Shared Lock State doesn't work in Firefox Snap

OS: Ubuntu 24.04

Desktop environment: GNOME on X11

Browser: Firefox 147.0.1 (64-bit)

Output of `snap list firefox`: firefox 147.0.1-1 7672 latest/stable/… mozilla✓   -

1Password desktop app version: 1Password for Linux 8.12.0, 81200013, on PRODUCTION channel

1Password browser extension version: 1Password browser extension version 8.11.27.2, 81127002, on STABLE channel

On my computer, the desktop app "Connect with 1Password in the browser" and browser extension "Integrate this extension with the 1Password desktop app" settings are turned on, but the setting doesn't work. The browser extension settings page says "Integration status: Connection problem":

The contents of the log in `/root/.config/1Password/logs/BrowserSupport/1Password_rCURRENT.log` says:

INFO 2026-01-25T00:41:13.003+00:00 main(ThreadId(1)) [1P:native-messaging/op-browser-support/src/main.rs:392] Starting 1Password-BrowserSupport 8.12.0 production build no. 81200013.
INFO 2026-01-25T00:41:13.012+00:00 tokio-runtime-worker(ThreadId(9)) [1P:native-messaging/op-browser-support/src/main.rs:305] browser message handler started
INFO 2026-01-25T00:41:13.012+00:00 main(ThreadId(1)) [1P:native-messaging/op-browser-support/src/browser_verification/linux.rs:44] Verifying browser "/usr/libexec/xdg-desktop-portal"
ERROR 2026-01-25T00:41:13.073+00:00 main(ThreadId(1)) [1P:native-messaging/op-browser-support/src/main.rs:430] Browser support error: UnknownBrowser(/usr/libexec/xdg-desktop-portal), happened in: native-messaging/op-browser-support/src/browser_verification/linux.rs:103
        Additional error context: /usr/libexec/xdg-desktop-portal isn't a supported browser

The 1Password browser extension communicates with the desktop app through the https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Native_messaging web API, which launches the `/opt/1Password/1Password-BrowserSupport` program. While https://support.1password.com/kb/202408b/, it does try to check whether the launching process is a legitimate browser https://bucket.agilebits.com/security/SecfaultSecurity_Report_B5x_Security_Assessment_v1.1.pdf. You can add browsers to the list on Linux through https://support.1password.com/additional-browsers/?linux.

https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1943840. However, because https://ubuntu.com/blog/a-guide-to-snap-permissions-and-interfaces, https://discourse.ubuntu.com/t/call-for-testing-native-messaging-support-in-the-firefox-snap/29759/105.

Since that update in November 2022, Firefox Snap has used xdg-desktop-portal to make the Native Messaging API work. However, 1Password has not yet added xdg-desktop-portal as a supported caller of the 1Password-BrowserSupport process.

1Password has a strong interest in only allowing legitimate browsers to initiate the NMH by default. It checks the executable name against a specific list and checks that the file & its folder are owned by root. Allowing xdg-desktop-portal would present somewhat of a security risk because various applications can use the portal, but it has its own permissions mechanism that requires the user to allow access to the WebExtension backend (https://discuss.kde.org/t/where-are-the-privacy-settings-firefox-extension-native-messaging/6367):

Would y'all consider adding it? Thank you for your time.