This was intentional, as it was the only way I had available to fix a
serious security hole (bug 56009), at least without a very large code
change. Now that we've shipped NS6, I plan to go back and fix this in
such a way that we may be able to give access to openDialog again. I say
'may' because someone here suggested that openDialog should be for
system code only, and that Web code doesn't really need it. If you
disagree, please let me know and give some good descriptions of why. I
need to see if the benefit outweighs the risk.
-Mitch
Martin Honnen wrote:
> Trying to open a modal dialog with
> openDialog('url', 'windowName', 'modal=1')
> works for me with M18 on windows while a more recent build throws a
> security exeception with the following properties:
>
> code: 1000
> result: 5440488
> message: Security error
> name: NS_ERROR_DOM_SECURITY_ERR
>
> Is that intentionally or a bug?
> NN4 needed signed script to open a modal dialog but that always seemed
> unjustified to me. IE provides
> showModalDialog
> for unsigned scripts
