All the browsing to this particular website should happen within the instance it was logged-in from. It should not allow side-by-side browsing if opened in a new tab or a new window. In other words if I am already browsing (and logged-in), and decide to open an new tab/window to browse the same site, my server should trap this, and report a friendly message.
Is this possible? Also I want to know about cross platform feasibility of this requirement.
We put in a real quick and dirty for this on an internal system when IE7 came out due to the changes in the way session carried across tab instances from IE6.
This was ASP and used a combination of Session and Javascript, but could easily be ported to ASP.NET. Worked for us without a problem until we replaced it with registry hacks to change IE TAB behaviour.
If this is for an open system it's probably no good unless you are happy to require JavaScript but guess it might help you in some way.
<script language="JavaScript">
<%if session("window") = "" Then%>
window.name = "LOCKwindow";
<%session("window") = "set"%>
<%else%>
if (window.name != 'LOCKwindow') {
document.write('<h1>Sorry just one tab allowed</h1>');
}
<%end if%>
</script>
Related
for reason I won't bore you with, I'm writing an asp.net application that must open some pages in new browser windows.
I managed to open them within a postback (don't ask why, I just needed to) with this code:
script = String.Format(#"window.open(""{0}"", ""{1}"");", url, target);
ScriptManager.RegisterStartupScript(page, typeof(Page), "Redirect", script, true);
Now I have new windows each one with a button that should close it. I have simply an onclick="window.close()" (but that prompts me when I'm closing the browser) or window.open('','_self','');window.close() (horrible, I agree but it's the only way I found to avoid the JS prompt)
On firefox it works perfectly but on IE7 (the browser our customers have) after 2-3 times I use that button to close the window I can't open other windows (in both cases, with or without the JS prompt). With the method above it does nothing, and with a click me a new window is opened but hangs on loading (it doesn't even calls the Page_Load).
What could be the cause? How can I solve this?
Thank you.
EDIT:
I forgot to mention that I'm using MS Ajax in most of the pages, and that may be the reason that forces me to use window.open('','_self',''); before window.close()
I don't know if this could cause also the hanging of IE
EDIT: Ignore that, it does still prompt the user - sorry!
For your first issue about closing the window, have you tried:
self.close();
Not too sure about the hanging issue though, I use window.open() and have never experienced issues in IE7.
I finally came to a solution:
on the attribute assignment there was a return false; missing.
Now it works perfectly with "window.open('','_self','');window.close();return false;".
I have written a ASP.NET program for a customer, I want to add a message similar to "Preview version, ABD Consulting" on the master.master page, I had thought to use Response.write but it messes up the look of the page as it seems to move page elemets. If I use a label the customer can remove it from the Master.master file, any suggestions? The customer is in a different country so I want to ensure I'm paid.
Many thanks
Serve it on your own server. If it's a preview, they shouldn't have access to the code anyway.
There is nothing you can do unless you host it or control the web server it runs on. Nothing you do in code will matter if they are smart enough. They can write their on HTTP Handlers and replace anything they want.
If you programmatically write out the label during the OnPrerender or Render of the page then the client will not be able to remove it. If you then randomize the ID given to the element, they will find it incredibly hard to apply any javascript functions or CSS styles to it, especially if you directly add the styles to it.
Something like this (pseudo code):
HtmlGenericControl label = new HtmlGenericControl("div");
label.ID = Guid.NewGuid().ToString();
label.InnerText = "My copyright or ownership text";
label.Style.Add(HtmlTextWriterStyle.Height, "50px");
label.Style.Add(HtmlTextWriterStyle.Width, "100px");
if you then absolutely position it, it should always show up. Note that it isn't totally untouchable and fool proof, but you want to just make it hard enough that the client doesn't try to remove it.
Obfuscate it in a dll and use the Current Context to write a pretty div like the one that StackOverflow.com uses on top.
I'm with George and Rick - don't let them have the source and serve it up from a server you control. In addition, I'd created a background image that says "Demo". This will remind that they need to pay up.
