Closed Bug 152167 Opened 22 years ago Closed 20 years ago
Mouse Over can always open unrequested windows
*** Bug 140934 has been marked as a duplicate of this bug. ***
*** Bug 150301 has been marked as a duplicate of this bug. ***
A UI pref could conceivably be put in, but it wouldn't be included in "Open Unrequested Windows," since that is underhanded usually, but requested nevertheless. This option, I believe, refers solely to onLoad and is meant to remain that way. Platform -> All OS -> All Severity -> enhancement -> NEW
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows XP → All
Hardware: PC → All
Summary: Open Unrequested Windows. Windows still triggered by onMouseOver → [RFE] Windows are always triggered by onMouseOver; a new UI pref needed
*** Bug 152848 has been marked as a duplicate of this bug. ***
This is a bug in how the "open unrequested windows" pref is implemented. There should be a whitelist of events that are allowed to open windows, not a blacklist of events that are not allowed to open windows.
Summary: [RFE] Windows are always triggered by onMouseOver; a new UI pref needed → onMouseOver can always open unrequested windows
*** Bug 152916 has been marked as a duplicate of this bug. ***
*** Bug 153512 has been marked as a duplicate of this bug. ***
*** Bug 153700 has been marked as a duplicate of this bug. ***
Thanks to Gavin Long who pointed me to the right link: http://www.mozilla.org/projects/security/components/ConfigPolicy.html I have following workaround active now: user_pref("capability.policy.policynames", "strict"); user_pref("capability.policy.strict.Window.open", "noAccess"); user_pref("capability.policy.strict.sites", "http://www.cracks.am http://www.annoying.site.com"); Have fun !
*** Bug 166190 has been marked as a duplicate of this bug. ***
--> Event Handling
Assignee: ben → joki
Component: Preferences → Event Handling
QA Contact: sairuh → rakeshmishra
*** Bug 176418 has been marked as a duplicate of this bug. ***
*** Bug 160652 has been marked as a duplicate of this bug. ***
This is also an issue with onClick="" events etc. in the <body> tag, which results in a new window opening whenever you click somewhere inside the window. I think Mozilla should only allow onClick="" events for window.open inside <a> or <input type=""> elements.
-> default owner
this time for real
Assignee: joki → saari
QA Contact: trix → rakeshmishra
There needs to be a GUI exposure for the mouseover. http://www.kuro5hin.org/comments/2002/11/24/225746/27/7#7 Comment ID #7 has a window.close in the onmouseover, #9 has an open new window. Close doesn't work, but the open new window does. Despite having most JS prefs (only change images is on) off. See also bug 24974
There was an article posted to cnet yesterday pertaining to this particular problem. http://news.com.com/2100-1023-978616.html
->samir If someone in the FE wants to to the whitelist and ui, go for it. IMO this is yet another example of how we can stick our finger in one annoying leak, and content authors will simply find 5 more ways to do annoying things.
Assignee: saari → sgehani
Saari: you're right, just fixing this bug wouldn't help much. This is really a dup of bug 159036 and I think it's only still open so bug filers can find it by searching for "mouseover".
*** Bug 210926 has been marked as a duplicate of this bug. ***
*** Bug 211346 has been marked as a duplicate of this bug. ***
please try out the mouseover on the following site. http://www.popup-blocker.info/testpage/test2.html also, i filed bug 223174 because i didn't search for *mouseover (is that even possible?), i just searched for "mouse-over" and "mouseover". so maybe you should add mouseover to the summary. 223174 is not a strict dupe though.
Just tried that link with Firebird 0.7. I found out that there are more options that Mozilla must look into for Mozilla and the Firebird component. The Element (onmouseover, onmouseleave), Navigation, and Non-Navigation (text boxes) tests all failed, so I believe Mozilla needs to look more into this issue. As for the Navigation tests, clicking "Detete" for the messages on Mail.com would normally access the pop-ups, but they were blocked successfully, so that page may not be 100% accurate. Still, it'd be a good thing to look into.
*** Bug 224708 has been marked as a duplicate of this bug. ***
*** Bug 225452 has been marked as a duplicate of this bug. ***
*** Bug 229723 has been marked as a duplicate of this bug. ***
"onMouseOver can always open unrequested windows" Just for the record, not if you install MultiZilla...
*** Bug 232190 has been marked as a duplicate of this bug. ***
danm fixed this in bug 197919.
(In reply to comment #34) > danm fixed this in bug 197919. He sure did. *** This bug has been marked as a duplicate of 197919 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Component: Event Handling → User events and focus handling
You need to log in before you can comment on or make changes to this bug.