Fixing bug 343772. Make our popup blocking code check if the top window's location is whitelisted when checking if a popup is blocked. r=dveditz@cruzio.com, sr=bzbarsky@mit.edu

2024-11-26 14:22:01 +00:00 · 2006-07-29 16:59:20 +00:00 · 2006-07-29 16:59:20 +00:00 · 76ed999a5a
commit 76ed999a5a
parent 79716117c3
2 changed files with 21 additions and 3 deletions
--- a/browser/base/content/browser.js
+++ b/browser/base/content/browser.js
@ -450,6 +450,11 @@ const gPopupBlockerObserver = {
    //          we should really walk the pageReport and create a list of "allow for <host>"
    //          menuitems for the common subset of hosts present in the report, this will
    //          make us frame-safe.
+    //
+    // XXXjst - Note that when this is fixed to work with multi-framed sites,
+    //          also back out the fix for bug 343772 where
+    //          nsGlobalWindow::CheckOpenAllow() was changed to also
+    //          check if the top window's location is whitelisted.
    var uri = gBrowser.selectedBrowser.webNavigation.currentURI;
    var blockedPopupAllowSite = document.getElementById("blockedPopupAllowSite");
    try {
--- a/dom/src/base/nsGlobalWindow.cpp
+++ b/dom/src/base/nsGlobalWindow.cpp
@ -4179,9 +4179,22 @@ nsGlobalWindow::CheckOpenAllow(PopupControlState aAbuseLevel)
  if (aAbuseLevel >= openAbused) {
    allowWindow = allowNot;

-    // However it might still not be blocked.
-    if (aAbuseLevel == openAbused && !IsPopupBlocked(mDocument)) {
-      allowWindow = allowWhitelisted;
+    // However it might still not be blocked. For now we use both our
+    // location and the top window's location when determining whether
+    // a popup open request is whitelisted or not. This isn't ideal
+    // when dealing with iframe/frame documents, but it'll do for
+    // now. Getting the iframe/frame case right would require some
+    // changes to the frontend's handling of popup events etc.
+    if (aAbuseLevel == openAbused) {
+      nsCOMPtr<nsIDOMWindow> topWindow;
+      GetTop(getter_AddRefs(topWindow));
+
+      nsCOMPtr<nsPIDOMWindow> topPIWin(do_QueryInterface(topWindow));
+
+      if (topPIWin && (!IsPopupBlocked(topPIWin->GetExtantDocument()) ||
+                       !IsPopupBlocked(mDocument))) {
+        allowWindow = allowWhitelisted;
+      }
    }
  }