My popup window's pg co-opted by another site--help.

[Thad]

Any javascript I could try on this? I've got a popup window on my site
with the browser chrome removed. Another site's gone ahead and done a
popup to my same .html page. The visitor to that site doesn't realize
it unless he looks at the opener page's source code.

I'm wondering if there's a javascript solution for this? I've tried
using the window.opener.location.replace with the href being my
absolute URL, and triggered by an onUnload command in the BODY tag.
This didn't work.

What I was getting at was having my page load in place of the ripoff
site in the parent window.

In the past when when other sites tried to bring my pages into their
frames, I could various frame-buster coding. But this time, frames
aren't involved.

Are there javascript workarounds here? Any insight appreciated!

 

[Randy Webb]

Any javascript I could try on this? I've got a popup window on my site
with the browser chrome removed. Another site's gone ahead and done a
popup to my same .html page. The visitor to that site doesn't realize
it unless he looks at the opener page's source code.

I'm wondering if there's a javascript solution for this? I've tried
using the window.opener.location.replace with the href being my
absolute URL, and triggered by an onUnload command in the BODY tag.
This didn't work.

What I was getting at was having my page load in place of the ripoff
site in the parent window.

In the past when when other sites tried to bring my pages into their
frames, I could various frame-buster coding. But this time, frames
aren't involved.

Are there javascript workarounds here? Any insight appreciated!

document.referrer might help. It gives you the address of the page that
initiated opening the page.

 

[Richard]

Any javascript I could try on this? I've got a popup window on my site
with the browser chrome removed. Another site's gone ahead and done a
popup to my same .html page. The visitor to that site doesn't realize
it unless he looks at the opener page's source code.

I'm wondering if there's a javascript solution for this? I've tried
using the window.opener.location.replace with the href being my
absolute URL, and triggered by an onUnload command in the BODY tag.
This didn't work.

What I was getting at was having my page load in place of the ripoff
site in the parent window.

In the past when when other sites tried to bring my pages into their
frames, I could various frame-buster coding. But this time, frames
aren't involved.

Are there javascript workarounds here? Any insight appreciated!

if (self != top) {top.location.href = self.location.href}

I used this little trick on a jerk who was mirrioring my site on his.
I sent his visitors to whitehousesex.com.
What I had thought about doing, was to have 50 new windows popup any time
someone visited his site.
If you did that with those jerks, you can bet somebody will bitch and
complain about all those damn popups and get your damn site fixed.

 

[Randy Webb]

if (self != top) {top.location.href = self.location.href}

That does absolutely *nothing* for the OP's problem. To quote it "frames
aren't involved".

 

[Richard Cornford]

That does absolutely *nothing* for the OP's problem. To
quote it "frames aren't involved".

At first impression it is difficult to see how any response to the OP
that consist of one line of such simple code could be so far of the mark
as to have no relationship to the stated problem at all. However, it
becomes less surprising when consider that this code was posted by the
infamous Richard Bullis. An individual with a seemingly well deserved
repartition for spectacular personal stupidity. For example, in response
to a question recently asked on alt.html he posted this jaw-dropping
construct:-

<quote MessageId="(e-mail address removed)" Date="2005-01-15">

<script type="text/css>

body { onclick="#">

</script>

</quote>

It is difficult to tell which web technology this nonsense was intended
to represent. That probably isn't important, as the act of posting it
demonstrates zero understanding of HTML and CSS, let alone javascript.

It has been suggested that from a position of sufficient ignorance any
technology can resemble magic, and this may be the attitude behind many
of Richard Bullis' posts to web development groups. The line of code he
suggested is a mystical incantation that has proved effective under some
circumstances so it strikes him as reasonable to suggest that it should
be recited in response to a question that has superficial similarities.
That code posted to alt.html is an attempt to derive some sort of
incantation from other code, but unmediated by anything resembling
understanding, and ultimately a virtually random amalgam of technologies
that was doomed to futility from the outset.

Most people know enough to know when they don't understand a subject,
and react by not even attempting to give advice on that subject. Richard
Bullis seems to lack that facility. A real fool has no defence against
looking foolish.

Richard.

 

[Thad]

As the OP here, thank you Richard, for pointing out that I had said I
wasn't using frames here. The frame-buster code suggested by the other
poster wouldn't work in this situation.

For those who might someday have this problem or are curious, I did
come up with one approach that did work. Unfortunately, there's still
one hitch that I'd like to find a workaround for, if anyone knows one!

I used the following code in the header, putting in a URL to my site
where you see "*ABSOLUTE URL HERE*".

<SCRIPT language="JavaScript">
<!--
function reassert()
{
var originalLocation = window.opener.location;
window.opener.location.href = "*ABSOLUTE URL HERE*";
}
//-->
</SCRIPT>
</HEAD>

Then, I used on onUnload command in the BODY tag to trigger this.

<BODY bgcolor="#000000" text="#CCCCCC" leftmargin="0" topmargin="0"
marginwidth="0" marginheight="0" onunload="reassert();">

This did work at least with MSIE 6 and Firefox.

Meaning that when my chromeless popup page is called up by the stealing
site's page using popup code, their main page will switch to the page I
specify in the *ABSOLUTE URL HERE* code as soon as the popup closes.

I was thrilled to see this. However, this screws things up a little for
visitors on my site who view the popup. You see my popup page is
called from three different pages on my site. So this means that in two
cases, as soon as someone's viewed the popup and closes it, the page
changes on them from the one they had been viewing. Not desirable.

Without nailing down an absolute URL, the "opener" location risks being
the stealing site, from what I could tell.

I know there's gotta be a way around this. Any ideas out there?


Thad

 

[Oscar Monteiro]

As the OP here, thank you Richard, for pointing out that I had said I
wasn't using frames here. The frame-buster code suggested by the other
poster wouldn't work in this situation.

For those who might someday have this problem or are curious, I did
come up with one approach that did work. Unfortunately, there's still
one hitch that I'd like to find a workaround for, if anyone knows one!

I used the following code in the header, putting in a URL to my site
where you see "*ABSOLUTE URL HERE*".

<SCRIPT language="JavaScript">
<!--
function reassert()
{
var originalLocation = window.opener.location;
window.opener.location.href = "*ABSOLUTE URL HERE*";
}
//-->
</SCRIPT>
</HEAD>

Then, I used on onUnload command in the BODY tag to trigger this.

<BODY bgcolor="#000000" text="#CCCCCC" leftmargin="0" topmargin="0"
marginwidth="0" marginheight="0" onunload="reassert();">

This did work at least with MSIE 6 and Firefox.

Meaning that when my chromeless popup page is called up by the stealing
site's page using popup code, their main page will switch to the page I
specify in the *ABSOLUTE URL HERE* code as soon as the popup closes.

I was thrilled to see this. However, this screws things up a little for
visitors on my site who view the popup. You see my popup page is
called from three different pages on my site. So this means that in two
cases, as soon as someone's viewed the popup and closes it, the page
changes on them from the one they had been viewing. Not desirable.

Without nailing down an absolute URL, the "opener" location risks being
the stealing site, from what I could tell.

I know there's gotta be a way around this. Any ideas out there?


Thad

As Randy Said if you know where the stealing site is located at you could do
a little javascript with a simple redirecction to other site.
Example.
<script type="text/javascript">
function redirect()
{if (window.referrer="Agressor site")window.location="Agressor site"}
</script>
<body onload=redirect()>

but if you do not know were the site is located as it seems to be the case
you could use the same function in PHP and save it to a file so you could
know where all the visitors to you´re site came from.
Normally the most site reffered would be the agressor site
but even that could not be 100% true.

Hope that helped.

 

[McKirahan]

As Randy Said if you know where the stealing site is located at you could do
a little javascript with a simple redirecction to other site.
Example.
<script type="text/javascript">
function redirect()
{if (window.referrer="Agressor site")window.location="Agressor site"}
</script>
<body onload=redirect()>

but if you do not know were the site is located as it seems to be the case
you could use the same function in PHP and save it to a file so you could
know where all the visitors to you´re site came from.
Normally the most site reffered would be the agressor site
but even that could not be 100% true.

Hope that helped.

"window.referrer" ?

This doesn't work for me:

<script type="text/javascript">
alert(window.referrer);
</script>

 

[RobB]

McKirahan wrote:

(snip)

"window.referrer" ?

This doesn't work for me:

<script type="text/javascript">
alert(window.referrer);
</script>

That's because you forgot to create it first:

 

[John Doe]

I used the following code in the header, putting in a URL to my site// ADD THIS CODE
var actualLocation = originalLocation.href;
if (actualLocation.search(^/http:\/\/www.mydomain.com/) == -1)
{// AND THIS CODE IF DESIRED
} else {
// I am on my site so I don't need to mess with the URL
}

This seems to work for me to hijack the hijacker without disrupting
normal site flow.

 

[Oscar Monteiro]

"window.referrer" ?

This doesn't work for me:

<script type="text/javascript">
alert(window.referrer);
</script>

yes , true. the function is not window referrer but document.referrer as it
referrers to a previous document. my mistake sorry.