1219828 - Review strings for insecure-login-form doorhanger

Status: RESOLVED WONTFIX

(Firefox for Android Graveyard :: General, defect)

Description

[Chenxia Liu [:liuche]]

Attachment: Screenshot: Android strings

This bug is to review the strings on Android and Desktop for non-secure pages with login forms, and to make them consistent.

We landed the strings on Android in a hurry to catch the accelerated merge window, but there was a lot of discussion about specificity and not being overly technical.

Comment 1

[Chenxia Liu [:liuche]]

Attachment: Screenshot: Desktop part 1

Comment 2

[Chenxia Liu [:liuche]]

Attachment: Screenshot: Desktop part 2

Comment 3

[Tanvi Vyas[:tanvi]]

You could skip the "This page is not secure" part because it says Insecure Connection above it.  And just go with the string used in the subpanel for desktop:

The login information you enter on this page could be compromised.

Or to make it short:
Login data you enter on this page could be compromised.

Note that for Firefox Desktop, this warning is pref'ed on in Nightly builds and pref'ed off in Aurora (Firefox 44 Aurora).  We may pref it on for Firefox 44 Aurora as an uplift after we fix one other bug.

Thanks Chenxia for bringing this to Fennec!

Comment 4

[Matej Novak [:matej]]

(In reply to Tanvi Vyas [:tanvi] from comment #3)
> You could skip the "This page is not secure" part because it says Insecure
> Connection above it.  And just go with the string used in the subpanel for
> desktop:
> 
> The login information you enter on this page could be compromised.
> 
> Or to make it short:
> Login data you enter on this page could be compromised.

I think this is a lot clearer, but could we be even more explicit? How could it be compromised? Could it be read or collected by someone else. At the very least, maybe "vulnerable" would be better.

Also, is it limited to login information or could it be all information?

Comment 5

[:Margaret Leibovic]

We're removing this feature in bug 1272348.