Prompt if Tor Browser is Maximized
We should display some kind of toolbar message or otherwise warn the user against maximizing their Tor Browser window, because maximization reveals monitor resolution and toolbar sizes.
Activity
See also #7256 (moved), which might end up being simpler than this ticket if zoom is easy to manipulate to get a target virtual resolution.
Trac:
Cc: N/A to g.koppen@jondos.de-
We might also want to prompt or otherwise block toolbar/bookmark side panes. See #7562 (moved).
Trac:
Cc: g.koppen@jondos.de to g.koppen@jondos.de, tails@boum.orgThis solution would be acceptable for Tails, but:
- Shouldn't the user be warned against any form of resizing and not only maximizing?
- We'd rather see the old "prevent resizing but to multiples of NxM" functionality back.
- Alternative proposal:
- build a list of well-spread maximized sizes (e.g. Windows 7 on 1280x800 display, etc.)
- allow maximizing to them
- if maximize doesn't end up using one of those well-spread sizes, maximize to the biggest possible one of these when asked to maximize
- always warn when resizing
-
Looks like Mozilla recently added some APIs that might allow us to more aggressively set fixed window sizes: https://bugzilla.mozilla.org/show_bug.cgi?id=357725. Not sure if that's a good idea or not.
Trac:
Cc: g.koppen@jondos.de, tails@boum.org to g.koppen@jondos.de, tails@boum.org, mcs, brade
Using an unusual screen resolution was sufficient to identify me uniquely to panopticlick. With my portrait mode screen resolution of 1200 wide by 1920 high, the default window size of 1000x1765 was unique, no resizing or maximizing needed.
Perhaps the default should be whichever "standard" size is most common in the wild, regardless of the underlying screen resolution?
Better still would be to report said standard size regardless of the actual size, and let people freely resize and zoom (see #9189 (moved)) with anonymity. But that's probably hard ;-)
Trac:
Username: adam.greenblatt
Trac:
Cc: g.koppen@jondos.de, tails@boum.org, mcs, brade to g.koppen@jondos.de, intrigeri, mcs, bradeReplying to mikeperry:
We should display some kind of toolbar message or otherwise warn the user against maximizing their Tor Browser window, because maximization reveals monitor resolution and toolbar sizes. If a notification (not a confirmation) dialog is what is needed, Notification API can be useful here: https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/notifications
There's a demo to check how it looks like, works fine with TBB 3.6.5: https://developer.mozilla.org/en-US/docs/Web/API/notification You need to give permission for this one, since the notification comes from the page. Torbutton won't need the permission.
With my latest proposed patch in #14429 (moved), browser window dimensions are quantized to 200x100. So, assuming we use that patch, what kind of warning would be appropriate?
-
Presenting a one-time notification dialog that just explains that the browser dimensions are quantized, and why.
-
Display a dialog that recommends that the user not change the window size, and present a "cancel" button that lets the user abort the resizing action before it reveals the new window size to content scripts.
Alternative 2 probably offers a little extra anonymity to those users who heed the recommendation, and a little less anonymity for those users who choose to ignore it (but whose windows remain quantized). On the other hand, the window size already varies on window creation, depending on the user's screen size, because of the algorithms here: https://gitweb.torproject.org/mikeperry/torbutton.git/tree/src/chrome/content/torbutton.js?h=1.5-next#n2201 so I'm not sure Alternative 2 provides much more safety than Alternative 1.
I would welcome any opinions!
Trac:
Status: new to needs_information
Cc: g.koppen@jondos.de, intrigeri, mcs, brade to g.koppen@jondos.de, intrigeri, mcs, brade, arthuredelstein, gk-
-
Without having some data we can't say much about whether following option 2 is better or worse for the user's anonymity. Looking at the tickets with users that are wondering about why their browser windows are not rounded at all my gut tells me resizing/maximizing is far more common than commonly thought. I'd even bet that the majority of users is actually resizing their window as they might not understand why they should not do it and why they should waste a lot of available screen space.
What about just closing this ticket when the patch in #14429 (moved) lands as the user can't shoot herself in the foot anymore (and preventing this was all the ticket was about)? If we still think we owe the users who are maximizing their windows/trying to get them fullscreen an in-browser explanation as it is not working as expected, then I am in favor of some non-modal mechanism. Maybe a notification box? (I think a modal dialog might just be annoying)
Trac:
Status: needs_information to new -
I was thinking that if #14429 (moved) landed, we could perform the resize upon maximize, and then display an informative notification upon the "sizemodechange" event after the fact, but similar to the one I just made for New Identity in #9906 (moved).
Basically, we would tell the user that we resized the window, and have a "Never do this again" checkbox to disable resizing. However, we probably also need a "Never show this again" because the first few times the user sees it, they may just click through and not even realize what happened..
The issues with #14429 (moved) are making me sad though. I feel it is rather important to have some kind of notification+resize here, even if we can't land #14429 (moved).. :/
-
Replying to mikeperry:
I was thinking that if #14429 (moved) landed, we could perform the resize upon maximize, and then display an informative notification upon the "sizemodechange" event after the fact, but similar to the one I just made for New Identity in #9906 (moved).
Basically, we would tell the user that we resized the window, and have a "Never do this again" checkbox to disable resizing. However, we probably also need a "Never show this again" because the first few times the user sees it, they may just click through and not even realize what happened..
Ah, you wanted to re-purpose this ticket. :) I am definitely in favor of giving users some hints about what happened after they resized and thought they would maximize their window or make it fullscreen (given we land this in tandem with #14429 (moved)). I am still not convinced that we should do that with modal dialogs. It might not be important enough to a lot of users to warrant a blocking dialog. Having modal dialogs for all sorts of decisions does not scale well UX-wise. The advantage of a notification box might be as well that it allows us to put all the "Never do this again" and "Never show this again" into one dialog while it is not straightforward to do that with several checkboxes in a modal dialog (although one surely gets that to work: https://stackoverflow.com/questions/27310608/firefox-addon-sdk-prompt-with-multiple-checkboxes).
The issues with #14429 (moved) are making me sad though. I feel it is rather important to have some kind of notification+resize here, even if we can't land #14429 (moved).. :/
Why is it important to have a resize element if we can't land #14429 (moved) for now? Why not just having a notification that gives the user a choice before she is shooting herself in the foot which gives us time to write and test the code for #14429 (moved) properly?
Trac:
Cc: g.koppen@jondos.de, intrigeri, mcs, brade, arthuredelstein, gk to gk, intrigeri, mcs, brade, arthuredelstein -
Replying to gk:
Having modal dialogs for all sorts of decisions does not scale well UX-wise. The advantage of a notification box might be as well that it allows us to put all the "Never do this again" and "Never show this again" into one dialog
more technically: I have popup notifications in mind here, not a notification box.