Closed Bug 512483 Opened 14 years ago Closed 13 years ago

add check for out of date flash to /firefox/3.5.3/whatsnew/index.html

Categories

(www.mozilla.org :: General, defect)

defect
Not set
normal

Tracking

(Not tracked)

VERIFIED FIXED

People

(Reporter: beltzner, Assigned: morgamic)

References

()

Details

Attachments

(8 files, 4 obsolete files)

362.03 KB, image/png
Details
414.99 KB, image/png
Details
3.65 KB, patch
Details | Diff | Splinter Review
106.68 KB, image/jpeg
Details
1.64 MB, application/x-zip-compressed
Details
493.27 KB, image/png
Details
544.99 KB, image/png
Details
574.53 KB, image/png
Details
Crashes in out of date Flash are a leading cause of Firefox crashes, and many users are still running out of date copies of flash. In parallel to the existing PluginCheck project (https://wiki.mozilla.org/Plugins:PluginCheck) I think we should do something in the Firefox 3.5.3 timeframe to encourage users to upgrade their old versions of Flash.

We should add a simple check for outdated Flash to the whatsnew page for Firefox 3.5.3 (using the code written in bug 391433) which:

 - checks to see if the user has an out of date version of Flash,
 - if so, shows a warning message that encourages users to update

I've attached a mockup.

The message text should be something like:

Warning: You are running an old version of Flash that can cause stability and security problems. You should _get the newest version_ of Flash before continuing.

(Slater, that OK?)

This shouldn't replace the work happening on the PluginCheck project, but will hopefully move the needle in the short term on Firefox users with older versions of flash.
OS: Mac OS X → All
Hardware: x86 → All
It might actually be worth replacing the bit that says

"You've been updated to the latest version of Firefox"

with the alert about Flash being out of date. A little heretical, perhaps, but definitely attention getting.
OS: All → Mac OS X
Hardware: All → x86
OS: Mac OS X → All
Hardware: x86 → All
Here are two similar, but slightly different, versions of how the text could go. Both position the text as the page's subheadline so it will be very noticeable, and in both cases the text would be accompanied by an eye-catching exclamation point warning symbol (or something similar).

Version 1 - inspired by Mike's suggestion in comment #1 above:

headline: You've been updated to the latest version of Firefox, but...
subhead: ...your version of Flash is out-of-date and may cause crashes and security problems while you browse. We strongly recommend that you _get the latest version_ right away (free download).

Version 2 - more separate from the headline:

headline: You've been updated to the latest version of Firefox.
subhead: Warning: Your version of Flash is out-of-date and may cause crashes and security problems while you browse. We strongly recommend that you _get the latest version_ right away (free download).
Wil - let me know what you think.  Didn't want you to feel lonely without any reviews this week.
Assignee: nobody → morgamic
Status: NEW → ASSIGNED
Attachment #396580 - Flags: review?(clouserw)
http://www.grabup.com/uploads/c75b2aa8d61687206ab4702bb0e53406.png -- I'm using minefield, but you get the general idea.
I'm thinking we want to be really, really visible here and see if we can move the needle. Something like:


headline: You should get a _free update for Adobe Flash_ before you browse
subhead:  Firefox has been updated to the latest version, but we detected that you're using an older version of Flash which is known to cause stability and security problems. You should get the _free update_ as soon as possible.

It's a lot of text, but it would replace all existing text when we detect the older version of Flash, and it would be really commanding in terms of a call to action.
Ok.  So ignore the mockup and comment #0, then?
Comment on attachment 396580 [details] [diff] [review]
v1, simple warning using flash detection

