Chrome. Ordinary javascript cannot close windows willy nilly. This is a security feature, introduced a while ago, to stop various malicious exploits and annoyances. From the latest working spec for window. The close method on Window objects should, if all the following conditions are met, close the browsing context A The corresponding browsing context A is script closable. Watch the 2 minutes exploit video where we manually tweet as if we were Charles Darwin, and get his password thanks to the default password manager of Microsoft Edge. Return value and parameters WindowObjectReference This is the reference pointing to the newly created browser window. This reference is the return value of the open. The browsing context of the incumbent script is familiar with the browsing context A. The browsing context of the incumbent script is allowed to navigate the browsing context A. A browsing context is script closable if it is an auxiliary browsing context that was created by a script as opposed to by an action of the user, or if it is a browsing context whose session history contains only one Document. This means, with one small exception, javascript must not be allowed to close a window that was not opened by that same javascript. HTML5. A vocabulary and associated APIs for HTML and XHTML. W3C Recommendation 28 October 2014.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2017
Categories |