Strange problem with "window.open" 1

[Dweezel]

I've had a problem that's been driving me crazy for the last two hours. I was eventually going to post the problem here, but I've managed to find what's causing the problem and fix it. I am , however, at a complete loss as to why it was causing a problem. Let me explain:

You may or may not be aware of the annoying pieces of javascript that Symantec(Norton) products throw into web pages without asking. For instance whenever I download a web page I get the following code inserted between the head tags:

<script language="JavaScript">
<!--

function SymError()
{
  return true;
}

window.onerror = SymError;

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
  return (new Object());
}

window.open = SymWinOpen;

//-->
</script>

I've recentley noticed this one being thrown in as well, beneath the closing html tags:

<script language="JavaScript">
<!--
var SymRealOnLoad;
var SymRealOnUnload;

function SymOnUnload()
{
  window.open = SymWinOpen;
  if(SymRealOnUnload != null)
     SymRealOnUnload();
}

function SymOnLoad()
{
  if(SymRealOnLoad != null)
     SymRealOnLoad();
  window.open = SymRealWinOpen;
  SymRealOnUnload = window.onunload;
  window.onunload = SymOnUnload;
}

SymRealOnLoad = window.onload;
window.onload = SymOnLoad;

//-->
</script>

Now to how these relate to my problem. I created a help system for a friend's web site using javascript onclick pop ups. I designed the pop-ups on my own site, and then moved them to his once completed (on a different server). When I tried them on his site, they didn't work. The page that they were on on his site had a .php extension. This was the very last thing I considered after 2 hours of trying to solve the problem. When I changed the .php for a .html. The links worked.

So I went back to my site(different server) and tried the page as a .html and a .php extension. Both worked fine. Now I'm not very hot on javascript, but I do now that it's a client side language. I figured that there must be something different in the code being generated from that page that the browser is having trouble with.

I found out that the difference between the source code from the .php page on my friends server and the others is that Norton for some reason wasn't adding that second piece of code above underneath the closing html tag. I copied and pasted the code into the .php page and the pop ups worked fine.

So my question is threefold:

1. What does all of code that Norton inserts do exactly? (I'm guessing the first bit is to supress errors).

2. Why do you think it was not written in to the .php page when it was put on my friends server? And why did this cause a problem?

3. Do all firewalls add code to web pages or is it just Norton?

 

[theniteowl]

It looks as if the first bit of code is to intercept calls to window.open and the second bit intercepts the onload and onunload commands and runs them through it's own functions.

Is your script using window.open, window.onload or window.onunload? Or worse a window.onload command that contains a window.open?

At my age I still learn something new every day, but I forget two others.

 

[Dweezel]

Thanks for responding. My script is just a simple window.open function called by an 'onclick' from anchor tags.

function:

function openThis(url,window_height,window_width){
config_string="height="+window_height+",width="+window_width+",left=200,top=0";
window.open(url,'pwin',config=config_string);
}

Example of a link to the above:

  <a href="javascript:onclick=openThis('graph_units.html',500,360)">Graph units</a>

 

[theniteowl]

It's a convoluted mess.
I get the same results that if the second bit of code is not present the window will not open.

It appears that the first bit will redirect any window.open command to it's own function. That function returns an object.
The second bit of code executes when the page loads.
I THINK that the creation of the object in the first bit causes a trigger for the onload event which is redirected in the second bit of code to it's own function which will then allow the opening of the popup object created in the first bit.
Without the second piece of code you end up with an object but nothing acts upon that object to make it into a new window.

As to why only half the code is inserted on his system I could not say. Does it actually insert it into the files themselves or only when the browser interprets the page?

You could probably work around the problem using the same type of logic they use. They first save window.open in a new variable so they can set it back later. They then redirect it by saying window.open = SymWinOpen;
Now when you execute a call to window.open you are actually calling the function SymWinOpen instead.
What you could do is first grab window.open and store it in your own variable, then in an onload event reset window.open back to what it originally was.
The trick is to override what they did by having your code setting it back to what it should be after their code has changed it.
You just have to set your value for window.open prior to their code changing it and then having an onload event to set it back once the page has loaded.



At my age I still learn something new every day, but I forget two others.

 

[Dweezel]

Thanks a lot theniteowl. Why that second piece of code wasn't being generated for php pages on my friends server is still a mystery, but I have a better understanding of what's going on now.

Thanks for your help.