Can I get the opener window from a ModalDialog window? - javascript

Normally when a window is opened using window.open I can access the caller window by using window.opener(), is it possible do the similar within modal dialogs(window.showModalDialog)?

As you can read in a comment on the MSDN page about showModalDialog (thanks to Pekka),
[t]he window.opener method returns
null, rather than a reference to the
opening window. So you cannot refresh
the opening window with
window.opener.location.refresh()
(if, for instance, you use
showModalDialog to open an editing
dialog). If all you want to do is
refresh the opening window every time
the ModalDialog closes, that is easy
(include window.location.refresh()
right after the call to
showModalDialog). But if you only
want to refresh the opening window in
certain cases (e.g., the opening
window takes a while to refresh), you
can do that by passing a
dialogArgument.
A more clever (I think) way is to
pass the window reference itself as the dialogArgument. In the
calling window, use
window.showModalDialog('newurl.asp',
window). In the called dialog
retrieve the reference with var
window_opener =
window.dialogArguments. You can use
the window reference stored in
variable window_opener in place of
window.opener, to refresh the
calling window from the called dialog.
Do note that Firefox and Chrome (for
instance) do not appear to have these
limitations, and appear to treat
ModalDialogs more like regular
windows. Keep that in mind if you do
testing using one of these browsers,
but intend your application to work in
all browsers.

Related

How to open Google translator on a separate tab/window on first run, yet on same separate tab/window on succeeding runs

DeepL (and many other websites) can be opened on a separate tab/window on first run, yet on same separate tab/window on succeeding runs. That is the objective
window.open("https://www.deepl.com/translator", "sameD");
Google Translator cannot, it always open in new tab on succeeding runs, even if the window name is same
window.open("https://translate.google.com", 'sameG');
Why is Google Translator not opening in same tab, does it explicitly disallow it? And how it does that?
Or is there another parameter in window.open to ensure a url can be opened in same separate tab/window?
Not a solution but an explanation for what you are experiencing:
As you already know
window.open("https://translate.google.com", 'sameG');
will open a new window/tab with the name sameG. The call will also return a proxy to the window object of that page.
Also this will set window.opener in the new window to a proxy of the window of the calling window.
Usually calling window.open() again with the same window name will update the previously opened window to navigate to the new URL -- as you do see with the deepl.com example.
But translate.google.com sends a
Cross-Origin-Opener-Policy: same-origin-allow-popups
header! This header is indeed a browser security header and it isolates the browser context of the new window, i.e., the return value of window.open() won't give you any access into the newly opened window and window.opener therein is set to null.
Additionally this loses the reference to the window name sameG and thus subsequent calls to window.open() will again open a new window instead of updating the already opened one.
TL;DR: The Cross-Origin-Opener-Policy is the reason for this.
The second parameter window.open() method takes is the target parameter which is the name of the browsing context the resource is being loaded into. You can use the special target keywords, in this case it'll be "_self":
window.open("https://translate.google.com", "_self")

How to protect window.opener.location

I am using window.open to open a new window which will send some message to the parent window using window.opener.postMessage.
This child window URL is arbitrary. I mean there is a textbox where the users can give the URL and it will be opened using window.open.
Although the user is suspected to use the URLs that are supported, it is also possible that some random URL will be used. In this case, I don't want to child window to make any changes to the parent window, especially to the parent location.
How can I avoid this issue? I've tried to use noreferrer,noopener; however, that breaks entire cross-window communication altogether, which is not desired.

Detect if window.open will replace the current page instead of opening a window?

In many iOS apps that have WebViews, using JavaScript's window.open method will load the attempted popup window in the main window instead, losing everything that was in memory in the opening page. Is there a way to detect that window.open() will do this instead of its intended functionality of opening a separate page?

Keep a pointer to a callback even when navigating to a new page in a popup window

I'm working on a project which insists on using real modal windows. The current implementation works, it simply calls "showModalDialog" and uses the result that the dialog stores in "returnVal".
However, on Chrome, when you navigate to a different page, this functionality no longer works. It's a documented bug.
I'm changing it to use window.open. I can pass in a callback no problem... However, the popup window needs to be navigatable (it's to add an item to a DB, then return the items ID to the calling page). I can pass the callback in to the popup window, but when it navigates, I lose that callback...
Is there any way I can keep a pointer to a callback even when navigating to a new page in a popup window?
Open a frameset in the dialog, and in the frameset load the page in a frame.
When you navigate to the next page, it will be inside the frame, so the frameset stays the same and the returnVal is intact. You can access the return value using parent.returnVal from the frame.

window.opener is useless after a redirect in the popup window (JavaScript)

I'm building an app that involves authentication via third-party. To make the process not redirect the actual app I open a new window that then does the authentication and returns to main window after success.
This doesn't, however, go as well as planned. When the popup redirects to third-party and back, window.opener gets null. It's still possible to close the popup by window.close() but I also need to refresh the logged-in-area in the main window, like this:
window.opener.check_auth_status();
I really hope there is a way to fix this, e.g. binding a function to popup-close in the main window? Refreshing the whole page would be highly unnecessary.
One way is to set an interval to main window checking if the popup is closed, but this seems so fiddly.
You have a few options that may or may not work in the latest versions of the browsers due to security updates
1) check that the window is closed from the opener - not fiddly and actually the safest
2) give the opener a name
window.name="myMainWindow";
and in popup (script from SAME domain) - should normally not open a new window or change content
var handle = window.open("","myMainWindow");
handle.check_auth_status();
3) use an iFrame in the popup and when you want to access the opener, use top.opener

Categories

Resources