Newbie: I don't understand "function SymWinOpen(url, name, attributes)"

[Larry Woods]

I am finding the following code snippet in many pages that I examine. Can
anyone explain (1) what the significance of this code snippet is, and (2)
what development package generates it?


Snippet (and there is more...)

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
return (new Object());
}

window.open = SymWinOpen;

TIA,

Larry Woods

 

[William Morris]

What you're looking at, Larry, appears to be javascript, and the author is
taking the long way around to accomplish a very simple task. The code below
is - for all practical purposes - no different from

window.open(url, name, attributes)

My guess it is that it was written by a C++ programmer who felt the need to
obfuscate. Inline notes below.

- Wm


--
William Morris
Semster, Seamlyne reProductions
Visit our website, http://www.seamlyne.com, for the most comfortable
historically inspired clothing you can buy!

Snippet (and there is more...)

There almost always is.

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
return (new Object());
}

Ghosting an intrinsic function. Assuming that "url", "name" and
"attributes" are actual values and not just parameters as you've shown, it
would be possible then to issue the next call:

window.open = SymWinOpen;

and quickly get the same window and attribs over and over again.

 

[Larry Woods]

Thanks, William,

The "interesting" thing about this is that I have found this code in MANY
pages from various sites. It must be generated by some developement
package; e.g., Frontpage(?).

If I could bother you a little further, here is the code from the beginning
of the page, and also some code from the end of the page. Again, this seems
to be a "reoccuring theme" in many pages that I have seen.

--------------- At top of page ---------------

<script language="JavaScript">
<!--
function SymError()
{
return true;
}
window.onerror = SymError;
var SymRealWinOpen = window.open;
function SymWinOpen(url, name, attributes)
{
return (new Object());
}
window.open = SymWinOpen;
//-->
</script>

------------ At bottom of page ------------

<script language="JavaScript">
<!--
var SymRealOnLoad;
var SymRealOnUnload;
function SymOnUnload()
{
window.open = SymWinOpen;
if(SymRealOnUnload != null)
SymRealOnUnload();
}
function SymOnLoad()
{
if(SymRealOnLoad != null)
SymRealOnLoad();
window.open = SymRealWinOpen;
SymRealOnUnload = window.onunload;
window.onunload = SymOnUnload;
}
SymRealOnLoad = window.onload;
window.onload = SymOnLoad;
//-->
</script>

Thanks again,

Larry Woods

What you're looking at, Larry, appears to be javascript, and the author is
taking the long way around to accomplish a very simple task. The code below
is - for all practical purposes - no different from

window.open(url, name, attributes)

My guess it is that it was written by a C++ programmer who felt the need to
obfuscate. Inline notes below.

- Wm

------------ text removed ---------------

 

[Richard Cornford]

I am finding the following code snippet in many pages that I examine.
Can anyone explain (1) what the significance of this code snippet is,
and (2) what development package generates it?


Snippet (and there is more...)

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
return (new Object());
}

window.open = SymWinOpen;

It is code inserted by a content inserting/re-writing proxy (firewall or
some such) to achieve pop-up blocking. It will not appear on the
original HTML pages, instead it is being added at some stage in the
transmission of the HTML.

Richard.

 

[Reply Via Newsgroup]

I am finding the following code snippet in many pages that I examine. Can
anyone explain (1) what the significance of this code snippet is, and (2)
what development package generates it?


Snippet (and there is more...)

var SymRealWinOpen = window.open;

function SymWinOpen(url, name, attributes)
{
return (new Object());
}

window.open = SymWinOpen;

TIA,

Larry Woods

I can identify this - You are likely to have Norton Internet Security
installed, true?

It has an anti-popup feature implemented where it inserts code to screw
up/prevent window.open code from working - Older versions stopped
popupes, even one's that had been clicked on (unless you has authorised
the website) - Newer version of the software only limits popups that
would occur after a length of time, onChange or onLoad event.

Therefore, to summarise - the code is not put in by the webmasters of
the websites you've visiting - its been put in by some anti-virus
program you have running locally.

randelld

 

[Larry Woods]

Thanks, guys!

