Closed
Bug 86081
Opened 24 years ago
Closed 24 years ago
Update configurable policies documentation
Categories
(Core :: Security: CAPS, defect)
Tracking
()
People
(Reporter: jubal+mozillabugs, Assigned: jruderman)
Details
Adding "allow some, deny all" logic for popupsites capability would really be
useful. I would like to trust only a few sites to display popups without
spamming my screen, while blocking all non-trusted sites.
This is the reverse of current capability.policy.popupsites.Window.open logic,
in which some evil sites can be blocked from executing popups, but all others
(including as-yet-unvisited evil popup sites) are let through.
In other words, this would be proactive rather than reactive behavior. If you
have "deny some, allow all" logic, and "deny all" logic, it'd make sense to add
"allow some, deny all" as well.
Thanks,
Jubal
|
||
Comment 1•24 years ago
|
||
Should have priority Enhancement request.
|
||
Comment 2•24 years ago
|
||
You can currently do this -- you can disable popups for all sites and then
enable popups for a select group of sites:
user_pref("capability.policy.default.windowinternal.open","noAccess");
user_pref("capability.policy.popupsites.windowinternal.open","_____");
where the blank needs to be filled in appropriately and popupsites needs to be
defined appropriately.
Over to security:caps in case Mitch has anything else to add.
Component: Security: General → Security: CAPS
|
||
Comment 3•24 years ago
|
||
Boris is correct, excpet the syntax has changed slightly:
user_pref("capability.policy.default.Window.open","noAccess");
user_pref("capability.policy.popupsites.sites","<your site list>");
user_pref("capability.policy.popupsites.Window.open","allAccess");
Note that windowinternal.open has changed to Window.open.
Status: UNCONFIRMED → RESOLVED
Closed: 24 years ago
Resolution: --- → WORKSFORME
|
Reporter | |
Comment 4•24 years ago
|
||
Very cool, thanks for the clarification. This ought to make it into the
documentation as a scenario, for instance a paragraph describing the effects of
setting the popup preferences for the following scenarios:
1. "allow all, deny some"
2. "deny all, allow some"
3. "deny all"
Thanks,
Jubal
|
|
||
Comment 5•24 years ago
|
||
Please file a bug in Secutity:CAPS on endico@mozilla.org, add the relnote
keyword, and reference this bug. We should relnote the syntax change anyway.
Then post the new bug number here. :)
|
|
Reporter | |
Comment 6•24 years ago
|
||
created new bug requesting relnote stuff for capability.policy as per this bug.
Added endico@mozilla.org to cc: list for that bug.
http://bugzilla.mozilla.org/show_bug.cgi?id=86260
|
|
||
Comment 7•24 years ago
|
||
Reopening to track needed documentation changes.
Status: RESOLVED → UNCONFIRMED
Resolution: WORKSFORME → ---
|
|
||
Comment 8•24 years ago
|
||
->Jesse
Assignee: mstoltz → jesse
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Add "allow some, deny all" logic for popupsites capability → Update configurable policies documentation
|
Assignee | |
Comment 9•24 years ago
|
||
*** This bug has been marked as a duplicate of 81467 ***
Status: NEW → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•