Zones proposal (draft)
Proto-spec for security/functionality zones implementation in Firefox and Thunderbird.
With the new capabilities of the permissions extension, we can now implement selective blocking of more than cookies, images, and popups. We can now block plugins, scripts, stylesheets and more, both on a default level and per-host. However, any sort of expansion of our current UI for content black/whitelisting falls short on a pure usability basis.
By allowing a small set of categorized zones, we can greatly simplify management of site permissions and expose more of the content blocking capabilities without overwhelming the user. This would also be accessible directly from the browser interface, eliminating the buried aspect of the current content black/whitelisting.
Ideally, these zones would control a set of sub-prefs for at least the following items, but this is by no means exhaustive/complete.
Image loading
Cookie acceptance/retention
Object (plugin) blocking
JavaScript blocking
Popups
Software installation (themes/extensions)
However, we would by default control the application of these prefs by the use of a slider, which would allow simple changing of the prefs as a group, but we would allow tweaking in a similar manner to IE.
Sample slider pref “sets” for Firefox.
| Most Restricted | Restricted | Default |
Trusted | |
|---|---|---|---|---|
| Images | Disabled | Enabled | Enabled | Enabled |
| Cookies | Disabled | Session-only | Enabled (first-party) | Enabled (all) |
| Plugins | Disabled | Disabled | Enabled | Enabled |
| JavaScript | Disabled | Enabled | Enabled | Enabled |
| Popups | Disabled | Disabled | Disabled | Enabled (?) |
| XPInstall | Disabled (no mesaage) | Disabled (show message) | Disabled (show message) | Enabled (equivalent to whitelist now) |
Why this would matter
Thunderbird has two radically different profiles for content. One is mail, and is pretty paranoid about external links, javascript, images, etc, whereas the RSS reader has a different set of desired settings. This eliminates the need to have custom interfaces within mail to handle this duality. Simply setting up a Mail and an RSS zone would allow prefs to be tweaked independently.
Firefox would probably have three zones (Untrusted, Default, Trusted) by default and possibly adding custom zones would be supported. Users would be able to change the current site’s zone from the status bar. Easily restricting questionable sites, or opening up a bit more for trusted ones, shouldn’t require opening the prefpanel.