Privacy/Features/Site-based data management UI

From MozillaWiki
Jump to navigation Jump to search
Please use "Edit with form" above to edit this page.

Status

Site-based data management UI
Stage Shipped
Status Complete
Release target Firefox 6
Health OK
Status note Landed on mozilla-central.

{{#set:Feature name=Site-based data management UI

|Feature stage=Shipped |Feature status=Complete |Feature version=Firefox 6 |Feature health=OK |Feature status note=Landed on mozilla-central. }}

Team

Product manager Asa Dotzler
Directly Responsible Individual Sid Stamm
Lead engineer Margaret Leibovic
Security lead Curtis Koenig
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead George Carstoiu
UX lead Jennifer Boriss
Product marketing lead `
Operations lead `
Additional members `

{{#set:Feature product manager=Asa Dotzler

|Feature feature manager=Sid Stamm |Feature lead engineer=Margaret Leibovic |Feature security lead=Curtis Koenig |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=George Carstoiu |Feature ux lead=Jennifer Boriss |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}

Open issues/risks

`

Stage 1: Definition

1. Feature overview

It's helpful to be able to control what sites know and do on a site-by-site basis. Ideally, the site permissions dialog, cookie controls, and various other site-based preferences should be accessible via a single UI.

This feature will provide a UI in a content tab (much like the addons manager) that allows users to customize permissions and settings for sites on a site-by-site basis.

This feature falls primarily in the Experience category (from the "Discover, Experience, and Connect" vision statement.)

2. Users & use cases

  • Empower users to define data-sharing relationships with sites instead of with the various APIs in Firefox
  • Provide a secure, non-spoofable way to set these preferences.
  • Make it clear to users how they interact with each site (and all sites)
  • Assure users that the interface is part of Firefox and cannot be manipulated by a web site.

3. Dependencies

`

4. Requirements

  • We need to document existing data sources and mappings to the user interface
  • UI must be designed carefully, perhaps with a user study
  • Security and authenticity of the configuration UI must be verified and accessible to users.

Non-goals

  • This is not an enhancement of the site identity door-hanger (Larry)
  • This is not a new set of preferences or permissions, just a new interface to existing ones.
  • This is not a visualization of how people interact with sites
  • This is not in-flight configuration prompts or UX.

Stage 2: Design

5. Functional specification

`

6. User experience design

The site-based prefs will be implemented in content at an about page (about:permissions). It will be in-content (much like [about:addons]), and is intended to replace the various site-based or "all-sites" prefs and permissions that exist for:

  • cookies
  • passwords
  • geolocation permission
  • storage (IndexDB, localStorage)
  • add-on installation permission
  • pop-up blocking
  • image loading permission
  • HTTP Strict-Transport-Security setting
  • (history and bookmarks)? Maybe?

The UI will present a list of sites, searchable, ranked by frecency, complete with domain or subdomain name, site title, and favicon. When a user selects a site, the preferences for that site will be displayed, and the user will have the opportunity to change the preferences for that specific domain or subdomain.

The UI will include the ability to sites not yet accessed; this will provide pre-access preferences for those users who wish to block images from specific sites or assert control before it is needed.

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

  • Remaining opened bugs
  • Main implementation bugs landed and were verified
  • Smaller patches to land in the following milestones

Operations review

`

Stage 4: Development

9. Implementation

  • [DONE] implement basic patch
  • [DONE] create basic test plan
  • [DONE] land patch for wider testing
  • [NEW] user study?
  • [ON TRACK] design UX
  • [ON TRACK] document data sources and mappings to UX
  • [NEW] security / privacy design discussion
  • bug 573176 Implement basic about:permissions interface
  • bug 657961 Use async API to get favicons for site permissions page
  • bug 587208 Need to create icons for the UI
  • bug 658097 Make permissions language easier to understand
  • bug 588689 Add access to site preferences from the site identity block

Stage 5: Release

10. Landing criteria

` {{#set:Feature open issues and risks=` |Feature overview=It's helpful to be able to control what sites know and do on a site-by-site basis. Ideally, the site permissions dialog, cookie controls, and various other site-based preferences should be accessible via a single UI.

