One for the security guys? Or maybe a DOM0 preference setting?
Already implemented, although we aren't planning to have a UI for the preferences anytime soon. Look at http://www.mozilla.org/projects/security/components/configPolicy.html in particular the use of "window.open".
A place pref("security.policy.strict.window.open", "noAccess"); to stop pop-up windows is http://bolohead.mcom.com/ncryptsvr.htm
Reopening. This does not appear to be working.
Reassign to mstoltz.
Assigning QA to czhang
Nice feature, but not the sort of thing to be adding at this point in the cycle. Marking 'Future.'
Need to test configurable security on window.open, etc.
Reassigning to jtaylor. John, if you haven't yet, could you please write some testcases for configurable policies? Try setting default and site-specific policies on key properties such as window.open and make sure they're enforced. If everything checks out alright, you can close this bug.
Adding URL with testcases. First two (window.open and window.close) work, yet second two do not. Mitch, do you think a new bug is needed, or just keep this open?
Changing summary. apparently setting some properties to noAccess doesn't work. Looking into it.
There seems to be a problem with the windowinternal.close policy. If you do: w=window.open("http://www.yahoo.com"); Then the security manager won't let you do a w.close() because the global variable w is seen as belonging to yahoo.com, and the same origin check fails. I'm not sure how to deal with this. We could allow cross-domain access to globals; this is the historic behavior.
Changing description. window.close needs a special security policy (if window.opener != self, put up a confirming dialog before closing window, otherwise allow). Probably not crucial for shipping, but I'd like a second opinion. What do the DOM folks think about this?
Marking Future as this is an annoyance only, not a privacy or security problem.
Mass changing QA to ckritzer.
*** This bug has been marked as a duplicate of 62168 ***
Verified DUPLICATE on: MacOS90 2001-02-13-04-Mtrunk LinRH62 2001-02-13-06-Mtrunk MOZILLA Win98SE 2001-02-13-06-Mtrunk