There are a couple of changes we should make to the policy page. The "no surprises" policy could use some polish so that it doesn't look so specific regarding default preferences. Also, we've begun a discussion on how to validate support for Private Browsing Mode on extensions (see bug 545419). We should include the PBM requirements in the policy page as well.
Assigning to Jorge to give us the content that's to be changed.
Created attachment 431998 [details] [diff] [review] Patch V1. Added text for PBM and some extra stuff for No Surprises I think this covers everything without adding too much text.
Comment on attachment 431998 [details] [diff] [review] Patch V1. Added text for PBM and some extra stuff for No Surprises I think that the "and all of this data must be cleared when Firefox quits or the Private Browsing session ends" part is not actually needed.
Wouldn't it be wrong for an add-on to keep the data from the private browsing session, and potentially use it?
Ah yes, I thought that's referring to deleting data from disk. You're right, we should keep that sentence.
Comment on attachment 431998 [details] [diff] [review] Patch V1. Added text for PBM and some extra stuff for No Surprises >+<p>All of these requirements also apply to unexpected add-on features, such as search engine result modifications, embedding ads, or sending browsing habits or any other private information to a remote server. Unless the add-on's main purpose is to do any of these things, the add-on must follow the requirements specified in this section.</p> We should talk/think about this more and integrate it in with the full policy rather than an afterthought paragraph. For example, I don't think we should require user opt-in in order to show ads as long as it's properly disclosed beforehand. >+<p>Add-ons that store or otherwise handle browsing data must support <a href="https://developer.mozilla.org/En/Supporting_private_browsing_mode">Private Browsing Mode</a>. During a Private Browsing session, no browsing data must be written to disk, and all of this data must be cleared when Firefox quits or the Private Browsing session ends.</p> I think this is good, although maybe change "must be written to disk" to "can be written to disk".
Adding FatPlug to the mix. Better this way to avoid merging policy text.
Bumping to 5.10.
I would like to bring this to your attention: http://www.facebook.com/permalink.php?story_fbid=109771662376410&id=262706175290 Addon devs seem to consider bypassing the FatPlug ban by offering a crippled version at AMO which advertises the uncrippled version, which includes FatPlug, on their own website. I suggest extending the policy so that this bypassing of the restrictions is being disallowed too, like by banning addons which have been crippled for this purpose. Kudos to Mozilla for the "Adding advertisements to web pages is strictly forbidden" decision. It is exactly the right thing to do!
Thanks for the heads up, Markus. We already have review policies for "trial" versions of add-ons, since they aren't something new. As long as the limited version is functional (useful), and its features don't expire, it's OK to host it on AMO. It's also OK to promote the full version, as long as it doesn't nag the user too much, or start the download or install automatically.
Created attachment 439335 [details] [diff] [review] Patch V2. Added FatPlug policy and tried to clean up No Surprises Here's a new iteration of the policy changes.
I agree wholeheartedly with the 'unexpected' clause- not sure if we should be specific about add-ons that embed advertising in web content- perhaps should be broader- like "add-ons which modify web content in an unexpected and difficult to identify way" the justification being that when add-ons change content on a web page, users should have a clear understanding of which add-on made the change and the content that has been altered. Add-ons that modify web content (swapping in text in articles) when that isn't a clearly understood function of the original add-on, is a no-no.
There's a distinction to be made here: what is forbidden and what is subject to No Surprises. How's this: Introducing ads (like FatPlug) -> forbid Other modifications to web content (like SurfCanyon Refinements) -> No surprises
I'd say we shouldn't be that specific about ads, and talk more about informed consent- I'd like to be general enough to cover add-ons that secretly insert affiliate codes or reorder stories and content without the knowledge of the user. An add-on that makes any changes to web content in a non-obvious and untraceable way is strictly forbidden. An add-on which modifies web content in a manner that is inconsistent with the understood function of the add-on is subject to 'No Surprises'
Created attachment 440543 [details] [diff] [review] Patch V3. Generalized forbidden clause for all web content changes. Here's a new version of the patch that takes Nick's feedback into account. The only difference is that the forbidden clause is now more general.
Looks good. ship it.
Comment on attachment 440543 [details] [diff] [review] Patch V3. Generalized forbidden clause for all web content changes. Alright, moving to review.
Verified FIXED on https://preview.addons.mozilla.org/en-US/developers/docs/policies/reviews (didn't check content, as that was part of the review process, just that it made it to SVN).
Reclassifying editor bugs and changing to a new whiteboard flag. Spam, spam, spam, spam...