How do I prevent pop-up blocker from firing within a ASP.NET 4.5 application

How do I prevent pop-up blocker from firing within a ASP.NET 4.5 application?

If popups are not initiated from users actions, if a user clicks a button then an ajax call is initiated then a popup is displayed.  The ajax call is forcing the browser to think the user didn't directly cause an action to open the popup thus becomes blocked.

Is there some kind of global setting or trickery I can put in the web.config, basically saying don't fire the pop up blocker within this application? For Chrome and other browsers.
Paul MaurielloSoftware Programmer Developer Analyst EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
Nope, the browsers never see 'web.config'.  That is only used on the server, not the client.
0
Paul MaurielloSoftware Programmer Developer Analyst EngineerAuthor Commented:
Is there some kind of global setting or trickery I can put anywhere in the ASP.NET application that tells the browsers, "don't fire the pop up blocker within this application" ? For Chrome and other browsers?
0
Dave BaldwinFixer of ProblemsCommented:
No.  I'm sure they would have blocked any method like that already.  Because popups have been used for malicious purposes so many times, you just need to find a method that does not trigger the popup blocker.
0
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

Paul MaurielloSoftware Programmer Developer Analyst EngineerAuthor Commented:
But I have to open a window when I save because I need to call a webservice after the save button is clicked. There's got to be a way around this limitation "The ajax call is forcing the browser to think the user didn't directly cause an action to open the popup thus becomes blocked."



            Savewidget: function () {
                var widgetDataString = JSON.stringify(_widget);
                var widgetDeliveryDataString = JSON.stringify(_widgetDelivery);
                var widgetId = (typeof (window.parent._widgetObject) == "undefined") ? null : window.parent._widgetObject.widgetId;

                $.ajax({
                    async: false, type: "POST", url: "/WebService/widget.asmx/ModifywidgetDelivery", contentType: "application/json; charset=utf-8", dataType: "json",
                    timeout: (61 * 1000), //timeOut = 61 seconds
                    processData: true,
                    data: "{ \"widgetData\" : " + JSON.stringify(widgetDataString) + "," +
                            "\"widgetDeliveryData\" : " + JSON.stringify(widgetDeliveryDataString) + "," +
                            "\"widgetId\" : " + JSON.stringify(widgetId) + "}",
                    success: function (msg) {
                        var widgetOutId = msg.d
                        var displayMessage = "Saved widget";
                        $("#closewidgetNewModal", window.parent.document).trigger("click");
                        window.parent.Utility.FloatingMessage.Show(displayMessage);
                        window.open("/widget.aspx?e=1&widgetid=0&widgetOutId=" + widgetId + "&companyid=" + _widget.companyId, "_blank", null);
                    }, error: function (msg, textStatus, errorThrown) {
                        alert("Error Saving widget");
                        $("#modalOverlayLoading").remove();
                        Utility.Browser.ApplyWatermark();//Reapply any watermarks (nonHTML5 support)
                    }
                });
            }

Open in new window

0
Dave BaldwinFixer of ProblemsCommented:
I have never heard of "a way around this limitation".  You should click on "Request Attention" above, maybe someone else can help you.
0
Kelvin McDanielSr. DeveloperCommented:
As the @Dave Baldwin has stated, there's no way to force a browser to "accept" that your window should be opened. Not only is this considered rude... it's a risky security hole that was ruthlessly exploited before this feature was put in place.

In my opinion your best bet would be to either:
1. Load the returning content/message into a div with a clickable link for the user to launch the widget manually.
    - This strategy *should* avoid the security issue.
    - You're basically doing this with your "Saved widget" message already; you could...
        --> Update the message to include a link (or make the whole modal clickable).
        --> Create a click handler and move the window.open() code there.

2. Let the user know that pop-ups are required for your site to work properly and ask them to be enabled for your site.
    - Most users, unless they are loyal users won't appreciate this strategy because some will find it difficult to do.

You should probably consider redesigning the UI of your site so that pop up windows are not required; you'll have less headaches when it comes to situations like this and your users will thank you. If it's not something you think you're able to do you may want to consider engaging a decent UI designer to point you in the right direction. I'm not saying this to be a snob; design is *NOT* one of my strengths so I have to consult with designers all the time.
0
Paul MaurielloSoftware Programmer Developer Analyst EngineerAuthor Commented:
Thank you for your input, the BA dept has a very specific user design in mind when they spec out the UI. I try to do my best to comply. I did figure out how to bypass the popup blocker on all browsers.

If I insert the below line of code prior to the ajax call

var _myPopup = window.open("", "_blank", null);

Then this line of code in the success of the ajax call

_myPopup.location ="/widget.aspx?e=1&widgetid=0&widgetOutId=" + widgetId + "&companyid=" + _widget.companyId


The chain of user direct action remains intact and the pop up blocker is never triggered
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Kelvin McDanielSr. DeveloperCommented:
Glad you were able to find a workaround. Sometimes the simplest changes are the best. :)

I'll warn you that I wouldn't assume this will always be possible... it's not clear from your snippet but I'm guessing that your code is initiated by a user click on screen.
 - If that's the case then yes, this will probably work for the reasonable future.
 - If that's not the case then your workaround is a security hole that will probably be patched... and hopefully very, very soon.

For the benefit of the Moderator, I do *NOT* have a problem with you not awarding points.
0
Dave BaldwinFixer of ProblemsCommented:
That is a very clever solution to that problem.  The 'window.open' is a result of the user's action that way.
0
Paul MaurielloSoftware Programmer Developer Analyst EngineerAuthor Commented:
The chain of user direct action remains intact and the pop up blocker is never triggered
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.