I would like to write a script that detects whether the user has javascript disabled, and if yes, redirect them to another page (let's say mysite.com/enablejavascript)
However, I have no idea where to start! Thanks SO.
Gdoron mentioned noscript already. Together with meta refresh¹ you can redirect users if they have JavaScript disabled.
A JavaScript redirect can be done with location.replace(URL).
<head>
<noscript>
<meta http-equiv="refresh" content="0; url=http://example.com/without-js" />
</noscript>
<script>
location.replace('http://example.com/with-js');
</script>
</head>
Example of noscript+meta refresh: http://pastehtml.com/view/bsrxxl7cw.html
1) Mind the drawbacks section of the Wikipedia article!
Meta refresh tags have some drawbacks:
If a page redirects too quickly (less than 2-3 seconds), using the "Back" button on the next page may cause some browsers to move back to the redirecting page, whereupon the redirect will occur again. This is bad for usability, as this may cause a reader to be "stuck" on the last website.
A reader may or may not want to be redirected to a different page, which can lead to user dissatisfaction or raise concerns about security.
How do you want to write a script when java-script is disabled... ?
It's can not be done. You can show a message when javascript is disabled with <noscript>.
<noscript> tag on MDN:
The HTML NoScript Element () defines a section of html to be inserted if a script type on the page is unsupported or if scripting is currently turned off in the browser.
You should combine HTML redirect in a noscript element. I found this JavaScript redirection generator. Here is your sample code:
<!-- Pleace this snippet right after opening the head tag to make it work properly -->
<!-- This code is licensed under GNU GPL v3 -->
<!-- You are allowed to freely copy, distribute and use this code, but removing author credit is strictly prohibited -->
<!-- Generated by http://insider.zone/tools/client-side-url-redirect-generator/ -->
<!-- REDIRECTING STARTS -->
<link rel="canonical" href="https://yourdomain.com/"/>
<noscript>
<meta http-equiv="refresh" content="0;URL=https://yourdomain.com/">
</noscript>
<!--[if lt IE 9]><script type="text/javascript">var IE_fix=true;</script><![endif]-->
<script type="text/javascript">
var url = "https://yourdomain.com/";
if(typeof IE_fix != "undefined") // IE8 and lower fix to pass the http referer
{
document.write("redirecting..."); // Don't remove this line or appendChild() will fail because it is called before document.onload to make the redirect as fast as possible. Nobody will see this text, it is only a tech fix.
var referLink = document.createElement("a");
referLink.href = url;
document.body.appendChild(referLink);
referLink.click();
}
else { window.location.replace(url); } // All other browsers
</script>
<!-- Credit goes to http://insider.zone/ -->
<!-- REDIRECTING ENDS -->
Try this: If java script is disabled then display a php link
<script type="text/javascript">
document.write("<button type='button' onclick='somefunction()' >Some Text</button>");
</script>
<noscript>
<?php echo "<a href='redirectfile.php'>Some Text</a>"; ?>
</noscript>
Related
It seems that firefox has disabled the ability to run a javascript: from the URL...does anybody know of a way around this?
My site requires an id pulled from the html of another site when that user is logged in. Instead of having the user search the 'view source' page I devised a javascript link to scrape it and send it to the site automagically, but it doesn't work on firefox.
The actual code I'm trying to run:
javascript:void(window.open('http://mysite.com/login?u=' + encodeURIComponent(window.location) + '&s=' + SessionId));
Scrapping the session id from the game in order to pull data for the player, nothing like a facebook hack or anything malicious.
I'd have to see your code but you really shouldn't have a problem doing what you're attempting to do. If you need another option though I have one you could try. If the content of the page you're scraping is within the same domain as your other site you could use an iframe to get the ID.
Here's some code to consider:
Your data collecting page:
<!DOCTYPE html>
<html>
<head>
<title>Disable Firefox 7.0.1 javascript in url security</title>
<script type="text/javascript">
function scrapeData() {
var frame = document.getElementById("otherPage");
var otherPagesObj = frame.contentWindow.document.getElementById("otherContent");
alert("Your data: " + otherPagesObj.innerHTML);
}
</script>
</head>
<body onload="scrapeData();">
<iframe id="otherPage" src="otherpage.htm" width="1" height="1" />
</body>
</html>
Your page to be scraped (otherpage.htm):
<!DOCTYPE html>
<html>
<head>
<title>Other Page - Disable Firefox 7.0.1 javascript in url security</title>
</head>
<body>
<div id="otherContent">1</div>
</body>
</html>
Using the above code you can see "1" alerted from the div of another page. This is a simple, cross-browser compatible option for what you're attempting to do.
Hope this helps.
I have the following code:
<html>
<head>
<title>title of this stuff</title>
<script language="JavaScript">
if (top != self) top.document.title = document.title;
</script>
<meta http-equiv="refresh" content="2; URL=javascript:window.open('certainpage.html','_top');">
</head>
<body>
Body of this page
</body>
</html>
and this doesn't work.
