Letterboxing bypass through secondary tab (popup/popunder...)
We should apply letterboxing to about:blank (we currently do not) because any web page can read the DOM of a new window/tab it creates. And even if we do, current letterboxing implementation seems to have a race condition allowing the opener to bypass letterboxing.