Closed Bug 1372033 Opened 6 years ago Closed 4 years ago
Add a "never for the site" option to the extension permission dialog
47 bytes, text/x-phabricator-request
|Details | Review|
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0.2 Waterfox/52.0.2 Build ID: 20170412235751 Steps to reproduce: 1. Go to a website that hosts extensions locally. 2. If necessary, click on the button to get said extension. Actual results: A dialog box will pop up asking you if you want to allow the site to install extensions with the options being either allow or not now. Expected results: The prompt should include a "never for the site" option as there are some sites will trigger said prompt every time you visit unless you agree to install their extension.
This makes sense to me, we could either add a "Don't ask me again for this site" checkbox (which would mean that the user could also permanently allow the extension permission) or we add a "Never for this site" dropdown similar to web notifications (https://permissions.site). I'd think the latter is the better choice. Andy, does someone from your team have any thoughts on this?
Component: Security → Site Identity and Permission Panels
Priority: -- → P3
Following the patter we use for web notifications sounds great! Would help empower people to block pages that use this install prompt in an overly pushy way.
Ugh, I just noticed that unfortunately the "install" permission doesn't work like other permissions. The behavior that maps to the internal BLOCK state is equal to what other permission do for the UNKNOWN state (always ask). So if set to BLOCK, the doorhanger will appear to ask the user. We could migrate away from that, but it would mean that anyone who manually set block (for whatever reason, since it's the default value) would not get the doorhanger anymore. I suspect this affects an extremely low amount of people, and those people would probably have the ability to switch back to default, but that's really just my assumption.
Markus is probably the best person to ask for a team preference, looks like you've already got him on the thread. A site that continually asks this sound awful and I would recommend voting with your browser and not returning to it.
(In reply to Johann Hofmann [:johannh] from comment #3) > Ugh, I just noticed that unfortunately the "install" permission doesn't work > like other permissions. The behavior that maps to the internal BLOCK state > is equal to what other permission do for the UNKNOWN state (always ask). So > if set to BLOCK, the doorhanger will appear to ask the user. That seams odd, any idea why that is implemented differently? > We could migrate away from that, but it would mean that anyone who manually > set block (for whatever reason, since it's the default value) would not get > the doorhanger anymore. I suspect this affects an extremely low amount of > people, and those people would probably have the ability to switch back to > default, but that's really just my assumption. How frequent is it that pages would annoy users with extension install requests? It sounds like a lot of work to come up with a fix. I am not sure it is worth it. (As Andy said, if the page annoys people, they can choose to not go there.) If it is a serious problem, I think adding a permanent block, is a good idea - if we can surface which sites a user permanently blocked in the permissions doorhanger, and in settings - security - exceptions... (and if we can ensure that AMO can not be block.)
Assignee: nobody → prathikshaprasadsuman
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Assignee: prathikshaprasadsuman → nobody
Status: ASSIGNED → NEW
You need to log in before you can comment on or make changes to this bug.