I've googled for this and come to the same conclusion everywhere: this should work.
But it doesn't. Can anyone help me out why this page isn't:
1. refreshing as long as I have the javascript in there (and yes, js is enabled in my browser)
2. refreshing to the new page in the top frame
Any help would be appreciated!
Javascript won't work in the refresh meta tag like that.
As you're using javascript anyway, keep it simple like this:
<script type="text/javascript">
window.top.location = 'http://domain.tld/whatever/';
</script>
But there's also a better (because smarter) way to do it. This doesn't require you to hard-code the URL for each page. It checks if the page is topmost and if not, if calls the page's URL to the top:
<script type="text/javascript">
if(window.top.location != window.location)
{
window.top.location.href = window.location.href;
}
</script>
And if you would prefer to completely avoid using javascript (which some users will have disabled), there's also an even simpler way to do it. Add the following to your head section and all links on that page will open "topmost":
<base target="_top">
All you have to do is to choose one of these three options. All of them should get you going just fine.
I am trying to insert following code to all my pages:
<script language="javascript">
if (top.location == self.location)
{
top.location = '../index.html'
}
</script>
When I have this page and try to run the page from IE 8 then I am being displayed a yellow bar on top of my page which asking me to allow the plugin.
No other browser (firefox/opera/chrome/safari) does this.
This is annoying to click this every time person visits page. How to disable this?
I just hope I won't have to use:
<!--[if !IE]>-->
<script language="javascript">
if (top.location == self.location)
{
top.location = '../index.html'
}
</script>
<!--<![endif]-->
I think you're talking about local execution of javascript, so see the answer in this discussion about Mark of the web (MOTW): ActiveX Content in a local web page, and "the mark of the web"
see also MSDN reference for futher information:
I have one HTML files on one server and two files on different server, as below:
a.html - server 1
<html><head></head><body><iframe src="http://server2/b.html"></iframe></body></html>
b.html - server 2
<script type="text/javascript">/* <![CDATA[ */if (top == self || parent != top || document.location.hostname != document.domain) { top.location.replace("c.html");}/* ]]> */</script>
<!DOCTYPE html><html lang="en" id="myworld" class="no_js">
<head><meta charset="utf-8" />
<script type="text/javascript">/* <![CDATA[ */if (top == self || parent != top || document.location.hostname != document.domain) { top.location.replace("c.html");}/* ]]> */</script><noscript> <meta http-equiv="refresh" content="0; URL=b.html?st=1" /> </noscript>
</head><body>text is here</body></html>
c.html - server 2
<html><head></head><body>Please visit later.</body></html>
When I open http://server1/a.html, I am redirected to http://website2/c.html because it uses JavaScript and a meta tag for redirecting if the host is different.
What I want to do is: I don't want b.html to run its JavaScript at all for redirecting and the meta tag refresh to c.html.
How can code a.html to render b.html in my iframe only? So it should disable b.html's javascript and meta tag.
It sounds like server 2 is a owned by a third-party and you have no control over it. Unfortunately the javascript you can see there is a 'frame breakout' script which is specifically designed to prevent the page from being embedded in a iframe, as you are trying to do.
One way around is to make an HTTP request directly from your web server to load page b, and then strip out the javascript and include it as part of your page.
Edit: You should really ask the other site's permission, as you are basically redistributing their content if you do this.
I am trying to code this for hours and still couldn't do it. It keep tell me "Permission Denied".
Here is what I am trying to accomplish. This pretty hard to explain please follow the example below.
For example. domain111.com and domain222.com.
When I am on domain111.com i click on the popup link , it will pop-up the domain111.com/popup.html then it redirect me to domain222.com. On this domain222.com it will redirect to couple pages before it redirect back to domain111.com with the result. I want to send the result from domain111.com to domain111.com.
The process is like below.
Domain111-popup to-->Domain111-redirect-->Domain222-redirect xxx Domain222 pages then redirect to-->-Domain111---SEND to parent window->Domain11
Here is my code.
File name 1.hml on domain111.com
<script type="text/javascript">
function IamParent() {
alert('I am the parent of this window')
}
function PopUP() {
window.open("http://domain222.com/2.htm", 'ALpop').focus();
}
</script>
<body>
<a href="#void(0);" onclick="PopUP();" >Click</a>
</body>
File name 2.html on domain222.com
<head>
<title></title>
<meta http-equiv="refresh" content="1;url=http://domain111.com/3.htm?Result=Yes" />
</head>
Filename 2.htm on domain111.com
<script type="text/javascript">
parent.IamParent(); //execute the function from the same domain111.com/1.htm
</script>
Please don't suggest AJAX or web request because it will not work with this case.
Thanks for reading.
Parent windows in other domains are inaccessible due to a security restriction requirement in the JavaScript engines. This applies to all browsers. It is a cross-site scripting attack prevention that cannot be disabled.