Re: window.open() and popup blockers from Bryan Sullivan on 2010-10-06 (public-device-apis@w3.org from October 2010)

From: Bryan Sullivan <blsaws@gmail.com>
Date: Wed, 06 Oct 2010 08:13:08 -0700
To: Rich Tibbett <richt@opera.com>, Anssi Kostiainen <anssi.kostiainen@nokia.com>
CC: ext Ilkka Oksanen <Ilkka.Oksanen@nokia.com>, W3C DAP <public-device-apis@w3.org>, "Hirsch Frederick (Nokia-CIC/Boston)" <Frederick.Hirsch@nokia.com>
Message-ID: <C8D1E014.555E%blsaws@gmail.com>

Richard,
As mentioned on today's call, how do we prevent that, by error or malicious
intent, several contacts picker dialogs are opened at once? Is requiring
that the contact picker dialog be modal a solution?

Thanks,
Bryan

On 10/4/10 3:57 AM, "Rich Tibbett" <richt@opera.com> wrote:

> Anssi Kostiainen wrote:
>> Hi,
>> 
>> On 29.9.2010, at 18.30, ext Ilkka Oksanen wrote:
>> 
>>> 29/09/2010 01:58, ext Rich Tibbett kirjoitti:
>>>> It's similar to window.open() and browser popup blockers. If
>>>> window.open() is called inline then the user is notified that the
>>>> popup was blocked. If window.open() is called via a user-initiated
>>>> click event, the popup is opened directly.
>>>> 
>>> Do you know if this window.open() behavior is specified somewhere? Or
>>> is it completely implementation specific?
>> 
>> Prior to HTML5 window.open() was part of DOM Level 0, i.e. something
>> implemented by Netscape back in the Dark Ages :)
>> 
>> The HTML5 spec seem to only say how to detect a blocked window [1]: "The
>> [open()] method must return the WindowProxy object of the browsing context
>> that was navigated, or null if no browsing context was navigated".
>> 
>> The spec does not seem to whitelist any user-initiated events or say anything
>> about script-initiated invocation. Mozilla whitelists change, click,
>> dblclick, mouseup, reset and submit events by default, these can be
>> configured via about:config>  dom.popup_allowed_events [2]. IE6 whitelists
>> click and focus, also user configurable to some extend [3]. Not sure about
>> the rest of the browsers. Is Opera's implementation similar to Mozilla's?
> 
> Opera's implementation is similar to Mozilla but not user configurable
> (AFAIK).
> 
>> 
>> Looks like this is implementation specific and cannot be relied on if left
>> unspecified. Any ideas how to route around this?
>> 
> 
> I have added a section to the Contacts API spec entitled 'API Invocation
> via DOM Events' + an example of its usage. It is included informatively
> and might be worth a read:
> 
> 
http://dev.w3.org/2009/dap/contacts/Overview.html#api-invocation-via-dom-event>
s
> 
>>> I think the proposal is applicable to the Capture API and its native
>>> audio/video recorder as well.
> 
> I believe it is.
> 
> - Rich
> 
>> 
>> -Anssi
>> 
>> [1] http://dev.w3.org/html5/spec/Overview.html#dom-open
>> [2] http://kb.mozillazine.org/Dom.popup_allowed_events
>> [3] http://msdn.microsoft.com/en-us/library/ms537632%28v=vs.85%29.aspx
>

Received on Wednesday, 6 October 2010 16:07:09 UTC