How can I open my Default.aspx page without Addressbar, Menubar & Statusbar?
Remember it's the user with an already-opened web browser that chooses to visit your website, effectively Default.aspx page, whether or not the browser is launched by you or a program while testing your website. So a bit of client-side/JavaScript "magic" is needed to modify or fake the desired result based on an already existing browser window...
Using JavaScript, you can launch a new window with those features turned off, and close the old window. For example, IE's window.open(..) args are specified here.
It provides an example
varCustomFeatures = 'titlebar=no, status=no,menubar=no,resizable=yes, scrollbars=no,toolbar=no,location=no,directories=no,left=0,top=0,height=';
window.open(windowURL, '_blank' , varCustomFeatures,true);
Details may vary between browser in which case you will likely need to employ browser detection.
You can't.
However, you can create a popup windows without the bars in Javascript using open method, like this:
open("MyPage.aspx", "MyWindow", "toolbar=no,status=no,menubar=no");
I am writing an intranet application and am considering the use of a pop up window. I am not worried about accessibility since it's an intranet app.
The scenario is such as I need to be able to have the same code be used in a server page as well as in the middle of a process; which is why I decided when using it in the middle of the process, it's best to have it as a pop up window to running out of the real estate on the screen.
Any thoughts on this? I am hesitant to use a pop up window in such a manner as I usually only use it for error messages.
I don't completely understand what you're trying to do, but I think a popup window might be somewhat of an issue if the user's browser automatically blocks popup windows. Plus, if you were trying to run a process in the popup window, the user could close it and no longer have a way to check on the process.
Would it be possible to use Ajax to call back to a web service that gives the page information about the process? You could give the user a way to make the Ajax call to check on the status of the process or just have it continually polling in the background.
Edit:
You said you weren't too familiar with Ajax. For the most part, there are libraries to handle all the of hard details. I'll recommend jQuery because that's what I've been using for a while now.
If you go the Ajax route you'll be able to contain everything on one page and make the updates you need to make when the Ajax call is successful. Depending on how you write the code, it should be pretty reusable if you do it right. It really depends on how specific the your needs on each page.
Take a look at the jQuery documentation though. It may have what you need already built into it. Otherwise, someone else might be able to suggest some reasons why their favorite JavaScript library works better for what you're trying to do.
I think you might want to do something like this:
Inside of the parent page:
<input id="btnShowModal" runat="server" type="button" value='Show Modal' onclick="ShowModal()" />
function ShowModal()
{
var retVal = window.showModalDialog("MyPopup.aspx?param1=value","","center=yes;dialogWidth=200px;dialogHeight=200px;status:0;help:0")
if(retVal != "" && retVal != undefined)
{
//This code will be executed when the modal popup is closed, retVal will contain the value assigned to window.returnValue
}
}
Inside of the modal popup:
<input id="btnSave" runat="server" type="button" value='Save' onclick="Save()" />
function Save()
{
window.returnValue = "Whatever you want returned to the parent here"
window.close()
}
The usual argument against popup windows is that they are unreliable. The user may have disabled script initiated popups, I know I have.
In a controlled environment, such as an inranet, you may be able to be guaranteed that this is not the case, but even so, why risk it, there is an alternative.
Instead of popping up a new window just insert a new, absolutely positioned <div> into the document and insert your content into that using ajax or even an <iframe>. There are lots of examples/libraries on the web.
Thickbox for jQuery for example. There are of course scripts that don't require libraries.
I generally use a div with a z-index and absolute positioning; the .show() can be written and called on demand, it would have a button to .close(), and AJAX can make it seem modal so it must be clicked to close if you so desire. Then again, I hate messageboxes.
I was trying to avoid AJAX, simply because I have never used and don't have the time frame to learn it now. However, I am not totally opposed to it.
In short what I need to do is for the pop up window interact back with the page. Imagine that on the page I am building the links of the chain. Each link has unique properties. When user clicks on "ADD LINK" button, I was thinking have a pop up window with the little form and a Save button. The only issue with this is that a pop up needs to interact with the page; we need to know when something has been saved or not saved.
