I learned from bug 116503 comment 6 that var win = window.open(); win.fullScreen = true; will open a new window and put it in fullscreen mode. That scripts are able to do that when the user hasn't explicitly allowed it to, I consider a bug.

i mentioned the same concern in my original suggestion of this feature in <a href="http://bugzilla.mozilla.org/show_bug.cgi?id=127366">bug 127366</a>. maybe the default 'right' for a script should be to open fullscreen windows onClick/MouseDown/MouseUp, only, not onLoad etc.

... this bugzilla thingy is smart ... ;-)

I agree with Jonas on general principle. More importantly, Mitch has in the past expressed security concerns over scripts being able to resize the window such that the titlebar is offscreen, which is precisely what full screen mode does (bug 127444). Finally there is bug 126720 (no lock icon in fullscreen mode). I feel that until these major security issues are resolved fullscreen mode should be noAccess by default. Once they _are_ resolved, it may be OK sense to make it sameOrigin or allAccess.

IE allows scripts to open full-screen windows, and advertisers abuse it all the time in order to make their pop-ups harder to close. I've never seen a site use the IE feature with any intent other than to make it more difficult for the user to leave. (Mozilla at least keeps the minimize/restore/close buttons visible, so it's not as bad as IE in this regard.) What concerns me the most is that full-screen mode hides the Windows taskbar, allowing a web site to spoof the taskbar. Before window.fullScreen, the taskbar was one of the hardest areas of the screen to cover or spoof (bug 82130 comment 10), and that should be restored.

Why is it always about advertisiers? Scripting to full screen mode is good for many future real world applications using web browser technology. I do not really think this concerns any privacy issue just because one or two evil advertisiers uses it for their malicious purposes.

Nominating for nsbeta1.

I understand that the content opened in the main window shouldnt be allow to script itself to fullscreen; however, opening child windows in full screen should be allowed. It would be possible to put a preferences option much like 'dont open child windows', so that user can select that option banning child windows going full screen. In that case child windows wanting to open full screen can be showed as maximized titled windows.

The plan in bug 68136 which was where the feature was implemented was for content to have noAccess level access to the property. All that needs to be done is to replace the letters "all" with "no" in "allAccess" in http://lxr.mozilla.org/mozilla/source/modules/libpref/src/init/all.js#283

bora123@yahoo.com, if a person is using this in an application, then they should let users know to turn the feature on for web content. In other bugs you comment about fullscreen being used for presentations. In those cases one can _certainly_ set up a security policy that will allow a particular site or set of sites (the ones involved in the presentation) to put the window in fullscreen mode. The thought about only allowing full-screen mode for child windows is a decent one....

bzbarsky, could you review the patch, please?

The patch is fine, but hewitt, jst, and mstoltz should just make a call about what the right thing to do here is. _Then_ we can get to fixing this bug. All that said, has someone tested full screen mode on mac (run the js in question from the URL bar or something)? The current impl has been tested only on Windows, since there is only UI to start it on Windows. Hence on other platforms it may have issues...

Full Screen mode just plain doesn't work on Mac/Linux. It wouldn't be overly difficult to make it work, though. I am highly in favor of allowing scripts to put the window in full screen mode. In the interest of security, I think the best safeguard would be to present the user with a dialog saying that the web page wants to use full screen, with Yes/No and [] Remember next time.

Well... on linux right now it will hide all your chrome and super-maximize your window (it's actually bigger than maximized). So it's pretty darn close to working.... A "yes/no/remember next time" is fine as long as something like: while (!window.fullScreen) window.fullScreen = true; doesn't pop up dialogs in an infinite loop....

Read my lips - no new dialogs. Dialogs are CYA security, not real security, and they detract from the user experience. Rather than include a potentially unsafe mode and warn the user about it, let's make a safer full-screen mode, say, one that still displays a titlebar and lock icon - on all platforms and window managers. If that's too hard, then let's prevent scripts from invoking full-screen mode, which seriously lowers the bar on spoofing attacks. In fact, I'd like to check in this patch, at least until we've resolved the issue.

r=mstoltz

Another solution is to leave scripts being able to start full-screen mode on Windows (where the mode is presumably well-tested and such) and disable access in unix.js/macprefs.js....

Web pages can already get "Full screen mode but with a title bar and task bar": javascript:window.open("","","no"). If a site needs 16 more pixels, it can ask the user to press F11.

Mitch, I'm giving this to you since you seem to have ideas on this, if you don't want to do the legwork on this one hand it over to hewitt who implemented fullscreen mode in the first place.

Me and my big mouth :) If by "legwork" you mean checking in Jonas's patch, sure. Can you sr?

Comment on attachment 71318 [details] [diff] [review] you mean... like this? sr=jst

Comment on attachment 71318 [details] [diff] [review] you mean... like this? a=asa (on behalf of drivers) for checkin to the 1.0 trunk

According to bonsai, this was checked in at 2002-03-08 14:04. Marking FIXED. http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&subdir=mozilla/modules/libpref/src/init&command=DIFF_FRAMESET&file=all.js&rev1=3.341&rev2=3.342&root=/cvsroot

Marking VERIFIED FIXED.