I added the text below to my defaults/pref/security-prefs.js file and
it did *nothing* to stop popups with Mozilla 0.9.3:
user_pref("capability.policy.default.window.open", "noAccess");
user_pref("capability.policy.default.window.moveTo", "noAccess");
user_pref("capability.policy.default.window.resizeTo", "noAccess");
user_pref("capability.policy.default.windowinternal.open", "noAccess");
user_pref("capability.policy.default.windowinternal.moveTo","noAccess");
user_pref("capability.policy.default.windowinternal.resizeTo", "noAccess");
user_pref("capability.policy.non_spammers.sites", "http://www.microsoft.com";);
user_pref("capability.policy.non_spammers.window.open", "allAccess");
user_pref("capability.policy.non_spammers.windowinternal.open", "allAccess");
user_pref("capability.policy.spammers.sites", "http://www.yahoo.com";);
user_pref("capability.policy.spammers.window.alert", "noAccess");
user_pref("capability.policy.spammers.window.confirm", "noAccess");
user_pref("capability.policy.spammers.window.prompt", "noAccess");
user_pref("capability.policy.spammers.windowinternal.alert", "noAccess");
user_pref("capability.policy.spammers.windowinternal.confirm", "noAccess");
user_pref("capability.policy.spammers.windowinternal.prompt", "noAccess");
This seems pretty simple to me so I figured v0.9.3 must either be broken
or the usage is still incompletely specified.
The 'http://www.wpi.edu/~dpotter/infinite.html' web site demonstrates the
problem most easily.
I have both 'window' and 'windowinternal' specified above because I cannot
discern from what I've read what is appropriate to use.
Can somebody once and for all explain how this really should work and explain
what you really need to do to make it work? Either that or just tell me that
v0.9.3 is simply broken on this.
