vision icon indicating copy to clipboard operation
vision copied to clipboard
verified publisher icon hypothesis

Investigation into minimizing installation permissions for the Chrome extension

Open robertknight opened this issue 10 years ago • 2 comments

This is a write up of an investigation into reducing the permissions required by the Chrome extension.

This is what we currently ask for on installation:

before-install-screenshot

By contrast, this is what the user will see with the gradual-permissions prototype - and the "change your data on stage.hypothes.is" part is something that we could yet remove:

proto-install

After installation, the user is able to annotate pages and view annotations as normal. Two pieces of functionality require additional permissions 1) showing the badge count and 2) keeping the extension active when navigating between pages.

The prototype adds a basic settings page to the extension which provides controls for additional features that require extra permissions:

proto-settings

Opting into the badge count, which we could do as part of an onboarding screen, will show a prompt asking to read the user's browsing history - but not read the pages they visit:

proto-show-badge-counts

Opting into keeping the extension active, or any other feature which automatically activates Hypothesis on any pages, will show the most dramatic prompt for access to read all of the user's data:

proto-keep-active

robertknight avatar Jan 05 '16 23:01 robertknight

Do you think that, as well as having this settings screen, we should also ask for each permission the first time we use it?

  • The first time the user loads any page in any tab with or without h activated after installing the extension, we ask for the "Read your history" permission so we can show the badge number.
  • The first time the user actually activates h on a page, or maybe the first time they navigate a tab with h activated, then we'd pop up and ask for the "Read and change everything" permission so that we can keep Hypothesis active.

Whether the user says yes or no to these requests, it'd be nice if we could show a message letting them know they can change their mind in our settings page.

seanh avatar Jan 06 '16 10:01 seanh

Do you think that, as well as having this settings screen, we should also ask for each permission the first time we use it?

Yes, much like mobile apps do.

The first time the user actually activates h on a page, or maybe the first time they navigate a tab with h activated, then we'd pop up and ask for the "Read and change everything" permission so that we can keep Hypothesis active.

I did actually implement this at one point, except that instead of showing the permission without context, it displayed a popup window which displaying the relevant settings. This kind of flow needs design consideration but it is how I envisage most users would encounter this setting.

robertknight avatar Jan 06 '16 11:01 robertknight