From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.3+) Gecko/20010826 BuildID: 2001082606 Mozilla used to recognize this parameter and not bring up popup windows on sites unless they were originating from the same site. Mozilla no longer adheres to this and will now pop-up windows not having the same origin as the content. Reproducible: Always Steps to Reproduce: 1.Browse a site 2.popup windows appear from ad.doubleclick.net or .x10.com Actual Results: popup windows created. Expected Results: No popup windows should be created.
WFM Windows NT build 2001082703 I do not get popup windows.
capabilities -> mstoltz I think, though I'll let Mitch confirm, that the "sameOrigin" refers to whose script issued the window.open() call and not to the URL that's loaded by that command. If that's the case then it'll "work" on some sites, and not on others where the window.open is directly on the page you're viewing.
Assignee: sgehani → mstoltz
Component: Preferences → Security: CAPS
jasonb: if you're not getting *any* popups then you couldn't have set the value to "sameOrigin" as in the bug report.
dveditz is correct, sameOrigin refers to the window calling window.open, not the URL of the window being opened. sameOrigin doesn't work the way you described and never did. We discussed doing it that way, but there are some good resons not to (popups can and often do come from the same site as the page). http://www.mozilla.org/projects/security/components/configPolicy.html describes exactly what configurable policies can do. If you want to block all popups, use noAccess instead of sameOrigin. For more selective blocking, I'm trying to get bug 92955 checked in soon.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → INVALID
Marking verified as per above developer comments.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.