[whatwg] window.opener and security

timeless timeless at gmail.com
Tue Mar 20 06:51:24 PDT 2007


On 3/20/07, Hallvord R M Steen <hallvors at gmail.com> wrote:
> http://my.opera.com/hallvors/blog/2007/03/14/window-opener-and-security-an-unfixable-problem

I believe you'll find that Gmail does not have this problem, because
when it uses window.open, it opens a gmail page which then triggers a
server side redirect, and that destroys the window.opener link.

IOW, AFAIU it's a solved problem. It's probably safe to assume it
isn't patented.



More information about the whatwg mailing list