[Gllug] Pop up window source reading

Justin Perreault justinperreault at dl-jp.com
Sat Mar 24 22:58:28 UTC 2007


On Sat, 2007-03-24 at 19:54 +0000, Cillian de Roiste wrote:
> On 3/24/07, salsaman <salsaman at xs4all.nl> wrote:
> > Andy McGarty wrote:
> >
> > > On Sat, 24 Mar 2007 12:34:50 -0000, Justin Perreault
> > > <justinperreault at dl-jp.com> wrote:
> > >
> > >> Recently I had a Dialog prompt pop up that only had an OK button. The
> > >> text read along the lines of - Just click OK to continue. There was no
> > >> further information available and no reason that I could see for such a
> > >> prompt to occur.
> > >>
> > >> I was using Firefox 1.5.0.10, on FC6. I was in the process of confirming
> > >> a purchase on-line. I had already researched the site the lock showed up
> > >> fine all looked okay. Until this window showed up.
> > >>
> > >> Justin
> > >>
> > > My guess is its javascript.
> > >
> > > The function open.window can be called if you click on something, when
> > > the  contents of a field changes, when a page loads or even after a
> > > certain  amount of time.  And probably for other reasons too!
> > >
> > > This gives its details.
> > > http://www.javascript-coder.com/window-popup/javascript-window-open.phtml
> > >

>  It
> > > is very bad form  not to give more information than just a click
> > > here!.  I can't see any  more damage clicking on it than can be caused
> > > from just opening the page  in the first place!

> > > Andy
> >
> >
> > If you do find something, you could possibly verify this - go to
> > Tools/Javascript console.
> >
> > At the top of the javascript console, you can enter an expression to
> > evaluate.
> >
> > You could cut and paste the window.open line in there and see what happens.
> >
> > Of course it might not work (might rely on session cookies or other
> > javascript variables being set).
> >
> > Gabriel.

> You might also like to install firebug
> https://addons.mozilla.org/firefox/1843/. It's an add-on that lets you
> look at what's happening on a page. It's very comprehensive and hard
> to summarise all it can do, but for your purposes the javascript shell
> and debugger would be useful and also the network tab since that would
> tell you what information was being sent and received. I don't know if
> you can save that as a log specifically though. I also don't know of
> any add-on that will let you dump all the activity on your browser
> over a period of time.
> I'd be concerned about an odd pop-up like that as well. In general I
> won't browse to a web site where I want to buy something from a link
> or email. It's better to go directly to the site just in case the link
> has some exploit tagged onto it.
> http://en.wikipedia.org/wiki/Cross_site_scripting has lots about
> various scenarios.
> 
> Cillian

I agree all around, about visiting a site directly and that a site
should have a better formed prompt window.

Thank you all for your responses. I will investigate further when I get
my main machine up and running. Damn FR!^^$* USB non-standard, power
supplied cables with same form factor connectors. 

Justin

-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list