通过 JavaScript 打开新窗口时,浏览器会忽略窗口参数吗?
我正在通过 javascript 打开一个弹出窗口。我正在尝试设置一些显示参数 - 特别是我们想隐藏位置和状态栏,但我测试过的每个浏览器,位置和状态栏仍然显示。
我的代码如下所示:
newwindow=window.open(url,'name','height=250,width=290,left=200,top=200,location=no,resizable=yes,scrollbars=yes,toolbar=no,status=no');
有什么想法吗?客户端坚持使用弹出窗口,而不是悬停工具提示。
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
出于安全原因,浏览器已停止监听某些参数。例如,FF3+ 和 IE6 / 7+ 强制设置位置栏,以防止诈骗者冒充其他网站。
相关:Internet Explorer 7 安全状态栏
如果您需要更多的自由,并且碰巧对用户的计算机有一定的控制权(例如在封闭的内部网中),可以使用诸如Mozilla Prism 允许网站看起来更像桌面应用程序。但这些都是高度专业化的解决方案,不适合普通网站。
The browsers have stopped listening to some of the parameters for security reasons. For example, FF3+ and IE6 / 7+ force a location bar to prevent scammers pretending to be a site they're not.
Related: The Internet Explorer 7 Security Status Bar
If you need more freedom, and happen to have some control over the user's computer (e.g. in a closed intranet), there are solutions like Mozilla Prism that allow a web site to appear rather like a desktop application. But those are highly specialized solutions unsuitable for normal web sites.
是的,某些参数被禁用。原因是应该不可能打开一个伪装成其他东西的窗口。
确切的规则取决于浏览器、页面范围(内联网/公共)和用户设置。大多数浏览器不会删除地址栏,以便您始终可以看到页面来自哪里。
例如,您可以在此处阅读有关 Internet 限制的信息资源管理器。
一些引言:
以及:
这是关于 IE 6 的,因为它是在那个时候引入的。IE 7 中还有一些进一步的变化,但这主要与导航的变化有关,使
open< 的一些参数/code> 命令的工作方式不同或已过时。Yes, some parameters are disabled. The reason is that it should not be possible to open a window that pretends to be something else.
The exact rules depends on the browser, the scope of the page (intranet/public), and the user settings. Most browsers won't remove the address bar, so that you can always see where the page is coming from.
You can for example read here about the restrictions in Internet Explorer.
Some quotes:
and:
This is about IE 6, as that's when this was introduced. There were some furhter changes in IE 7, but that mostly has to do with how the navigation changed, making some parameters of the
opencommand work differently or being obsolete.由于安全模型的变化,不可能再有完全无镶边的弹出窗口,并且剥离所有镶边的尝试将被忽略。您是否考虑过使用 JQuery 创建一个外观像窗口的伪弹出窗口,为其提供拖动处理程序和关闭按钮?您可以优雅地降级为标准弹出窗口。
http://jqueryui.com/demos/draggable/
Due to changes in security models, it's not possible to have a totally chromeless popup window any more and attempts to strip all the chrome off will simply be ignored. Have you considered using JQuery to create a pseudo-popup that is skinned to look like a window, give it drag handlers and a dismiss button? you could gracefully degrade to a standard pop-up.
http://jqueryui.com/demos/draggable/
大多数浏览器默认显示位置栏和状态栏,并且也无法覆盖
window.status。这样做是为了安全(防止网络钓鱼)。Most browsers displays the location bar and status bar by default, and make it also impossible to override
window.status. This is done for safety (to guard against phishing).有关用户如何更改允许 Javascript 将状态和/或地址设置为隐藏或可见的设置的一些更具体的信息:
从 IE 安全选项卡的“自定义级别”对话框 - 向下滚动到:
“允许网站打开没有地址或状态栏的窗口”
根据这些是否设置为“禁用”或“启用” - 您将看到应用程序的不同行为。
据我所知,这适用于 IE7、IE8 和 IE9
Some more specific information on how a user can change the setting that allows the status and/or address to be set by Javascript to hidden or visible:
From the 'custom level' dialog from the IE security tab - scroll down to:
"Allow websites to open windows without address or status bars"
Depending on if these is set to Disable or Enable - you will see different behavior from your application.
To my knowledge this applies to IE7, IE8, and IE9