Sooner, or later, as we start learning and using JavaScript, we will all have questions we want answered. One author, Danny Goodman, has compiled a list of typical questions people ask when starting out with JavaScript.This Mini-FAQ is posted periodically to the comp.lang.javascript newsgroup. It covers the language through JavaScript 1.2, the version deployed in Netscape Communicator 4.0x, plus some compatibility items with Microsoft Internet Explorer 3.0x. The focus here is on client-side JavaScript.
Current JavaScript docs (for Netscape) are available at:
•
http://home.netscape.com/eng/mozilla/3.0/handbook/javascript/index.htmlA zipped set of Netscape's HTML documents is available at:
•
http://developer.netscape.com/library/documentation/jshtm.zipNew JavaScript features in Netscape Communicator can be found at:
•
http:developer.netscape.com/library/documentation/communicator/jsguide/js1_2.htm Where is the official bug list for JavaScript?
Netscape has collected and published a list of bugs for Navigator 3.0x and Communicator. While not necessarily 100% complete, it is quite extensive:
•
http://developer.netscape.com/ Can JavaScript do any of the following?
- read or write random text files on the local disk or on the server?
- invoke automatic printing of the current document?
- control browser e-mail, news reader, or bookmark windows and menus?
- access or modify browser preferences settings?
- capture a visitor's e-mail address or IP address?
- quietly send me an e-mail when a visitor loads my page?
- launch client processes (e.g.,Unix sendmail,Win apps,Mac scripts)?
- capture individual keystrokes?
- change a document's background .gif after the page has loaded?
- change the current browser window size, location, or options?
- get rid of that dumb "JavaScript Alert:" line in alert dialogs?
No, however many of these items are possible in
Communicator 4.0. Those items perceived to be security risks (e.g., access browser settings) require "signed JavaScript". MSIE JScript version 2 (see below) can read/write local files via ActiveX--but only from server-side scripting.
Why won't my script work under MS Internet Explorer 3 for the Mac? JScript is available on the Macintosh starting with 3.0.1 (which is different from the Windows 3.01). I am still evaluating the Mac implementation, whose object model and other support for JavaScript does not necessarily jive with the Windows version (e.g., the Mac version supports the Image object for mouse rollovers). MSIE 3.0.1 runs on Mac 68K and PPC.
Why won't my Navigator 3.0x script run under MSIE 3 for Windows 95?
Most language features and objects that are new in Navigator 3.0 are not supported in MSIE 3.0, although several Navigator 3.0 items have been added to JScript version 2 (see below). Here's the quick list of items not available in MSIE 3.0:
UNSUPPORTED OBJECTS - Image -- this means no onMouseOver swappable images in MSIE 3
- Area -- no onMouseOvers
- Applet
- FileUpload
- Array -- hard-wired (JS1.0) arrays OK; implemented in JScript v.2.
- MimeType
- Plugin
UNSUPPORTED PROPERTIES / METHODS / EVENT HANDLERS OF SUPPORTED OBJECTS - Window
onerror closed blur() focus() scroll() onBlur= onFocus= - Location
reload() replace() - Document
applets[] domain embeds[] images[] URL - Link
onMouseOut= - Form
reset() onReset= - (All Form Elements)
type - Navigator
mimeTypes[] plugins[] javaEnabled() - String
prototype split()
One more item: the <SCRIPT SRC="xxx.js"> facility for loading external JavaScript library files runs on the copy of MSIE 3.02 for Windows that I use (with JScript.dll versions 1 and 2). However there are also reports that this is not working for some users. Try specifying a complete URL for the SRC attribute.
How is compatibility with Microsoft Internet Explorer 4?
IE4 adheres closely to a standard called ECMAScript, which is essentially the core JavaScript 1.1 language. This does not cover the document object model (another standard being studied). Navigator 3 document objects not supported in IE4 are:
FileUpload navigator.mimeTypes[] navigator.plugins[]
The JScript.dll shipping with IE4 is version 3.
Why doesn't the document.cookie work with MSIE?
It does, but not when you access the HTML file from your local hard disk, as you are probably doing during testing. Be aware, however, that MSIE limits you to one cookie name=value pair per domain, whereas Netscape allows up to 20 pairs per domain.
What's new in Microsoft JScript version 2?
