[4232] in WWW Security List Archive
Re: Netscape question
daemon@ATHENA.MIT.EDU (osiris@pacificnet.net)
Sat Feb 1 06:41:20 1997
From: osiris@pacificnet.net
Date: Sat, 01 Feb 1997 01:59:52 -0800
To: jgray <grayjr@cs.purdue.edu>, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
osiris@pacificnet.net wrote:
>
Sorry to waste time and space on the list with this, but I have received
a few emails about it. The code at the bottom of this message WILL work
just fine to demonstrate how to kill a window's attributes (including
all the toolbars and what not.) However, in order for it to work, any
interested party would have to un-truncate the lines. That is, in the
process of traveling through the mail, it is restricted to so many
characters per line. This has caused the lines to be truncated (cut
off). The line that begins with:
"msg=open(..."
must be one, solid line until the call concludes with
",height=225");"
Equally, the call to write() must also be made one line (or as few lines
as your editor allows before auto-wrapping the text.)
If these changes are not implemented, the javascript interpreter will
produce an error window, specifying that an "unterminated literal
string' has been encountered in the code. Sorry. I should have explained
that in the original posting. If that is too much trouble, you can
always see an example of such a window (with ALL attributes
pre-specified) by going here:
http://www.traderights.com
and scrolling to the bottom of the page to catch the button "About this
Page." Pressing that button will generate a unsizable, unalterable
window without toolbars, location, status or any other attributes. (I
use these normally to generate "Help" docs on pages I design. This
prevent having to push the user to another window to get help.
> jgray wrote:
> >
> > I was browsing around and found a page that took away the toolbar and menu
> > options in netscape to hide the source for the page. I was wondering if
> > anyone could tell me how it is done or where i can find out about it. Thanks!
> >
> > Josh Gray
> > grayjr@cs.purdue.edu
>
> It's a Javascript thing, parameters specified in the creation of the
> window. Clip and paste this to a text editor and name the file
> whatever.html. Load it into Netscape and click the button. When you
> arrive at a site like that, they have simply used on OnLoad call to draw
> the page without toolbars. It's nonsense, though and hides nothing. You
> can force it into the cache and read it/save it/view it there.
>
> <html>
> <head>
> <script language = "javascript">
> function winopen () {
> msg=open("","NewWindow","toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=yes,width=310,height=225");
> msg.document.write("<HEAD><TITLE>A Window Without
> Controls!</TITLE></HEAD><BODY BGCOLOR = #FFFFFF></BODY>");
> msg.document.write("<h5><font face = arial, helvetica><center>About This
> Window</center></font></h5><p><font size = -1 face = arial,
> helvetica>This window was generated using the NewWindow function, which
> allows the user to specify many different options. As you can see if you
> examine the code of the original call - msg=open() - the paramters
> determine the toolbar, location, directories, status bar, menu bar and
> so on..</p><br><center><form><input type=button value = ' Okay '
> OnClick = window.close()></center></form>");
> }
> //JavaScript Ends --></SCRIPT>
> </head>
> <form>
> <input type = "button" value = "Click Me" OnClick =
> 'winopen(this.form)'>
> </form>
> </html>
