Opt-in activation for plugins: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
{{FeatureStatus | {{FeatureStatus | ||
|Feature name=Opt-in activation for plugins | |Feature name=Opt-in activation for plugins | ||
|Feature stage= | |Feature stage=Development | ||
|Feature status=In progress | |Feature status=In progress | ||
|Feature health=OK | |Feature health=OK | ||
|Feature status note=Implementation started | |Feature status note=Implementation started | ||
}} | }} | ||
{{FeatureTeam | {{FeatureTeam | ||
Revision as of 23:54, 23 February 2012
Status
| Opt-in activation for plugins | |
| Stage | Development |
| Status | In progress |
| Release target | ` |
| Health | OK |
| Status note | Implementation started |
{{#set:Feature name=Opt-in activation for plugins
|Feature stage=Development |Feature status=In progress |Feature version=` |Feature health=OK |Feature status note=Implementation started }}
Team
| Product manager | Asa Dotzler |
| Directly Responsible Individual | Justin Dolske |
| Lead engineer | Jared Wein |
| Security lead | David Chan (dchan) |
| Privacy lead | Sid Stamm (geekboy) |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | Paul Silaghi |
| UX lead | Alex Limi |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | ` |
{{#set:Feature product manager=Asa Dotzler
|Feature feature manager=Justin Dolske |Feature lead engineer=Jared Wein |Feature security lead=David Chan (dchan) |Feature privacy lead=Sid Stamm (geekboy) |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=Paul Silaghi |Feature ux lead=Alex Limi |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}
Open issues/risks
`
Stage 1: Definition
1. Feature overview
Unknown, slow or insecure plugins shouldn't be allowed to run without user interaction.
This feature falls primarily in the Experience category (from the "Discover, Experience, and Connect" vision statement.)
Meant to help with multiple scenarios:
- Accidental/malicious install: "Hey, we suddenly found a new SketchyWare.dll plugin on your system. Did you actually want to use it?"
- Performance: The "Java makes my system asplode when a page loads, but sometimes I want to use it" problem.
- Security: Users who don't trust Flash, as well as giving us a way to soft-block a plugin that a user needs to use on legit sites (YouTube, intranet, whatever).
Chrome already does something similar.
2. Users & use cases
`
3. Dependencies
`
4. Requirements
- Ability to set autoplay, click-to-play or never play on any plugin
- Built-in whitelist for the most common plugins
Non-goals
`
Stage 2: Design
5. Functional specification
`
6. User experience design
When plugins are found on a page, their start up will be delayed until a user performs interaction with the browser to enable the running of the plugin.
Visible plugins will have a chrome-privileged overlay that users will click on to activate the plugin. Invisible (or barely visible) plugins will cause an infobar to appear to enable all plugins on the page.
Phase 1 of this project will be an "all or nothing" strategy. Adding another hurdle for drive-by attacks will be an improvement over where we are now.
Future phases may incorporate a way for users to selectively enable specific plugin types (Flash vs. Java vs. Silverlight etc.). This implementation hasn't been designed or agreed upon yet, but it may be similar to the blocked-popup context menu.
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
Implementation work starting in bug 549697.
Stage 5: Release
10. Landing criteria
` {{#set:Feature open issues and risks=` |Feature overview=Unknown, slow or insecure plugins shouldn't be allowed to run without user interaction.
This feature falls primarily in the Experience category (from the "Discover, Experience, and Connect" vision statement.)
Meant to help with multiple scenarios:
- Accidental/malicious install: "Hey, we suddenly found a new SketchyWare.dll plugin on your system. Did you actually want to use it?"
- Performance: The "Java makes my system asplode when a page loads, but sometimes I want to use it" problem.
- Security: Users who don't trust Flash, as well as giving us a way to soft-block a plugin that a user needs to use on legit sites (YouTube, intranet, whatever).
Chrome already does something similar. |Feature users and use cases=` |Feature dependencies=` |Feature requirements=* Ability to set autoplay, click-to-play or never play on any plugin
- Built-in whitelist for the most common plugins
|Feature non-goals=` |Feature functional spec=` |Feature ux design=When plugins are found on a page, their start up will be delayed until a user performs interaction with the browser to enable the running of the plugin.
Visible plugins will have a chrome-privileged overlay that users will click on to activate the plugin. Invisible (or barely visible) plugins will cause an infobar to appear to enable all plugins on the page.
Phase 1 of this project will be an "all or nothing" strategy. Adding another hurdle for drive-by attacks will be an improvement over where we are now.
Future phases may incorporate a way for users to selectively enable specific plugin types (Flash vs. Java vs. Silverlight etc.). This implementation hasn't been designed or agreed upon yet, but it may be similar to the blocked-popup context menu. |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=Implementation work starting in bug 549697. |Feature landing criteria=` }}
Feature details
| Priority | P1 |
| Rank | 15 |
| Theme / Goal | Product Hardening |
| Roadmap | Security |
| Secondary roadmap | User Experience |
| Feature list | Desktop |
| Project | Responsiveness |
| Engineering team | Desktop front-end |
{{#set:Feature priority=P1
|Feature rank=15 |Feature theme=Product Hardening |Feature roadmap=Security |Feature secondary roadmap=User Experience |Feature list=Desktop |Feature project=Responsiveness |Feature engineering team=Desktop front-end }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | sec-review-needed | assigned to dchan |
| Privacy | ` | Outcomes 1.2 & 2 |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=sec-review-needed |Feature security health=Assigned |Feature security notes=assigned to dchan |Feature privacy status=` |Feature privacy notes=Outcomes 1.2 & 2 |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}