Window.close and Explorer 7 problem!

Discussion in 'Javascript' started by Jan Tovgaard, Nov 20, 2006.

  1. Jan Tovgaard

    Jan Tovgaard Guest

    Hey everyone:)

    We have a critical problem, which I can see that other people also has ran
    into.
    In Internet Explorer 7 it is no longer possible to do a window.close after
    opening a window,
    without getting a alert message that ask if u want to close the window.
    This did NOT happen in Internet Explorer 6, Mozilla firefox or other
    browsers.

    Here is the code:

    <SCRIPT type="text/javascript">

    WindowName="";
    var left, top;
    left = (window.screen.availWidth - 400)/2;
    top = (window.screen.availheight - 250)/2;
    settings=
    "toolbar=no,location=no,directories=no,"+
    "status=no,menubar=no,scrollbars=no,"+
    "resizable=no, top="+top+", left="+left+", height=250,width=400";

    window.open('login.asp?p=ja&<%=Request.Querystring%>',WindowName,settings);

    window.opener=self;
    window.close();

    </SCRIPT>


    I have searched for days about this problem and have found the following.

    http://www.codeproject.com/useritems/Immediate_Close__new_try_.asp

    Can anyone get this example to work in IE 7 final?

    Does anyone know another way to solve this problem with a hack;)...?
    In firefox there is a config file called user.js, where u can set
    "allow_scripts_to_close_windows". Is there a file like this in IE 7 or
    explorer?

    We need to remove the toolbar, like above, with the window.open,
    without getting this alert message..

    if u can help solve this, i would call u the best programmer in the world;)

    sincerly
    Jan
     
    Jan Tovgaard, Nov 20, 2006
    #1
    1. Advertising

  2. Jan Tovgaard

    Randy Webb Guest

    Jan Tovgaard said the following on 11/20/2006 9:45 AM:
    > Hey everyone:)
    >
    > We have a critical problem, which I can see that other people also has ran
    > into.


    "critical problem"?

    > In Internet Explorer 7 it is no longer possible to do a window.close after
    > opening a window,


    Sure it is.

    > without getting a alert message that ask if u want to close the window.


    Yes I can.

    > This did NOT happen in Internet Explorer 6, Mozilla firefox or other
    > browsers.


    I am not sure I believe that claim.

    > Here is the code:
    >
    > <SCRIPT type="text/javascript">
    >
    > WindowName="";
    > var left, top;
    > left = (window.screen.availWidth - 400)/2;
    > top = (window.screen.availheight - 250)/2;
    > settings=
    > "toolbar=no,location=no,directories=no,"+
    > "status=no,menubar=no,scrollbars=no,"+
    > "resizable=no, top="+top+", left="+left+", height=250,width=400";
    >
    > window.open('login.asp?p=ja&<%=Request.Querystring%>',WindowName,settings);


    window.open('','_parent','');
    window.close();

    > window.opener=self;
    > window.close();
    >
    > </SCRIPT>
    >
    >
    > I have searched for days about this problem and have found the following.
    >
    > http://www.codeproject.com/useritems/Immediate_Close__new_try_.asp


    That's a VB solution with a button to click.

    > Can anyone get this example to work in IE 7 final?


    When IE7 Final comes out maybe. As for now, yes I can.

    > Does anyone know another way to solve this problem with a hack;)...?


    Yes.

    > In firefox there is a config file called user.js, where u can set
    > "allow_scripts_to_close_windows". Is there a file like this in IE 7 or
    > explorer?


    No.

    > We need to remove the toolbar, like above, with the window.open,
    > without getting this alert message..


    Nah, you don't "need" to, you "want" to. Huge difference.

    > if u can help solve this, i would call u the best programmer in the world;)


    Don't call me the best programmer in the world, call me the best JS
    hacker in the world that can spell properly.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 20, 2006
    #2
    1. Advertising

  3. Jan Tovgaard

    spamgrabs Guest

    Jan,

    It may help to see the context that the script is in. It looks like
    maybe IE thinks you are trying to close the only open window, and as
    far as I know, it won't let you do that without a warning (in any
    version).

