Security Warning about piper HOT 7 CLOSED

Just wanted to add that I find it definitely better if the permission set is not global, but limited to the websites that the user can use PiP. It may just need a small hint UI wise to not be confusing. :)

from piper.

I got the same alert, and was equally concerned. I'd love some clarification on this from @amarcu5.

My hope is that compatibility with some new website(s) was added, and that's all. Since each website is listed in the permissions list, I'm thinking any addition(s) would push that alert...

from piper.

@Fofer is correct - this is expected behaviour after an update that supports new sites. PiPer only asks for permission to access the sites it needs rather than all sites. Adding a new site requires new permissions and manual reactivation. I appreciate this is not a great user experience but the price you pay for better security. Given all the concern, I don't think this is the right choice and will ask permission to all sites next update so that this does not become an ongoing issue.

from piper.

Great, thanks @amarcu5. Is there a version history anywhere so we can see what's added with each update? Just out of curiosity.

from piper.

Ah, okay. Though I'm wondering why Safari didn't show that security warning on initial installament of the extension.

from piper.

@Fofer sure thing: https://github.com/amarcu5/PiPer/releases

@MentalGear downloading an extension from the gallery doesn't prompt for permissions although it probably should. Thanks, before making any changes I'll see if I can come up with a better solution - open to suggestions!

from piper.

This happened again and was a bit alarming to me. Maybe the better solution is to explain via the application or a prompt, or the description, what the additional permissions were and to reassure the user that nothing sketchy is going on.

I was just about to create a new issue for it, but then I saw this one.

from piper.