Talk:Firefox:1.5 Extension Manager Upgrades
What about giving user ability to install extension without adding its site to trusted ones? Let's say there is a site I'm not sure about, but I do want to install one extension. Today, I have to add this site to "trusted ones", install it and remove the site from the list. It's a bit unfriendly and breaks usability. --gandalf 20:27, 7 Feb 2005 (PST)
Perhaps a "Grey List"
I agree with this too, either a Grey List could be implemented or on the Allow list page once bought up from clicking the "Information Bar" there could be "Allow" and "Allow Once" buttons.
Ease of Retreat
Dear Ben Goodger, I can only barely follow the gist of this development but one concern arises for me.
Currently (ie FF/TB 1.0.2 general releases) one of the most valuable features of FF/TB is that, for virtually all end-user changes, at least on Windows, one may instantly recover from mishap by deleting the user profile (folder) and replacing it with a copy taken at a safe point (preferably just before the change which caused the damage). With TB one will need to include the Mail folder if it is held separately (as mine is).
Of course, the final arrival of a facility to really, very simply, do totally clean extension uninstall/updates is more than a little welcome, particularly since sometimes one discovers only some way down the line that an extension has previously unrevealed ill effects.
However, extensions are not the only things that cause problems and anyway, complex mechanisms are fragile, so I very much hope that the easy "copy profile, try, delete profile, copy back profile" recovery route will not now be made impossible or complicated by the introduction of these other features which seem (directly) to be designed much more for the needs of developers than for those of morons like me!
My first thought after that concern struck me was that perhaps a special, guaranteed tool, integral to the FF/TB release package (sort of super MozBackUp but guaranteed and delivered alongside the browser/mail client) would cope with the extra complexities but of course that would just add another fault vulnerable component just where one must never have one. Hence the need to be able to rely on a dead simple routine like the current manual "whole profile" technique.
Hopefully you will be able to reply that for us morons, things will look just about exactly the same but "uninstall" and "update" will now work properly.
Perhaps an explanation, in the "front" publications, of the visible difference at the end-user level (hopefully including continuing validity of profile copy security) would help.
Best regards, RDL