Closed
Bug 560767
Opened 14 years ago
Closed 11 years ago
Don't allow navigation/redirection in onbeforeunload
Categories
(Core :: DOM: Core & HTML, enhancement)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
DUPLICATE
of bug 956524
People
(Reporter: jruderman, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: sec-want, Whiteboard: [sg:want?])
Attachments
(2 files)
We should probably not allow onbeforeunload to navigate to another page. If we can prevent navigation entirely while the onbeforeunload dialog is up, that would be even better. Split from bug 559598. See also bug 391834, which seeks to disallow alert/prompt/confirm from onbeforeunload.
![]() |
||
Comment 1•14 years ago
|
||
Note that we do this for onunload... but onbeforeunload happens _very_ early. Why shouldn't it allow navigation, exactly?
Reporter | ||
Comment 2•14 years ago
|
||
It would be strange and difficult to allow navigation but not allow alerts, for one thing. (What if the navigated-to page wants to toss up an alert?) Delaying the navigation until after the dialog goes away is fine.
![]() |
||
Comment 3•14 years ago
|
||
What "the dialog"? onbeforeunload doesn't have to pose a dialog, does it?
Reporter | ||
Comment 4•14 years ago
|
||
Oh. Hmmmmm. Does it make sense to disallow navigation while the dialog is up, even if the load was initiated before the onbeforeunload event handler returned?
not a problem for... node.setAttribute("onbeforeunload","location='http://google.com';"); But problem when node.setAttribute("onbeforeunload","location='http://google.com'; return 1");
Reporter | ||
Updated•14 years ago
|
Whiteboard: [sg:want?]
Reporter | ||
Updated•13 years ago
|
Summary: Don't allow redirects in onbeforeunload → Don't allow navigation/redirection in onbeforeunload
Reporter | ||
Comment 7•13 years ago
|
||
This testcase combines several eviltraps bugs to make itself very difficult to close. It is reduced from a popup ad I encountered.
Reporter | ||
Comment 9•12 years ago
|
||
From bug 578828 comment 51. Hosted at https://jorisvanderwel.com/test204.html
![]() |
||
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Comment 13•11 years ago
|
||
Boris, that bug is private – is this still necessary resp. how long will it stay so?
Flags: needinfo?(bzbarsky)
Assignee | ||
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•