[Gllug] Pop up window source reading

Sat Mar 24 19:54:46 UTC 2007

On 3/24/07, salsaman <salsaman at xs4all.nl> wrote:
> Andy McGarty wrote:
>
> > On Sat, 24 Mar 2007 12:34:50 -0000, Justin Perreault
> > <justinperreault at dl-jp.com> wrote:
> >
> >> Recently I had a Dialog prompt pop up that only had an OK button. The
> >> text read along the lines of - Just click OK to continue. There was no
> >> further information available and no reason that I could see for such a
> >> prompt to occur.
> >>
> >> I was using Firefox 1.5.0.10, on FC6. I was in the process of confirming
> >> a purchase on-line. I had already researched the site the lock showed up
> >> fine all looked okay. Until this window showed up.
> >>
> >> So I figure, it has shown up on my system there must be a way for me to
> >> track down where it came from and where it is going to. I have been
> >> trying to track down something via google but have only come up with
> >> articles on pop-up windows which are already blocked and Javascript
> >> dialogs which might be the right path but is not getting me far.
> >>
> >> I am hoping for some direction on where I can look at any files that
> >> might pertain to a window/prompt that has popped up. Preferably being
> >> able to look at things like who/what sent it and what actions the
> >> buttons pertain too. Being able to generate a log for such prompts would
> >> also be a plus.
> >>
> >>
> >> Justin
> >>
> > My guess is its javascript.
> >
> > The function open.window can be called if you click on something, when
> > the  contents of a field changes, when a page loads or even after a
> > certain  amount of time.  And probably for other reasons too!
> >
> > This gives its details.
> > http://www.javascript-coder.com/window-popup/javascript-window-open.phtml
> >
> > There are various features such allowing scroll bars, showing the
> > menu  bar, location bar etc.
> >
> > So look at the source of the page that launched it for window.open
> > and  then see the url it is calling and what parameters it is passing
> > to that  page.  My guess is it is just a way of logging that someone
> > has expressed  an interest or certain products have been ordered.  It
> > is very bad form  not to give more information than just a click
> > here!.  I can't see any  more damage clicking on it than can be caused
> > from just opening the page  in the first place!
> >
> > I can't see a way of you checking how often it is called unless you
> > parse  every page you open for the code.
> >
> > Happy hunting.
> >
> > Andy
>
>
> If you do find something, you could possibly verify this - go to
> Tools/Javascript console.
>
> At the top of the javascript console, you can enter an expression to
> evaluate.
>
> You could cut and paste the window.open line in there and see what happens.
>
> Of course it might not work (might rely on session cookies or other
> javascript variables being set).
>
> Gabriel.
>
>
> --
> Gllug mailing list  -  Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>
>

You might also like to install firebug
https://addons.mozilla.org/firefox/1843/. It's an add-on that lets you
look at what's happening on a page. It's very comprehensive and hard
to summarise all it can do, but for your purposes the javascript shell
and debugger would be useful and also the network tab since that would
tell you what information was being sent and received. I don't know if
you can save that as a log specifically though. I also don't know of
any add-on that will let you dump all the activity on your browser
over a period of time.
I'd be concerned about an odd pop-up like that as well. In general I
won't browse to a web site where I want to buy something from a link
or email. It's better to go directly to the site just in case the link
has some exploit tagged onto it.
http://en.wikipedia.org/wiki/Cross_site_scripting has lots about
various scenarios.

Cillian
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug