New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#750 - Add about:studies #801
Conversation
TC failure seems to be unrelated - tests pass locally. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks good. I dug into some of the Firefox JS that this references, and I think you've got a good foundation here, which is the point of the issue here.
I think going with the protocol handler is definitely the idea here. I looked at some of the other about pages (which I was able to find after reading this PR), and there really isn't a centralized place we could add to.
I have a couple small changes I think we could make, and I think this could use some tests. If nothing else, simply loading the about:studies
page and making an assertion about it's content would be a good test.
recipe-client-addon/bootstrap.js
Outdated
|
||
this.install = function() {}; | ||
|
||
this.startup = async function() { | ||
await ShieldRecipeClient.startup(); | ||
AboutStudiesProtocol.register(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't be modifying bootstrap.js
if we can avoid it. We should treat ShieldRecipeClient
as the entrypoint for anything in the add-on. This is because it is very hard to control when bootstrap runs in tests, and putting everything in another file makes that a lot easier.
recipe-client-addon/bootstrap.js
Outdated
}; | ||
|
||
this.shutdown = function(data, reason) { | ||
AboutStudiesProtocol.unregister(); | ||
ShieldRecipeClient.shutdown(reason); | ||
|
||
// Unload add-on modules. We don't do this in ShieldRecipeClient so that |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On the other hand, we do have to add AboutStudiesProtocol.jsm
and any other modules we add to this list of modules to unload.
contractID: "@mozilla.org/network/protocol/about;1?what=studies", | ||
QueryInterface: XPCOMUtils.generateQI([Ci.nsIStudiesProtocolHandler]), | ||
|
||
newChannel: (aURI) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The a
prefix stands for "argument", and is generally going out of style in Firefox code. This is a nit, but can we not use it?
* `AboutStudies.xml` file. | ||
*/ | ||
function StudiesProtocolHandler() {} | ||
StudiesProtocolHandler.prototype = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can this be either a class or a plain object? What's the benefit of using the prototype way of doing things?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wanted to keep the uri
, classID
, etc tied to the ProtocolHandler class, so I just defined everything in one go. Using es6 classes we have to do something like:
class Whatever { ... }
Whatever.prototype = { thing: 'woo' }
Alternatively, we could define the uri
etc in the class constructor, however I suspect the Cm.registerFactory
call looks up the handler info from the prototype. I will investigate and see what we can do.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I pulled out the data that was being stored in the prototype into its own separate object - turns out we dont need those attributes on the class itself, just need them while registering the protocol handler.
@@ -0,0 +1,12 @@ | |||
<?xml version="1.0"?> | |||
<!DOCTYPE html> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this file an xml file? Can we make it AboutStudies.xml
?
Services.scriptSecurityManager.getSystemPrincipal(), | ||
null, | ||
Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, | ||
Ci.nsIContentPolicy.TYPE_OTHER |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We probably shouldn't use TYPE_OTHER
here. For one, the docs say we should avoid it. I think TYPE_DOCUMENT
would be more appropriate.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think you missed this one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right, sorry! I've corrected this.
Oh, I also don't think this needs to land on a feature branch. Since it doesn't change any existing features, I think it is safe to land this on master, even with the filler content. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, except for one thing you missed (the channel type). Still needs test before we can merge. Thanks for the changes.
208896e
to
623ebed
Compare
ed1d697
to
bd2e0d6
Compare
The taskcluster failure is #806, which has been fixing master. Can you rebase on master to pick that up fix? |
bd2e0d6
to
ee5cae9
Compare
I have no idea what the CircleCI errors are. Webpack seems grumpy? I bet we didn't pin some dependency and something updated. |
|
One of the unpinned deps that @andymikulski just fixed was babili, so that makes a lot of sense. |
I am sad about this. Do we need to do this? Some general points - I don't have time to do an in-depth review right now, but from a quick look some points need addressing anyway, so...
|
What in particular are you sad about? We definitely need to add some sort of user visible page. I don't think it strictly needs to be an about: page, but that seemed like the best choice. Do you have another suggestion? |
To elaborate on my sadness: we have a tremendous amount of about: pages that were once happy aspirations of projects, with 0 UI exposure, that we have to carry (or only recently stopped carrying) around because of inertia. That list contains, off the top of my head:
I just sometimes get the feeling people think their project doesn't matter unless it has its own about: page. I don't think that makes sense. I think we should think carefully before adding more. Is this the best way of exposing this thing (whatever it is)? Can we just make a button somewhere generate a srcdoc or data URI? It's not really clear to me what needs to end up living on this page. But from reading the original issue, maybe this should just be a part of about:addons ? |
@gijsk The connection to about:addons is a technical relationship since we are using add-ons as a delivery mechanism. It doesn't really make sense from a user perspective. We don't want users to be confused about what they have installed themselves and what studies they are actively participating in. I've had quite a few conversations with some of the product, legal, and UX folks about this already. We'd like a unified place where users can go to see if they are currently participating in a study and view any studies they may have been a part of in the past. I don't really care if it's an about page, but that does seem (to me at least) a strong candidate based on prior art. |
@MattGrimes OK, how does this new page get exposed? How do users find it? |
The UI for about:addons is strongly tied in with the registration of new AddonTypes; I looked into this originally, and feedback from @rhelmer and others was "Don't try to add new stuff to about:addons if at all possible". |
As for the background of what this page is for, it is supposed to show a list of studies the user is participating in, both opt-out and opt-in, past and present. It's a legal requirement for doing opt-out studies. I definitely agree that having no UI exposure and letting this languish would be a problem, but hopefully we can avoid that. I hope that having the code isolated in the shield-recipe-client add-on will help with the languishing part: at least it is self contained. |
Is there supposed to be UI for the user to remove/disable studies (or opt in/out of all studies, or something) ? |
I wonder if a |
Not in this PR, but eventually yes, the page will be used for viewing in-progress studies, and giving users the option to disable them, as well as see studies they previously participated in. |
Generally speaking, Firefox doesn't let web pages (like SUMO/privacy policy) link to about: pages, as that's a security risk. about:blank is the obvious exception. We definitely shouldn't let web pages link to about: pages that can do anything vaguely privilege-related. It may or may not be possible to have exceptions for select mozilla-controlled properties x page combinations, but that would need code changes in Firefox proper so it would be useful to have a clear idea about what the needs are (also because this might make it more attractive to put the list in, say, about:support). I need to go sleep now, but this stuff (how do people get there, what does the page do) all ties into security warranties/hole-punches we will need for this thing, whatever it ends up being, so fleshing this out more before pushing ahead with this PR seems useful - even if I don't know that this PR is the best place to have the discussion. |
Regarding the CI issues: This looks like it is affecting all PRs, not just this one. I filed #812 for that problem. Lets remove the alleged fix from this branch, and try and get just a fix for just it landed ASAP. |
Closing until some specs are landed on. |
Fixes #750
about:studies
protocol handlerabout:studies
after Shield client has startedThis needs some tests, but the meat of the issue is here and ready for review.