Closed Bug 416605 Opened 16 years ago Closed 6 years ago

Reduce security dialog delay to 1 second, and fade in install button instead of display countdown

Categories

(Toolkit :: Add-ons Manager, defect)

Product:
Toolkit
Component:
Add-ons Manager
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: spymac.sucks, Assigned: Unfocused)

References

Details

Attachments

(2 files)

Mockup: Old countdown timer being replaced with 1-second install button fading into active state
89.30 KB, image/png
Details
Proposed patch, in case this still needs one.
6.57 KB, patch
Details | Diff | Splinter Review 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12

Install button is disabled when you try to install an add-on.  It doesn't become enabled for several seconds.

Reproducible: Always

Steps to Reproduce:
1. Click on an add-on to install
2.
3.
Actual Results:  
Install button is disabled

Expected Results:  
Install button should be enabled
Where are you seeing this? Can you provide more detailed steps to reproduce?
Severity: major → normal
You mean the countdown that appears before the 'install' button becomes enabled ? That's on purpose, to make sure that you don't install things by just clicking around somewhere on a website : see bug 236056.

If you really can't stand the delay, you can go to <about:config> and set security.dialog_enable_delay to 0 (it's 2000 msec).
You can also doubleclick on it, it cuts to countdown to zero instantly.
(In reply to comment #2)
> You mean the countdown that appears before the 'install' button becomes enabled
> ? That's on purpose, to make sure that you don't install things by just
> clicking around somewhere on a website : see bug 236056.
> 
> If you really can't stand the delay, you can go to <about:config> and set
> security.dialog_enable_delay to 0 (it's 2000 msec).
> 
Thanks.  This solves the problem.  Might I suggest a lower value by default?  Currently, it's long enough to be annoying when installing a number of add-ons..  it need not be longer than ~0.5 sec to prevent an inadvertent double click.
Severity: normal → minor
marking wontfix because this is a security feature
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → WONTFIX
(In reply to comment #5)
> marking wontfix because this is a security feature
> 

Default of 2 seconds is too long.
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---
How much time do you need to read _ALL_ Text in the install window ?
It takes longer and that means it would be too short.

You reported this as bug, this is no bug, it's by design and the 2 seconds is the miniumum delay to be safe.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago16 years ago
Resolution: --- → WONTFIX
> How much time do you need to read _ALL_ Text in the install window ?

If you already know what most of the dialog says, only the URL is really relevant.  And if you checked  (before triggering the install dialog) that you're on a site you totally trust, you can get away with not reading anything in the dialog.

> It's by design and the 2 seconds is the [minimum] delay to be safe

2 seconds was chosen more or less arbitrarily in bug 162020, with the understanding that we would revisit the duration of the delay as needed.  We have more information now: for example, we know that the 2-second delay annoys some users, and that other browser vendors have chosen delays shorter than 2 seconds.

Why do you think 2 seconds is the minimum delay to be safe?
Status: RESOLVED → UNCONFIRMED
OS: Windows Vista → All
Hardware: PC → All
Resolution: WONTFIX → ---
Summary: Delay when installing add-on → Reduce security dialog delay from 2 seconds
There already is a very good workaround in changing the value of security.dialog_enable_delay

For the first time, I think at least 2 seconds is a great idea.  Mostly, I like it because it stops the user who just clicks on OK through every dialog without reading.  Subsequently, if they find it real pain, it's relatively easy to google and find out about security.dialog_enable_delay. Who really installs so many add-ons that 2 seconds apiece is a real drain?  You'd need 30 add-ons to even add up to a MINUTE of wasted time.
If Joe User is surprised by such a popup, Joe User needs 1s to find the ok button because the dialog is different from a usual dialog. If the button is ready he could just click on the button without reading.

A user who wants to install an addon should not have a problem to wait 2s.
You usually never install many addons at once unless you install Firefox on a new system and i don't think that this 2s are a waste of time in that case.
An Average user can still disable this feature with the hidden pref.