More than can fit here. Some items are compatible with Navigator 3.0+ (such as the Array object). Others are unique to MSIE, such as the Dictionary and TextStream objects (acccessible via ActiveX). Additions are to the core language, not the document object model. New functions let you determine the JScript version installed in IE, but JScript version 2 must be installed to get this data. If you use version 2 language items, see:
•
http://www.microsoft.com/for info about including a link button on your page to encourage visitors to upgrade their IE 3.0x to JScript version 2.
How do I know if I have JScript version 2 installed on my PC?
Installation of MSIE 3.02 does not guarantee JScript version 2. Search your disk for 'jscript.dll'. Get the file's properties, and click on the Version tab. The File version should begin with '2'. If not, download the latest version from Microsoft (installer is 442KB).
How can I e-mail forms?
The most reliable way is to use straight HTML via a Submit style button. Set the ACTION of the <FORM> to a mailto: URL and the ENCTYPE attribute to "text/plain". For security reasons, the form.submit() method does not submit a form whose ACTION is a mailto: URL. Microsoft Internet Explorer 3.0x does not e-mail forms of any kind.
How do I script a visit counter?
At best, a client-side script can show the visitor how many times he or she has been to the site (storing the count in a local cookie). A count of total hits to the server requires a server-side CGI program. I have an article on cookies in Netscape's
View Source developer newsletter archive (in the "JavaScript Apostle" section).
Why is my script not working inside a table?
There is a long-standing bug with JavaScript and tables. Do not place <SCRIPT> tags inside <TD> tags. Instead, start the <SCRIPT> tag before the <TD> tag, and document.write() the <TD> tag through the </TD> tag. I go one step further, and document.write() the entire table, interlacing script statements where needed.
After window.open(), how do I access objects and scripts in the other window?
First, be sure to assign an 'opener' property to the new window if you are using a version of JS that doesn't do it automatically (Nav 3.0x and MSIE 3.0x do it automatically). The following script should be a part of _every_ new window creation:
var newWind = window.open("xxx","xxx","xxx")
// u fill in blanks
if (newWind.opener == null) { // for Nav 2.0x
newWind.opener = self // this creates and sets a new property
}<
To access items in the new window from the original window, the 'newWind' variable must not be damaged (by unloading), because it contains the only reference to the other window you can use (the name you assign as the second parameter of open() is not valid for scripted window references; only for TARGET attributes). To access a form element property in the new window, use:
newWind.document.formName.elementName.property
From the new window, the 'opener' property is a reference to the original window (or frame, if the window.open() call was made from a frame). To reference a form element in the original window:
opener.document.formName.elementName.property
Finally, if the new window was opened from one frame in the main browser window, and a script in the new window needs access to another frame in the main browser window, use:
opener.parent.otherFrameName.document.formName. ...
How do I use JavaScript to password-protect my Web site?
There are any number of schemes (I've used some myself). Most of them fail to deflect the knowledgeable JavaScript programmer, because no matter how you encode the correct password (e.g., bit shifting), both the encoding algorithms and the result have to be in the script -- whose source code is easily accessible. If you're only interested in keeping out casual visitors, this method may suffice.
A more secure way is to set the password to be the name or pathname of the HTML file on your site that is the 'true' starting page. Set the location to the value entered into the field (unfortunately, you cannot extract the value property of a password object in Navigator 2.0x). Entry of a bogus password yields an 'invalid URL' error.
If the protected pages need additional security (e.g., an infidel has managed to get the complete URL), you might also consider setting a temporary cookie on the password page; then test for the existence of that cookie upon entry to every protected page, and throw the infidel back to the password page.
What does the IE4 "Access Denied" error mean when accessing a new window?
The "Access Denied" error in any browser usually means that a script in one window or frame is trying to access another window or frame whose document's domain is different from the document containing the script. What can seem odd about this is that you get this error in IE4 frequently when a script in one window generates a new window (with window.open()), and content for that other window is dynamically created from the same script doing the opening. The focus() method also triggers the error.
In my experience, this occurs only when the scripts are being run from the local hard disk. You get a clue about the situation in the titlebar of the new window: It forces an about:blank URL to the new window, which is a protocol:domain that differs from wherever your main window's script comes from. If, however, you put the same main window document on a server, and access it via http:, the problem goes away.
There is a workaround for the local-only problem: In the first parameter of the window.open() method call, load a real document (even if it is a content-free HTML document) into the sub-window before using document.write() to generate content for the subwindow. The loading action 'legitimizes' the window as coming from the same domain as your main window's document.
