"Browser Setup" text caused some unneeded uncertainty ... but then I tried Chrome

[Andrew Godfrey]

Here's some more "user testimonial" - I don't need help, but this may be of interest in case many other users will follow the path I did.

Regarding the "Understanding SQRL" screenshot below: I ignored this when first setting up SQRL, because I found FireFox "just worked". But in the back of my mind was a "hmm, it told me I need to set up FireFox, I didn't, so if I hit a problem it could be that".

Well I investigated today, and now I can see that this site (link) is just for testing the integration. I didn't need to worry so much!
I think for me, FireFox integration worked first time. Perhaps "Test Browser Integration" would be a better title for this dialog than "Understanding SQRL"?

Now... to try to understand what's going on here, I tried it in Chrome. I don't use Chrome on this machine but I wanted to understand.
I... see. In Chrome, it pops up a permissions dialog (about opening sqrl: links in the associated app).
And THEN... SQRL popped up anyway. WHAT is Chrome thinking here? Chrome is asking for permission but then going ahead and doing it anyway? Even worse I can't access the permission dialog while the SQRL popup is there. I've included a screenshot of that (further) below.

 

[PHolder]

Odds are that SQRL was already running (in the background.) When it is, the Javascript on the site is talking to the SQRL client on port 25519, behind your back as it were, so it causes the SQRL client to pop up before Chrome even has the chance to get involved with the SQRL:// URL. You could test this (if you haven't already associated SQRL with Chrome in that dialog) by closing SQRL first and then clicking the link.

 

[Andrew Godfrey]

You could test this (if you haven't already associated SQRL with Chrome in that dialog) by closing SQRL first and then clicking the link.

Yes, that test works. With SQRL closed, I only get Chrome's permission dialog, not SQRL's login popup.

 

[alt3rn1ty]

@Andrew Godfrey - If you are using Chome, and have associated SQRL with Chrome, another way of reproducing the Chrome dialogue is if you Clear Browsing Data ..

.. See this topic https://sqrl.grc.com/threads/open-sqrl-the-inter-ogin-solution.260/

Or, use Chromes Incognito mode all the time (I think Firefox has something similar these days, In Private Mode?, or is that Edge?)


@Steve has acknowledged something needs to be done about it, recognizing that Chrome has the biggest market share among browsers these days.

More recently Microsoft is going to be basing Edge on Chrome in future, so it will (by default) become an even more popular browser code base.

Clear Browsing Data is something I do once a week, or maybe two sometimes, depends where I have been.
Each time afterwards I get the same dialogue pops up again next time I use SQRL.

Clear browsing data is also these days a lot easier to access in Chrome. It used to be buried in settings, where you then had to expand the advanced settings, and then go further in to Content settings to find Clear Browsing Data ..

These days Google have made the function a lot easier to access by including it in the browsers main menu, and a hotkey ..

​

.. There are other variations of Chromium too which have an Auto Clear Browsing Data setting, which triggers when you close the browser. So there will be users of those variations of Chromium who will be bugged by this pop up every day.

Any variation of Chrome can be run in full Incognito mode, which saves nothing about your sessions history / cache / settings etc to disk, which will also cause repeated occurrences of the dialogue.

I use Chromium

There's UnGoogled Chromium

Comodo's Chromodo / Dragon was one such variation which has Auto Clear Browsing Data setting

I think SRWare Iron does too

And then there are the variations which have more of a genuine Privacy focused agenda such as ..

Epic Privacy Browser

Brave

And then there's Opera, and Vivaldi

And the developer orientated variety Blisk

Colibri is a bit strange, doesn't have any Tabs

.. and there are many others too, the Russian Yandex Browser, Chinese CentBrowser, Japanese Sleipnir, Slimjet, UCBrowser, Avast Secure Browser, Samsung Internet Browser, Torch Browser, 360 Browser, Amazon silk, Coc Coc, Falkon, Xvast, Polarity, TheWorld Chrome, Naver Whale, Kinza, Iridium, Tungsten, Ghost Browser, Superbird, Lulumi, Chedot, Orbitum ..

And probably quite a few others I dont know of, and a few I know I have forgotten but I think are now among the dead chromium based projects.


The point of this post is, the incident count of this issue I think is going to be a lot higher than is currently anticipated, if the issue cant be solved.
Though its not really a big issue, it will just annoy people.