This bug is separate from bug 68136 wich is about the USER fullscreen mode. I think Mozilla should allow the javascript property to open a new window in fullscreen mode like IE does [Ex: window.open('page.html','','fullscreen') ] Some people asked for it too but their comments got lost in the "user- fullscreen (bug 68136) or kiosk mode (bug 3341). See my comment : bug 68136 Comment #240 for a list. First bug report 4 me, sorry if I made mistakes .. Please correct them.

Browser, not engine. Reassigning to DOM Level 0 for consideration -

This cannot be implemented before we have a working fullscreen mode, so marking dependent on bug 68136. (I hope this never gets implemented, though.)

IMHO Mozilla should allow the javascript property to open a new window in fullscreen only when user explicitly allow it -> 'Open fullscreen window' should be added in Preferences | Advanced | Scripts & Window.

Why bother? Hardly any users will ever do that.

*** Bug 127366 has been marked as a duplicate of this bug. ***

in bug #127366 (duplicate), boris suggested using var win = window.open(); win.fullScreen = true; yes that works in mozilla but not in other browsers (tested ie 5.0 & opera6). ie uses window.open('http://www.yahoo.com','yah00','fullscreen=yes') opera doesn't recognize any of the 2 attempts, although it has a fullscreen mode, too.

Anti-Boris'-suggestion bug 127405 filed.

var win = window.open('http://www.yahoo.com','yah00','fullscreen=yes') win.fullScreen = true; then. :) And I agree with Jonas on this one, btw....

var win = window.open('http://www.yahoo.com','yah00','fullscreen=yes') win.fullScreen = true; you could do it that way - ie miraculously doesn't complain about the 2nd line ;-). i didn't realize you could do it that way before. but i think people will try the 1st line, this is the way to do it they are used to. and will complain that mozilla doesn't support opening new windows fullscreen. (just as i did yesterday ;-)). since displaying a browser window fullscreen is no longer a proprietary feature (opera,mozilla,ie all do it), IMHO there also should be ONE unified way to access it. make opening windows fullscreen available onClick. disable it onLoad.

> since displaying a browser window fullscreen is no longer a proprietary feature > (opera,mozilla,ie all do it) Displaying a browser window fullscreen is just a feature. Allowing the webpage to put a window in fullscreen mode is certanly a proprietary extension of the DOM. And Opera does *not* allow the webpage to make the window go fullscreen - you said so yourself in comment 6.

Is window.fullScreen supposed to be a read-write property of the window? It currently returns false even when in full screen mode. I believe it would be useful to have the property. If Mozilla is going to support scripts setting full screen mode, it would make much more sense to me to use the currently known IE technique in window.open. Setting window.fullScreen could also be supported in Mozilla, but I'd recommend security constraints be used to allow only bookmarklets and chrome to set fullscreen mode on existing windows. I can't think of any reason that I'd ever want scripts to change my existing windows.

jonas, maybe that was a misunderstanding. opera (since version 4, i think) lets you yourself put a window in fullscreen mode by pressing F11. i don't know if it's possible for a script to do that in opera. i tested both ways we discussed here, none worked. maybe opera software has found a 3rd way to do so. plus: even if it's not in the w3c specs, fullscreen mode is something the main browsers now offer. that's standard enough for me to have a common way of accessing it.

WONTFIX. A web page must not be allowed to activate full screen automatically. This would be acceptable only in an internal environment (for presentations and such), in which case you can set window.fullScreen to allAccess manually.

