Sorry for bringing up a few things again I have no idea what was discussed.I introduces Alex and Rebecca (UI/UX) to all of this in the past. So I'm happy to discuss potential changes and ideas with them.I left some questions on the design doc.It's either "Show all" or "Site Settings" link. Since you have added the "site settings" link. I suggest we also change the settings page to allow the users to see an overview of all their permissions for a given page. Otherwise your changes takes away this option (I know some settings are missing at the moment but this is a bug).
On Fri, Feb 13, 2015 at 8:41 PM, Chris Palmer <pal...@google.com> wrote:Markus has questions about the OIB simplification, and some suggestions:
https://codereview.chromium.org/810893003/
Public form of the design document:
https://sites.google.com/a/chromium.org/dev/Home/chromium-security/enamel/goals-for-the-origin-info-bubble
Is the Site Settings link not enough? Would people like to have a Show
All Permissions button that expands the listing to show even
default-set permissions?
Keep in mind that this is my last day before leave, and that the new
status quo got UI team buy-in. If we want to add e.g. a Show All
Permissions button, it'll either have to wait until I'm back
(beginning of Q2) or someone else will have to write the CL.
--Markus
To unsubscribe from this group and stop receiving emails from it, send an email to security-dev...@chromium.org.
On Feb 16, 2015 2:33 AM, "Craig Francis" <craig....@gmail.com> wrote:
>
> I know this is a very old problem, but if using HTTP Authentication (aka basic access authentication)... can we allow the user to logout?
No.
>
> It may not be best placed in the Origin Info Bubble... but it's been a problem for quite a while :-)
>
> Craig
It is a problem not just of UI, but of fundamental protocol.
Consider a page that loads sub resources. You are prompted to auth for them. You now may have any number of identities associated. How do you show them. How do you revoke them? What about when you use a proxy? What new complications there?
I used to believe this was a solvable problem. Now I don't. If anything, sites should avoid browser UI as firmly as possible. Beyond Basic Auth being itself broken ;)