Make it more clear that JavaScript is disabled on security level "high"

If a user is setting the security slider level to "high" and is reading its description, the first thing JavaScript related that shows up is: "All JavaScript performance optimizations are disabled. Scripts on some sites my run slower."

This is pretty confusing as a bit later it is pointed out that "JavaScript is disabled by default on all sites."

We should remove the first explanation on this security level. Thanks for karsten pointing this out.

added TorBrowserTeam201609R component::applications/tor browser owner::arthuredelstein priority::medium resolution::fixed severity::normal sponsor::U status::closed tbb-security-slider type::defect labels

The explanation is consistent and that part contains important information that shouldn't be removed. Disabled by default means exactly that - by default.

Perhaps it would be clearer with the sentence about JS disabled on all sites by default coming first. I don't think it's a big difference, though.

Replying to cypherpunks:

The explanation is consistent and that part contains important information that shouldn't be removed. Disabled by default means exactly that - by default. Perhaps it would be clearer with the sentence about JS disabled on all sites by default coming first. I don't think it's a big difference, though.

I think there is a big difference: users might want to inform themselves about the JavaScript behavior if they switch to the highest security level. They start reading and come to the first note about performance optimizations. They think they've found the information they were looking for and stop reading as the sentences are pretty clear: JavaScript is on but just slower. They are wrong. That does not describe this security level. The only thing that describes it is that JavaScript is disabled by default on all sites.

A similar issue exists for the Medium-High security level.

I suggest we reorder the sentences as follows:

• JavaScript is disabled by default...
• JavaScript performance optimizations...
• HTML5 video and audio become click-to-play...

Users might be asked to enable JavaScript by websites that need it. So I suggest we put the JavaScript descriptions first.

Should we also modify the JavaScript performance explanation on High?

• If JavaScript is enabled, performance optimizations...

Getting this on our radar for September.

Trac:
Keywords: N/A deleted, TorBrowserTeam201609 added
Sponsor: N/A to SponsorU

Trac:
Cc: N/A to arthuredelstein

Here's a patch for review: https://github.com/arthuredelstein/torbutton/commit/17767

Trac:
Reviewer: N/A to N/A
Keywords: TorBrowserTeam201609 deleted, TorBrowserTeam201609R added
Status: new to needs_review

Trac:
Owner: tbb-team to arthuredelstein
Status: needs_review to assigned

Trac:
Status: assigned to needs_review

This approach seems OK (reordering the text). But we should also reorder the text within the slider tooltips (i.e., in the id="high_preview" and id="mh_preview" tooltip elements).

Trac:
Cc: arthuredelstein to arthuredelstein, brade, mcs
Status: needs_review to needs_revision

Replying to mcs:

This approach seems OK (reordering the text). But we should also reorder the text within the slider tooltips (i.e., in the id="high_preview" and id="mh_preview" tooltip elements).

Oops -- thanks for catching that. Here's a new version that has the slider tooltips corrected, as well as adopting teor's suggestions.

​https://github.com/arthuredelstein/torbutton/commit/17767+1

Trac:
Status: needs_revision to needs_review

Looks good to me. Applied to master (commit fe6c10c893f3aed2d58e5b0c1b703543d7286f96).

Trac:
Status: needs_review to closed
Resolution: N/A to fixed

closed

moved to tpo/applications/tor-browser#17767 (closed)