    If you have a link to an example I may be able to better determine the
    problem.
     
    spamgrabs, Nov 20, 2006
    #3
  4. Jan Tovgaard

    Randy Webb Guest

    spamgrabs said the following on 11/20/2006 4:25 PM:
    > Jan,
    >
    > It may help to see the context that the script is in.


    No it won't.

    > It looks like maybe IE thinks you are trying to close the only open
    > window, and as far as I know, it won't let you do that without a
    > warning (in any version).


    It makes no difference if it is "the only open window" or tab. It's
    irrelevant. And, yes, I can close IE (any IE4+ version) without a prompt.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 21, 2006
    #4
  5. Randy Webb wrote:
    > spamgrabs said the following on 11/20/2006 4:25 PM:
    >> Jan,
    >>
    >> It may help to see the context that the script is in.

    >
    > No it won't.
    >
    >> It looks like maybe IE thinks you are trying to close the only open
    >> window, and as far as I know, it won't let you do that without a
    >> warning (in any version).

    >
    > It makes no difference if it is "the only open window" or tab. It's
    > irrelevant. And, yes, I can close IE (any IE4+ version) without a prompt.
    >


    What's the big deal with a script closing a window it did *not* open?

    Is it more the stopping of an annoyance that the prevention of
    maliciousness?

    I do a fair bit of work for clients who run their pages on a more or
    less secure/trusted server and it's getting painful trying to explain
    why something that was "safe" only six months ago can't be done today
    (on the latest version browsers.)

    Andrew Poulos
     
    Andrew Poulos, Nov 21, 2006
    #5
  6. Jan Tovgaard

    Randy Webb Guest

    Andrew Poulos said the following on 11/20/2006 7:59 PM:
    > Randy Webb wrote:
    >> spamgrabs said the following on 11/20/2006 4:25 PM:
    >>> Jan,
    >>>
    >>> It may help to see the context that the script is in.

    >>
    >> No it won't.
    >>
    >>> It looks like maybe IE thinks you are trying to close the only open
    >>> window, and as far as I know, it won't let you do that without a
    >>> warning (in any version).

    >>
    >> It makes no difference if it is "the only open window" or tab. It's
    >> irrelevant. And, yes, I can close IE (any IE4+ version) without a prompt.
    >>

    >
    > What's the big deal with a script closing a window it did *not* open?


    Two things:

    1) It allows a web author to control what toolbars/etc are on the window
    instead of it being the users choice.

    2) It allows a potentially malicious site to try to imitate a desktop app.

    > Is it more the stopping of an annoyance that the prevention of
    > maliciousness?


    Both.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 21, 2006
    #6
  7. Jan Tovgaard

    Jan Tovgaard Guest

    >
    >> We need to remove the toolbar, like above, with the window.open,
    >> without getting this alert message..

    >
    > Nah, you don't "need" to, you "want" to. Huge difference.



    well i must :) So these 2 linies of code u send will not remove the toolbar
    and
    thats what we need...

    so this will unfortunately not solve my problem.:(
     
    Jan Tovgaard, Nov 21, 2006
    #7
  8. Randy Webb wrote:

    >>
    >> What's the big deal with a script closing a window it did *not* open?

    >
    > Two things:
    >
    > 1) It allows a web author to control what toolbars/etc are on the window
    > instead of it being the users choice.


    I don't follow. How does a script that can close a window control
    toolbars? In IE you can close a window by pressing Alt+F4, the x button
    on the title bar, clicking the icon on the title bar and selecting
    close. The web author can't prevent me from closing a window I want
    closed (and with a popup blocker there's nothing the web author can do
    about it.)

    > 2) It allows a potentially malicious site to try to imitate a desktop app.


    Again I don't follow. How can a script that closes a window be malicious?

    I'm not trying to be stubborn but I can't see how a script that can
    close pages, that came from the same domain as it, be bad.

    Andrew Poulos
     
    Andrew Poulos, Nov 21, 2006
    #8
  9. Jan Tovgaard

    Randy Webb Guest

    Jan Tovgaard said the following on 11/21/2006 2:16 AM:
    >>> We need to remove the toolbar, like above, with the window.open,
    >>> without getting this alert message..

    >> Nah, you don't "need" to, you "want" to. Huge difference.

    >
    >
    > well i must :) So these 2 linies of code u send will not remove the toolbar
    > and thats what we need...


    I didn't say it would. It closes the active window/tab in IE7 though.
    Which *is* what you asked.

    > so this will unfortunately not solve my problem.:(


    That's true. The problem is you feel a need to try to remove my toolbars
    without my consent.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 21, 2006
    #9
  10. Randy Webb wrote:
    > Andrew Poulos said the following on 11/20/2006 7:59 PM:

    <snip>
    >> What's the big deal with a script closing a window it did

    > *not* open?
    >
    > Two things:
    >
    > 1) It allows a web author to control what toolbars/etc are on
    > the window instead of it being the users choice.
    >
    > 2) It allows a potentially malicious site to try to imitate
    > a desktop app.

    <snip>

    3) It destroys the user's recent browsing history (their ability to go
    back to where they have been using the back button).

    That history is data that belongs to the user and no web site should be
    allowed to destroy it (much as they should not be allowed to wipe data
    stored on the clipboard).

    Richard.
     
    Richard Cornford, Nov 21, 2006
    #10
  11. Richard Cornford wrote:
    > Randy Webb wrote:
    >> Andrew Poulos said the following on 11/20/2006 7:59 PM:

    > <snip>
    >>> What's the big deal with a script closing a window it did

    >> *not* open?
    >>
    >> Two things:
    >>
    >> 1) It allows a web author to control what toolbars/etc are on
    >> the window instead of it being the users choice.
    >>
    >> 2) It allows a potentially malicious site to try to imitate
    >> a desktop app.

    > <snip>
    >
    > 3) It destroys the user's recent browsing history (their ability to go
    > back to where they have been using the back button).
    >
    > That history is data that belongs to the user and no web site should be
    > allowed to destroy it (much as they should not be allowed to wipe data
    > stored on the clipboard).


    Don't people who use, say, Firefox set it so that it deletes all private
    data on exit - so a browsing history is not that important (at least to
    them)?

    Can you give me a realistically example of malicious (not annoying) way
    a web author could use the ability to close a window using javascript
    (that was not opened using javascript)?

    Andrew Poulos
     
    Andrew Poulos, Nov 21, 2006
    #11
  12. Andrew Poulos wrote:
    > Richard Cornford wrote:

    <snip>
    > > 3) It destroys the user's recent browsing history (their ability to go
    > > back to where they have been using the back button).
    > >
    > > That history is data that belongs to the user and no web site should be
    > > allowed to destroy it (much as they should not be allowed to wipe data
    > > stored on the clipboard).

    >
    > Don't people who use, say, Firefox set it so that it deletes all private
    > data on exit - so a browsing history is not that important (at least to
    > them)?


    What if they do? If a script closes the window the user did not, it is
    the user who should be deciding at which point their data is destroyed.

    > Can you give me a realistically example of malicious (not annoying) way
    > a web author could use the ability to close a window using javascript
    > (that was not opened using javascript)?


    What qualifies as malicious? Destroying other people's property sounds
    pretty malicious to me.

    Richard.
     
    Richard Cornford, Nov 21, 2006
    #12
  13. Jan Tovgaard

    Randy Webb Guest

    Andrew Poulos said the following on 11/21/2006 3:28 AM:
    > Randy Webb wrote:
    >
    >>>
    >>> What's the big deal with a script closing a window it did *not* open?

    >>
    >> Two things:
    >>
    >> 1) It allows a web author to control what toolbars/etc are on the
    >> window instead of it being the users choice.

    >
    > I don't follow. How does a script that can close a window control
    > toolbars? In IE you can close a window by pressing Alt+F4, the x button
    > on the title bar, clicking the icon on the title bar and selecting
    > close. The web author can't prevent me from closing a window I want
    > closed (and with a popup blocker there's nothing the web author can do
    > about it.)


    window.open without any toolbars, close the original window. Now, you
    have taken my toolbars away from me - against my will.

    >> 2) It allows a potentially malicious site to try to imitate a desktop
    >> app.

    >
    > Again I don't follow. How can a script that closes a window be malicious?
    > I'm not trying to be stubborn but I can't see how a script that can
    > close pages, that came from the same domain as it, be bad.


    See above.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 21, 2006
    #13
  14. Jan Tovgaard

    The Magpie Guest

    Andrew Poulos wrote:
    > Randy Webb wrote:
    >
    > Again I don't follow. How can a script that closes a window be malicious?
    >

    Any script of any sort from anyone other than me that buggers about
    with my windows and my programmes and my running software is *by
    definition* malicious because it is doing things I did not ask it to do.
     
    The Magpie, Nov 21, 2006
    #14
  15. Richard Cornford wrote:

    >> Can you give me a realistically example of malicious (not annoying) way
    >> a web author could use the ability to close a window using javascript
    >> (that was not opened using javascript)?

    >
    > What qualifies as malicious? Destroying other people's property sounds
    > pretty malicious to me.
    >


    The property that you talk about as getting destroyed happens
    automatically with most people's browsers. I care as much about the
    resilience of my history as I do other temporary files, that is not at
    all. Any URL I want remembered I bookmark.

    Can you give an example of, say, deleting a bookmark using a script that
    closes a window it didn't open?

    Andrew Poulos
     
    Andrew Poulos, Nov 21, 2006
    #15
  16. The Magpie wrote:
    > Andrew Poulos wrote:
    >> Randy Webb wrote:
    >>
    >> Again I don't follow. How can a script that closes a window be malicious?
    >>

    > Any script of any sort from anyone other than me that buggers about
    > with my windows and my programmes and my running software is *by
    > definition* malicious because it is doing things I did not ask it to do.



    You don't want a script to be able to close a window that wasn't opened
    by a script because you believe it's malicious (in the sense of being
    evil in intent) and then provide facetious arguments like it "I did not
    ask it" or "it causes the recent browser history to disappear".

    I believe there are lots of real-life situations where scripts
    manipulating (even closing) windows are not only acceptable but
    desirable. If you cannot provide an example where a script closing a
    window causes something malicious to happen then so be it.

    Andrew Poulos
     
    Andrew Poulos, Nov 21, 2006
    #16
  17. Andrew Poulos wrote:
    > Richard Cornford wrote:
    >
    >>> Can you give me a realistically example of malicious (not
    >>> annoying) way a web author could use the ability to close
    >>> a window using javascript (that was not opened using
    >>> javascript)?

    >>
    >> What qualifies as malicious? Destroying other people's
    >> property sounds pretty malicious to me.
    >>

    >
    > The property that you talk about as getting destroyed
    > happens automatically with most people's browsers.


    But it happens when they choose to close their browsers. It is their
    data and it is their choice to destroy it, or hang on to it.

    > I care as much about the resilience of my history as I do
    > other temporary files, that is not at all.


    What you may or may not care about is not a guide to what other people
    may care about. I don't care very much about house plants, is it now
    reasonable form me to go about pouring herbicide onto those I encounter?

    > Any URL I want remembered I bookmark.


    You bookmark individual google searches?

    > Can you give an example of, say, deleting a bookmark
    > using a script that closes a window it didn't open?


    Why should I? I have given an example of data belonging to the user that
    is destroyed when a script closes a window that it did not open. Just
    because it is data you have no use for doesn't make it insignificant to
    everyone.

    Richard.
     
    Richard Cornford, Nov 22, 2006
    #17
  18. Jan Tovgaard

    Randy Webb Guest

    Andrew Poulos said the following on 11/21/2006 3:27 PM:
    > Richard Cornford wrote:
    >
    >>> Can you give me a realistically example of malicious (not annoying) way
    >>> a web author could use the ability to close a window using javascript
    >>> (that was not opened using javascript)?

    >>
    >> What qualifies as malicious? Destroying other people's property sounds
    >> pretty malicious to me.
    >>

    >
    > The property that you talk about as getting destroyed happens
    > automatically with most people's browsers. I care as much about the
    > resilience of my history as I do other temporary files, that is not at
    > all. Any URL I want remembered I bookmark.


    Open your browser.
    Go to Google.
    Do a search.
    Click the #3 article in the search.
    Click Back.
    Right click the #4 link and open it in a new window.
    Close the original window.

    That mimics the behavior that is a problem. Your history trail is
    destroyed. Now, are you telling me that you bookmark every single web
    search you do and re-open it each time some moronic website owner closes
    your window? Think about that.

    --
    Randy
    Chance Favors The Prepared Mind
    comp.lang.javascript FAQ - http://jibbering.com/faq
    Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/
     
    Randy Webb, Nov 22, 2006
    #18
  19. Richard Cornford wrote:
    > Andrew Poulos wrote:
    >> Richard Cornford wrote:
    >>
    >>>> Can you give me a realistically example of malicious (not
    >>>> annoying) way a web author could use the ability to close
    >>>> a window using javascript (that was not opened using
    >>>> javascript)?
    >>> What qualifies as malicious? Destroying other people's
    >>> property sounds pretty malicious to me.
    >>>

    >> The property that you talk about as getting destroyed
    >> happens automatically with most people's browsers.

    >
    > But it happens when they choose to close their browsers. It is their
    > data and it is their choice to destroy it, or hang on to it.


    "I closed the browser and it lost my data. How dare it. I didn't tell it
    to lose my data. I choose to close the browser window but the browser
    lost my data anyway."

    My copy of Word prompts me to save unsaved data why doesn't a browser
    behave itself.

    >> I care as much about the resilience of my history as I do
    >> other temporary files, that is not at all.

    >
    > What you may or may not care about is not a guide to what other people


    Just because you disagree doesn't mean that you represent a consensus
    opinion.

    > may care about. I don't care very much about house plants, is it now
    > reasonable for me to go about pouring herbicide onto those I encounter?


    Yes, if those plants were in your house and were poisonous and you had a
    young child who was close to learn to walk.

    >> Any URL I want remembered I bookmark.

    >
    > You bookmark individual google searches?


    Since when is a google search generally considered a URL?

    >> Can you give an example of, say, deleting a bookmark
    >> using a script that closes a window it didn't open?

    >
    > Why should I? I have given an example of data belonging to the user that


    To show me that it was evil. Anyhow, I didn't think you could give an
    example of an evil use of a script closing a window.

    > is destroyed when a script closes a window that it did not open. Just
    > because it is data you have no use for doesn't make it insignificant to
    > everyone.


    In the same manner just because you think of windows closed by scripts
    as being evil doesn't mean everyone should.

    The only data anyone has mentioned is *temporary* data which, if you
    don't make a record of, will always be lost when the browser closes.
    Yes, it could well be an annoyance but certainly not evil.

    Andrew Poulos
     
    Andrew Poulos, Nov 22, 2006
    #19
  20. Jan Tovgaard

    The Magpie Guest

    Andrew Poulos wrote:
    > The Magpie wrote:
    >> Andrew Poulos wrote:
    >>> Randy Webb wrote:
    >>>
    >>> Again I don't follow. How can a script that closes a window be
    >>> malicious?
    >>>

    >> Any script of any sort from anyone other than me that buggers about
    >> with my windows and my programmes and my running software is *by
    >> definition* malicious because it is doing things I did not ask it to do.

    >

    [snip]
    > I believe there are lots of real-life situations where scripts
    > manipulating (even closing) windows are not only acceptable but
    > desirable. If you cannot provide an example where a script closing a
    > window causes something malicious to happen then so be it.
    >

    There are *no* situations where anyone other than me has any right to
    do *anything* I did not authorise. I challenge you to provide even
    one. I can certainly provide many where it is malicious since the very
    definition of something doing an unauthorised thing to my PC is that
    it is malicious.
     
    The Magpie, Nov 22, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    6
    Views:
    8,938
    sateeshranga
    Aug 7, 2008
  2. Replies:
    2
    Views:
    1,268
    Mark Fitzpatrick
    Oct 9, 2006
  3. Iñaki Baz Castillo
    Replies:
    7
    Views:
    950
    Iñaki Baz Castillo
    Jan 12, 2010
  4. Geoff Wilkins

    window.opener.close() and Internet Explorer 6

    Geoff Wilkins, Apr 3, 2004, in forum: Javascript
    Replies:
    0
    Views:
    137
    Geoff Wilkins
    Apr 3, 2004
  5. Shang Wenbin

    close current window using window.close()

    Shang Wenbin, Sep 1, 2005, in forum: Javascript
    Replies:
    10
    Views:
    427
    Gérard Talbot
    Sep 2, 2005
Loading...

Share This Page