Make proxy an optional permission
Categories
(WebExtensions :: General, enhancement, P1)
Tracking
(firefox77 fixed)
Tracking | Status | |
---|---|---|
firefox77 | --- | fixed |
People
(Reporter: jakub.golebicki, Assigned: mixedpuppy)
References
(Blocks 1 open bug)
Details
(Keywords: dev-doc-complete)
Attachments
(1 file)
At this point when addon needs a proxy permission it can't be optional.
Some addons support proxy, but do much more, however users who use them need to give blanket proxy permission to the addon and hope nothing bad happens.
It'd appear there's no way for the user to block proxy in the settings that'd block extension, nor is there an option to inform user when proxy is being used.
This situation forces users to pick between security and usability.
Suggestions.
- Make Proxy permission optional.
- Inform user when proxy is being used.
- Give option to permanently block proxy usage, even when enabled by extension.
Updated•6 years ago
|
Updated•6 years ago
|
Comment 1•6 years ago
|
||
I believe making the proxy permission optional would accomplish all three objectives listed.
Comment 2•5 years ago
|
||
Hi, will this enhancement require manual validation? If yes, please provide some steps to reproduce in order for us to properly verify it and any other resource needed for testing (website, add-on, etc.). Additionally, please set the “qe-verify+” flag. Thanks !
Comment 3•5 years ago
|
||
(In reply to Alex Cornestean from comment #2)
Hi, will this enhancement require manual validation? If yes, please provide some steps to reproduce in order for us to properly verify it and any other resource needed for testing (website, add-on, etc.). Additionally, please set the “qe-verify+” flag. Thanks !
No patch for this bug has been submitted, so these questions cannot be answered yet.
Assignee | ||
Comment 4•5 years ago
|
||
I'm transitioning this bug to cover all permissions other than devtools (bug 1606862), which works different than normal permissions.
Those include:
management=Monitor extension usage and manage themes
pkcs11=Provide cryptographic authentication services
proxy=Control browser proxy settings
browsingData=Clear recent browsing history, cookies, and related data
nativeMessaging=Exchange messages with programs other than %S
sessions=Access recently closed tabs
unlimitedStorage=Store unlimited amount of client-side data
Assignee | ||
Comment 5•5 years ago
|
||
Also need to ensure we have all optional permissions in test_ext_permissions_api.js
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Assignee | ||
Comment 6•5 years ago
|
||
Sorry for the noise. I jumped the gun here, and am going to do separate bugs for each permission.
Assignee | ||
Comment 7•5 years ago
|
||
Assignee | ||
Comment 8•5 years ago
|
||
Comment 10•5 years ago
|
||
Comment 11•5 years ago
|
||
bugherder |
Assignee | ||
Updated•5 years ago
|
Comment 12•5 years ago
|
||
The following changes have been made:
- note added to release notes
- compatibility data updated, see PR6112
- notes added to the Extension Workshop article on requesting permissions, see PR636
Please let me know if you think further changes are needed.
Updated•5 years ago
|
Description
•