1968112 - Convert settings related to Privacy & Security page to config-based settings

Status: RESOLVED FIXED

(Firefox :: Settings UI, task)

Description

[Mark Striemer [:mstriemer]]

The Privacy & Security page will need to be converted to the config-based settings structure. If settings share a similar pattern to the current design then it may make sense to convert them to the SRD 2025's new design. If they differ significantly, it may be necessary to create a custom component for the old version, and a new version; ideally this can still share most of the business logic to avoid regressions later.

This page will have the following sections which may be good candidates for individual bugs to work on:

• Firefox is on guard
• Cookies, History, and Site Data
• ETP
• DNT
• DoH
• Advanced
  • HTTPS-Only Mode
  • Deceptive Content
  • Proxy
  • Certificates

Comment 1

[Hanna Jones [:hjones]]

Once all the blocking conversions are complete this bug will cover the work involved in reorganizing the relevant sections to create the finalized Privacy and security page as specified in Figma here: https://www.figma.com/design/2b02v18AppIpsTceWac2T3/Settings-Desktop?node-id=6397-33355&m=dev

As part of this work we should also make sure all the strings and illustrations match the design.

Comment 2

[Mark Striemer [:mstriemer]]

A note from bvandersloot in bug 1989082 comment 2: One important gap, that I think we are already aware of is the lack of subpage for Connection and software security. Those were converted a while before we had subpages. Another is the VPN callout. Confirmed on Slack that that is fine to ignore.

We should review all of these updated pages against the spec but worth noting this expected not-quite-to-spec behaviour

Comment 3

[Hanna Jones [:hjones]]

To complete the work on this ticket we need to start generating the new Privacy and secrity settings pane via config. There's an example of us doing this work for the Account and Sync pane here. Basically the steps are as follows:

• create a new browser/components/preferences/config/privacy-security.mjs file for all of the new/config-based code
• migrate any code needed for config-based privacy and security settings to that file from privacy.js and main.js (e.g. config like this and all of these addSetting calls, plus any other relevant code from privacy.js). You can then import the new privacy-security.mjs file back into privacy.js to allow the old code to keep working as expected.
  • this will allow us to easily remove the old code down the line by just deleting the privacy.js file
• add a new entry for the search pane to CONFIG_PANES here
  • more info on the various config options can be found here
• do a final string and illustration check to make sure all of the copy is up to date

There is some work happening in D288024 that may help with test failures/dealing with the case where we need to move a setting from one pane to another based on the status of the SRD pref, so it may make sense to wait until that work lands before starting on this.

Comment 4

[Benjamin VanderSloot [:bvandersloot]]

Alright, I'll take a look at this and come back if I have questions. I think I have an idea of what to do. Aside from the steps you outline in the last comment, there are a few known gaps that I want to write down here so we don't miss them:

• New card for the subpage for network security
• new subpage for network security (as mentioned by mark) :)
• icons on all of the card headings that have them in figma.

I plan to tag these onto the end of the stack doing the migration so they don't get ignored in the big diff.

Other than that, strings should be great since we did a big once-over while migrating to l10n-able strings already.

Comment 5

[Benjamin VanderSloot [:bvandersloot]]

Attachment: Bug 1968112, part 1 - Migrate security and privacy config-based code to a new module - r=hjones!

Comment 6

[Benjamin VanderSloot [:bvandersloot]]

Attachment: Bug 1968112, part 2 - Import services and modules into the privacy settings module - r=hjones!

It actually works without this change. However, shadowing the imports
from preferences.js is probably a little nicer than just adding a
mountain of globals on import, and gives a chance to not import those
things to preferences.js later.

Comment 7

[Benjamin VanderSloot [:bvandersloot]]

Attachment: Bug 1968112, part 2 - Implement the privacy and security SRD as a pane - r=hjones!

Comment 8

[Benjamin VanderSloot [:bvandersloot]]

Attachment: Bug 1968112, part 4 - Add a connection and software security subpane - r=hjones!

Comment 9

[Benjamin VanderSloot [:bvandersloot]]

Attachment: Bug 1968112, part 3 - Test cleanups for Privacy and security SRD migration to a pane - r=emz!

Notable here: We are not migrating the cookie banner handling UI, so I
have removed it earlier in the stack. I'm removing the test in its
entirety.

Comment 10

[Pulsebot]

Pushed by bvandersloot@mozilla.com:
https://github.com/mozilla-firefox/firefox/commit/d5a6dcc84704
https://hg.mozilla.org/integration/autoland/rev/7a5e5341fd8c
part 1 - Migrate security and privacy config-based code to a new module - r=mstriemer
https://github.com/mozilla-firefox/firefox/commit/6cc1a28c49cb
https://hg.mozilla.org/integration/autoland/rev/fbea6d603526
part 2 - Implement the privacy and security SRD as a pane - r=fluent-reviewers,bolsson,flod,mstriemer
https://github.com/mozilla-firefox/firefox/commit/e67af53d3e09
https://hg.mozilla.org/integration/autoland/rev/6eea385153f7
part 3 - Test cleanups for Privacy and security SRD migration to a pane - r=emz,mstriemer,credential-management-reviewers,groovecoder

Comment 11

[Cosmin Sabou [:CosminS]]

https://hg.mozilla.org/mozilla-central/rev/7a5e5341fd8c
https://hg.mozilla.org/mozilla-central/rev/fbea6d603526
https://hg.mozilla.org/mozilla-central/rev/6eea385153f7