Javascript "return false" fails after KB896727 update?

[Roger]

Hi,

After installing the IE 6 Cumulative security Update SP1 (KB896727) on
Windows/ME, any javascript "return false" running in an onclick function
fails to stop IE from accessing the next page. For example, I have been
using the following for some time on a home page. The idea is to verify
the user's browser has Javascript enabled before allowing the user to
access a logon page. The NoJavascript.html page has instructions for
turning on Javascript.

<a href="/NoJavascript.html"
onclick="window.location='/Logon';return false;">Logon </a>

A Windows/ME PC using IE 6 with the update now consistently goes to the
NoJavaScript.html page when "Logon" is clicked even though Javascript is
enabled.

Other examples include client-side checking of forms fields. If a
javascript function running from an onclick discovers an error in a
field, presents an alert pop-up error message, and then executes "return
false"; as soon as the user clicks OK to the pop-up message, IE ignores
the return false and accesses the next page rather than allow the user
to corrrect the error and reclick the submit button.

These examples had been working for years and continue to work with IE 6
on Windows/XP and other browsers such as Firefox, Opera, etc on the
Windows/ME PC (and everywhere else).

The only change I can identify that relates to the issue is the KB896727
update. Has anyone else encountered a similar problem and found a solution?

Roger

 

[Rob Parsons]

I haven't had the same problem, but I use a completely different method to
detect if scripting is enabled.
Usually on the start page of my web site or on any other page that can be
accessed directly, under the body tag I place the following snippet.

<script LANGUAGE="javascript"><!--
Place your script here or leave empty
//-->
</script>
<NOSCRIPT>
<h3>You must have scripting enabled to use this form!</h3><br> <a
href="Place the link to your help page here" target="_blank"><h4>How to
enable scripting in Internet Explorer</h4></a></NOSCRIPT>

You can see the same method used in the Media bar... Disable scripting then
load your media bar to view how MS have done it.

 

[Roger]

I guess I was not clear -- Javascript is enabled and works. Normally a
"return false" tells the browser not to fetch a new page. The problem is
IE fetches it anyway.

Roger

 

[Robert Aldwinckle]

The only change I can identify that relates to the issue is the KB896727 update.

In that case to try diagnosing it I would start with the file manifest from
the corresponding Security Bulletin:

<title>Microsoft Security Bulletin MS05-038: Cumulative Security Update for Internet Explorer (896727)</title>
http://www.microsoft.com/technet/security/Bulletin/MS05-038.mspx

Expand the following sections to see the manifest:
[-] Security Update Information
[-] Internet Explorer 6 Service Pack 1...

E.g. check to see which module versions you have on the problem
machine and check which module versions you have on machines
which don't have the problem. Unless your XP machine has been held
back to XPsp1 you won't be comparing the same things. Even that won't
be a really exact comparison though; e.g. installing IE6sp1 on a base
XP (not XPsp1) and updating only it would be closer to your WinME case.

You should also look to see if any of the RTMQFE versions and their
compatibility options need to be invoked. One way to expedite that analysis
might be to test with RegMon filtering on Compatibility and see if there is
any difference in the two systems you are comparing.


Good luck

Robert Aldwinckle
---