target="_top" in redirect

Re: target="_t op" in redirect

socialism001@ya hoo.com wrote:
[color=blue]
> I have the following code in my cgi script. How would I use
> target="_top" in the code below so that it would prevent my page from
> opening in a frame.
>
> Thanks,
> Chris
>
> *************** ******
> my $url_1 =
> 'http://www.company.com/cgi-bin/company.cgi/_address?for_sa le=&_act=query& _dbf=retailol.d bf&_tar=_ret_m& ';
> my $query1 = $query->query_string ;
> my $query2 = join('',$url_1, $query1);
>
> my $query3 = length($query2) ;
> my $query4 = substr($query2, 0,450);
> print $query->redirect($quer y4);
> *************** ******
>[/color]

ummm, WTF does this have to do with Javascript?

--
Randy
comp.lang.javas cript FAQ - http://jibbering.com/faq
Answer:It destroys the order of the conversation
Question: Why?
Answer: Top-Posting.
Question: Whats the most annoying thing on Usenet?

Re: target="_t op" in redirect

In article <1105919716.305 401.178840@z14g 2000cwz.googleg roups.com>,
socialism001@ya hoo.com wrote:
[color=blue]
> I have the following code in my cgi script. How would I use
> target="_top" in the code below so that it would prevent my page from
> opening in a frame.[/color]

There is code to prevent a page from opening in a frame. I do not know
about _top.

I have seen but not tried:

if (self != top) {top.location.h ref = self.location.h ref}

Robert

Re: target=&quot;_t op&quot; in redirect

Thanks Robert. Put the code in my script and it works great.

Chris

Re: target=&quot;_t op&quot; in redirect

Robert wrote:
<snip>[color=blue]
> There is code to prevent a page from opening in a frame.
> I do not know about _top.
>
> I have seen but not tried:
>
> if (self != top) {top.location.h ref = self.location.h ref}[/color]

In cases where there is a desire to break out of a frame it is almost
certain that the frameset originates in a different domain than the
contents of the frame. As a result cross-domain security restrictions
will apply to any code attempting to break out of a frameset, applying
to the tests made and then to the action carried out in response.

Comparing - self - or - window - with top - should be safe, there are no
securi9ty concerns in that action, and they are both properties of the
global object of the executing script. However, there are security
concerns relating to the reading of the URL of a page originating in
another domain. Security restrictions can be expected to apply to
reading any properties of a - top - frame that originates on another
domain, and the - location - object can be expected to be expected to be
subject to those restrictions above other objects. The mere act of
reading top.location could be restricted, particularly as that object
traditionally type-converts to a string that represents the page's URL.
And you cannot assign to - top.location.hr ef - without effectively
reading - top.location - in the process, and so risking a security
exception at that point.

Of course browser security restrictions vary considerably, but I don't
think this formulation can be expected to work successfully in a
reasonable range of browsers. And there is no need to risk the problem
as assigning a URL string directly to - top.location - has the desired
effect without any need to read the value of the object.

Richard.