opening new window

[Johnny]

Hi,
I am trying to open new window that only has title bar. I specified
whatever options I could "location=no,menubar=no,status=no,toolbar=no"
but in FireFox status bar is still shown at the bottom of the window.
Is there any other options that I could specify while creating window?

 

[David Dorward]

I am trying to open new window that only has title bar.

Oh dear.

I specified
whatever options I could "location=no,menubar=no,status=no,toolbar=no"
but in FireFox status bar is still shown at the bottom of the window.

Firefox has a "Do not allow webpages to hide the status bar" option.

 

[johnny_scorpio]

Thank you for your reply but why do you say "Oh dear"? Is that a bad
idea to do stuff like that? This pop-up is for web based application,
it's not an advertisement or anything like that.

 

[David Dorward]

(e-mail address removed) wrote:

Try including a little context in your responses please.

Thank you for your reply but why do you say "Oh dear"? Is that a bad
idea to do stuff like that?
Yes

This pop-up is for web based application,
it's not an advertisement or anything like that.

Many popup blockers do not discriminate, and many users get annoyed by any
form of popup.

 

[johnny_scorpio]

I understand reasons for not using pop-ups but in case of this
application the pop-up is used for editing details of an item(s) so it
is useful for the user to see what he/she is editing and item(s) list
at the same time. Our first design used two separate pages in same
window but my boss didn't like that so...

BTW what do you mean by "little context", you mean I should be more
descriptive about the problem?

 

[Michael Winter]

[snip]

BTW what do you mean by "little context", you mean I should be more
descriptive about the problem?

<URL:http://www.jibbering.com/faq/faq_notes/pots1.html> give a thorough
treatment to posting to this group, though I'd say it applies to every
technical newsgroup on Usenet. The section on "Interleaved Posting" (and
possibly "What to Trim") should help.

Mike

 

[RobG]

Thank you for your reply but why do you say "Oh dear"? Is that a bad
idea to do stuff like that? This pop-up is for web based application,
it's not an advertisement or anything like that.

Unfortunately, the nature of the web is that your content is being
hosted in a general application that may be simultaneously hosting
content from lots of sites.

As a result, it is becoming increasingly common for *some* programmers
to exploit this feature to their advantage. The latest phishing attack
uses the ability of a parent window to control the content of a child
window with potentially devastating effects. To see it in action,
visit:

<URL:http://secunia.com/>

and click on the "Window Injection Vulnerability" link.

Basically, if you click on a link on my site that opens a child window,
I can control the content of the child even if the URL is to some other
site. I can then replace links in the child (say the 'logon' link)
with my own that goes to a lookalike page that just collects your id &
password.

This type of cross-scripting has been stopped at the server
level, but not the client. Whilst there are robust solutions that
maintain the ability of a window to open children, I dare say the
immediate response will be to disallow any communication between opener
and child (note that Microsoft's initial response to macro viruses in
Word was to turn off all macros - other browser vendors may do it a
little smarter, but it will take some time for a consistent approach to
be adopted).

So any application that is written now that depends on opener/child
communication is likely to fall apart in the near future.