Javscript to hide status bar

Re: Javscript to hide status bar

Pandora Law wrote:
<snip>[color=blue]
> is there any easy way I can bring back the address bar and
> status bar. I can hit F-11, which shows some of this info,...[/color]
<snip>

Try:- Ctrl N

- for a new window showing the same URL as the original, but with normal
default chrome.

Richard.

Re: Javscript to hide status bar

Richard Cornford wrote:[color=blue]
> Pandora Law wrote:
> <snip>[color=green]
>> is there any easy way I can bring back the address bar and
>> status bar. I can hit F-11, which shows some of this info,...[/color]
> <snip>
>
> Try:- Ctrl N
>
> - for a new window showing the same URL as the original,
> but with normal default chrome.[/color]

I have just noticed the end of your post where you mention your desire
to do this while accessing your bank account details so I should include
a word of warning. There are an unfortunate number of web application
developers who have no appreciation of the capabilities of web browsers
or the true nature of HTTP. They apply a desktop application mentality
that isn't appropriate to HTTP applications. They end up writeing
applications that cannot cope with multiple browser windows interacting
with the same user session, cannot cope with page refreshes, or the use
of the back/forward buttons, and so on.

And when they realise that their applications behave somewhere between
badly and catastrophicall y in the face of these types of actions on the
part of the user, instead of re-doing the server side code in the way it
should have been done in the first place, they look around for
client-side hacks that they can use to mitigate the problem.

Often they come here looking for those hacks, and we tell them that
anything done with javascript is futile to exactly the degree that
preventing any particular user action is important. Because ultimately
the user is in a position to override anything they attempt on the
client so whatever the server-side problem the client-side hack was
supposed to prevent, it will eventually happen anyway.

Opening windows without the toolbar is one such hack. It can be
motivated by a desire to prevent the user form having access to the
refresh and back/forward/history controls. It is a naive action that
fails to recognise that there are many ways to perform such actions in a
web browser and they cannot all be effectively prevented (as Ctrl N in
IE browsers demonstrates).

If you where doing this on some random shopping site then it wouldn't
necessarily matter to you much if your actions crashed the server or
corrupted the database, ultimately it would be the web site's problem,
and serve them right for not designing a back-end robust enough for use
over HTTP with a web browser client. But when it is your bank, in the
process of handling your money form your account, accidentally
stuffing-up their server might have directly negative repercussions.

Richard.

Re: Javscript to hide status bar

Many thanks for the information. Even more so for the detail. Hiding the
address seems mildly silly to me. Hiding whether the SSL is engaged or not
is downright idiotic. The website in question is Unicredit on a com.au
domain. Even the pop-up login window doesn't show the encryption status,
although the title bar *briefly* flashes https. The truly amazing thing
about the site is that it displays the Australian Best Practice logo. Sadly,
if you check out what's required to display the logo, it isn't very much at
all.

Thanks alot for the help again ... and I'm pleased to report that the ctrl-n
works. Just leave the original window alone after that.

PL.



"Richard Cornford" <Richard@litote s.demon.co.uk> wrote in message
news:cevp17$lsq $1$8302bc10@new s.demon.co.uk.. .[color=blue]
> Richard Cornford wrote:[color=green]
> > Pandora Law wrote:
> > <snip>[color=darkred]
> >> is there any easy way I can bring back the address bar and
> >> status bar. I can hit F-11, which shows some of this info,...[/color]
> > <snip>
> >
> > Try:- Ctrl N
> >
> > - for a new window showing the same URL as the original,
> > but with normal default chrome.[/color]
>
> I have just noticed the end of your post where you mention your desire
> to do this while accessing your bank account details so I should include
> a word of warning. There are an unfortunate number of web application
> developers who have no appreciation of the capabilities of web browsers
> or the true nature of HTTP. They apply a desktop application mentality
> that isn't appropriate to HTTP applications. They end up writeing
> applications that cannot cope with multiple browser windows interacting
> with the same user session, cannot cope with page refreshes, or the use
> of the back/forward buttons, and so on.
>
> And when they realise that their applications behave somewhere between
> badly and catastrophicall y in the face of these types of actions on the
> part of the user, instead of re-doing the server side code in the way it
> should have been done in the first place, they look around for
> client-side hacks that they can use to mitigate the problem.
>
> Often they come here looking for those hacks, and we tell them that
> anything done with javascript is futile to exactly the degree that
> preventing any particular user action is important. Because ultimately
> the user is in a position to override anything they attempt on the
> client so whatever the server-side problem the client-side hack was
> supposed to prevent, it will eventually happen anyway.
>
> Opening windows without the toolbar is one such hack. It can be
> motivated by a desire to prevent the user form having access to the
> refresh and back/forward/history controls. It is a naive action that
> fails to recognise that there are many ways to perform such actions in a
> web browser and they cannot all be effectively prevented (as Ctrl N in
> IE browsers demonstrates).
>
> If you where doing this on some random shopping site then it wouldn't
> necessarily matter to you much if your actions crashed the server or
> corrupted the database, ultimately it would be the web site's problem,
> and serve them right for not designing a back-end robust enough for use
> over HTTP with a web browser client. But when it is your bank, in the
> process of handling your money form your account, accidentally
> stuffing-up their server might have directly negative repercussions.
>
> Richard.
>
>[/color]