var newWind = window.open("xxx","xxx","xxx") // u fill in blanks if (newWind.opener == null) { // for Nav 2.0x newWind.opener = self // this creates and sets a new property }
To access items in the new window from the original window, the 'newWind' variable must not be damaged (by unloading), because it contains the only reference to the other window you can use (the name you assign as the second parameter of open() is not valid for scripted window references; only for TARGET attributes). To access a form element property in the new window, use:
newWind.document.formName.elementName.property
From the new window, the 'opener' property is a reference to the original window (or frame, if the window.open() call was made from a frame). To reference a form element in the original window:
opener.document.formName.elementName.property
Finally, if the new window was opened from one frame in the main browser window, and a script in the new window needs access to another frame in the main browser window, use:
opener.parent.otherFrameName.document.formName. ...
How can a script in one frame access data in another frame, when the domains of the respective frames are not the same?
Next, the "LMS" vendor can expand the range of access to a suffix of the site name space. For example, a page on the lmsvendor.client.com can use the document.domain property to set the access level to client.com as opposed to lmsvendor.client.com; that is, up to the second-level domain. The following JavaScript code provides an example of how this is done: The above solution works well for simple Web pages, however the following scenarios provide a few exceptions and some additional workarounds.
Scenario #1: Modifying the contents of a frameset using JavaScript in another frame or the parent frameFor example, the following code generate a permission denied error even though you have put the document.domain code in every page: Note:1) Do not use the document.open() call. Once you make this call you will get a permission denied error when you do the document.write() 2) The first line of code should write to the frameset the JavaScript code snippet that sets the domain security bounds
Scenario #2: Opening an empty new browser window and writing some text in it from the opener window:
For example, the following JavaScript creates a popup messages that works well if cross-domain security is not an issue, but it generates a ‘permission denied’ error after the first document.open() call: 1) In the opener window assign the text you want in the popup window to a global variable
2) Open a valid HTML file in the new window where you want to display the popup message The cross-domain security problem can be effectively resolved by expanding the security access by mapping two disparate domain names onto a common domain name suffix. While the proposed solution does not solve the cross-domain issue (for example, www.lmsvendor.com and www.lcmsvendor.com will not work in the context of SCORM specification), however, it does provide an effective work-around within the current specification provided different vendors/organizations agree to implement this work-around based on customer-driven need or mutual interest.
In the future, better client-side, browser based security measures or server-to-server side communication protocols may handle this issue more elegantly. In the following discussion, we use a scenario in which an organization (client.com) is attempting to integrate content from one server with another server or from two different vendors (www.lmsvendor.com and www.lcmsvendor.com). The first step is for the client.com to map the two systems as follows: lmsvendor.client.com and lcmsvendor.client.com.
+
document.domain = document.domain.substring(document.domain.indexOf('.') + 1);
Similarly the "LCMS" vendor sets up the document.domain property to client.com. Please note that this JavaScript statement needs to be included in each page of the system presented in the Web browser. Since only pages from a site whose name ends with client.com will permit this domain to be set, it is assured that content from the same provider mutually agrees to interact and is free to do so. Please refer to:
http://msdn.microsoft.com/workshop/author/om/xframe_scripting_security.asp for more information.
frames["frame1"].window.document.open()
frames["frame1"].window.document.write('<HTML><BODY>New Frame Text</BODY></HTML>')
frames["frame1"].window.document.close()
The following JavaScript code seems to address the above problem: frames["frame1"].window.document.write('<script language="javascript">
document.domain=top.document.domain ;</' + 'script>')
frames["frame1"].window.document.write('<HTML><BODY>New Frame Text</BODY></HTML>')
frames["frame1"].window.document.close()
newWindow = window.open("", "popup")
newWindow.document.open()
newWindow.document.write("Popup window text")
newWindow.document.close()
The following workaround seems to provide the resolution:
var strPopupText = "Popup window text"
newWindow = window.open("popup.htm", "popup")
3) In the file "popup.htm" have the following two lines of JavaScript code to set the document domain and write out the popup message text stored in the variable in the opener window document.domain = document.domain.substring(document.domain.indexOf('.') + 1);
document.write (window.opener.strPopupText)
Conclusion
Comments:
See also:
file: /Techref/language/JAVA/SCRIPT/xwinaccess.htm, 7KB, , updated: 2008/4/3 04:45, local time: 2024/12/26 14:23,
3.15.225.188:LOG IN
|
©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions? <A HREF="http://linistepper.com/Techref/language/JAVA/SCRIPT/xwinaccess.htm"> JavaScript</A> |
Did you find what you needed? |