Firefox ESR integrated addons mechanism - most prominently visible as the about:addons page - is linked with Mozilla addons service.
This both implicitly promotes non-free add-ons, and leaks user data to a third-party.
Previous releases of Firefox ESR (early releases branded as PureBrowser, some of them based on Debian Iceweasel) linked to the FSF addon web page https://www.gnu.org/software/gnuzilla/addons.html - which addressed the promotion of non-free addons (assuming GNU-provided addons comply also with Debian guidelines), but still leaks user data.
One fix is to create on the PureOS website a page similar to https://trisquel.info/en/browser/addons/ - but that too would leak user data.
Possibly best is to setup an APT trigger to generate a web page locally on the user machine which lists addons available to install with APT.