What to do when scripts want to do things that the user probably doesn't want done.

<title>What to do when scripts want to do things that the user probably doesn't want done.</title>
<link rel=stylesheet type="text/css" href="../blog.css">

<h2>"signed scripts are a total failure"</h2>
<h3>What does signing a script actually do for the end user?</h3>
anyone can sign a script, it just takes lots of effort. Once a script is signed, it still has to follow 
rules setup by the user/user-agent. It can either be allowed to do dangerous/annoying things or not 
allowed to do them.  All signing scripts does is require extra effort both on the part of the content 
developer and the user.

<p>I don't remember what the current permissions dialogs look like, but i can say a few things about them.
<ol>
<li>They're confusing.
<li>They don't say much.
<li>They aren't memorable.
<li>The options they provided weren't useful.
</ol>

<h2>"a useful dialog"</h2>
<h3>what we should have is the n4 style java permissions dialog</h3>
any script can try to use a privilege or ask for a privilege
the more polite it is the friendlier the dialog will appear.
<p>so if it's a signed script and it asked for permission to do something, the dialog will say so
<p>if it's a signed script that tried to do something without asking, the dialog would say so
<p>if it's an unsigned script that asked, it'd say so
<p>..
<p>the dialog would explain what the permission could be used to do
and would allow remember for .. as well as accept/reject/ignore (ignore=throw no errors but don't 
actually do whatever thing the script wanted to do)

<h2>"a running script"</h2>
<p>Any time the current page has a script running, there would be an icon in the status bar
the icon would give some indication about it being busy, having privileges, ..
and clicking it would enable you to change the settings for the script, including stopping it.

<p>A site which had a &lt;script&gt; tag but where you configured scripts not to run would have a script 
icon w/ a universal no icon (probably a slash). This would enable you to recognize that a script was 
available and that it wasn't running. You could then click the icon, change the settings and let the 
scripts run for the session.

<p>For the most part the settings you could twiddle in the script dialog would be the universal ones (can 
run at all, can twiddle the window object, can twiddle the navigator object), plus whatever things the script 
has asked about or tried to use, or has been previously configured not to do there /might/ be an advanced 
way to add a rule for something which wasn't currently in those lists, but there shouldn't be a need 
w.r.t. the app actually tossing up a dialog about permissions, it might not actually throw one up, but 
might instead flash the script icon w/ a dialog icon ('i' thought bubble) that way it's the user's choice 
to be annoyed by a permissions dialog, instead of the script's or the browser's.