly viewable "Free Software"= Free as in freedom, 100% open source here:

(this is the address of the latest branch which will be later be moved to ESR78)

Also when you download the Add-on it is in a xpi files which basically an unprotected archive that can be unpacked in Windows and easily read. I do not use any code obfuscation tools and you can see a full history of all changes in the first comment of the main file quickFilters.js.

I am trying to be as transparent as possible not just here but also in the inline comments (within code) to speed up the review process. And, as yuou know the version history is also on the web page:

This conversion is a BIG step towards bringing quickFilters into a more stable format (in the end it will be like a web extension) which will als make it easier to generate perpetual licenses. (It's a different topic but if you are interested I can give you detail on that as well)

Subversion client and Help Documentation links: