OnClick="windows.location..." Fails After IE 6 Security Update OnW/ME?
Aug 20, 2005
I have been using this trick for some time on a home page. The idea is
to verify the user's browser has Javascript enabled before allowing the
user to access a logon page. The NoJavascript.html page has instructions
for turning on Javascript.
<a href="/NoJavascript.html"
onclick="window.location='/Logon'return false;">Logon </a>
A Windows/ME PC using IE 6 now consistently goes to the
NoJavaScript.html page when the button is clicked even though Javascript
is enabled.
This has been working for several months and continues to work with IE 6
on Windows/XP and other browsers such as Firefox, Opera, etc.
I think the problem is related to the W/ME PC installing the IE 6
Cumulative security Update SP1 (KB896727). Has anyone else encountered a
similar problem and found a solution?
View 4 Replies
ADVERTISEMENT
Jul 23, 2005
As most Javascript coders probably know by now, IE on Windows XP SP2 likes
to prevent our code from running right away (the user is asked to give
permission the first time). Although I can see the danger in allowing all
scripts to run, the fact that IE makes it sound like we are going to install
some huge, horrible application when we are simply adding rollovers or
client-side validation or some other simple little thing really frustrates
me. Specifically what stuff does IE block? Does it check for certain methods
in the script? Does it block everything until you say it's OK? What can
places do to allow their scripts to be run without the need to be validated
by the user? I have heard about "Signed Scripts", but I feel that it would
be hard to modify and develop when a script had to be "Signed" every time.
Any comments?
View 2 Replies
View Related
Aug 5, 2011
Code:
<a name="loc"></a>
<a href="#loc" onClick="document.location.href='#loc'
document.location.reload(false);return false">Click here to go to your location</a>
When you click onto the link you should go to the page location marked by the anchor tag "loc", however, upon clicking you go to the top of the page and never redirected to the exact spot where your anchor tag is located. Why is that? I'm using IE6 (per requirement) as my platform.
View 9 Replies
View Related
Sep 4, 2011
I have a website that when built has the additional directory /joomla after the domain name. That is no longer required. I am trying to get rid of it when people visit the site as it makes some pages not work Heaps of search engines have the url including the /joomla.I thought if I could detect for the string /joomla then remove it and then force the page to go to the new location I would be safe, and it should handle any trailing page info as well.I thought it would be easy Below is my sad attempt:
HTML Code:
<html>
<head>
[code]....
View 2 Replies
View Related
Apr 6, 2010
I have been a happy lurker for some time now, soaking in the abundant knowledge that i have found here. But now I am at my wits end trying to find the solution to what is probably a novice’s oversight.I have a menu that animated with jquery. One of the link I have added js call a function that asks for a quick password then opens new page. Some reason it only seems to refresh the page. Here's the code involved.the js
function password(){
var password;
var pass1="cool";
[code]....
View 8 Replies
View Related
Aug 21, 2011
I have a JS HTML editor (not a WYSIWYG) that I downloaded and it works fine, except that any input with quotes causes it to break. I need the quotes for things like HTML and CSS classes etc.If I have quotes inside the onClick, it fails completely with an Object expected error. If the quotes are escaped with a , I get an "unterminated string constant" error, with this showing where a button should be
Code:
','
','body')">
[code]....
View 6 Replies
View Related
Dec 5, 2009
I am trying to update the .onclick event after its been clicked once. Everything works fine in my script except updating the .onclick event. I have searched the web and found that I should do the following:
div.onclick = function(params);
or
div.onclick = new function(){updatedStatement};
I have tested both of these steps in IE and FF with no luck. Here is my code:
function movePhrase(OPT,MENU,ID,DIR,LEVEL){
if(DIR == "up"){
var num = OPT - 1;
}else{
var num = OPT + 1;
} .....
function newOnClcik(opt,menu,id,level,dir){
var string = "movePhrase("+opt+","+menu+","+id+",'"+dir+"',"+level+")";
return string;
}
Below is an example or the div code I am trying to update:
<div id="downImage1">
<img id="down1" src="images/downArrow.JPG" onmouseover="this.src='images/downArrowPressed.JPG'" onclick="movePhrase(1,20,331,'down',1)" onmouseout="this.src='images/downArrow.JPG'" width="40" height="40" />
</div>
View 5 Replies
View Related
Feb 7, 2009
I am a new Javascript user and have a question i cant seem to get my teacher to explain to me (darn online classes). My problem is i am being instructed to [URL].. to the body of my file to create a link to another file. The instructions say i cant add an html a tag for the link and I'm not really sure how to make this work without it. Here is what I have so far....(note there are a bunch of other things i need to accomplish in this and i think i probably just dont have things in the right order and I'm not sure where the onclick tag needs to sit within the javascript sections)..
