MozillaWiki

Extension Manager:Projects:Improve Add-on Installation: Difference between revisions

Page Discussion

Extension Manager:Projects:Improve Add-on Installation (view source)

Revision as of 19:29, 1 February 2012

1,039 bytes removed ,  1 February 2012
no edit summary
No edit summary
No edit summary
 
(25 intermediate revisions by 7 users not shown)
Line 1: Line 1:
<section begin="status" />
{{FeatureStatus
|Feature name=Improve Add-on Installation
|Feature stage=Design
|Feature status=In progress
|Feature health=OK
|Feature status note=Finalizing plan for initial improvements in Firefox 7, beginning to scope out further research for future Firefox.
}}
{{FeatureTeam
|Feature product manager=Asa Dotzler
|Feature feature manager=Jennifer Boriss
|Feature security lead=Jesse Ruderman, Curtis Koenig
|Feature qa lead=Henrik Skupin
|Feature ux lead=Jennifer Boriss
}}
{{FeaturePageBody
|Feature open issues and risks=* How can different trust levels of add-ons can be both determined and messaged to users appropriately?
|Feature overview=The process of installing Firefox add-ons is currently fraught with user experience issues. The process involves differently-styled windows, unnecessary amounts of user interaction, and delays which users find confusing and annoying.


{| class="fullwidth-table"
Our goal is to make the process of installing add-ons more efficient and smoother while (at the least) not effecting and (at the best) improving security.  
|-
| style="font-weight: bold; background: #DDD;" | Feature
| style="font-weight: bold; background: #DDD;" | Status
| style="font-weight: bold; background: #DDD;" | ETA
| style="font-weight: bold; background: #DDD;" | Owner
|-
| [[Extension_Manager:Projects:Improve_Add-on_Installation]]
| {{StatusHealthy|status=Finalizing plan for initial improvements in Firefox 6, beginning to scope out further research for future Firefox.}}
| 2011-05-19
| Jennifer Boriss
<section end="status" />


|}
This feature falls primarily in the '''Experience''' category (from the "Discover, Experience, and Connect" vision statement.)


== Summary  ==
While general improvements in efficiently and consistency are the goal, several specific issues fall under this category.
 
'''Priority 1:'''


The process of installing Firefox add-ons is currently fraught with user experience issues. The process involves differently-styled windows, unnecessary amounts of user interaction, and delays which users find confusing and annoying.  
*Not switching windows styles during installation, and removing all modal dialogs. Currently, the verified add-on information confirmation notification is modal, while the download notification window at the beginning of the process and confirmation/restart notification at the end of the process are in the arrow panel notification style.&nbsp; All notifications should be moved into the arrow-panel notification style, with subtle animated resizes where needed.


Our goal is to make the process of installing add-ons more efficient and smoother while (at the least) not effecting and (at the best) improving security.  
[[Image:Modalvsnot123412.png|665x243px|Modalvsnot123412.png]]


While general improvements in efficienty and consistency are the goal, several specific issues fall under this category.
*Reducing the timer wait time from 3 seconds to 1, and subtly fading the install button from disabled to active state rather than displaying a countdown


'''Priority 1:'''
[[Image:Timerdelay.png|656x332px|Timerdelay.png]]


*Not switching windows styles during installation, and removing all modal dialogs. Currently, the verified add-on information confirmation notification is modal, while the download notification window at the beginning of the process and confirmation/restart notification at the end of the process are in the arrow panel notification style.&nbsp; All notifications should be moved into the arrow-panel notification style, with subtle animated resizes where needed.
*Not giving the implication that AMO and AMO's reviewed code are untrusted, specifically by:


&nbsp;&nbsp; [[Image:Modalvsnot123412.png|665x243px|Modalvsnot123412.png]]
1) Removing "author not verified" messaging for trusted authors


<br>
[[Image:Trusted messaging3242342342.png|648x84px|Trusted messaging3242342342.png]]


*Reducing the timer wait time from 3 seconds to 1, and subtly fading the install button from disabled to active state rather than displaying a countdown<br>
2) Messaging reviewed add-ons differently to unreviewed add-ons and relaying the different meaningfully to users


