[whatwg] window.opener and security
Hallvord R M Steen
hallvors at gmail.com
Tue Mar 20 07:46:32 PDT 2007
On 20/03/07, timeless <timeless at gmail.com> wrote:
> On 3/20/07, Hallvord R M Steen <hallvors at gmail.com> wrote:
> > http://my.opera.com/hallvors/blog/2007/03/14/window-opener-and-security-an-unfixable-problem
> I believe you'll find that Gmail does not have this problem, because
> when it uses window.open, it opens a gmail page which then triggers a
> server side redirect, and that destroys the window.opener link.
This is incorrect. window.opener survives the redirect and still
points to the opener window.
Hallvord R. M. Steen
More information about the whatwg