(This solution does not affect scripts that load a page from a secure server into a separate window or frame. An http: protocol in one window and https: in the other--even if from the same server.domain--yield a security mismatch and "Access Denied." Setting the document.domain properties of both pages may solve the problem (but I am unable to test it for sure).)
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
 developerWorks - FREE Tools!
|
Learn field-tested SOA principles, methodology, technology and implementation from the global SOA market leader - in a new e-book by an IBM SOA expert. Written by IBM Certified SOA Solution Designer Bobby Woolf, "Exploring IBM SOA Technology & Practice" is the ultimate insider's guide to SOA - a PDF e-book packed cover to cover with IBM's specific advice on how to make your SOA implementation a success.
FREE! Go There Now!
|
|
|
|
Build secure Web services with transport-level security using IBM Rational Application Developer V7 and IBM WebSphere Application Server V6.1. Follow this three-part series for step-by-step instructions about how to develop Web services and clients, configure HTTP basic authentication, and configure HTTP over SSL (HTTPS). This first part of the series walks you through building a Web service for a simple calculator application. You generate and test two different types of Web services clients: a Java Platform, Enterprise Edition (Java EE) client and a stand-alone Java client. You also handle user-defined exceptions in Web services.
FREE! Go There Now!
|
|
|
|
Download a free trial version of IBM Rational Developer for System z, software that can help you deliver core development capabilities; the power of Java Platform, Enterprise Edition (Java EE); and rapid application development support to diverse enterprise application development teams. With comprehensive development tools to help create, deploy and maintain traditional enterprise and composite applications, Rational Developer for System z enables developers with different technical backgrounds to easily participate in important technology projects.
FREE! Go There Now!
|
|
|
|
Join this webcast to see how IBM Data Studio Developer and pureQuery can take the pain out of Java data access. uApplications developed using both Java and SQL have become a common requirement. Database connectivity using Java Database Connectivity (JDBC) to create an application is a multi-step tedious process, and tooling that covers both SQL and Java has been unavailable, until now. IBM Data Studio introduces the pureQuery platform: a high-performance, Java data access platform focused on simplifying the tasks of developing, managing, and optimizing database applications and services.
FREE! Go There Now!
|
|
|
|
In this tutorial, you can learn how to install and configure the IBM Rational Asset Manager Eclipse client, explore the different views in the Asset Management perspective, learn various search techniques, work with existing assets, and submit a new asset.
FREE! Go There Now!
|
|
|
|
Analysts, architects, and developers who have existing COBOL or PL/I skills and want to extend those skills to deploy new workloads on the mainframe can use the IBM Enterprise Modernization Sandbox for System z to find hands-on walkthroughs of common real world scenarios. The scenarios provide examples of how to rapidly design, create, assemble, test, and deploy high-quality Web, Web services, portal, and SOA applications for IBM CICS, IBM IMS, and IBM WebSphere Application Server.
FREE! Go There Now!
|
|
|
|
Learn how Rational Build Forge can extend a simple compile and package build process by adding customization and deployment capability. Go from a manual method to automating: checking for code changes; getting the latest source; compiling and packaging; customizing; copying to and restarting a deployment server; and sending e-mail notification that a new version is available.
FREE! Go There Now!
|
|
|
|
Join this webcast to discover the key requirements for successful change and release management. Learn how to extend your .NET environment to improve productivity and collaboration, and address core problems afflicting team development. In this webcast, we’ll review typical challenges faced by customers and how to resolve them with the IBM Rational Change and Release Management solution, including Rational ClearCase, Rational ClearQuest and Rational Build Forge. Replay is available for 9 months.
FREE! Go There Now!
|
|
|
|
Get a free trial download of the latest version of IBM Rational Tester for SOA Quality V7.0.1, a functional and regression testing tool that enables the creation, comprehension, modification and execution of testing GUI-less Web services.
FREE! Go There Now!
|
|
|
|
The unprecedented scope of a service-oriented architecture (SOA) initiative brings to the forefront a number of management and governance issues that were sidestepped in the past. The key to a successful SOA implementation is managing and governing activities throughout the entire SOA delivery lifecycle by ensuring that services conform to the needs of all of the business’s stakeholders. Learn how service lifecycle management allows the business to ensure that the process by which services are defined, created, tested, deployed, optimized and retired is manageable, repeatable and auditable.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
