[mikemm]

hi y'all,

i'm new to javascript, but i know a little bit....

i've got a browser default.php which, on loading, opens a FullScreen window with the following script:

Code:

<SCRIPT LANGUAGE="JavaScript">

<!--
var strOpt='FullScreen';
Authorer = window.open("LOGIN.php","Authorer",strOpt);
-->
</SCRIPT>

So LOGIN.php opens in a new FullScreen browser with no toolbars, title bars or anything.

I want to have an HRef which changes the focus from the LOGIN.php browser back to the default.php browser without actually opening or closing any windows just changing the focus.

can anyone help??

[dwarf]

Try this code:
<a href="javascript:top.opener.focus()">Focus</a>. It should work.

[sodajerk]

be sure to remove the extra space from between java and script that dwarf left in, or I guarantee the results will not work to well.

[dwarf]

Jesus, I was sure I left out the space, I mean, I never write it anyway. Is there something wrong with this forum??

[epl]

The forum adds the space - as a security measure, I'd imagine.
If you type &amp;#106;avascript: then that will show as &#106;avascript: ...

[adios]

Try

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&amp;#106;&amp;#97;&amp;#118;&amp;#97;&amp;#115;&amp;#99;& amp;#114;&amp;#105;&amp;#112;&amp;#116;&amp;#58;

adios

[dwarf]

What kind of security measure could that possibly be?? I mean, since they are using PHP and probably using htmlspecialchars() or some similar function...

Oh well...

[epl]

I'm just guessing, but Hotmail was shown to be vulnerable to javascripts running within mails - with all sorts of possible consequences (redirects / popups asking for passwords etc.) - in this format.

I'd imagine this is an attempt to ensure that no such vulnerability is possible here.

With hotmail, I think the problems was with <img lowsrc="javascript:">, but I can't remember.