1505510 - Simplify testing extension permission warnings on extension update

Status: NEW

(WebExtensions :: General, enhancement, P3)

Description

[Alexei]

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36

Steps to reproduce:

It should be easier to test which permission warnings come up upon extension update.

Testing warnings on installation is easy: just drag and drop the XPI. Testing warnings on upgrade should be equally simple. It should not involve setting up basically the entire self hosted extension infrastructure: https://bugzilla.mozilla.org/show_bug.cgi?id=1411999#c18

1. Create an XPI, drag it into Firefox.
2. Create another XPI with for the same extension but with an updated set of extension permissions (for example, add the unlimitedStorage permission) that may or may not trigger a permissions warning dialog on extension update.
3. Drag and drop the new XPI into Firefox.


Actual results:

Instead of warning about the new permissions, the dialog lists every permission, new and old: https://bugzilla.mozilla.org/show_bug.cgi?id=1441693#c5


Expected results:

You should get the same exact result you would get if you were updating to a new version of this extension from AMO or a self-hosted update_url.

This means no dialog if no new permission warnings, and an update-specific permissions warning dialog otherwise.

Comment 1

[mlissner]

I agree with this bug, and am chiming in to express why this is important, which the initial report left out. As a extension developer and extension user, I rarely see permission changes from extensions and for the most part I don't think about them. Last year I updated our extension to add a new domain to it. It had one domain, and now it moved to having two for a small new feature we developed. 

Adding that new feature meant about 10% of our users uninstalled the extension because they saw the permissions dialog. Many of those people probably forgot they had it installed, so this is partly *fine*, but as a developer this is the kind of thing I should have known about in advance and had an opportunity to consider. Because my users have a different experience than I do as a developer of the extension, this came as a big surprise.

Comment 2

[mlissner]

I'm here as a extension developer to rant about this again. Today I released a new version of my extension. I QA'ed it and released it, and then got notified by a user that it was requesting access to localhost in the manifest. Why? Because I was using that in my development process and accidentally released it when I zipped up the extension.

Why didn't I catch this? Because Firefox doesn't prompt for these kinds of changes. Now our thousands of users are going to get prompted for this new permission and surely many will uninstall. I've created a new release fixing this, but damn, this is frustrating. 

I'll also add that this motivates me to use less granular permissions. I'm sitting here thinking that I'm in pain and losing users because we chose to use granular permissions rather than global ones like most extensions do. Sigh.

It'd be great to get some movement or discussion of this issue.

Comment 3

[Mike Conca [:mconca]]

(In reply to mlissner from comment #2)
> I'll also add that this motivates me to use less granular permissions. I'm
> sitting here thinking that I'm in pain and losing users because we chose to
> use granular permissions rather than global ones like most extensions do.
> Sigh.
> 
> It'd be great to get some movement or discussion of this issue.

Thanks for your input, and I think Firefox can do a better job in this regard. Short-term, we will be adding additional documentation to MDN to better explain how developers can test permission warnings. Longer-term, we will explore ways that Firefox itself can make testing permission warnings easier.