This feature will provide a UI in a content tab (much like the addons manager) that allows users to customize permissions and settings for sites on a site-by-site basis.

This feature falls primarily in the Experience category (from the "Discover, Experience, and Connect" vision statement.) |Feature users and use cases=* Empower users to define data-sharing relationships with sites instead of with the various APIs in Firefox

  • Provide a secure, non-spoofable way to set these preferences.
  • Make it clear to users how they interact with each site (and all sites)
  • Assure users that the interface is part of Firefox and cannot be manipulated by a web site.

|Feature dependencies=` |Feature requirements=* We need to document existing data sources and mappings to the user interface

  • UI must be designed carefully, perhaps with a user study
  • Security and authenticity of the configuration UI must be verified and accessible to users.

|Feature non-goals=* This is not an enhancement of the site identity door-hanger (Larry)

  • This is not a new set of preferences or permissions, just a new interface to existing ones.
  • This is not a visualization of how people interact with sites
  • This is not in-flight configuration prompts or UX.

|Feature functional spec=` |Feature ux design=* There's a design motivation and prototype graphic in attachment 452384 on bug 573176.

The site-based prefs will be implemented in content at an about page (about:permissions). It will be in-content (much like [about:addons]), and is intended to replace the various site-based or "all-sites" prefs and permissions that exist for:

  • cookies
  • passwords
  • geolocation permission
  • storage (IndexDB, localStorage)
  • add-on installation permission
  • pop-up blocking
  • image loading permission
  • HTTP Strict-Transport-Security setting
  • (history and bookmarks)? Maybe?

The UI will present a list of sites, searchable, ranked by frecency, complete with domain or subdomain name, site title, and favicon. When a user selects a site, the preferences for that site will be displayed, and the user will have the opportunity to change the preferences for that specific domain or subdomain.

The UI will include the ability to sites not yet accessed; this will provide pre-access preferences for those users who wish to block images from specific sites or assert control before it is needed. |Feature implementation plan=` |Feature security review=* Security Notes |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=* Remaining opened bugs

  • Main implementation bugs landed and were verified
  • Smaller patches to land in the following milestones

|Feature operations review=` |Feature implementation notes=* [DONE] implement basic patch

  • [DONE] create basic test plan
  • [DONE] land patch for wider testing
  • [NEW] user study?
  • [ON TRACK] design UX
  • [ON TRACK] document data sources and mappings to UX
  • [NEW] security / privacy design discussion
  • bug 573176 Implement basic about:permissions interface
  • bug 657961 Use async API to get favicons for site permissions page
  • bug 587208 Need to create icons for the UI
  • bug 658097 Make permissions language easier to understand
  • bug 588689 Add access to site preferences from the site identity block

|Feature landing criteria=` }}

Feature details

Priority P1
Rank 999
Theme / Goal Enhance User Controlled Disclosure
Roadmap Privacy
Secondary roadmap `
Feature list Desktop
Project `
Engineering team Desktop front-end

{{#set:Feature priority=P1

|Feature rank=999 |Feature theme=Enhance User Controlled Disclosure |Feature roadmap=Privacy |Feature secondary roadmap=` |Feature list=Desktop |Feature project=` |Feature engineering team=Desktop front-end }}

Team status notes

  status notes
Products ` `
Engineering ` `
Security sec-review-complete Notes
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance Ready to land in Fx6 main bugs are verified
User experience ` `
Product marketing ` `
Operations ` `

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=sec-review-complete |Feature security health=OK |Feature security notes=Notes |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=Ready to land in Fx6 |Feature qa notes=main bugs are verified |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}


Other Documentation

Meeting Notes:

Retrieved from "https://wiki.allizom.org/index.php?title=Privacy/Features/Site-based_data_management_UI&oldid=342855"