I think you nailed it. I DO have Norton, and I noticed that on another
computer that I have (without Norton) this code didn't exist. I thought
possibily it was the browser.

Larry Woods

 

[Larry Woods]

You nailed it. See my note to the other responder.

Thanks.

Larry Woods

 

[William Morris]

I learned something new. Thanks from me, too.

It is code inserted by a content inserting/re-writing proxy (firewall or
some such) to achieve pop-up blocking. It will not appear on the
original HTML pages, instead it is being added at some stage in the
transmission of the HTML.

Richard.

 

[Richard Cornford]

I learned something new.

These proxy programs are increasingly common, it appears to be a
standard facility on personal firewalls, for example. And people, seeing
a checkboxes labelled "Ad blocking", "Privacy", and the like, are
inclined to decide that they can do without Internet advertising,
pop-ups and so on, and activate (or leave defaulted) the options.
Instantly killing a fare number of optimistically authored javascripts.

It is an appreciation of how common these programs are, combined with
the other two methods of blocking pop-ups, that has lead me to generally
disparage the act of opening a new window with scripts on the Internet.
The consequent problems of inter-window communication, synchronisation
and maintaining references to opened windows across page transitions are
insignificant in comparison to the problem of determining whether the
window opened at all in the first place (and managing to do something
meaningful if it didn't). You would be hard pressed to locate a window
opening script that even considers the possibility of the failure of the
window.open call, let alone was interested in coping with it.

Which is why it is more interesting (and ultimately more productive) to
consider how tasks that have commonly been assigned to new window
instances can be achieved without the need for new windows.

Thanks from me, too.

<snip>

You are welcome, but you might care to familiarise yourself with this
group's FAQ and particularly the material on positing styles (and
explicitly, not top posting).

<URL: http://jibbering.com/faq/ >

Richard.

 

[heyin huang]

This article help me resolve the problem that the javascirpt snippet
causes many javascript error in IE 5.0. Norton Internet Security
generates the codes.

Thanks a lot.

 

[Oliver Clarke]

Hi All,

Sorry to butt in mid-thread, but this is exactly something I am having a
problem with on my own site at present.

It is code inserted by a content inserting/re-writing
proxy (firewall or some such) to achieve pop-up
blocking. It will not appear on the
original HTML pages, instead it is being added at some
stage in the transmission of the HTML.

I don't have Norton Personal Firewall installed, but I do run
Systemworks, Norton Antispam and Norton Antivirus. Is Norton AV
something which will insert this code as well as the Personal Firewall?
I do have a Firewall running in my wireless router, but disabling the
firewall there has no effect and this spurious code is still displayed
inserted on SOME on the pages of my site when I try to view them, in one
case completely replacing the entire code of the original page.

I can't see any option in Norton Antivirus whereby I can disable this
"feature", but maybe someone else knows of a workaround (Are there, for
example, any decent antivirus packages that don't do this?

Regards,
Oliver

 

[Richard Cornford]

Oliver Clarke wrote:

I don't have Norton Personal Firewall installed, but I do run
Systemworks, Norton Antispam and Norton Antivirus.

I would suspect Norton Antispam out of that collection, as unrequested
pop-ups are generally categorised along with spam.

Is Norton AV something which will insert this
code as well as the Personal Firewall?

That would depend a lot on how it worked, but acting as a content
inserting/re-writing proxy is not a requirement for an anti-virus
program. Though it might be thrown in as an extra.

I do have a Firewall running in my wireless router, but
disabling the firewall there has no effect and this spurious

A router firewall is a different kettle of fish entirely, it is almost
certainly not responsible for this.

code is
still displayed inserted on SOME on the pages of my site when I try
to view them, in one case completely replacing the entire code of the
original page.

<snip>

If it is only some of the pages there may be some pattern to it that
could be identified, allowing the provoking conditions to be avoided.
But replacing the entire source of a page certainly seems odd (unless it
is something like Add blocking based on element size and the page only
contains coincidentally sized elements).

There has recently been a whole spate of people posting problems caused
by pop-up blockers that they didn't even know that they were using. It
makes the argument that pop-ups are OK because you can tell the user to
disable their pop-up blockers in order to use a site somewhat hollow.

Richard.