Matthew Thomas wrote:
> Gervase Markham wrote:
>
>>...
>>The backend work is mostly in place for this sort of thing. What needs
>>doing is for someone to come up with a complete design for the UI for
>>the "Zone" system's preferences, so that you can define a number of
>>named security Zones, and set preferences for access to any DOM
>>property or function (including window.open()) for each zone.
>>
>
> Not at all. After spending the last couple of years fiddling with
> various UI ideas for zone prefs, I've come to the same conclusions Ben
> Bucksch has. It's not reasonable to expect users to understand and
> configure zones, and maintain whitelists *or* blacklists, in order to do
> something as relatively simple as banning cyclical popup windows.
Whitelists and blacklists are only useful when their sizes are
relatively small. Beyond that they become a pain to manage (even for
expert users).
>
> If you don't like windows popping up without your permission, you don't
> like windows popping up without your permission. You're not going to
> like it any more or less on particular sites, even if it were possible
> to you to cover the entire Web with a whitelist or blacklist (which of
> course it isn't).
The problem with this assumption, is that there are cases in the real
world where you do want zone controlled lists. For instance, say I don't
like popups. I want the disabled everywhere. Except I work for a company
that has HR pages I need to use, and those pages use popups. Because I
as a user can't change the behavior of the page, I need to be able to
enable popus just for that page. Without a whitelist my choices are 1)
never go to the site, 2) always enable popups, or 3) and enable popups
whenever you go to the site and disable them again after you return.
bob