Patch is useless, needs refactoring per comment #5.
Attachment #396580 - Attachment is obsolete: true
Attachment #396580 - Flags: review?(clouserw)
I'll post a new patch in the morning.  Don't change your minds before then!
Comment #5 looks good to me.
Sorry, morgamic, didn't realize you were going to go straight off that 30s mockup I put together to illustrate the idea. I'll be more clear next time, promise!
Assignee: morgamic → nobody
OS: All → Mac OS X
Hardware: All → x86
This is what the result looks like (if you're out of date):
http://www.grabup.com/uploads/1e3ed0794d411249ab9f23293fc745cb.png
Assignee: nobody → morgamic
Attachment #396782 - Attachment is obsolete: true
Attachment #396788 - Flags: review?(clouserw)
Attachment #396782 - Flags: review?(clouserw)
Checked into trunk, r50204.  Still need review from Wil, but getting it onto trunk so stephend can test on www-trunk.s.m.c
Comment on attachment 396788 [details] [diff] [review]
v3, same as v2 but stripped extra stuff no longer used (warning image, css for #flash-warning)

The code worked in my version of FF+Flash (Nightly and 10,0,22,87 - I got the warning).  Feels like we could make the warning prettier though.
Attachment #396788 - Flags: review?(clouserw) → review+
(In reply to comment #14)
> Checked into trunk, r50204.  Still need review from Wil, but getting it onto
> trunk so stephend can test on www-trunk.s.m.c

yeah, QA should hit it with all the browsers we want it to work on.
We shouldn't just do this for 3.5.3, but should also do it for 3.0.14. morgamic, can you land it there as well?
(In reply to comment #15)
> The code worked in my version of FF+Flash (Nightly and 10,0,22,87 - I got the
> warning).  Feels like we could make the warning prettier though.

What's your suggestion?
Attached image idea
(In reply to comment #19)
> (In reply to comment #15)
> > The code worked in my version of FF+Flash (Nightly and 10,0,22,87 - I got the
> > warning).  Feels like we could make the warning prettier though.
> 
> What's your suggestion?

One of my concerns was that it still looks so much like an update page I think anyone who has seen a few of them will just close it and get back to work.  Here is an idea that I think makes it stand out more.
I could always add the warning image in.
ss - I don't see a 3.0.14 anywhere.  All I see is 3.0.13.
But yeah, it's copy/paste if we need to add it when the file exists.
I like Wil's warning image and I also like how some of the earlier versions
(ex. comment #4) had a little rounded box around the text to make it really
stand out. How about combining the two?

So:
We put the scary warning text in a large box that sort of hovers over the
existing site background. The background of the box itself could have the big !
symbol rather than showing the TRO illustrations.

Best of both worlds...
Alright, I'm going to let this sit here until Friday.  Once you guys figure out what you want, let me know.
Attachment #396788 - Attachment is obsolete: true
Wil: I like your suggestion. I like it a lot. 

John: I think the rounded corner box thing isn't needed with Wil's new design, but agree that the yellow warning sign makes it more visible.

I think this is what we want, and the final text:

   | mozilla.com                                        visit mozilla.com |
   '----------------------------------------------------------------------'
        .
       / \     You should update Adobe Flash right now. _Get it for free_
      / ! \         Firefox is up to date, but your current version
     '-----'        of Flash can cause security and stability issues.
                    Please _install the free update_ as soon as possible.

    
"Get it for free" should be in standard link text colour, but "You should
update Adobe Flash right now" should be in the red.

The rest of the text ("You Just Made the Web Better", etc) should just be hidden in the case where we're leaving the user a call to action.

We should also see if we can hook up metrics on the page to see how many people click those links.

John: please let Morgamic know if you approve of this design; it's quite right for him to want a confirmation before starting implementation.

(Really excited about this now.)
a=jslater

(and doubly approved if we can do the whole thing in ASCII art like in comment #28)
So no Firefox branding on this page anymore and replace it with a warning symbol?
(In reply to comment #30)
> So no Firefox branding on this page anymore and replace it with a warning
> symbol?
Yep, that sounds good to me. We want to give people a little jolt here...
Ok - but I'm going to veto ASCII art.
(In reply to comment #32)
> Ok - but I'm going to veto ASCII art.
I will reluctantly go along with that veto.
Well, it's a start:
http://www.grabup.com/uploads/28ea1ae28b5c868cad6b7fe6f1572467.png

I need some help since I don't have the original layers and just placing a triangle over a circle doesn't work so hot.
Copying Steven Garrity, who can help with just about anything.
Has this warning message been tested when the plash plugin is disabled or when the user doesn't have flash installed at all? It looks to me as though the warning message will be displayed in those cases when it shouldn't be.
Better background image added in r50276.
Here's the photoshop original too.
(In reply to comment #38)
> Has this warning message been tested when the plash plugin is disabled or when
> the user doesn't have flash installed at all?
The version check function returns -1 if Flash doesn't exist in the plugins array, which causes the script to do nothing to the whatsnew page.

