#25658: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features -------------------------------------------------+------------------------- Reporter: isabela | Owner: | antonela Type: project | Status: | needs_information Priority: High | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: ux-team, GeorgKoppen201812, | Actual Points: TorBrowserTeam201903, tbb-8.5 | Parent ID: | Points: Reviewer: | Sponsor: | Sponsor17 -------------------------------------------------+-------------------------
Comment (by antonela): Replying to [comment:107 gk]: > What I mean is not a redesign of how per-site security settings should work but we thought about making site-specific settings _as they are available today_ accessible. Ideas we had were outlined in section 2.2 of the proposal. Got it! I approached a UI for what is described at 2.2. [[Image(https://trac.torproject.org/projects/tor/raw- attachment/ticket/25658/25658%20-%202.2.png, 700px)]] Questions: - ` By default only the option to temporarily allow JavaScript would be visible.` When? On the Default level? Or in all security levels? - What happens when user enable/disable JS or Active Content? Should they reload to apply effects? - We cannot prompt users to enable JS for each website who wants to use JS. How are we going to balance it? One option could be to not prompt users but enable it automatically and giving users visual feedback at the URL bar with the colored icon. If this is the road we are going to take, then we should expose this in global settings as an opt-in. - Can we save trusted sites in any safe way? Those trusted sites could have JS enabled, even if the global security level is `Safest`. - The gear icon at the Control Center goes to `about:preferences#privacy Permissions`. Should we incorporate JS and Active Content as an option there too? -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25658#comment:109> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs