That is interesting. What were the support requests, how to remove the confirm step, or what to do if you denied it but didn’t mean to? Or something else?
Most desktop-browsers have in the name of security made it exceptionally hard to accidentally launch external programs through this mechanism.
We’re talking software engineering phd can’t complete it without hand-holding hard (true story!)
So normal users definitely don’t understand nor manage to navigate the dialogs presented by the browser to produce a “successful” outcome.
In the past we used this mechanism to “automatically” provide configuration-data a desktop component, so that it could call back to our application. And our users just didn’t manage to configure it.
In the name of security, browsers made one path so hard to use, without considering what people would then develop instead.
I have to call BS on this. Are you claiming that users can't complete a single prompt of "[Your browser] needs to open an external application to follow this link. (Decline) (Launch Application)"? That seems really unlikely. I've done enough user testing to, at least anecdotally, say with some certainty that this is not true.
It’s a two-dialog process (allow website to use external protocol & what external program should be used for this protocol), with intentionally confusing wording making it easy to choose the wrong choice (disallow) if you don’t read thoroughly.
Unless you already know what to do it’s fairly unintuitive.
Most users don’t even know the difference between a single click and a double click.
Expecting them to even know what an external protocol is, or why it should be launched at all is completely unreasonable.
We’re talking software engineering phd can’t complete it without hand-holding hard (true story!)
So normal users definitely don’t understand nor manage to navigate the dialogs presented by the browser to produce a “successful” outcome.
In the past we used this mechanism to “automatically” provide configuration-data a desktop component, so that it could call back to our application. And our users just didn’t manage to configure it.
In the name of security, browsers made one path so hard to use, without considering what people would then develop instead.
And here we are now. Oops!