Talk:Feature Requests/@comment-5738167-20121129071549

One possible solution to unintentional actions caused by hitting an unexpected confirm button that pops up could be borrowed from the software industry’s approach with dealing with Security Dialog Race Condition Attacks. An example of how this would be implemented would be when a dialog box opens, the cancel button will be active, but the confirm button would be disabled and greyed out. After being displayed for about 2 or 3 seconds, the confirm button would then be enabled.

This solution could still impact chaining, but having an active cancel button could allow the closure of the dialog box quickly to hopefully prevent early chains from being broken. The delay for the confirm button would prevent unintentional actions. Yes the delay could be inconvenient when trying to purchase something, but it will not interfere with the play of the game. Ie.. there are no challenges where you need to buy a number of crystal items in 30 seconds. Googling on “Security Dialog Race Condition Attack” turns up some good information especially Ruderman’s blog which does a good job covering an example of how this kind of an attack is used and FireFox’s solution. It also helps illustrate how a simple delay can provide significant protection.