Oh Nooooo! Moz0.9.9 was perfect and you're now removing this feature ! Why didn't you just block it "onload" as someone said (Bug 12740 Comment#1)? Also Bug12740 Comment#5 is right, I never saw that even on porn sites, I always saw a cross to close it, even once it was a big red winXp-style close button. So do not remove a designer tool because of some advertiser abuse. But overall, if IE allow that, why not MOz. I don't mean "do like IE" but people can see this as a feature less and not as a protection. This is an argument against making compatible web page (remember NS has now a really bad reputation among site builders with compatibility). Well, I wasn't mentionning it as I think you wont like it, but I DO NOT WANT THE FULLSCREEN FEATURE, I don't really care about, it can be cool but I won't spend time to convince you for it. BUT, fullscreen allows a trick known as "chromeless window". See http://webfx.eae.net/dhtml/splashwin/splashwin.html (He found the trick) See www.microbians.com He did the famous "chromeless window" lots of people use it and as they use it they don't care about NS6/moz. And now, here are my scripts that i just released : - Upic : http://udhtml.free.fr/scripts/Upic/UpicDemo.htm (IE5+ / Moz0.9.9) > After Moz0.9.9 release I spent hours and manage to make it work (well, drag still need a fix). - Upop : http://udhtml.free.fr/scripts/Upop/Upop.htm (IE5+) > Not released yet, not compatible yet. Speaking about usability, there are the same fonctionnalities, close-minimise- maximise and that's a nice (no?). I also plan to make a skinnable Upop and have other ideas ... BUT NOTE THERE WILL ALWAYS BE A CROSS TO CLOSE. Why blocking that creativity ?? Why avoiding to free webdesigners from the OS chrome (keeping the functionnilities of course). Do not remove this freedom because of advertisers. I saw three chromeless ads, they all had a cross, yes ADVERTISER USE CROSS ! Hard to believe ? Well no more talking sorry for this long post (hope you understood my english). Please please consider wisely what I said, this is important if my scripts spread over the net. Just block the onload it will be perfect!

Nicolas, > Just block the onload it will be perfect! It won't. It would be possible to create a fullscreen window onclick with no close button. I'm not saying most people would do it, I'm just saying it would be possible. Allowing a web page to open a window covering the entire screen is totally unacceptable, since it would effectively be a Denial Of Service attack for normal users (most normal users don't know about Ctrl+W, or any other key combination for that matter). > But overall, if IE allow that, why not MOz. I don't mean "do like IE" but > people can see this as a feature less and not as a protection. Perhaps. But the same can be said about, say, a security hole which allows pages to make the browser execute an application automatically. A standard (unpatched) installation of IE 6 has that "feature". Moz doesn't. But it can be considered a useful feature in some scenarios. Would you like us to implement that feature as well? > Please please consider wisely what I said I have considered it. And I do see your points. But the security concern is too important. Sorry, but marking VERIFIED WONTFIX.

*** Bug 265097 has been marked as a duplicate of this bug. ***

*** Bug 272241 has been marked as a duplicate of this bug. ***

Please also see the former discutions in his bug and "my" bug 272241 about using fullscreen windows. Bug 272241 has be marked duplicate of this one. I do not think that there is a real security issue about webdesigners using automatic opening of fullscreen windows. At worse, some sites abuse of this function, and this is unpleasant. But this does not threatens the computer or the data. Anyway there was enough discution on the possible solutions to avoid this, such as forbidding onload window.open but allowing onclick window.open So there is nothing serious enough to forbid artistic sites or multimedia sites which have plenty of legitimate reasons to use fullscreen. See for example on my site at http://www.shedrupling.org/art/lotr/revelfic.php?lang=en at the bottom of the page (use internet explorer...) You will note that this image has much more poetical effect alone on the screen than surrounded with task bars and other computer gears. We cannot censor a major part of the net simply to avoid some advertisers to abuse. Should we forbid cars simply because some drive drunk? I feel somewhat deceipted: Firefox was announced as a better alternative to Internet explorer, but it is even not so good, and when we ask for just standard features to be correctly implemented, we just get WONTFIX! And when I tried to reopen the bug, I could not. So I can only consider that the discution is closed, that the demands of artists and multimedia peoples are rejected, and that Firefox is not a standard compliant browser, but just another of the troublesome variations that webdesigners have to bear to try to make pages which work for everybody. So I switch back to IE, and I bet that many users will do the same when they will see that sites do not appear corectly. I am sorry to reply so severely, but INTERNET IS FOR EVERYBODY, not just for computer geeks or Bush-style security mongers. I shall continue this discution on my personnal site at http://www.shedrupling.org/resource/base.php?lang=en&topic1=ordis.htm&topic2=barre.htm&topic3=winlinux.htm#winlinux

The reply of the webdesigners is here http://www.likpa.com (look at the list of story links)

