Confirmed users
954
edits
Extension Manager:Projects:Improve Add-on Installation: Difference between revisions
Jump to navigation
Jump to search
Extension Manager:Projects:Improve Add-on Installation (view source)
Revision as of 19:57, 25 May 2011
, 25 May 2011no edit summary
No edit summary |
No edit summary |
||
| Line 64: | Line 64: | ||
<br> | <br> | ||
''' Download-then-ask-permission (current model)''':<br> | ''' Download-then-ask-permission (current model)''':<br> [[Image:Backwards addon installation case.png|54x72px|Backwards addon installation case.png]]<br> ''' Ask-permission-then-download (goal)''':<br> [[Image:Not backwards addon case.png|45x76px|Not backwards addon case.png]] | ||
[[Image:Backwards addon installation case.png|54x72px|Backwards addon installation case.png]]<br> | |||
''' Ask-permission-then-download (goal)''':<br> | |||
[[Image:Not backwards addon case.png|45x76px|Not backwards addon case.png]] | |||
== Team == | == Team == | ||
| Line 86: | Line 83: | ||
== Next Steps == | == Next Steps == | ||
Review security issues involved in changes, find developers with free cycles for implementation<br> | Review security issues involved in changes, find developers with free cycles for implementation<br> | ||
== Open Issues == | == Open Issues == | ||
| Line 133: | Line 130: | ||
suggestions: | suggestions: | ||
*We could lower the delay from 2 noisy seconds to 1 quiet second | *We could lower the delay from 2 noisy seconds to 1 quiet second ''(added to goals above)''<br> | ||
*We could show the user-intent-verification first, before the download finishes. Then there aren't 2 separate "waiting" steps as long as the download is fast<br> | *We could show the user-intent-verification first, before the download finishes. Then there aren't 2 separate "waiting" steps as long as the download is fast ''(added to goals above)''<br> | ||
**this would require AMO to supply the stuff that's supposed to appear in the dialog, as part of the installtrigger call, but it would make the UI much better. | **this would require AMO to supply the stuff that's supposed to appear in the dialog, as part of the installtrigger call, but it would make the UI much better. | ||
*We could make it so any link to addons.mozilla.org opens in a new tab, and use browser-side defenses against clickjacking on that tab | *We could make it so any link to addons.mozilla.org opens in a new tab, and use browser-side defenses against clickjacking on that tab (not a current goal)<br> | ||
*We could deny InstallTrigger if clicked within 1 second of selecting the tab/window, to make clickjacking AMO harder | *We could deny InstallTrigger if clicked within 1 second of selecting the tab/window, to make clickjacking AMO harder | ||
*Rather than author information, which is never verified, could show AMO status | *Rather than author information, which is never verified, could show AMO status | ||