[Code]...
View 2 Replies
View Related
Jul 20, 2006
I am creating a send to a friend link on my site. The link will open a pop up window, which contains a form.
I have a function that opens the centered pop up window, and it is called like so (the function declaration resides in an external script):
Code:
onClick="newWindow('http://www.mysite.com/send.php','',âÆ',ò“','')"
I now need to append the current page's URL to the end of the URL ike so:
onClick="newWindow('http://www.mysite.com/send.php?page=xxx','',âÆ',ò“','')"
This is sso that I can then use PHP in the pop up toget the variable from the query string.
I know that I can use location.href to get the current page url, but am not sure how I would include it in the onClick.
I have tried the following:
onClick="newWindow('http://www.mysite.com/send.php?page=location.href','',âÆ',ò“','')"
but that doenst work...
Has anybody got any ideas?
View 3 Replies
View Related
May 28, 2007
I have the following code that I use to set the onclick function to top.location.href, but I need a way to extract the existing location.href from the onclick function, so then I can re-purpose it in the new onclick function. Any help would be greatly appreciated.
<script type="text/javascript">
var links = new Array();
links = document.getElementsByTagName("td");
for(var i=0;i<links.length;i++){
var tempfunc = links[i].onclick;
//*****EXTRACT THE URL***** NEED THIS PIECE //
var url = "http://www.sitepoint.com"; //say this is the url you extracted
links[i].onclick=function(){window.top.location.href=url};
}
</script>
View 7 Replies
View Related
May 2, 2010
I run a carousel plugin which has initializing variables on my index page, which looks like:
Now what i need is an onclick event which tells the script to update the variable 'start' to '500' and then re-run the script without a complete page reloading....
View 1 Replies
View Related
Apr 6, 2010
below is clickunder code , but it open under windows when visitor click everywhere on the pagei need it be speacial for links , whenever visitor click on speacial link , it opens windows
<SCRIPT LANGUAGE="Javascript">
function PopShow3() {
CookieTest=navigator.cookieEnabled; if(CookieTest)
[code]....
View 5 Replies
View Related
Jul 23, 2005
I have a parent window that pushes a new window object onto an Array
with the following code :
OpenChild()
{
//totalNumWindowsCreated is global
totalNumWindowsCreated = totalNumWindowsCreated + 1;
childWnds.push(window.open(link, "child" +
totalNumWindowsCreated,"dependent"));
..
..
..
}
This pops up a new window with every call. In the child window I call
a parent function onbeforeunload, appClose() :
function appClose(){
if (window.opener && !window.opener.closed){
window.opener.CloseChild(getQueryString("application"));
}}
This is in my frameset tag of the child code :
<frameset ... onbeforeUnload='appClose()'>
The window.opener.CloseChild() function is called perfectly when I have
one child window open, but as soon as I create another child window
both of the open child windows don't ever call it. They do both go
into the onbeforeunload appClose() function, but do not call the
window.opener.CloseChild() function inside of this routine.
Anyone have any ideas why when I have two child windows open I can't
access the window.opener functions?
I have tried taking each new window out of the array and used the
following code in CloseChild() :
CloseChild()
{
//win and totalNumWindowsCreated are both global
totalNumWindowsCreated = totalNumWindowsCreated + 1;
var win = window.open(link, "child" +
totalNumWindowsCreated,"dependent");
..
..
..
}
View 1 Replies
View Related
Sep 1, 2005
According to a financial website I tried to access without javascript:
"the site uses JS for security reasons."
How would using JS improve security?
View 15 Replies
View Related
Jan 30, 2006
I have an application which runs with secure access. User logs in,
uses the services, and logs out. After logging out, if the user click
the back button, it actually takes them to that page. How can I
prevent this?
Is there a way, that if the person clicks the back button or access a
browser history, how can I make sure that the latest page is displayed
instead of just the cache. Or, clicking the back/history should
refresh that page.
View 8 Replies
View Related
Jul 23, 2005
I have a intranet site that allows users to log in and get excel
reports. The user clicks the name of the report and it opens it from a
folder for that user. Easy enough. The problem is that the path of the
folder for that user is displayed in the Status Bar when it is being
downloaded. I've discovered that users are grabing that path, changing
the folder name, and can then access other folders. I don't want that
to happen.
