Sanding our assholes with 150 grit. Slowly. Lovingly.

Javascript - intercommunication between windows?

If I want to pop up a dialogue to the user using javascript and then capture the values they input there in the parent window, how?

Google isn't very helpful this morning, but it could be this fucking stomach bug I'm home with.
Permalink Mark Warner 
January 18th, 2006
Do a search on: opener javascript

Opener is what you're looking for.
Permalink Phil 
January 18th, 2006
Thanks Phil.

I'm going to go vomit now, and then I'll start reading these docs.
Permalink Mark Warner 
January 18th, 2006
I can imagine that in some way that could be a security problem, although exactly how you'd exploit it is something I can't quite work out. It just "feels" like it could have some dark purpose... (As the "opener" is persistent across reloads, you could potentially open an off-screen window, hang about checking the URL of the opener window until it becomes something interesting (a bank or online store) and then sucking out some personal details? Needs work, sure, but there's got to be a way. :)
Permalink Mat Hall 
January 18th, 2006
"I can imagine that in some way that could be a security problem, although exactly how you'd exploit it is something I can't quite work out."

The inter-window communication is pretty restricted these days. I believe that trying to access a document (either via a frame or window) from a page that comes from a different domain will fail.
Permalink Almost H. Anonymous 
January 18th, 2006
True, although I'm pretty sure another cross-domain scripting vulnerability hit IE recently (something to do with making a response look like CSS, although the details escape me at the moment), so where there's a will there's a way... :)
Permalink Mat Hall 
January 18th, 2006
Something along the lines this should be a starting point:

opener.document.getElementBy('Elementid').value = "muppet is a cunning linguist";
Permalink KC 
January 18th, 2006
Found the vulnerability:

http://secunia.com/advisories/17564/

It's not too horrific, but apparently it's been spotted in the wild...
Permalink Mat Hall 
January 18th, 2006

This topic was orginally posted to the off-topic forum of the
Joel on Software discussion board.

Other topics: January, 2006 Other topics: January, 2006 Recent topics Recent topics