javascript:void()

[Brian]

We host a server that has a PHP-based web application on it. One of our
clients keeps getting javascript:void() at a certain point. We cannot
duplicate it, and no other clients have this problem. The client just locked
down their IE security and are at IE6, but will not give us access to their
system to help them diagnose the problem.

When I run the exact same process in-house or from any other location, I get
javascript:blah,blah,blah (real info). When I completely disable scripting in
IE, I cannot even get to the page from which this script loads, so I am again
unable to duplicate the problem. Is there an IE security setting that would
allow basic scripting but set javascript to void?

 

[rob^_^]

Hi Brian,

Popup blocker!

 

[Brian]

Nope. Already tried that. When I set popup blocking to high, I correctly get
the dialog asking if I want to allow the popup. When I set it to low, I just
get the popup window.

On the errant system, the main IE window simply goes to javascript:void() at
the bottom left, and no popup window ever appears, nor is there any
popup-related dialog box.

Thanks.

 

[Robert Aldwinckle]

We host a server that has a PHP-based web application on it. One of our
clients keeps getting javascript:void() at a certain point. We cannot
duplicate it, and no other clients have this problem. The client just locked
down their IE security and are at IE6, but will not give us access to their
system to help them diagnose the problem.

When I run the exact same process in-house or from any other location, I get
javascript:blah,blah,blah (real info). When I completely disable scripting in
IE, I cannot even get to the page from which this script loads, so I am again
unable to duplicate the problem.

Is there an IE security setting that would
allow basic scripting but set javascript to void?

No. This looks like more filtering, e.g. DOM modification or even just
modification of the raw HTML, which might be done, as Rob implied,
by third-party blockers of various kinds, e.g. popup or ad.
A proxy could be involved to do this too.

Since you know where this script source occurs and where it is called
from, and assuming everything is cached in the TIF, why not just guide
them where the script source occurs and ask them to verify that it is
untouched? Depending on the file structure that could be as simple
as using View Source (Alt-V,c) and Notepad's Status bar. Otherwise,
you may have to help them use the TIF Viewer (e.g. Alt-T,O,Alt-S,V
Alt-V,D Alt-V,I,Last Accessed) and then drag the appropriate file
to an open Notepad window. Etc.


Good luck

Robert Aldwinckle
---