?
Solved

Window.open doesn't hide the location bar in a specific instance

Posted on 2009-12-31
8
Medium Priority
?
373 Views
Last Modified: 2012-05-08
I am using the code snippet below to launch a new window in my .NET web application.  It works fine for me in my dev environment when accessing the site from my desktop or from the server itself.  Meaning it hides the status/toolbar/location as it is supposed to.  However when I deploy to my production server, the popup now no longer hides the location and status bars.  It does this whether I am on the server or accessing it from my desktop so I suspect something is different on the server.  Both machines are running windows server 2003 /w IIS 6.0.  

I initially used the "no" flag rather than "0" but changed it to "0" as a test.  
onclick="window.open('Timers.aspx',null,'height=200,width=606,status=0,toolbar=0,menubar=0,location=0');"

Open in new window

0
Comment
Question by:rerard
8 Comments
 
LVL 1

Author Comment

by:rerard
ID: 26154995
BTW I am using IE 8 and the problem occurs in both compatiblity mode and non-compatibility mode, while on my dev server it works fine in both modes.
0
 
LVL 23

Expert Comment

by:Saqib Khan
ID: 26156477
I believe it is a security setting in IE 7.0+ :), you no longer can hide information.
0
 
LVL 23

Expert Comment

by:Saqib Khan
ID: 26156481
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 29

Expert Comment

by:Kumaraswamy R
ID: 26156586
Hi

Bellow ur give u some information
http://www.quirksmode.org/js/popup.html
0
 
LVL 1

Author Comment

by:rerard
ID: 26156734
If it is a browser issue that doesn't explain why it will work when the site is hosted on my dev server.  So if I have two instances of my app (dev/prod)... and I access them both from the same desktop, the toolbars are hidden when I access the site on my dev server but when I access the one on my prod server they are not hidden.  I figured it was an IIS setting or something.
0
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 2000 total points
ID: 26157383
No. You most likely have your dev server in your list of trusted sites

http://msdn.microsoft.com/en-us/library/ms536651%28VS.85%29.aspx

"The behavior described in this comment is by-design. In Internet Explorer 7 and later, you cannot remove the address bar in Internet Zone windows, for security (anti-spoofing) reasons. As described in the MSDN article above, in IE7 and later, location=no simply hides the back/forward/stop navigation buttons, and makes the address bar read-only. (The reason you can hide the address bar when the file is saved locally is that the file is opened in the Local Machine zone rather than the Internet Zone.)
-EricLaw, Program Manager, Internet Explorer Security."

0
 
LVL 1

Author Comment

by:rerard
ID: 26162718
I had both sites in my trusted sites, I tried removing them both and this has not impacted the behavior.

In addition, I can duplicate the exact issue when I am running FROM the prod server.  So if I run IE on the prod server, and hit my dev server (which is not in trusted sites), then it works properly.  Again, the prod version doesn't work properly even on the prod server.
0
 
LVL 1

Author Comment

by:rerard
ID: 26162748
I did some further testing and found out mplungja was right.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses
Course of the Month15 days, 12 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question