> But overall, if IE allow that, why not MOz. >fullscreen allows a trick known as "chromeless window" > I do not think that there is a real security issue about webdesigners using > automatic opening of fullscreen windows. Nicolas and Richard, you should read carefully Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 5: Enhanced Browsing Security Internet Explorer Window Restrictions in particular the areas where security issues, fooling tricks, deceiving users, obscure important info, spoof, kiosk mode etc.. are explained in details. "When creating a window, the definition of the fullscreen=yes specification is changed to mean “show the window as maximized,” which will keep the title bar, address bar, and status bar visible." http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx#ECAA also: "window.open() with fullscreen=yes will now result in a maximized window, not a kiosk mode window." taken from http://msdn.microsoft.com/security/productinfo/xpsp2/default.aspx?pull=/library/en-us/dnwxp/html/xpsp2web.asp#xpsp_topic5 From Fine-Tune Your Web Site for Windows XP Service Pack 2 I've added other/additional reasons in bug 195867.

With Internet Explorer and Norton Internet Security, we achieve a security level comparable or better than with Firefox 1.0 without defacing sites. For instance this site http://www.abdel-inn.com/ has a pop-up window and a nasty image coming on what you are reading. With IE+ Norton, both disappear without loss of useful content. So I think that before taking dogmatic point of view and reforming the net and throwing half of the page to the trash bin, the "community" of Firefox developpers should take some inspiration about what the professionnals do. Otherwise, it will be for Firefox as it was with Linux: presented as an easy and fair running alternative to the complicated and unreliable Windows, it turned in facts to be much more complicated and bad working. When I tried Mandrake 8 it was just a heap of scrap in which nothing worked properly past displaying beautiful windows, and I could do only text processing (even not diagrams). If Linux had really be super better than Windows as it claimed to be, it would have taken most of the market today. But in reality it stagnates in the few per cent, because people who tried it did not adopted it. The same will happen with Firefox, unless you do a real better Firefox 2.0, heeding at the user's needs and not just relooking Netscape, and adressing security issues without impeding the correct working, as Norton does with IE. Otherwise it is just losing time to work with you, and the gross result of the open source adventure will just be to force Microsoft to better his products. Pitty.

Aside from the merits (or NOT) of being unable to open a 'kiosk-mode' window, there is still an error! As I confirmed on a new install of firefox last night at home, the fullscreen command neither filled the screen nor gave scrollbars (as you might expect if it's going to make the window smaller) untill I pressed F11. This meant that the content was chopped off. Annoyingly, screen size detection script may detect that the screen was large enough, hence go for fullscreen rather than a window with scrollbars enabled but the firefox error renders the script useless. This would be no good to most users - IE does NOT do this under SP2, it simply adds title and status bars but opens the window fullscreen. By the way if you increase the text size (VIEW > TEXT SIZE > INCREASE) it doesn't seem to remember when you next open the browser. Haven't filed another bug but maybe someone else can if they've got time. Cheers.

*** Bug 260098 has been marked as a duplicate of this bug. ***

*** Bug 132384 has been marked as a duplicate of this bug. ***

I think the reply of Phillip Oertel is perfect: "since displaying a browser window fullscreen is no longer a proprietary feature (opera,mozilla,ie all do it), IMHO there also should be ONE unified way to access it. make opening windows fullscreen available onClick. disable it onLoad" Alas, due to the irrationality of certain software companies, only the W3C can really impose an unified way to do things. The W3C did a great job recently with the CSS style sheets, but Javascript is still forgotten. There is however virtually no page without Javascript. Anyway "onClick window.open" IS UNIFIED, only Firefox don't do it. Jonas, don't you think you exagerate when you say "Allowing a web page to open a window covering the entire screen is totally unacceptable, since it would effectively be a Denial Of Service attack" There are plenty of legitimate reasons to do this, artistic, media content, size, etc. Would not be destroying all this content another kind of attack? But you are getting true when this practice does not left a mean to close this window (cross, "close this window" link, etc). Only abusive advertisers or porn sites open in full screen without lefting the user the freedom to close their nasty windows. But, you know, porn people and abusive advertisers do not really care about our freedom... this is the reason why fullscreen must be available only with onClick, not onload. What I regret is that important decisions like this full screen issue are not really discussed, but imposed by only a few people. I found other important bugs in Firefox, but in such conditions I do not feel it will be useful if I tell them. Richard Trigaux