Created attachment 674357 [details] [diff] [review] Patch Bug 764869 implemented activation from content but required that the provider had not been previously activated before. The attached patch will allow activation as long as the Social API is not already enabled, which seems the more correct scenario. social.enabled implies social.active. social.active does not imply social.enabled.
Comment on attachment 674357 [details] [diff] [review] Patch redirecting to shane
The original intent here was that we didn't want to allow the provider to re-enable if the user had previously enabled it, but then actively disabled it (i.e. via the Tools menu), because there was some potential for abuse there (e.g. if the provider just fired the event on every page view, that would get annoying really quickly). It's worth re-visiting since we've gotten feedback from Facebook that they'd like to have a way to offer to re-enabled the feature, which seems reasonable, but we shouldn't lose track of the possible downsides here. I'd like to get feedback from others before moving ahead with this.
I seem to keep running into issues like this...we need to know if the user took some action in content (e.g. event.isTrusted) without having to watch for multiple events. Popup blocking does this, but not in a generic fashion. I think in the case of a whitelisted provider, we have a relationship where we should be able to trust the provider to do the right thing.
Comment on attachment 674357 [details] [diff] [review] Patch This would be fine, pending some thought around avoiding abuse. As well, we'll ensure that active is always true if enabled in bug 804242
5 years ago
Comment on attachment 674357 [details] [diff] [review] Patch [Approval Request Comment] Bug caused by (feature/regressing bug #): n/a User impact if declined: if a user deactivates the social api, they cannot reactivate from the social providers site anymore Testing completed (on m-c, etc.): locally, just landed on inbound Risk to taking this patch (and alternatives if risky): none expected String or UUID changes made by this patch: none
Verified fixed across all branches.