IE6 SP2: JScript error accessing the document object in opened win

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

For my enterprise app, I've seen a strange thing happen since I updated my
laptop to XP SP2. Sequence of events:

A web page opens, eg
http://server/forms/form.html
.. JavaScript calls window.open to open a page to a new URL:
http://server/forms/otherform.html
My web server redirects to:
http://server/forms/otherform.html&foo=bar

The very first time this opens, I get an Access Denied script error in the
destination window being opened. Subsequent opens of the window are
completely fine!

The JavaScript statement generating the error is a mere document.write
inline in a script tag in the JS of the window being opened. Loading the JIT
..NET debugger on that line of code, it turns out all access to properties of
the document object is denied. The window object is fine.

I can't see what could cause this in the XP SP2 differences document.

I really hope someone can help :-) as this is a huge, huge problem for me.

Many thanks in advance,

Neil
 
Neil Carson said:
For my enterprise app, I've seen a strange thing happen since I updated my
laptop to XP SP2. Sequence of events:

A web page opens, eg
http://server/forms/form.html
. JavaScript calls window.open to open a page to a new URL:
http://server/forms/otherform.html
My web server redirects to:
http://server/forms/otherform.html&foo=bar

The very first time this opens, I get an Access Denied script error in the
destination window being opened. Subsequent opens of the window are
completely fine!

The JavaScript statement generating the error is a mere document.write
inline in a script tag in the JS of the window being opened. Loading the JIT
.NET debugger on that line of code, it turns out all access to properties of
the document object is denied. The window object is fine.

I can't see what could cause this in the XP SP2 differences document.

I really hope someone can help :-) as this is a huge, huge problem for me.

Many thanks in advance,

Neil
Click to expand...
 
The JavaScript statement generating the error is a mere document.write
inline in a script tag in the JS of the window being opened.
Click to expand...

Perhaps you have a zone conflict with About:Blank?

I can't see what could cause this in the XP SP2 differences document.
Click to expand...

I first noticed it after one of the security patches before XPsp2.
I have been moving About:Blank around from its default
Internet zone and sticking it where I feel like it. Currently it is in the
Restricted zone. This means that any web app which does not
specify a particular page to open with Window.Open(,...) will cause
whatever error message having About:Blank in the Restricted zone
and trying to use it from the Internet zone causes. So far it doesn't
seem to make any difference whether I Ok the conflict or not.
The web app appears to be oblivious of the conflict. The symptom
is most apparent on sites which build menus and popups. I'm not
sure but I think that some popups may be failing because of this
change. I haven't felt that I have missed anything. <eg>


HTH

Robert Aldwinckle
 
Hi Robert

Strange this is we _are_ specifying a URL (which gets redirected, never to
about:blank) and it has been reproduced on many machines, not just mine.

The head of the page looks something like:

<html>
<head>
<script src="foo.js" defer=1></script>
<script src="bar.js" defer=1></script>
<script>document.write("<script src='bong.js?id="+window.name+"'
defer=1></script>");

and the symptom is that all properties of the document object (but not
window) have permission denied.

N.
 
Neil Carson said:
Hi Robert

Strange this is we _are_ specifying a URL (which gets redirected, never to
about:blank) and it has been reproduced on many machines, not just mine.

The head of the page looks something like:

<html>
<head>
<script src="foo.js" defer=1></script>
<script src="bar.js" defer=1></script>
<script>document.write("<script src='bong.js?id="+window.name+"'
defer=1></script>");

and the symptom is that all properties of the document object (but not
window) have permission denied.
Click to expand...

I think that you are still not revealing the Window.Open(,) code.
Is that in the bong.js? It's the Window.Open(,) that I am referring to
and which you mentioned briefly in your opening post. Unless you are
opening something you specify explicitly, About:Blank would be used
(temporarily) as a default for that method's first argument and that is
when you can have zone conflict.


Robert
 
The window.open in the parent form always opens a URL, never an empty string,
null string, undefined, or about:black.

var win=window.open("http//server/form.html",wname,...);

The HTML I posted below is the contents of the URL which the newly opened
window is loaded. It's document properties are permission denied.

Neil
 
Back
Top