[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GUI redesign part 2
From: |
Libor Polčák |
Subject: |
GUI redesign part 2 |
Date: |
Thu, 12 Aug 2021 14:47:34 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.8.1 |
* Levels of protection proposal:
* Some confusion about how to interpret the images. Long discussion,
refer to "Levels of protection update proposal" for notes on this. Long
story short we decided to provide a system of sliders to configure the
settings of each wrapper grouping, per domain. Further choices need to
be made to display this in coordination with the global level, and a way
to revert back to the default for a domain or wrapper group.
Hello,
please see the new image that should cover our discussion.
The user can select the default level in the configuration. We will provide the
levels that we have know and the user can fine-tune them.
The user can redefine the protection for currently visited domain or page (see below for open issues). When
the user changes the configuration, the "Referesh page" button appears. If a category protection
differs from the inherited, the "Reset" button is shown. The user can "Reset all"
redefined protections.
The user should be able to easily access documentation on the groups or the
whole extension.
Open issues:
* NSCL provides a way to detect TLD+1. I think that we should leverage this and
by default let the user configure the protection for the TLD+1 (as shown in the
figure). The user should have the possibility to click on a part of the domain
to change the application of the modified protection, for example, should the
user click on fit, the rectangle should change to:
+---+-----+--+
www.fit.vutbr.cz|/path/login/login.php
+---+-----+--+
If the user changed the configuration in the past, the popup should display
that and show the most specific configuration and not the TLD+1.
* What groups of wrappers do we create?
* Do we show both calls protected and call not modified (or protectable)
columns or just the calls protected column?
* I think we did not discuss this on Monday but I also added the possibility to
set a specific level per URL (I guess we can omit query and fragment part). The
reason for this is that we know that many pages employ fingeprinting scripts
during log in. We should let the user turn of the protection for just that
page. So if the user clicks on the path of the URI, the rectangle changes to:
+---+---+-----+--+--------------------+
|www.fit.vutbr.cz/path/login/login.php|
+---+---+-----+--+--------------------+
The user can define a specific level for that URL.
Please comment.
Let me know if I forget some details from Monday.
Best
Libor
popup2.svg
Description: image/svg