&nbsp;&nbsp;&nbsp; [[Image:Timerdelay.png|656x332px|Timerdelay.png]]  
[[Image:Authornotverifiedfail234444.png|639x81px|Authornotverifiedfail234444.png]]


*Not giving the implication that AMO and AMO's reviewed code are untrusted, specifically by:
'''Priority 2''':
**Removing "author not verified" messaging for trusted authors [[Image:Trusted_messaging3242342342.png|648x84px]]<br>
***Messaging reviewed add-ons differently to unreviewed add-ons and relaying the different meaningfully to users [[Image:Authornotverifiedfail234444.png|639x81px]]


== Team  ==
*Changing the installation flow order from download-then-ask-permission to ask-permission-then-download.&nbsp; We currently download an add-on's .xpi file before the user is asked permission to install it.&nbsp; While it's roughly understandable enough for users to navigate through, the order is backwards compared to the vast majority of similar installation flows. Installing a file before asking both flies in the face of user expectation, and gives the impression at first that we will be installing an add-on without asking permission at all. This may cause users to prematurely cancel an insatllation.&nbsp; If we can ask the user's permission first - even with imperfect add-on data - and then download the file, we'll be following a very well expected and utilized model.


Who's working on this?
'''Download-then-ask-permission (current model)''':


*'''Feature Manager''': Jennifer Boriss
[[Image:Backwards addon installation case.png|54x72px|Backwards addon installation case.png]]
*'''Lead Developer''':
*'''Product Manager''':
*'''QA''': Henrik Skupin
*'''UX''': Jennifer Boriss
*'''Security''': Jesse Ruderman


== Release Requirements  ==
'''Ask-permission-then-download (goal)''':


Several user experience improvements detailed in {{bug|646602}}.  
[[Image:Not backwards addon case.png|45x76px|Not backwards addon case.png]]
|Feature users and use cases=*Installing human-reviewed add-ons from AMO
*Installing automated security review sandbox add-ons from AMO
*Installing add-ons not from AMO (default buyer beware)
*(possibly) Installing trusted add-ons not on AMO (e.g. AdblockPlus)
|Feature requirements=Several user experience improvements detailed in {{bug|646602}}.
|Feature ux design===== Ask permission, then download installation (ideal order)  ====


== Next Steps  ==
The diagram below shows how the add-on installation would feel if we were able to ask the user's permission, with whatever add-on information was available, before downloading the .xpi file. This is far more consistent with user's expectations of giving permission before the action that they gave permission for. Obviously the information we have at the beginning of a download may be imperfect, but we should show the best information we have available and only throw a flag if there is a problem. At least on AMO, the information we display should be correct.


Outline specific UI flow changes to implement and any related security changes
[[Image:Not backwards addon case.png|202x340px|Mockup]]


== Open Issues  ==
==== Download, then ask permission second installation (current but not ideal order) ====


How different trust levels of add-ons can be both determined and messaged to users appropriately
This is the order of our current add-on download installation. While it's roughly understandable enough for users to navigate through, the order is backwards compared to the vast majority of similar installation flows. Installing a file before asking both flies in the face of user expectation, and gives the impression at first that we will be installing an add-on without asking permission at all. This may cause users to prematurely cancel an instllation.


== Related Bugs &amp; Dependencies  ==
[[Image:Backwards addon installation case.png|218x289px|Mockup]]


Likely:  
(also see {{bug|646602}})
|Feature security review=* [https://wiki.mozilla.org/Security/Reviews/Firefox6/ReviewNotes/AddOns Security Discussions/Reviews]
|Feature implementation notes=Likely:  


*{{bug|416605}} - Reduce security dialog delay from 2 seconds  
*{{bug|416605}} - Reduce security dialog delay from 2 seconds  
Line 80: Line 88:
*{{bug|588266}} - <strike>Firefox add-on installation dialog should use doorhanger notification </strike>  
*{{bug|588266}} - <strike>Firefox add-on installation dialog should use doorhanger notification </strike>  
*{{bug|616100}} - <strike>Remove redundant install delay (undo fix for Bug 162020) [for non-AMO sites] </strike>
*{{bug|616100}} - <strike>Remove redundant install delay (undo fix for Bug 162020) [for non-AMO sites] </strike>
 
