need more site permissions settings

[sheikh-azharuddin]

What is the user problem or growth opportunity you want to see solved?

We need more option in the site permissions control like other chromium browsers such as brave/edge/chrome. Currently only 5 items are there in fenix limiting power to the user. Can you add more controls like chromium browsers? Brave has 19 items in the site settings menu. Attaching one screenshot.

How do you know that this problem exists today? Why is this important?

Chromium based browsers have more controls on the site permissions settings giving more flexibility to the users. Firefox main moto is giving more flexibility and powers to the user. Here also we want the same :blush:

Who will benefit from it?

All users

Brave browser site settings--

UNITO-UNDERSCORE!20200611-085526!

┆Issue is synchronized with this Jira Task

[cadeyrn]

See also #3457 for fonts, pictures and JavaScript.

[Amejia481]

cc @vesta0

[brampitoyo]

As I wrote in #3457, I will mock permissions for fonts, pictures and JS here.

[brampitoyo]

Under Settings → Site permissions, we could have three new line items. In alphabetical order, they are:

• Images
• JavaScript
• Web fonts

Unlike camera or microphone, the value for all three settings should default to Allow.

One exception is JavaScript, where the Blocked line item could have a caption like “Will cause websites to break”. Here, I’m reusing the copy of desktop Enhanced Tracking Protection → Cookies → All cookies. We should rethink and possibly rewrite it.

These permissions are managed like all other permissions:

• By default, they’re set to Allow, not Ask to allow. This means that Fenix won’t show any notification while you browse.
• They’re managed on a per-site basis. Simply go to any website and tap the Site information panel. You can block or allow images manually from there.

[sheikh-azharuddin]

@brampitoyo Is it possible to separate audio and video auto play block? Also is it possible to add few more permissions?

Popups and redirects Clipboard Cookies

[brampitoyo]

@sheikh-azharuddin

Pop-ups and redirects are usually malicious, and should be blocked by default. Therefore:

• Our default policy is “Block”
• We don’t expose it as an alterable permission in Site permissions. Allowing them will hurt user experience.

I think you’re asking for us to expose this permission, so you can manually alter it. Can you think of a use case in mind for allowing pop-ups and redirects on all sites?

Is it for testing purposes, or the principle that users should be able to fully customise the browser, or something else?

For this, and for other permissions that are potentially harmful if allowed or blocked (for example: JavaScript), I’d be very comfortable putting them under Developer options.

If we do put them under Site permission settings, caveat texts should be included:

• JavaScript Block Will cause websites to break
• Pop-ups and redirects Allow Websites could unexpectedly navigate to new pages that contain security risk

(Both of the above are example strings – not final).

Clipboard permissions sounds sensible.

And Cookies permissions are already covered under Enhanced Tracking Protection → Custom

[sheikh-azharuddin]

@brampitoyo thanks for your consideration. Yes please include popup under site permissions with default set to "block". If user need he can allow it. The desktop version and other chromium browsers also has it . So it will allow consistency. Besides for few rare sites pop ups are required. Example reward portal of banking site which opens in a new tab, web training links of company portal etc. You can include the caveat string which sounds more logical. Else ignore this request. No issue 😊

Cookies: this is present in other chromium browser apart from etp. In firefox too we already have the settings but under preference which only advance user will know example blocking 3rd party cookies. You can easily bring it to the UI. 😊

Please check below screenshot for reference-

[Amejia481]

Under Settings → Site permissions, we could have three new line items. In alphabetical order, they are:

* Images

* JavaScript

* Web fonts

Unlike camera or microphone, the value for all three settings should default to Allow.

One exception is JavaScript, where the Blocked line item could have a caption like “Will cause websites to break”. Here, I’m reusing the copy of desktop Enhanced Tracking Protection → Cookies → All cookies. We should rethink and possibly rewrite it.

These permissions are managed like all other permissions:

* By default, they’re set to _Allow_, not _Ask to allow_. This means that Fenix won’t show any notification while you browse.

* They’re managed on a per-site basis. Simply go to any website and tap the Site information panel. You can block or allow images manually from there.

@brampitoyo Image blocking/allowing is a feature that we want for next quarter? I think we had a similar feature in FF desktop and we removed it, right now we don't have GeckoView support for it.

[ekager]

Right just double checked - we have the existing GV settings exposed for javascript and web fonts

[brampitoyo]

@Amejia481 @ekager I don’t consider these site permissions as important as the ones we already have today, because Enhanced Tracking Protection does blocking in a much smarter way, and with less chance of breaking sites (although I acknowledge the fact that some users want granular-level choice over every feature of the browser, we have to balance it against the burden of shipping and supporting too many features all at once).

I support shipping only the permissions that can be exposed via GV, for now. This means that images permission will wait for GV support one day – that’s fine.

[ekager]

@betsymi could you give copy feedback on web fonts and javascript settings from this comment? https://github.com/mozilla-mobile/fenix/issues/11460#issuecomment-648556996

[Poopooracoocoo]

How do you access the settings of the site you're currently on? The page info sheet has no buttons in it. :/

[iamtalhaasghar]

Surely, these settings will give more power to the user. Especially, the option to enable/disable javascript and cookies can make a huge difference for a normal user.

[Poopooracoocoo]

beep boop. [i am a robot] this issue will be closed if there is no more activity because of inactivity from mozilla and whoever set me up didn't think that such things couldn't be discussed any further.

/s

[Trass3r]

Under Settings → Site permissions, we could have three new line items. In alphabetical order, they are:

* Images

* They’re managed on a per-site basis. Simply go to any website and tap the Site information panel. You can block or allow images manually from there.

Will there also be a global setting as in previous Firefox Android versions? I used it to save bandwidth.

[jonalmeida]

Moved to bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1813235

Change performed by the Move to Bugzilla add-on.