Update configurable policies documentation

VERIFIED DUPLICATE of bug 81467

Status

()

VERIFIED DUPLICATE of bug 81467
18 years ago
18 years ago

People

(Reporter: jubal+mozillabugs, Assigned: jruderman)

Tracking

Trunk
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

18 years ago
Adding "allow some, deny all" logic for popupsites capability would really be
useful. I would like to trust only a few sites to display popups without
spamming my screen, while blocking all non-trusted sites.

This is the reverse of current capability.policy.popupsites.Window.open logic,
in which some evil sites can be blocked from executing popups, but all others
(including as-yet-unvisited evil popup sites) are let through.

In other words, this would be proactive rather than reactive behavior. If you
have "deny some, allow all" logic, and "deny all" logic, it'd make sense to add
"allow some, deny all" as well.

Thanks,

Jubal

Comment 1

18 years ago
Should have priority Enhancement request.
You can currently do this -- you can disable popups for all sites and then
enable popups for a select group of sites:

user_pref("capability.policy.default.windowinternal.open","noAccess");
user_pref("capability.policy.popupsites.windowinternal.open","_____");

where the blank needs to be filled in appropriately and popupsites needs to be
defined appropriately.

Over to security:caps in case Mitch has anything else to add.
Component: Security: General → Security: CAPS
Boris is correct, excpet the syntax has changed slightly: 
user_pref("capability.policy.default.Window.open","noAccess");
user_pref("capability.policy.popupsites.sites","<your site list>");
user_pref("capability.policy.popupsites.Window.open","allAccess");

Note that windowinternal.open has changed to Window.open.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → WORKSFORME
(Reporter)

Comment 4

18 years ago
Very cool, thanks for the clarification. This ought to make it into the
documentation as a scenario, for instance a paragraph describing the effects of
setting the popup preferences for the following scenarios:

1. "allow all, deny some"
2. "deny all, allow some"
3. "deny all"

Thanks,

Jubal
Please file a bug in Secutity:CAPS on endico@mozilla.org, add the relnote
keyword, and reference this bug.  We should relnote the syntax change anyway.

Then post the new bug number here.  :)
(Reporter)

Comment 6

18 years ago
created new bug requesting relnote stuff for capability.policy as per this bug.

Added endico@mozilla.org to cc: list for that bug.

http://bugzilla.mozilla.org/show_bug.cgi?id=86260
Reopening to track needed documentation changes.
Status: RESOLVED → UNCONFIRMED
Resolution: WORKSFORME → ---
->Jesse
Assignee: mstoltz → jesse
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Add "allow some, deny all" logic for popupsites capability → Update configurable policies documentation
(Assignee)

Comment 9

18 years ago

*** This bug has been marked as a duplicate of 81467 ***
Status: NEW → RESOLVED
Last Resolved: 18 years ago18 years ago
Resolution: --- → DUPLICATE

Comment 10

18 years ago
Marking VERIFIED DUPLICATE.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.