Did you try this and see something else?

Steven!  Image looks great - thanks for doing that.
Checked in fix for zero-case in r50280.
Can I see a screenie of the on-trunk version with/without older Flash so we can sign off on this and put it to bed?

Thanks for the quick turnaround, everyone.
The "Learn More" link is a 404: https://www-trunk.stage.mozilla.com/en-US/about/whatismozilla.html%5D

I'm still testing this page, but it's looking really good, otherwise.
Nit/suggestion: "...your current version of Flash _can cause_ security and stability issues" vs. 
 "...your current version of Flash _is vulnerable_ to to security and stability issues."
(In reply to comment #45)
> Nit/suggestion: "...your current version of Flash _can cause_ security and
> stability issues" vs. 
>  "...your current version of Flash _is vulnerable_ to to security and stability
> issues."

Except without the double "to".
(In reply to comment #45)
> Nit/suggestion: "...your current version of Flash _can cause_ security and
> stability issues" vs. 
>  "...your current version of Flash _is vulnerable_ to to security and stability
> issues."

Is that really right though? Saying something is "vulnerable to stability" issues doesn't really make me think "this is going to crash my browser a lot". I understand the change re: security, but I think it makes the stability part less clear.
The reason I mentioned it is because I don't think Flash causes the issues as much as it is vulnerable to them. But I do agree that the use of "vulnerable" is less persuasive.
(In reply to comment #50)
> The reason I mentioned it is because I don't think Flash causes the issues as
> much as it is vulnerable to them. But I do agree that the use of "vulnerable"
> is less persuasive.
Yeah, I hear what you're saying but personally would prefer to keep the more direct language like we had it as long as it's not too misleading.

Are we comfortable with that?
I'm comfortable with that.
This is awesome. uir+a+omgawesome=me
(In reply to comment #53)
Wow: we should definitely have the "uir+a+omgawesome ?" tag! :)
--> FIXED?
Don't think it's my call, but it does look good to me, with the exception of the typo / broken link I pointed out in comment 44.
(In reply to comment #56)
> Don't think it's my call, but it does look good to me, with the exception of
> the typo / broken link I pointed out in comment 44.
Who's on point for fixing that? Otherwise, it looks like this is good to go.
(In reply to comment #56)
> Don't think it's my call, but it does look good to me, with the exception of
> the typo / broken link I pointed out in comment 44.

Fixed in trunk in r50491.
Works for me.  How will we track this page's effectiveness?
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment on attachment 397712 [details]
Screenshot - regression?

My patch didn't do that, don't think.  If you saw the warning, then yeah -- but that's something wrong w/ the original whatsnew code.
(In reply to comment #61)
> (From update of attachment 397712 [details])
> My patch didn't do that, don't think.  If you saw the warning, then yeah -- but
> that's something wrong w/ the original whatsnew code.

Yeah; it also might be invalid, or limited to the staging setup.  In any case, I spun this off as bug 513827.

This one's verified FIXED.
Status: RESOLVED → VERIFIED
Question on this bug: I'm peeking at the code to get an idea of the vulnerable version, and it looks like it does an exact check for v10.0.32

What happens if/when v10.0.33 comes out?
(In reply to comment #63)
> Question on this bug: I'm peeking at the code to get an idea of the vulnerable
> version, and it looks like it does an exact check for v10.0.32
> 
> What happens if/when v10.0.33 comes out?

Ah, nevermind me.  It does a greater-than-equal check, not an exact match, in detect-flash.js
yeah at some point we should automate but when new versions come out we'll have to update the js lib.
Blocks: 516166
Component: www.mozilla.org/firefox → www.mozilla.org
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in before you can comment on or make changes to this bug.