Asynchronous Popups are Sometimes Permitted

[jonathansampson]

Did you search for similar issues before submitting this one?

Yes.

Describe the issue you encountered:

Asynchronous popups should be blocked, but are sometimes permitted. The issue appears to be one of timing.

The behavior can be observed by navigating here, and quickly clicking the document a few times.

Expected behavior:

Asynchronous popups are blocked.

• Platform (Win7, 8, 10? macOS? Linux distro?): Windows 10
• Brave Version: 0.12.1
• Steps to reproduce:
  1. Trigger a call to window.open from setTimeout
  2. Note that some calls will result in a new window, while others will not
• Any related issues: Potentially, a few.

[bridiver]

the "user gesture" status of these popups is sometimes interfered with by a setInterval call in one of the content scripts. I can reproduce the same behavior on chrome by adding a setInterval call on the page. The interval is used instead of mutation observers which were causing performance issues in various benchmarks, but there are alternatives for all of them:

1. flash listener placeholder - we can get notifications of flash objects added to the dom from ContentSettingsClient::allowPlugins
2. flash adobe installer notification - I think we can use a redirect to a javascript data uri or possibly a custom protocol handler to trigger the same notification
3. password manager - move to electron as planned
   We can also reduce the problem by increasing the interval time