diff --git a/mobile/android/base/RestrictedProfiles.java b/mobile/android/base/RestrictedProfiles.java
index f0b4b556f3b2..7b637770e27a 100644
--- a/mobile/android/base/RestrictedProfiles.java
+++ b/mobile/android/base/RestrictedProfiles.java
@@ -37,6 +37,8 @@ public class RestrictedProfiles {
         add("wyciwyg");
     }};
 
+    private static final String ABOUT_ADDONS = "about:addons";
+
     /**
      * This is a hack to allow non-GeckoApp activities to safely call into
      * RestrictedProfiles without reworking this class or GeckoProfile.
@@ -271,6 +273,13 @@ public class RestrictedProfiles {
             return !GUEST_RESTRICTIONS.contains(restriction);
         }
 
+        // Disallow browsing about:addons if 'disallow install extension' restriction is enforced
+        if (restriction == Restriction.DISALLOW_BROWSE_FILES
+            && url.toLowerCase().startsWith(ABOUT_ADDONS)
+            && !isAllowed(context, Restriction.DISALLOW_INSTALL_EXTENSION)) {
+            return false;
+        }
+
         // NOTE: Restrictions hold the opposite intention, so we need to flip it.
         return !getRestriction(context, restriction);
     }