Closed
Bug 295093
Opened 20 years ago
Closed 19 years ago
Showing a blocked popup allows window.open feature titlebar=no
Categories
(Core Graveyard :: Embedding: APIs, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla1.8beta3
People
(Reporter: jruderman, Assigned: jst)
Details
(5 keywords)
Attachments
(2 files, 1 obsolete file)
228 bytes,
text/html
|
Details | |
2.26 KB,
patch
|
dveditz
:
review+
brendan
:
superreview+
dveditz
:
approval-aviary1.0.5+
dveditz
:
approval-aviary1.1a2+
dveditz
:
approval1.7.9+
dveditz
:
approval1.8b3+
|
Details | Diff | Splinter Review |
Steps to reproduce:
1. Open testcase
2. Click pop-up blocked icon in the status bar.
3. Select "Show..."
Result: Get a large window with no titlebar that overlaps the taskbar
Expected: Get a normal pop-up window, as if I had clicked the button in the
testcase.
Reporter | ||
Comment 1•20 years ago
|
||
Demostrates the problem in Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8b2) Gecko/20050521 Firefox/1.0+
Reporter | ||
Comment 2•20 years ago
|
||
I thought I saw a (fixed?) bug about this before, but I can't find it.
Reporter | ||
Updated•20 years ago
|
Flags: blocking1.8b2?
Flags: blocking-aviary1.1?
Updated•20 years ago
|
Assignee: nobody → dveditz
Comment 3•20 years ago
|
||
Also a problem in 1.0.4
The closest seemed to be bug 235457. Probably not relevant are bug 244766 / bug
244965.
We recently (1.0.3) fixed bug 289204, about the popup *content* getting chrome
privs, not restrictions on the opening code. I wouldn't have thought that was
relevant, except that's when this regressed: 1.0.2 is correct, 1.0.3 and later
respect the titlebar=no :-(
Flags: blocking1.8b3+
Flags: blocking-aviary1.1?
Flags: blocking-aviary1.1+
Flags: blocking-aviary1.0.5+
Keywords: regression
Whiteboard: [sg:fix]
Comment 4•20 years ago
|
||
looks like we need to tackle this in b3
Flags: blocking1.8b2? → blocking1.8b2-
Updated•20 years ago
|
Whiteboard: [sg:fix] → [sg:fix] -need patch
Comment 5•19 years ago
|
||
jst: any idea what in your bug 289204 fix might have done to cause this?
Assignee: dveditz → jst
Assignee | ||
Comment 6•19 years ago
|
||
The code that was added to push the JS context of the callee onto the context
stack to prevent javascript: URLs the opened window from getting chrome privs
(intially added in bug 289204, moved to nsWindowWatcher in bug 296850) did the
right thing, but did it a bit too early. This makes us call
CalculateChromeFlags() *before* pushing the callee context onto the context
stack to prevent CalculateChromeFlags() from thinking we're *not* called from
chrome...
Attachment #186413 -
Flags: superreview?(brendan)
Attachment #186413 -
Flags: review?(dveditz)
Assignee | ||
Comment 7•19 years ago
|
||
Comment on attachment 186413 [details] [diff] [review]
Call CalculateChromeFlags() before we push the callee's JS context onto the context stack.
Oops, wrong diff.
Attachment #186413 -
Attachment is obsolete: true
Attachment #186413 -
Flags: superreview?(brendan)
Attachment #186413 -
Flags: review?(dveditz)
Assignee | ||
Comment 8•19 years ago
|
||
Right diff.
Attachment #186414 -
Flags: superreview?(brendan)
Attachment #186414 -
Flags: review?(dveditz)
Assignee | ||
Updated•19 years ago
|
Whiteboard: [sg:fix] -need patch → [sg:fix] -has patch
Comment 9•19 years ago
|
||
Comment on attachment 186414 [details] [diff] [review]
Call CalculateChromeFlags() before we push the callee's JS context onto the context stack.
r=dveditz
a=dveditz for trunk and branch
Attachment #186414 -
Flags: review?(dveditz)
Attachment #186414 -
Flags: review+
Attachment #186414 -
Flags: approval-aviary1.1a2+
Attachment #186414 -
Flags: approval-aviary1.0.5+
Assignee | ||
Comment 10•19 years ago
|
||
Moving this bug to core since it's an embedding code bug, not Firefox specific.
Component: Security → Embedding: APIs
Flags: review+
Product: Firefox → Core
Target Milestone: --- → mozilla1.8beta3
Version: unspecified → Trunk
Updated•19 years ago
|
Flags: blocking1.7.9+
Updated•19 years ago
|
Attachment #186414 -
Flags: review+
Attachment #186414 -
Flags: approval1.8b3+
Attachment #186414 -
Flags: approval1.7.9+
Updated•19 years ago
|
Whiteboard: [sg:fix] -has patch → [sg:fix] need landing
Comment 11•19 years ago
|
||
brendan: All we need is an sr= from you and we can get this checked in.
Comment 12•19 years ago
|
||
Comment on attachment 186414 [details] [diff] [review]
Call CalculateChromeFlags() before we push the callee's JS context onto the context stack.
sr=me, but comment why it needs to be early. Thanks,
/be
Attachment #186414 -
Flags: superreview?(brendan) → superreview+
Assignee | ||
Comment 13•19 years ago
|
||
Fix checked in on trunk and branches.
Status: NEW → RESOLVED
Closed: 19 years ago
Keywords: fixed-aviary1.0.5,
fixed1.7.9
Resolution: --- → FIXED
Comment 14•19 years ago
|
||
v.fixed on aviary with Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.9)
Gecko/20050622 Firefox/1.0.5
Comment 15•19 years ago
|
||
Adding distributors
Updated•19 years ago
|
Flags: testcase+
Updated•18 years ago
|
Flags: in-testsuite+ → in-testsuite?
Reporter | ||
Updated•11 years ago
|
Keywords: csec-spoof,
sec-low
Whiteboard: [sg:fix] need landing
Updated•6 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•