How to stop webpages from capturing keypress with Firefox CAPS policy?

Question

I am tired of websites blocking my CMD+c and CMD+v copy/paste. Especially when their JavaScript code allows CONTROL+c and CONTROL+v to pass by without being captured.

I want to use the new CAPS security policy of Firefox 4 to create a rule that gives "noAccess" to any site trying to capture `onkeypress from event handlers on any element, and stop them from reading the e.which.

Here is a snip of JavaScript code that prevents me from pasting a zipcode into a text area, because the site author wants "numbers only" in that field, so CMD+v (paste) is captured and dropped on the floor.

function numbersonly(myfield, e, dec) 
    var key, keychar;

    if (e) key = e.which;
    else return true;

    keychar = String.fromCharCode(key);
    // control keys
    if ((key==null) || (key==0) || (key==8) || 
        (key==9) || (key==13) || (key==27) )
        return true;

    else if ((("0123456789").indexOf(keychar) > -1))
        return true;

    else return false;
}

Then the HTML code will have:

<INPUT NAME="zipcode" onKeyPress="return numbersonly(this, event)">

How do I set a policy in Firefox4 that disables a sites ability to call this event handler function?

Using the "Control de Scripts" extension, I have tried adding the following "block" to the "default" policy that affects all sites, but none worked to allow me to use a Firefox metakey combination while focused in a text field that has this event handler listening:

HTMLInputElement.onKeyPress
Window.numbersonly
Window.onKeyPress
Window.onkeypress
event.preventDefault

Now we're up to Firefox 14 instead of 4. Has support for this kind of noAccess been made more available/usable to end Firefox users like me?

I'm looking for an answer on how to disallow keypress event capturing using CAPS, not hunting down each function name on each website and disabling functions one by one.

Answer 1

Why not redefine the function such that it does nothing. Open up mozilla's javascript console and just redefine the offending function.

numbersonly = function (a,b,c) {
  return true; 
}; 

Answer 2

If there is a function that is annoying you, just open a javascript console and redefine the function.
To open it on firefow press ctrl+shift+k

Answer 3

Simply by adding a line to your policy file:

// This line creates a new policy named "stopnums"
user_pref("capability.policy.policynames", "stopnums");
// Add the offending site to the stopnums policy
user_pref("capability.policy.stopnums.sites", "http://www.exemple.com");
// Set the stopnums policy to deny a site from accessing "numbersonly"
user_pref("capability.policy.stopnums.numbersonly", "noAccess");

You can find an overview here: https://developer.mozilla.org/en-US/docs/Mozilla/Preferences/A_brief_guide_to_Mozilla_preferences?redirectlocale=en-US&redirectslug=A_Brief_Guide_to_Mozilla_Preferences#modifying

And an complete explanation here: http://www.mozilla.org/projects/security/components/ConfigPolicy.html