Page MenuHomePhabricator
Create Task
Maniphest T329796

OAuth 'Allow' dialog is mislabeled for some screenreader + browser combinations
Closed, ResolvedPublicBUG REPORT
Actions

Description

As of several months ago, a user of JAWS screen reader reports that the OAuth dialog 'Allow' button is being read instead as "cancel privacy policy", while it previously read 'Allow' as expected. The 'Cancel' button and the 'Privacy policy' link are handled correctly.

With JAWS, this does not happen in Firefox, only Chrome.

On iOS with its built-in screenreader, a very similar bug occurs: for both the 'Allow' and 'Cancel' buttons, the screen reader reads it as "allow cancel privacy policy".

Inspecting the HTML, it's not clear to me what exactly is triggering this bug, nor whether it's technically a bug with webkit or MediaWiki or with both the iOS and JAWS screen readers, but I'm guessing it has to do with how webkit handles the :after pseudoelement. However, it's a relatively new bug; the user noticed it several months ago, but can't remember a more specific onset than that. Previously, the OAuth dialog did not have this problem.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Fix accessibility in OAuth authorization dialogmediawiki/extensions/OAuthmaster+1 -1
Customize query in gerrit

Related Objects

Event Timeline

Ragesoss created this task.Feb 15 2023, 8:59 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 15 2023, 8:59 PM
Ragesoss added a project: Accessibility.Feb 15 2023, 8:59 PM
Tgr added a comment.Feb 15 2023, 10:44 PM

A side effect of T102973: OOUI-ify the OAuth authorization dialog, maybe?

Ragesoss added a comment.Feb 15 2023, 10:46 PM
In T329796#8620359, @Tgr wrote:

A side effect of T102973: OOUI-ify the OAuth authorization dialog, maybe?

The timing fits.

matmarex subscribed.Feb 15 2023, 11:00 PM

You can see the problem in the accessibility tools in Chrome developer tools – apparently the markup indicates that the entire message, including other buttons, is a label for each button.

image.png (2×3 px, 547 KB)

matmarex claimed this task.Feb 15 2023, 11:10 PM

We already have code to mitigate this problem, but it's not working due to a typo.

gerritbot added a comment.Feb 15 2023, 11:17 PM

Change 889649 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/OAuth@master] Fix accessibility in OAuth authorization dialog

https://gerrit.wikimedia.org/r/889649

gerritbot added a project: Patch-For-Review.Feb 15 2023, 11:17 PM
Ragesoss added a comment.Feb 15 2023, 11:22 PM
In T329796#8620406, @matmarex wrote:

You can see the problem in the accessibility tools in Chrome developer tools – apparently the markup indicates that the entire message, including other buttons, is a label for each button.

Thanks for the tip! I'll use this in the future.

Tgr closed this task as Resolved.Feb 16 2023, 12:14 AM

Thanks @matmarex!

gerritbot added a comment.Feb 16 2023, 12:21 AM

Change 889649 merged by jenkins-bot:

[mediawiki/extensions/OAuth@master] Fix accessibility in OAuth authorization dialog

https://gerrit.wikimedia.org/r/889649

Maintenance_bot removed a project: Patch-For-Review.Feb 16 2023, 12:30 AM
ReleaseTaggerBot added a project: MW-1.40-notes (1.40.0-wmf.24; 2023-02-20).Feb 16 2023, 1:00 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits