Temporarily set top-level sites to TRUSTED glitch

[fatboy]

… maybe it should be changed to "Automatically set top-level sites to Temp. TRUSTED"?

What about a tooltip?

[fatboy]

Bump.

[Giorgio Maone]

… maybe it should be changed to "Automatically set top-level sites to Temp. TRUSTED"?

What about a tooltip?

The tooltip screenshot is gone

[fatboy]

Unfortunately, I don't remember what my thoughts were on the tooltip, but I
agree with what therube wrote on the previous page.

[Giorgio Maone]

OK, after re-reading the whole thread, and taking in account issue 417's resolution, I'd settle with
"Automatically grant TRUSTED capabilities to the top-level document's origin'.

WDYT?

[fatboy]

Personally, I prefer "Automatically set top-level sites to Temp.TRUSTED"
(viewtopic.php?p=107582#p107582)
A tooltip "When restarting the browser, the checkbox will remain checked and permissions for top-level sites will be restored" might help.

[barbaz]

Personally, I prefer "Automatically set top-level sites to Temp.TRUSTED"

+1. Or to be sharper, "Automatically set top-level sites to contextually Temp.TRUSTED"

A tooltip "When restarting the browser, the checkbox will remain checked and permissions for top-level sites will be restored" might help.

This seems confusing. I don't think users would expect this checkbox to automatically unset itself after browser restart, and it's not clear what "permissions for top-level sites will be restored" means.

Once the wording of the setting is improved, what aspect(s) of this setting would still need additional explanation in a tooltip?

[fatboy]

You and Giorgio are talking from the point of view of people who understand what is going on "inside" the browser (stop - permissions canceled. start - permissions applied again).
And I have developed a conditioned reflex - "Temp" should be canceled for good.
But we have already discussed all this. Perhaps the tooltip is really unnecessary.

"Automatically set top-level sites to Temp.TRUSTED (every time browser starts)" would be more understandable, but is too long.

[Giorgio Maone]

I'll try to better detail the reasoning behind my "Automatically grant TRUSTED capabilities to the top-level document's origin" proposal:

1. We don't apply neither the "TRUSTED" nor the "Temp. TRUSTED" presets anymore: instead we create and apply a CUSTOM capabilities set which matches the current TRUST preset, but is temporary and contextual to the top domain.
2. The temporary attribute is just a (admittedly confusing) implementation detail, since as long as the checkbox is set those permissions are granted all over again whenever you open the site as a top-level document

Hence 1) "grant TRUSTED capabilities" rather than "set to TRUSTED" and 2) the removal of the "temporary" language.

Again, any thoughts?

[barbaz]

1. We don't apply neither the "TRUSTED" nor the "Temp. TRUSTED" presets anymore: instead we create and apply a CUSTOM capabilities set which matches the current TRUST preset, but is temporary and contextual to the top domain.

This reasoning seems too focused on technical implementation details. To the end user, TRUSTED-equivalent capabilities is TRUSTED, however it gets there. To just call it TRUSTED communicates more clearer meaning with less human processing, it's easier to understand.

EDIT Maybe also worth bearing in mind how this would square if/when viewtopic.php?t=26551 gets implemented?

2. The temporary attribute is just a (admittedly confusing) implementation detail, since as long as the checkbox is set those permissions are granted all over again whenever you open the site as a top-level document

Without any wording along the lines of "temporary", user might think that visiting a site would set a permanent permission in NoScript Options. That might lead to thinking they can easily set some permanent contextual TRUSTED permissions by enabling this option, browsing their favorite sites, then disabling this option. Or lead to thinking this option is more dangerous than it is, because any site they browse would be permanently trusted and how would they sort through all those permissions after the fact.

If the word "temporary" is too confusing because of typical behavior of temporary permissions, what about using some synonym for "temporary" (e.g. "transient" or "provisional")?

[fatboy]

"Automatically apply CUSTOM (inheriting TRUSTED) to top-level documents for the current session"?

[Giorgio Maone]

What if we remove the technical stuff and just try to convey the basic information?
"Automatically trust sites loaded as the top level document"

Speaking about "current session" is technically correct, but kinda moot, because as long as the option is enabled this keeps happening also across restarts.

[fatboy]

Sounds good.

Or another variant: next to the "Disable restrictions globally" button add the "Disable restrictions for all top level documents" button (the action of this button is canceled in the same way as the action of other buttons).
The same item in Options -> General + checkbox "Restore restrictions on browser restart".

[barbaz]

What if we remove the technical stuff and just try to convey the basic information?
"Automatically trust sites loaded as the top level document"

This could work, though not sure if it'd still have potential to be misinterpreted as setting permanent permissions.

what about "Automatically trust top-level sites while loaded as the top level document"? Adding "while" makes it sound provisional without describing it in terms of temporary permissions.