Code: Select all
<html>
<head>
<script language="JavaScript">
function InitPage(){
if (top.frames.length != 0){
top.document.location='index.php<?php echo Querystr($_GET)?>'
}
}
</script>
</head>
<body onload="InitPage()">
</body>When I try that. I get the following javascript error when using Mozilla 1.4:
Code: Select all
Error: uncaught exception: Permission denied to get property Function.framesAnd that may be OK. I realize the cracking potential of leaving the frame's content exposeable to my child frame.
My problem is:
That code you see at the top of this post is cut from a login page to my Internet application. It is OK as long as I don't refer to the javascript object 'top'. The reeeeally funny thing now is, (listen now), this Internet Explorer 5 and 6 doesn't function when in that frame. HAHAHAHA! Here's my form tag:
Code: Select all
<form action="index.php?WhatNow=<?php echo $_GET['WhatNow'].($_GET['TopicID'] ? '&TopicID='.intval($_GET['TopicID']) : '').($_GET['UserID'] ? '&UserID='.intval($_GET['UserID']) : '')?>" name="Form1" method="POST" enctype="multipart/form-data">IE is so full of crap. Every single day I do some client side scripting that should work with ALL browsers according to documentation and standards that all but one developer team tries to adapt. And Internet Explorer has its quirks and bugs that appear out of nowhere without any easily understandable reasons.
I can work myself around that of course by opening another window or ask the email recepient at the hotmail account to cut and paste the address into a new system or something... I just wanted to post this as 50% of my client side development time is consumed by solving strange behaviour of IE. IE is a joke. .NET is not special! Linux has always been what Windows is now trying to become!
Now to the questions:
What kind of code can trigger that javascript security setting that prevents scripting access to the parent frame?
What do YOU think I should try to work around that problem?