View 1 Replies
View Related
Jul 20, 2005
I was wondering if using Javascript to redirect a user, on the client
side, to different pages depending on what they entered was insecure.
I do not want the user to be able to view the source of the page. I
am having the user enter in some input using the input dialog box and
then using a window.location redirection based on their input. Is it
possible to view the source of a page after the input box has closed
but before the new page has loaded, ie. while the browser is
requesting the new page?
View 2 Replies
View Related
Oct 14, 2009
I'm working on an html form that will be launched from within another application, but every time it launches the form none of the JS coding works because of the stupid IE security. If I launch the form from outside the application I just have to select "allow blocked content" from that stupid information bar that says "to help protect your security IE has restricted the webpage from running scripts...."
I added the application site to our trusted sites and basically turned off security for that zone but it still doesn't work. Obviously there is a way to run JS without allowing the content, but I don't do enough coding to know how that is done.I need the JS to run automatically without that information bar appearing at all.
View 4 Replies
View Related
Aug 28, 2007
If my Ajax is set up like
html <--->ajax(js)<--->server(php)
it would be easy for someone to copy the html and javascript pages to their site and then access my server pages. I don't suppose it matters much if someone did that as long as the php page had proper validation but is it possible to block someone linking to my server pages like that.
View 4 Replies
View Related
Sep 1, 2005
Is there a way to test for security settings in a users browser AND
their firewall. Lets say someone is using zonealarm. Is there a way
to test for their setting in zonealarm, so I can then redirect them to
a specific page.
The reason I am asking is that I have a flash front page. A user
cannot see the page because he has his security settings set so that he
does not see activex controls. I want to be able to test for those
settings then redirect him to a static page.
View 11 Replies
View Related
Sep 7, 2005
It's a security setting "Access Data Sources across domains" you've
got lowered security for whatever zone you accessed the page in.
View 3 Replies
View Related
Aug 27, 2006
I am looking for the official javascript security specification for web
browsers. EMCAScript and DOM spec does not seem to contain a section on
security, so I assume none exists and the security policies are
implemented as the vendor pleases. If so, do security specs for IE and
Mozilla exist?
View 1 Replies
View Related
Oct 5, 2007
I am writing a script that uses xmlhttp.open, when i attempt to open a protected page I get the login prompt for my htpasswd. Is it possible to detect if there is a login requirement before the login prompt and if there is a login just do something else? I can use xmlhttp.status and check for 200 but if I do this then it would happen after the login prompt.
View 1 Replies
View Related
Sep 8, 2009
I have a webpage in which my users complete a form in order to get through to page 2. I cannot use PHP to check as it must be on-the-fly checking.My idea was like the following:
<script type="text/javascript">
function check(x)
{[code]...
And for the images to actually be PHP files that check further details of the user and insert details to DB. Then when the user clicks the next button it will check to see if all 4 users have loaded under that users details.However, I would much prefer it if I could use more PHP as I'm a Javascript n00b. Preferably I would like to use PHP to create unique keys for the images so that once I have obfuscated the javascript code the user will not figure out how to cheat the system even if they manage to reverse engineer the code.
E.g.
<?php
$pic = "picture.jpg";
?>[code]...
Or is this not at all possible?
Edit: I know how much simpler that first script could have been, was just trying to simplify from my double as messy full script which will probably confuse you even more!!!
View 4 Replies
View Related
Apr 28, 2005
Some may remember a security flaw in Firefox 1.0.1. It basically goes like this: HTML Code:
<a href="[TRUSTED_URL]">
<table><tr><td>
<a href="[MALICIOUS_URL]">download
</a>
</td></tr></table>
</a>
and with it the developer can trick users into going to or downloading files different from what the user expects.
I recently discovered that you can spoof the status bar in any Javascript enabled browser by the following method, and I'd like to know:Is it a real security flaw?If not, how is it less dangerous than the above method?If so, do I get bragging rights for discovering it, or is it already known? Code:
View 2 Replies
View Related
Oct 29, 2007
I pass values from a child window to a parent window as in this code. Is this secure, and if not how can I pass this data securely?
<script langauge="javascript"> function post_value(){
opener.document.editform.ownerid.value = document.lookupform.ownerid.value;
opener.document.editform.petowner.value = document.lookupform.oname.value;
opener.document.editform.ostreet.value = document.lookupform.ostreet.value;
self.close();
}
</script>
View 2 Replies
View Related