A div on the same page is one way. A pop up is yet another way. Another catch is that this code (adding new link) needs to be reusable, because I am also going to have a page that just creates new links.
I have built a basic data entry application allowing users to browse external content in iframe and enter data quickly from the same page. One of the data variables is the URL.
Ideally I would like to be able to load the iframes current url into a textbox with javascript. I realize now that this is not going to happen due to security issues.
Has anyone done anything on the server side? or know of any .Net browser in browser controls. The ultimate goal is to just give the user an easy method of extracting the url of the page they are viewing in the iframe It doesn't necessarily HAVE to be an iframe, a browser in the browser would be ideal.
Thanks,
Adam
I did some tests in Firefox 3 comparing the value of .src and .documentWindow.location.href in an iframe. (Note: The documentWindow is called contentDocument in Chrome, so instead of .documentWindow.location.href in Chrome it will be .contentDocument.location.href.)
src is always the last URL that was loaded in the iframe without user interaction. I.e., it contains the first value for the URL, or the last value you set up with Javascript from the containing window doing:
document.getElementById("myiframe").src = 'http://www.google.com/';
If the user navigates inside the iframe, you can't anymore access the value of the URL using src. In the previous example, if the user goes away from www.google.com and you do:
alert(document.getElementById("myiframe").src);
You will still get "http://www.google.com".
documentWindow.location.href is only available if the iframe contains a page in the same domain as the containing window, but if it's available it always contains the right value for the URL, even if the user navigates in the iframe.
If you try to access documentWindow.location.href (or anything under documentWindow) and the iframe is in a page that doesn't belong to the domain of the containing window, it will raise an exception:
document.getElementById("myiframe").src = 'http://www.google.com/';
alert(document.getElementById("myiframe").documentWindow.location.href);
Error: Permission denied to get property Location.href
I have not tested any other browser.
Hope it helps!
document.getElementById('iframeID').contentWindow.location.href
You can't access cross-domain iframe location at all.
I use this.
var iframe = parent.document.getElementById("theiframe");
var innerDoc = iframe.contentDocument || iframe.contentWindow.document;
var currentFrame = innerDoc.location.href;
HTA works like a normal windows application.
You write HTML code, and save it as an .hta file.
However, there are, at least, one drawback: The browser can't open an .hta file; it's handled as a normal .exe program. So, if you place a link to an .hta onto your web page, it will open a download dialog, asking of you want to open or save the HTA file. If its not a problem for you, you can click "Open" and it will open a new window (that have no toolbars, so no Back button, neither address bar, neither menubar).
I needed to do something very similar to what you want, but instead of iframes, I used a real frameset.
The main page need to be a .hta file; the other should be a normal .htm page (or .php or whatever).
Here's an example of a HTA page with 2 frames, where the top one have a button and a text field, that contains the second frame URL; the button updates the field:
frameset.hta
<html>
<head>
<title>HTA Example</title>
<HTA:APPLICATION id="frames" border="thin" caption="yes" icon="http://www.google.com/favicon.ico" showintaskbar="yes" singleinstance="no" sysmenu="yes" navigable="yes" contextmenu="no" innerborder="no" scroll="auto" scrollflat="yes" selection="yes" windowstate="normal"></HTA:APPLICATION>
</head>
<frameset rows="60px, *">
<frame src="topo.htm" name="topo" id="topo" application="yes" />
<frame src="http://www.google.com" name="conteudo" id="conteudo" application="yes" />
</frameset>
</html>
There's an HTA:APPLICATION tag that sets some properties to the file; it's good to have, but it isn't a must.
