Closed
Bug 551612
Opened 14 years ago
Closed 14 years ago
Changes to Weave Sync Client to comply with European Privacy Policy
Categories
(Firefox :: Sync, defect)
Firefox
Sync
Tracking
()
RESOLVED
FIXED
1.3b3
People
(Reporter: pfinette, Assigned: mconnor)
References
Details
Attachments
(3 files, 2 obsolete files)
We need to make some minor changes to the Weave Sync client to ensure we properly comply with European data privacy laws. 1) In the account creation flow: Add "and Weave Privacy Policy" to the currently existing checkbox "I agree to the Terms of Service". Link "Weave Privacy Policy" to http://mozillalabs.com/weave/weave-privacy-policy/ 2) In the prefs (if you're not logged in): Add links to both the Terms of Service (at http://mozillalabs.com/weave/tos/) and the Weave Privacy Policy to the bottom of the screen. 3) In the prefs (when you're logged in): Add links to both the Terms of Service and the Weave Privacy Policy to the bottom of the screen. Screenshots for all three requirements attached.
Reporter | ||
Comment 1•14 years ago
|
||
Reporter | ||
Comment 2•14 years ago
|
||
Assignee | ||
Updated•14 years ago
|
Flags: blocking-weave1.3+
OS: Mac OS X → All
Hardware: x86 → All
Target Milestone: --- → 1.3
Assignee | ||
Comment 3•14 years ago
|
||
We're going to do 1 and 3 here, and 3 is only if we're using the Mozilla service. In the future, we'll want servers to be able to specify their own PP/ToS. 2 is potentially confusing because our ToS/PP do not apply to other server operators, so we're going to omit this piece.
Component: Sync → Firefox UI
QA Contact: sync → firefox
Assignee | ||
Updated•14 years ago
|
Attachment #431766 -
Attachment is obsolete: true
Comment 4•14 years ago
|
||
I thought option 2 was for not being logged in, not using a different server. Can someone explain this to me tomorrow?
Assignee | ||
Comment 5•14 years ago
|
||
Part 2 is a screen where a user has not set up Weave in any way, and thus hasn't chosen a server. For users, unless they choose to use a different account, they will only use that screen once. Except for when they're actually entering existing credentials, there's no way to know whether they're going to use our service or not, so showing links before then creates the possibility that people will associate our terms of service with someone else's service. FWIW, I talked through this with Pascal last night, and he was good with it, but happy to talk through further if this isn't clear.
Comment 6•14 years ago
|
||
I also had the pleasure to talk through this with Pascal and I'm also on board. It sounds like you put a lot of good thought into how to do this in a user friendly, yet privacy sensitive way. Thanks, Mike!!
Assignee | ||
Updated•14 years ago
|
Assignee: nobody → mconnor
Assignee | ||
Updated•14 years ago
|
Whiteboard: [b2]
Assignee | ||
Updated•14 years ago
|
Whiteboard: [b2]
Target Milestone: 1.3 → 1.3b3
Assignee | ||
Comment 7•14 years ago
|
||
Assignee | ||
Comment 8•14 years ago
|
||
Attachment #441973 -
Attachment is obsolete: true
Attachment #442241 -
Flags: review?(edilee)
Comment 9•14 years ago
|
||
Comment on attachment 442241 [details] [diff] [review] v1 >+++ b/source/chrome/content/preferences/fx-prefs-common.js > _openLink: function (url) { >- openUILinkIn(url, window.opener.document.documentElement.instantApply ? "tab" : "window"); >+ if (document.documentElement.id == "accountSetup" && >+ window.opener && >+ window.opener.document.documentElement.id == "BrowserPreferences" && >+ !window.opener.document.documentElement.instantApply) >+ openUILinkIn(url, "window"); >+ else if (document.documentElement.id == "BrowserPreferences" && >+ document.documentElement.instantApply) >+ openUILinkIn(url, "window"); >+ else >+ openUILinkIn(url, "tab"); Why not just pass in another argument to force it to open in a window? Either an explicit target "window" or maybe true. Perhaps same for the openPP/openToS functions. >+++ b/source/defaults/preferences/sync.js.in >-pref("extensions.weave.termsURL", "https://mozillalabs.com/weave/tos/"); >+pref("extensions.weave.termsURL", "http://mozillalabs.com/weave/tos/"); No more https? The site has a cert but it serves content from http as well..
Attachment #442241 -
Flags: review?(edilee) → review+
Assignee | ||
Comment 10•14 years ago
|
||
(In reply to comment #9) > (From update of attachment 442241 [details] [diff] [review]) > >+++ b/source/chrome/content/preferences/fx-prefs-common.js > > _openLink: function (url) { > >- openUILinkIn(url, window.opener.document.documentElement.instantApply ? "tab" : "window"); > >+ if (document.documentElement.id == "accountSetup" && > >+ window.opener && > >+ window.opener.document.documentElement.id == "BrowserPreferences" && > >+ !window.opener.document.documentElement.instantApply) > >+ openUILinkIn(url, "window"); > >+ else if (document.documentElement.id == "BrowserPreferences" && > >+ document.documentElement.instantApply) > >+ openUILinkIn(url, "window"); > >+ else > >+ openUILinkIn(url, "tab"); > Why not just pass in another argument to force it to open in a window? Either > an explicit target "window" or maybe true. Perhaps same for the openPP/openToS > functions. Because I want callers to just call this and let it figure out the Right Thing To Do. Opening a second window always is not what we want, is it? > >+++ b/source/defaults/preferences/sync.js.in > >-pref("extensions.weave.termsURL", "https://mozillalabs.com/weave/tos/"); > >+pref("extensions.weave.termsURL", "http://mozillalabs.com/weave/tos/"); > No more https? The site has a cert but it serves content from http as well.. https for this is unnecessary overhead, really. Also, it's serving some content over http anyway, so meh.
Assignee | ||
Comment 11•14 years ago
|
||
http://hg.mozilla.org/labs/weave/rev/65f7a51ffd91
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Updated•6 years ago
|
Component: Firefox Sync: UI → Sync
Product: Cloud Services → Firefox
You need to log in
before you can comment on or make changes to this bug.
Description
•