Mozilla Browser Archive (.xpi)
.xpi file signature | application/x-xpinstall
Mozilla Browser Archive (XPI) is a package format created and maintained by Mozilla for distributing browser extensions and related add-ons. It is primarily used to install extensions, themes, and other components for Firefox and other Mozilla-based applications. Because XPI files can contain executable code and configuration data, they should be installed only from trusted sources; older add-on formats are now largely superseded by WebExtensions.
Magic Bytes
Offset 0
50 4B 03 04
Sources: Wikipedia, Gary Kessler
All Known Signatures
3 signature variants are documented for .xpi files across multiple sources.
| Hex Signature | Offset | Sources |
|---|---|---|
| 50 4B 03 04 | 0 | Wikipedia, Gary Kessler |
| 50 4B 05 06 | 0 | Wikipedia |
| 50 4B 07 08 | 0 | Wikipedia |
Extension
.xpi
MIME Type
application/x-xpinstall
Byte Offset
0
Risk Level
Safe
Validation Code
How to validate .xpi files in Python
def is_xpi(file_path: str) -> bool:
"""Check if file is a valid XPI by magic bytes."""
signature = bytes([0x50, 0x4B, 0x03, 0x04])
with open(file_path, "rb") as f:
return f.read(4) == signatureHow to validate .xpi files in Node.js
function isXPI(buffer: Buffer): boolean {
const signature = Buffer.from([0x50, 0x4B, 0x03, 0x04]);
return buffer.subarray(0, 4).equals(signature);
}How to validate .xpi files in Go
func IsXPI(data []byte) bool {
signature := []byte{0x50, 0x4B, 0x03, 0x04}
if len(data) < 4 {
return false
}
return bytes.Equal(data[:4], signature)
}API Endpoint
/api/v1/xpi
curl https://filesignature.org/api/v1/xpi
See the full API documentation for all endpoints and parameters.
Frequently Asked Questions
What is a .xpi file?
A .xpi file is a Mozilla Browser Archive file. Mozilla Browser Archive (XPI) is a package format created and maintained by Mozilla for distributing browser extensions and related add-ons. It is primarily used to install extensions, themes, and other components for Firefox and other Mozilla-based applications. Because XPI files can contain executable code and configuration data, they should be installed only from trusted sources; older add-on formats are now largely superseded by WebExtensions.
What are the magic bytes for .xpi files?
The magic bytes for Mozilla Browser Archive files are 50 4B 03 04 at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.
How do I validate a .xpi file?
To validate a .xpi file, read the first bytes of the file and compare them against the known magic bytes (50 4B 03 04) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.
What is the MIME type for .xpi files?
The primary MIME type for .xpi files is application/x-xpinstall.
Is it safe to open .xpi files?
Mozilla Browser Archive (.xpi) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.