mozilla-mobile / firefox-ios

Firefox for iOS
Mozilla Public License 2.0
12.23k stars 2.94k forks source link

Tab switcher unresponsive if modal messagebox / popup / alert appears on iPhone? #5627

Closed pzrq closed 3 years ago

pzrq commented 5 years ago

UX question - Could the 4th from left tab switcher button below (or even the whole bottom navigation bar) stay responsive to user taps for this case where a modal messagebox / popup / alert appears?

Workaround: Reinstall Firefox ... or possibly agreeing to the popup?

Feels like phishing

Though if there's a valid technical reason (as I suspect my third screenshot already suggests - that it's an iOS-level issue), happy to close as it'd fall into the same category as the macOS dock to bottom switching monitors ... without enabling display spaces ... since Mavericks, i.e. something I'll be pleasantly surprised if it's ever fixed (or I figure out how to get Apple to offer me a job to fix it).

NB: My sincere apologies if the screenshot content below that sparked this straddles or even crosses the line on the community guidelines.

I understand. Click to display more details and screenshots

I have been using Firefox on iOS for a long time now, first time asking a question here. Apologies if there's a better place for this, please let me know and happy to close if so :smile: Firefox is well known and :heart: for putting us as [users in control, for example of plugins](https://blog.mozilla.org/security/2013/01/29/putting-users-in-control-of-plugins/). However, let's assume websites have legitimate reasons to display modal message boxes / popups / alerts. The longer version of how I arrived here and why this at least feels like a :bug: - I'm someone who feels very rattled :fearful: and like user-in-control was at least momentarily taken away by the following experience. In a moment of weakness, I accidentally typo'd `github.com` as `girhub (dot) com` into my URL bar in Firefox. The first time, I got a redirect chain that ended in a messagebox / popup I could not dismiss but most definitely did not wish to agree to by clicking OK, in fact I feel offended and most definitely not OK from what I believe to be a false and even potentially libelous claim in the content of the message (with 20/20 hindsight and some relaxing breathing exercises, this is likely an overreaction to what I now think is actually a pretty solid phishing attempt). Thus I did not click it, but tried to force-close the Firefox app. Upon reopening, the popup redisplayed instantly, thus I could not get past it no matter how many force close and reopens I tried. At that point, I uninstalled and reinstalled Firefox for iOS (which did work, though also closed all my tabs). Tried it a second time and got the screenshots below. Reinstalled Firefox again. The third time I think Firefox ended up being redirected to some random dating website, so unfortunately this specific scenario at least may not be easily reproducible :cry: Though if it turns out it's just my lack of iOS development experience and it is easily reproducible by other means, that'd be wonderful to learn. In case it's relevant, I had the DuckDuckGo privacy extension installed, thanks [Manoush Zomorodi & others who collaborated on IRL S5E7](https://irlpodcast.org/season5/episode7/)! Final screenshot shows my LastPass FaceID then getting locked out. Hopefully that's actually just because the site I visited is say a cryptominer or something relatively low-impact or that iOS was sluggish for other reasons, though if anyone is adventurous enough to learn or share more they know, I'd be happy to hear it. Obviously I'll have to see if there's any personal longer term fallout from this (it has me concerned as someone who knows full well the risks of visiting suspicious websites from for example my listening to [Security Now!](https://www.grc.com/SecurityNow.htm) or hearing stories like that of rnongodb (note that's `r` then `n` which looks like an `m` in many fonts, using a monospace font like `rnongodb` can make it clearer :smile:), though such is life sometimes as of course there are some very dark and lost souls in this world. Might also just be paranoia and thus what I hope proves to be unfounded fear/uncertainty/doubt...though I suspect only time will tell). This has been rewritten a few times over the past few hours, abandoning for now as I need sleep. Thanks for reading! ![Image from iOS](https://user-images.githubusercontent.com/1217010/67143912-4fe9b300-f2bc-11e9-8a5c-d17ea8ebb0b4.png) ![Image from iOS (1)](https://user-images.githubusercontent.com/1217010/67143910-4fe9b300-f2bc-11e9-92c3-6f88b9ef4276.png) ![Image from iOS (2)](https://user-images.githubusercontent.com/1217010/67145099-ff795200-f2c9-11e9-8f54-98d4afa44153.png)

┆Issue is synchronized with this Jira Task

athomasmoz commented 5 years ago

This may be controlled by the OS. Need to confirm if there's something we can do here.

athomasmoz commented 5 years ago

@SimonBasca can you verify if this occurs on Safari?

SimonBasca commented 5 years ago

In Safari, whenever the warning message is displayed, the buttons are still active. The user is allowed to tap on the URL bar, to go to Safari Tabs Tray and close the tab.

We should mimic Safari behavior in this case.

athomasmoz commented 5 years ago

Note that in Safari, the action on the popup says "close" rather than "OK". Maybe this would be more clear that you're not agreeing to anything by clicking it.