But will a ‘be cautious, untrusted waters’ sign really help?
People are stupid.
I’m being told that closing window by clicking the warning sign is being considered for inclusion at later date.
Dmitri
Like I said, it may not help everybody, but history shows that the warning window does work (even if only by discouraging people from using applets =) )
Great if that happens, then JavaFX can really compete against Flash.
[quote]I’m being told that closing window by clicking the warning sign is being considered for inclusion at later date.
[/quote]
Ah good. That should help escaping any unfriendly full screen app.
Another suggestion for escaping full screen is having a esc option.
This is what will be done in FX - ESC closes FS window unconditionally.
What I am saying is that there is a fine line between protecting the users of Java and helping the producers of content.
Since an applet is already sand boxed it cannot do harmfull things. Why do we then need to add all sorts of visual warnings?
Whatever you can do with an applet, can be done by either flash or plain html - and if not, then limit applets. Don’t add a forest of signs and warnings to scare away users.
Make sand boxed applications safe for the users (at least as safe as “the others”) and remove all warnings.
However, signed applets is another deal, and I understand the need for the large warning signs. That said, you could re-introduce (why did it stop working? - did it?) the policy files to make the user aware what is being requested permission wise.
[quote=“Matzon,post:46,topic:33370”]
Agreed.
But pop-up windows without special “THIS IS JAVA”-frames are not safe, as they can trick the user into thinking it’s ANY other program…
“Wait, my Windows Live Messenger wants me to log in again? Ok then…”
“Wait, I thought I had already logged in to gmail? Ok then…”
“Wait, I thought I had already entered the launch codes for the nuclear bombs? Ok then…”
Pop up windows are evil as fuck.
Since a simple link can launch webstart from any site, and webstart can pop up windows without asking the user, those windows need to be CLEARLY labeled as unsafe. Absolutely, definitely, no question about it.
Hell, webstart apps don’t even have to pop up a window at all, they can just run in the background for as long as the computer is running. Combine this with some scripting and networking, and you’ve got a free distributed computer trapping people who are stupid enough to click links on the interwebs.
Why not do this:
- totally block undecorated Frames => frame.setUndecorated(true) has no effect
- suppress the length of the Frame title visually, frame.getTitle() must return the full title
- append " - Java Applet Window" in the frame title.
I think that the explanation text must mention Java aswell as Browser because browser is more know by enduser
“Java Applet Window” => most user wont understand what it is
“Internet Explorer - Java Applet Window” or “Browser Java Window” => people will understand they are on the web
probably the best way is to do using browser rules :
- modified title
- no undecorated or a translucent message over the whole window that user have to click before activating and focusing the window (like the press esc to close window of flash video)
probably already the case but, plz, think to add a Hook/Event as in IE the onbeforeunload event to help developper to know when the window is being closed
I have to agree that this would be a much better way to go - frankly I find the current implementation with the floating warning icon is hideous. Not only does it look sloppy and unprofessional it’s entirely unexpected behaviour. Good user interface design means using common patterns and metaphors - buttons look like buttons, links and urls follow certain conventions, grabbable areas like scrollbars have textured surfaces, etc. etc.
The floating warning icon has absolutely no existing analog. No app that I can think of floats icons or other images outside of their window. To a user it looks weird, alien and out of place. And things that look weird and alien get dismissed as bugs or worse (the first time I saw it, I thought I’d caught some weird virus). With the ability to change the position of the icon Sun will make things even more inconsistent and worrying for users.
We already have a solution that doesn’t involve introducing strange new UI ideas - use the window title bar. Firefox displays “Javagaming.org - Recent Posts - Mozilla Firefox”, handily combining user data (domain and page title) with it’s own application identifier. Every app I’ve got open now follows this simple convention and users already know and understand it.
It really does baffle me how Sun manages to get these fundamental issues so very, very wrong. >:(
I’d have to agree with the above posts, Java 7 is a great chance to get applets right, better to tackle the fundamental issue head on by sacrificing some backward compatibility rather than going the heroic route of finding some workable workaround. It’d be better in the long term.
if you want popping applet windows, applet should be signed.
[quote]Why not do this:
- totally block undecorated Frames => frame.setUndecorated(true) has no effect
- suppress the length of the Frame title visually, frame.getTitle() must return the full title
- append " - Java Applet Window" in the frame title.
[/quote]
If unsigned applets going to open windows then this sounds fine.
You might want to look into how air does there warning messages: http://www.adobe.com/products/air/showcase/#section-1
Basically air looks like webstart but nicer looking and smoother. As you can see they have no warning icon outside there window :
Would also be nice if webstart had the installer window they use, able to pick where to install the app.
Edit:
Why doesn’t Java have a nice market place?
Well, that’s because their apps are signed. Signed java apps don’t have the icon either.
I went to install the Mini clock, and the experience wasn’t all that pleasant or different from a typical webstart app install.
(BTW, the clock widget proceeded to use about 10% of the cpu while running, and took around 80M of resident memory, so hey, may be JavaFX isn’t that bad =) Their warm startup time is much better though)
(Edited: well, the Mini Clock re-starts in 4 seconds, which isn’t all that great. The nicolodeon app is almost instant though)
This is one of my main frustrations with JavaFX is you have to bite off the core of 3meg just to start up and everything you add on top is just extra weight. Though 3meg is pretty small for an application, to require that to launch an applet seems VERY heavy. Even on broadband it can add valuable seconds to load-time.
Well, the thing here is that javafx runtime is pre-installed with 6uN updates, so in theory for many users they only pay the price of the application.
For Macs yes, one would have to pay the price for the runtime download. The unfortunate thing is that because of the bugs in webstart it has to eagerly download some parts of the runtime which may not even be used.
But we digress from the topic.
So no comment on why Sun introduced an entirely alien and unfamiliar UI concept when an existing one already was already in common usage?
Because of our evilness, of course, we’re out to harm the developers.
I don’t think it was thought of “alien or unfamiliar”. All we were trying to do is to get rid of the ugly java applet warning window (requested MANY times by the developers).
Apple has done it in a nice way, but because of technical limitations on windows (and other platforms, which give out more control to the user for window themes and such) it couldn’t be done the same way, so we decided on an icon (after consulting with UE team, btw).
You can’t put it inside the client window because it’ll obscure the client content, so the logical choice is to put it outside. I myself think that it is associated well enough with the window it is attached to - you drag it, it is dragged, etc.
Also, where else would you put a warning for a translucent, shaped, or undecorated window?
Do not allow such behaviour on untrusted applications. Don’t throw exception, just make is a no-op when the attempt is made.
What’s so bad about this solution? It seems so obvious.
[quote]Well, that’s because their apps are signed. Signed java apps don’t have the icon either.
[/quote]
Some apps are not signed. I’m not sure what limitations they have… But couldn’t find any on my basic test.
Yeah, now I agree that this would be better than the current warning sign. Like OrangyTang said, users are familiar with it.
Also, like was said before, applets shouldn’t really need to pop up windows except for functional things like popping a file-open dialog which will always have a title bar (and won’t be undecorated or translucent).