2s are the minimum time if this should bring you some safety IMHO

> it's relatively easy to google and find out about security.dialog_enable_delay

I don't think it's that easy to find.  And most users who find it end up setting it to 0, making themselves insecure, so it's a *bad* thing that some people are looking for this hidden pref.
2 seconds is longer than necessary to mitigate the risk of the original security vulnerability of an intended double click causing an inadvertent install.  If anything, the delay should be tied to the system setting for double click speed (should be some small value larger).

Attempting to force users to read the information in the popup with the delay is simply a wrongheaded approach.  Think Windows Vista UAC.

Finally, relying on an about:config setting (which provides no description of what any of the settings actually do - but that's another matter.. perhaps an enhancement request?) is not a relatively easy, user-friendly way to set this.
(In reply to comment #12)
> Finally, relying on an about:config setting (which provides no description of
> what any of the settings actually do - but that's another matter.. perhaps an
> enhancement request?) is not a relatively easy, user-friendly way to set this.

As an analogy, it's like relying on the Windows registry to set preferences for your application.  Not a good way to do things!


(In reply to comment #13)
> As an analogy, it's like relying on the Windows registry to set preferences for
> your application.  Not a good way to do things!

It's more like using something like MS services to disable security features.  Difficult to do on purpose.
Over to Johnath: is the current security dialog enable delay of 2 seconds appropriate, or can it be shorter to reduce annoyance while still meeting the goal of defeating lured clicks with sudden popups? Changing this is trivial, so make the call of either wontfixing or suggesting a better value (1 second? I can't see any shorter than that and I don't know if that's any less annoying).

In the long run, though, installing is a rare event. A little delay to prevent potential drive-bys is a worthwhile tradeoff. The annoyance passes.
Assignee: nobody → johnath
Status: UNCONFIRMED → NEW
Ever confirmed: true
Yeah, so Jesse's right that 2s was arbitrary, but if I gave you a value like 1.5s instead, that wouldn't be a lot less arbitrary.  I could talk about various timing heuristics (1s is the typical conversational gap between speakers, so we'd want to be higher than that to call out the break in normal flow, plus time for reading, plus time for at least three eye movements...) but that's not the same as data.

2s is undeniably annoying to some tech-savvy young people with rapid reflexes who know exactly what they're trying to do but I think the rich smorgasbord of argument here (there's a pref, installing is rare, the number of users bothered seems low, most users are slower than that, and what number would be a better choice?) leads me to WONTFIX.

If there is another concrete number that is *demonstrably* better ("Studies find that 1.6s prevents just as many double-click attacks, but by 1.3s attacks start getting through") then we can re-open, but we'd also want different progress UI in that case.  The countdown button right now is understandable because it goes 2->1->*poof*, which is a familiar progression.  A button that just says "Install (1)" and then "Install" looks more like a bug.  Omitting the countdown and leaving the button disabled for a while also looks broken.  A throbber or something would be fine (to indicate, roughly, "thinking, please wait") but all of that is extra work that needs extra justification.

In the meantime add-ons are pretty successful with the current delay, and our sophisticated, time-sensitive users have a way out.

-->WONTFIX
Status: NEW → RESOLVED
Closed: 16 years ago16 years ago
Resolution: --- → WONTFIX
Product: Firefox → Toolkit
Reopening this bug.  After talks with security and devs, our goal is now to reduce the dialog delay to one second and to get rid of the countdown in favor of a fading transition of the install button from state 1 to state 2:

State 1: disabled, semi-transparent
State 2: enabled, full opacity

This design removes the unnecessary and unexplained visual noise of a countdown while still preventing clickjacking attacks.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Depends on: 643020
Summary: Reduce security dialog delay from 2 seconds → Reduce security dialog delay to 1 second, and fade in install button instead of display countdown
Assignee: johnath → bmcbride
Status: REOPENED → ASSIGNED
As I said on IRC, that dialog is going away in favour of a new in-content UI (bug 643020), which will need to take this bug into account. Thank you anyway, Pranav :)
We're no longer using this dialog
Status: ASSIGNED → RESOLVED
Closed: 16 years ago6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.