Is it possible to tweak Safari to ensure command key combinations like ⌘H or ⌘L go to Safari as opposed to Safari's window contents?
This comes up for me most often on this site because the editor window (like where I'm typing right now) captures these keystrokes to make headings and links, but in general, it seems like a security hole to allow sites to capture command keystrokes.
Please note that I'm looking for a way to do this without disabling JavaScript altogether.
For whatever it's worth, I'm running Mountain Lion.
Best Answer
The only surefire way to avoid having JavaScript trap keyboard input is to disable JavaScript in the browser.
I understand you'd like to leave JavaScript on, but it is designed to pass near total control of raw key presses to the browser and not to the app once the OS hands it input data. This means you would need a specific code solution for each implementation of keyboard filtering on potentially each individual page/site to ensure arbitrary key chords like Command H get sent to Safari instead of JavaScript.
See these links for an overview of how key presses are handled:
The last link is a tester to show you the raw events and you will see that even a brief ⌘Q can be trapped by JavaScript if the website developer wishes to do so.