Closed Bug 247496 Opened 20 years ago Closed 20 years ago

propose enhancing XPI Installer dialog box with visual cues for readability and security

Categories

(Firefox :: Installer, enhancement)

Product:
Firefox
Component:
Installer
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: nrlz, Assigned: bugs)

Details

Attachments

(1 file, 1 obsolete file)

proposed visual changes to XPI dialog
17.01 KB, image/png
Details 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616

I have 3 ideas for the Firefox XPI Installer dialog to make it:

1. More readable
2. More informative
3. Stress the security

(All 3 ideas are visually shown in the picture attachment.)

1. Rather than showing the entire URL of the XPI package, only show the domain. 

Most of the time we only determine the trustworthiness of a piece of code by
it's domain and not it's entire path. e.g., 'ftp.mozilla.org' is good and
'xxxtoolbar.com' is bad. So rather than cluttering the screen with the entire
URL, we should just show the domain. This makes the text easier to decipher and
as an added bonus, it does not deter novices from reading it. The entire URL can
still be made available as a tooltip for techies.

2. Supplement the word 'unsigned' with a visual icon.

I've seen the word 'unsigned' in the space next to the package name in bold red
letters and I figure that novice people won't know what it means. I'd rather the
text not be there to avoid confusion. But since it has security merit, I'd
suggest adding a visual icon that is more informative than the word alone. (It
could even replace the word entirely.) The icon would still convey security
information to techies but to the novices, they might treat it as eye-candy or
notice the X through the pen to indicate that something is missing and therefore
convey the meaning of it being less secure.

3. Make clicking 'Install' involve more steps, and therefore stress the layers
of security.

I propose adding a checkbox that has to be checked to enable the 'Install'
button. When the user finds that they have to perform extra steps to perform an
action, it will convey the meaning of extra layers of protection. This should
stress the security implications of what they are doing so they would think twice.

P.S. I also made the default button to be 'Cancel' rather than 'Install' but
this is covered in bug #240637 which I had filed before.

P.P.S. I also added a 'grippy' to make the dialog box resizable. This is just my
personal preference.

Feel free to ignore these suggestions as I know that Firefox doesn't have enough
programmers and there already are too many things to do. I feel guilty because I
myself am not a programmer and cannot contribute. But I am a User Interface
designer.

Reproducible: Always
Steps to Reproduce:
Attached image proposed visual changes to XPI dialog (obsolete) — 

    
  
OS: Windows XP → All
Hardware: PC → All

    
    

    
  


  
changed text colour and added shield icon.

        Attachment #151097 -
        Attachment is obsolete: true

    
    

    
  
We have an additional layer of "protection" in the XPI site blocking process.  A
checkbox before hitting the button is just a hassle to users and achieves very
little.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → WONTFIX
QA Contact: bugzilla → installer

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: