Tab-level "shields off" mode

#1

This feature request is for developers who need to work with a bunch of legacy sites.

Sometimes, shields on will break some sites. Thats ok. Turn it off for that site and all is ok.

sometimes, however, a transaction on one site leads to redirections across 3 or more domains. This is often the case in single sign on workflows, such as with custom sites integrating with auth0. Shields on will break the workflow in the middle of the transaction and turning off shields will not restart or resume the transaction. So you have to redo it from the beginning, only to be redirected to another domain which shields off will break too, causing another restart.

Currently, the only way to get these sites to work is to try the transactions, note which parts break, and shields off on those parts then retry. If you’re lucky enough to control both ends you might be able to predict all domains to shields off on, but in practice as an integrator often you can’t.

The best way to fix this is the ability to mark a single tab as a shields off tab. This tab should be visibly distinct (so the user knows they are unprotected) and have an easy mechanism to enable shields again. Any activity generated by that tab is “shields off” activity.

Additionally, there can be a review button for that tab that if clicked will show a history of that tab’s activity, marking any activity that would have been blocked if shields were on. The review page will also make it convenient for the user to add domains to the black or whitelist for shields.

2 Likes
#2

cc @rebron2000 @rossmoody from product tea and @Mattches on it.