- From: Hallvord R M Steen <hallvors@gmail.com>
- Date: Tue, 20 Mar 2007 15:50:47 +0100
On 20/03/07, Gareth Hay <gazhay at gmail.com> wrote: > Anyway, for use case 1 - If you are worried about phishing attacks, > you should be using some sort of > onunload handler trapping to null window.opener. Yet you are arguing that it should be impossible to set window.opener. If you had your way that unload handler would simply throw an exception... I will not follow up this discussion further because it is not relevant for the proposed window.open extension. I still think it would be useful to allow a page to open a popup without a window.opener property to protect itself from malicious address modification. -- Hallvord R. M. Steen
Received on Tuesday, 20 March 2007 07:50:47 UTC