Open Bug 202226 Opened 22 years ago Updated 3 years ago

Adding rule exceptions for allowing popup windows for frames and redirecting URLs

Categories

(Core :: XUL, enhancement)

Product:
Core
Component:
XUL
Platform:
x86
Windows XP
Type:
enhancement

Tracking

()

People

(Reporter: nrlz, Unassigned)

References

(
URL
)

Details

Attachments

(1 obsolete file)

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.3) Gecko/20030312 Adding rule exceptions for allowing popup windows can be difficult. The dialog window for "manage popup permissions"/"popup exceptions", only helps if you know the URL that the popup is originating from. If the popup window is originating from inside a frame or a redirecting URL, the user has no chance to catch the URL in order to enter it into the popup exceptions box. For example, the CNET (www.cnet.com) video window is shown on a popup window. But the popup window is launched in a peculiar way. It launches by directing the browser to another webpage which has a popup window attached to the document.onload() tag. Then the browser is redirected back to the originating webpage. Since that popup is loaded by document.onload(), it won't show. Since the redirected page is only shown for 1 second, there is no way for me to read the URL in time to add it to the popup exceptions page. (Adding the URL of the popup window will not work if it is on a different domain to the site which issued the window.open.) The same analogy can apply to a frame or iframe from a different domain. Reproducible: Always Steps to Reproduce: Expected Results: I propose an enhancement which caches a list of previous attempts to open popup windows. This list should be presented on the "manage popup permissions"/"popup exceptions" dialog box so that users can pick the domains to add. This cache only needs to persist until the session is over or within say the last hour.
Summary: Adding rule exceptions for allowing popup windows can be difficult → Adding rule exceptions for allowing popup windows for frames and redirecting URLs
question: what URL does clicking on the "supressed popup" icon in the status give you ? - if it is the correct one, does this not solve your problem ? - if it is not the correct one, which url does it give ?
Answer: The "supressed popup" icon in the status doesn't show because I am redirected away immediately from the page which issued the window.open command. From my observation, once I am redirected to a new page, the suppress icon disappears. This is hard to phrase. Say for example: 1. I visit [http://news.com.com] 2. I click on the link [http://news.com.com/redir?destUrl=http://news.cnet.com/video] 3. My browser opens [http://news.cnet.com/video/] 4. Webpage tries to open a popup window /* gets cancelled by Mozilla */ 5. Popup icon appears in status bar /* it doesn't really but it should */ 6. I am immediately redirected back to [http://news.com.com] by javascript or meta tag 7. Popup icon disappears. For the split second at stages 3 to 6, I cannot capture the webpage I just visited. The popup icon doesn't persist long enough for me to click.
Attached file test file 2 - opens a popup (obsolete) —
Comment on attachment 120794 [details] test file 2 - opens a popup Ignore. Attachment doesn't work.
Attachment #120794 - Attachment is obsolete: true
Okay I tried to create a test file but it doesn't work because I need access to two different domains. The test was suppose to show that the "popup windows icon" on the status bar will disappear when the browser visits a page of another domain.
given the steps in comment 3 , I have now been able able to reproduce this. The way I see it: * the supresss icon appears correctly when the window it being opened. However, since the page is afterwards redirected then the icon is removed again before the user has a change to act on it. I my case I was looking for it and saw the icon blink, but normal users may not even notice it. Since I have found no dupe, I'm confirming this bug
Status: UNCONFIRMED → NEW
Ever confirmed: true
*** Bug 206846 has been marked as a duplicate of this bug. ***
*** Bug 225569 has been marked as a duplicate of this bug. ***
*** Bug 193337 has been marked as a duplicate of this bug. ***
*** Bug 221778 has been marked as a duplicate of this bug. ***
some web pages open a popup window and then redirects the main window to a new site, for example http://www.telia.se/visaMMS the blocked poup at the URL above is a site login window.
URL: http://www.telia.se/visaMMS
Flags: blocking-aviary1.0PR?
*** Bug 242190 has been marked as a duplicate of this bug. ***
*** Bug 248338 has been marked as a duplicate of this bug. ***
Is there any fix in sight here? Would any fix have l10n impact for ffox 1.0?
danm, what say you?
Assignee: jag → danm.moz
think we would just need to show existing ui.... no patch so we will have to try and get this for 1.0
Flags: blocking-aviary1.0PR?
Flags: blocking-aviary1.0PR-
Flags: blocking-aviary1.0?
I have run into a similar issue using Gecko/20040913 Firefox/0.10. We have a PeopleSoft Enterprise Portal that displays most content within 3 frames. The top frame is a header, the left frame is an Enterprise Menu and the right frame contains the content, we will call this last frame the content frame. The content frame usually shows pages from different servers. The HTML for usually looks like this: <frameset border="0" frameborder="no" framespacing="0" rows="100,*"> <frame name="UniversalHeader" title="Portal Header" scrolling="no" frameborder="no" noresize src="https://server1.com/1.html"> <frameset id="SubFrame" border="0" frameborder="no" framespacing="0" cols="195,*"> <frame name="NAV" title="Menu Navigation" frameborder="no" scrolling="auto" noresize src="https://server1.com/2.html"> <frame name="TargetContent" title="Main Content" scrolling="auto" frameborder="no" noresize src="https://server2.com/3.html"> </frameset> </frameset> Now if the content frame tries to pop-up a window, Firefox blocks it. However, if I want to allow the pop-up from the content frame and click on the pop-up option bar, Firefox will all the servername.domain for _server1_ in the above example instead of correctly adding the servername.domain name for _server2_ which issued the pop-up. This has thrown many of our corporate users a curve ball. One suggestion might be to allow *.domain to the pop-up exception list. This way admins could add their corporate domain name to the exceptions list and have all pop-ups for the corporate intranet be allowed. As it is now, we have to add, server1.company.com, server2.company.com, server3.company.com, server3.company.com, etc. With a few hundred servers and tens of them serving web applications, it is not the most efficient method. Thanks for making the best browser available on _all_ platforms and bringing fresh life to the web. Best, James Drabb JR Senior Programmer Darden Restaurants Business Systems JDrabb at Darden dot com
comment 17: >This has thrown many of our corporate users a curve ball. One suggestion might >be to allow *.domain to the pop-up exception list. The *.domain is implied. If x.y is allowed, then all subdomains are also allowed.
let's try and get this one for 1.0
Flags: blocking-aviary1.0? → blocking-aviary1.0+
Flags: blocking-aviary1.0+ → blocking-aviary1.0-
*** Bug 284990 has been marked as a duplicate of this bug. ***
Assignee: danm.moz → nobody
bc suggested that this is likely the cause of the disappearing blocked popup status bar icon when visiting http://cnn.com currently using todays trunk and 1.8 branch builds.
QA Contact: jrgmorrison → xptoolkit.widgets

Mass-removing myself from cc; search for 12b9dfe4-ece3-40dc-8d23-60e179f64ac1 or any reasonable part thereof, to mass-delete these notifications (and sorry!)

Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: