On Tue, Feb 18, 2014 at 1:12 PM, Hallvord R. M. Steen <hst...@mozilla.com> wrote: > So, the story so far is that the spec has added something it labels > "semi-trusted events" - that is an event triggered from a trusted event of a > whitelisted type. The precedence here is popup blocking - browsers already > have rules for which events are "more trusted than others" in terms of likely > expressing user intent. (An example makes this clearer: scripts are typically > allowed to call window.open() from a click event listener, but are typically > not allowed to call window.open() from an load or mouseover listener.)
Those rules are part of a standard these days: http://www.whatwg.org/specs/web-apps/current-work/#allowed-to-show-a-popup You might want to file a bug to extend the list of trusted event types there. -- http://annevankesteren.nl/