You NEED to place an application="yes" at the frames' tags. It says they belongs to the program too and should have access to all data (if you don't, the frames will still show the error you had before).
topo.htm
<html>
<head>
<title>Topo</title>
<script type="text/javascript">
function copia_url() {
campo.value = parent.conteudo.location;
}
</script>
</head>
<body style="background: lightBlue;" onload="copia_url()">
<input type="button" value="Copiar URL" onclick="copia_url()" />
<input type="text" size="120" id="campo" />
</body>
</html>
You should notice that I didn't used any getElement function to fetch the field; on HTA file, all elements that have an ID becomes instantly an object
I hope this help you, and others that get to this question. It solved my problem, that looks like to be the same as you have.
You can found more information here: http://www.irt.org/articles/js191/index.htm
Enjoy =]
I like your server side idea, even if my proposed implementation of it sounds a little bit ghetto.
You could set the .innerHTML of the iframe to the HTML contents you grab server side. Depending on how you grab this, you will have to pay attention to relative versus absolute paths.
Plus, depending on how the page you are grabbing interacts with other pages, this could totally not work (cookies being set for the page you are grabbing won't work across domains, maybe state is being tracked in Javascript... Lots of reasons this might not work.)
I don't believe that tracking the current state of the page you are trying to mirror is theoretically possible, but I'm not sure. The site could track all sorts of things server side, you won't have access to this state. Imagine the case where on a page load a variable is set to a random value server-side, how would you capture this state?
Do these ideas help with anything?
-Brian J. Stinar-
Does this help?
http://www.quirksmode.org/js/iframe.html
I only tested this in firefox, but if you have something like this:
<iframe name='myframe' id='myframe' src='http://www.google.com'></iframe>
You can get its address by using:
document.getElementById('myframe').src
Not sure if I understood your question correctly but anyways :)
You can use Ra-Ajax and have an iframe wrapped inside e.g. a Window control. Though in general terms I don't encourage people to use iframes (for anything)
Another alternative is to load the HTML on the server and send it directly into the Window as the content of a Label or something. Check out how this Ajax RSS parser is loading the RSS items in the source which can be downloaded here (Open Source - LGPL)
(Disclaimer; I work with Ra-Ajax...)
Ok, so in this application, there is an iframe in which the user is supplied with links or some capacity that allows that iframe to browse to some external site. You are then looking to capture the URL to which the user has browsed.
Something to keep in mind. Since the URL is to an external source, you will be limited in how much you can interact with this iframe via javascript (or an client side access for that matter), this is known as browser cross-domain security, as apparently you have discovered. There are clever work arounds, as presented here Cross-domain, cross-frame Javascript, although I do not think this work around applies in this case.
About all you can access is the location, as you need.
I would suggest making the code presented more resilitant and less error prone. Try browsing the web sometime with IE or FF configured to show javascript errors. You will be surprised just how many javascript errors are thrown, largely because there is a lot of error prone javascript out there, which just continues to proliferate.
This solution assumes that the iframe in question is the same "window" context where you are running the javascript. (Meaning, it is not embedded within another frame or iframe, in which case, the javascript code gets more involved, and you likely need to recursively search through the window hierarchy.)
<iframe name='frmExternal' id='frmExternal' src='http://www.stackoverflow.com'></frame>
<input type='text' id='txtUrl' />
<input type='button' id='btnGetUrl' value='Get URL' onclick='GetIFrameUrl();' />
<script language='javascript' type='text/javascript'>
function GetIFrameUrl()
{
if (!document.getElementById)
{
return;
}
var frm = document.getElementById("frmExternal");
var txt = document.getElementById("txtUrl");
if (frm == null || txt == null)
{
// not great user feedback but slightly better than obnoxious script errors
alert("There was a problem with this page, please refresh.");
return;
}
txt.value = frm.src;
}
</script>
Hope this helps.
You can access the src property of the iframe but that will only give you the initially loaded URL. If the user is navigating around in the iframe via you'll need to use an HTA to solve the security problem.
http://msdn.microsoft.com/en-us/library/ms536474(VS.85).aspx
Check out the link, using an HTA and setting the "application" property of an iframe will allow you to access the document.href property and parse out all of the information you want, including DOM elements and their values if you so choose.