}}
== Security Discussion Notes  ==
{{FeatureInfo
 
|Feature priority=P2
*possible changes to add-on dialogs and their impact
|Feature roadmap=Add-ons
*goal improve add-on installation for users
|Feature list=Desktop
**lengthy steps seem in consistent to users, ex: countdown, and UI differences
|Feature engineering team=Desktop front-end
**perception on AMO that even AMO is not trusted even when add-on comes from Moz
}}
**implication is this should not be trusted even if linked to by trusted spaces.
{{FeatureTeamStatus
*streamline process, make easier, less clicks, possibly reduce or remove countdown
|Feature security health=OK
 
|Feature security notes=[[Security/Reviews/Firefox6/ReviewNotes/AddOns|Notes]]
Q: What are the risks entailed in installation and is AMO less risk than other sites?
}}
 
*Should be clear that AMO is a website that is part of the app, but what if AMO is hacked? Does this neccessarily help?
*If you go to AMO as a website then this is a prefered experience, like the bits in FX
**Desire: AMO having a different status
**Dialoge is needed as click-jacking is still prevalent/possible on AMO
**A site cannot frame the add-on tab, where as getting a click attack on AMO is somewhat trivial
 
*Need clear dialog for AMO sandbox
 
mockup: https://people.mozilla.com/%7Ejboriss/dump/flow_chart_for_addon_download2.pdf
 
suggestions:
 
*We could lower the delay from 2 noisy seconds to 1 quiet second
*We could show the user-intent-verification first, before the download finishes. Then there aren't 2 separate "waiting" steps as long as the download is fast<br>&nbsp;
**this would require AMO to supply the stuff that's supposed to appear in the dialog, as part of the installtrigger call, but it would make the UI much better.
*We could make it so any link to addons.mozilla.org opens in a new tab, and use browser-side defenses against clickjacking on that tab
*We could deny InstallTrigger if clicked within 1 second of selecting the tab/window, to make clickjacking AMO harder
*Rather than author information, which is never verified, could show AMO status
**(not on AMO; sandboxed; full review; old version)
**popularity
**average review score
 
Unresolved Questions:
 
*AMO warnings (slows down firefox? has privacy policy?)
 
== Designs  ==
 
=== '''Ask permission, then download installation (ideal order)'''<br>  ===
 
The diagram below shows how the add-on installation would feel if we were able to ask the user's permission, with whatever add-on information was available, before downloading the .xpi file. This is far more consistent with user's expectations of giving permission before the action that they gave permission for. Obviously the information we have at the beginning of a download may be imperfect, but we should show the best information we have available and only throw a flag if there is a problem. At least on AMO, the information we display should be correct.<br>
 
<br>
 
[[Image:Not backwards addon case.png|202x340px|Mockup]]
 
<br>
 
<br>
 
=== '''Download, then ask permission second installation (current but not ideal order)'''<br>  ===
 
This is the order of our current add-on download installation. While it's roughly understandable enough for users to navigate through, the order is backwards compared to the vast majority of similar installation flows. Installing a file before asking both flies in the face of user expectation, and gives the impression at first that we will be installing an add-on without asking permission at all. This may cause users to prematurely cancel an instllation.<br>
 
<br>
 
[[Image:Backwards addon installation case.png|218x289px|Mockup]]
 
<br> (also see {{bug|646602}})
 
== Use Cases  ==
 
*Installing human-reviewed add-ons from AMO
*Installing automated security review sandbox add-ons from AMO
*Installing add-ons not from AMO (default buyer beware)
*(possibly) Installing trusted add-ons not on AMO (e.g. AdblockPlus)
 
== Test Plans  ==
 
None so far.
 
== Goals  ==
 
Make add-on installation a more efficient, more consistent, and more secure experience
 
== Non-Goals  ==
 
__NOTOC__
 
[[Category:Features]] [[Category:Firefox]]
Curtisk
canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/312634...393071"