[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #30237 [Applications/Tor Browser]: Tor Browser: Improve TBB UI of hidden service client authorization
#30237: Tor Browser: Improve TBB UI of hidden service client authorization
--------------------------------------+--------------------------------
Reporter: asn | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201904 | Actual Points:
Parent ID: #30000 | Points:
Reviewer: | Sponsor: Sponsor27-must
--------------------------------------+--------------------------------
Comment (by asn):
Replying to [comment:2 antonela]:
> Following the specs, we don't have user/password, end-users just have a
private key. So, I updated the first user story's UI.
>
>
Looks good. Not sure how we can do better than "Private Key" but perhaps
we should. Perhaps we can write "Personal key" or "key" and then have more
info in a "?" box?
No idea...
>
> We should work on this validation. I made a first approach for this
content, please feel free to suggest/add/remove any of this lines:
>
> ||= Type =||= Error =||= UI Message =||
> || User Input ||incomplete form|| Please, enter your private key ||
> || User Input ||over/under character or word count|| Must have 52
characters ||
> || System Error ||misspelled errors|| The private key is wrong. Try
again. ||
> || System Error ||connectivity issues|| There was an error. Check your
internet connection and try again. ||
> || System Error ||failure to load|| There was an error handling your
request. Try again. ||
>
>
> Which else error scenario should we consider?
>
>
The first two errors can indeed be detected and IMO should be detected.
The `misspelled errors` can be detected (by checking whether we could
decrypt the descriptor with the key), but depending on how communication
channel between TB<->Tor works, we might not learn the result on time to
keep the auth dialog open. So we would have to respawn the auth dialog to
throw the error. Does this make sense, and is it ok?
Same for `connectivity issues` and `failure to load` but perhaps this
should be handled the same way as #30025?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30237#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs